AISSMS COLLEGE OF ENGINEERING

TITLE: SECURING CLOUD USING GRAPHICAL PASSWORD

AUTHENTICATION

BY
NILESH A. CHANGUNE

EXAM NO.B80214213

GANESH T. SHINDE

EXAM NO.B80214263

SAGAR B. CHAUGULE

EXAM NO.B80214215

SANDEEP V. HELKAR

EXAM NO.B80214257

DEPARTMENT OF COMPUTER ENGINEERING

PROJECT GUIDE:
PROF. R. T. NEMADE

PROJECT COORDINATOR:
PROF. S. S. SHAIKH

ASSIGNMENT NO. 1
DECISION PROBLEM:

Any problem having the answer either zero or one is called a decision problem. Our
system determines whether, for a given input, the action is performed or not. Thus, our system
represents a decision problem. It is known that only a decision problem is NP-complete.
Also since overall complexity of our system is in polynomial time, linear time and it is
deterministic. Hence our system is in NP-Complete.
MATHEMATICAL MODEL:

SYSTEM= {Q,,,q0,F}

Where SYSTEM=Securing Cloud Using Graphical Password Au.

Q= States of the system.
= Finite state of symbols (alphabets)
= Transition function
q0= Initial state
F= Final state

Q= {q0,q1, q2, q3,q4,q5,q6,q8,q9,q10,q11,q12,q13}

Where
q0 = Initial State
In this state if user enter the username.if username is invalid then it go q0.if username valid
Then it acess q1.
q1= graphical password application phase In this state user have 3 option signup, signin,

forgot_password.
q2=signin
q3= select same sequence of image
q4= verify database
q5= access the application in cloud stored
q6=logout.
q7= signup new user.
q8= select sequences of user
q9= select sound signature.
q10=save to database.
q11= for forgot password
q12= play sound signature
q13= enter sequence of image

Initial = In this state the user id and password are loaded in cloud database.

= {1, 0}
1=State on left side gives correct input and transit to next state.
0=State on right side gives wrong input and transit to next side.

= Transition Function
:Q *=Q
:Q*=Q

Set Theory:
Let s (be a main set of) {SDB, LDB, C, A, S, MR, AO}
where,

SDB is the copy of the server database. This database is

responsible for storing user information related to cloud interactions.
(Elaborate..)
LDB is a set of local database that a user owns. It consists of data
tables having data items related to the products and their sales transactions.
(Elaborate..)
C is a set of all clients using the server database and mining
services from the server. And (c1, c2,c3, ............cn) C. (elaborate..)
A is a set of algorithms applied on the input data to get mining
results. (Elaborate..)
S is the server component of the system. The server is
responsible for registering, authenticating and providing associations to the
end user. (Elaborate..)
MR is a set of mining rules that are applied on the input dataset
provided by the client from his LDB. And (mr1, mr2,mr3, ............mrn) MR
(elaborate..)
AO is a set of associations that are extracted from the input and
a form the output of the system. (Elaborate..)

Functionalities:
SDB' = RegisterUser(uid, password, fullname, address, country, contact,
email);
password = SHA1(input_password);
U = AuthenticateUser(uid, password, SDB');
LDB1 = ManageProducts(pid, product name, cost);
LDB2 = ManageBilling(transactions, items);
LDB = LDB1 + LDB2
ED(Encoded data) = EncodeTransactions(LDB2, EncodingAlgorithm(EA));
UPLOAD(ED);
AO = Apply Mining(ED);
Results = Decode(Download(AO));

NP-COMPLEE PROBLEM:
In mathematical logic, satisfiablity and validity are elementary concepts of semantics. A
formula is satisfiable if it is possible to find an interpretation (model) that makes the formula
true. A formula is valid if all interpretations make the formula true. The opposites of these
concepts are unsatisfiability and invalidity, that is, a formula is unsatisfiable if none of the
interpretations make the formula true, and invalid if some such interpretation makes the formula
false. These four concepts are related to each other in a manner exactly analogous to Aristotle's
square of opposition.
In computer science, the Boolean Satisfiability Problem (sometimes called Propositional
Satisfiability Problem and abbreviated as SATISFIABILITY or SAT) is the problem of
determining if there exists an interpretation that satisfies a given Boolean formula. In other
words, it asks whether the variables of a given Boolean formula can be consistently replaced by
the values TRUE or FALSE in such a way that the formula evaluates to TRUE. If this is the case,
the formula is called satisfiable. On the other hand, if no such assignment exists, the function
expressed by the formula is identically FALSE for all possible variable assignments and the
formula is unsatisfiable. For example, the formula "a AND NOT b" is satisfiable because one can
find the values a = TRUE and b = FALSE, which make (a AND NOT b) = TRUE. In contrast, "a
AND NOT a" is unsatisfiable.

ASSIGNMENT NO.2

PRIMARY MODULES OF SYSTEM:

The system designed consist of three modules such as user registration module,
picture selection module and system login module. In user registration module user enter the
user name in user name field and also suitable tolerance value (tolerance value is use to compare
registration profile vector with login profile vector). When user entered the all user details in
registration phase, these user registration data stored in data base and used during login phase for
verification. In picture selection phase there are two ways for selecting picture password
authentication.
1. User defines pictures: Pictures are selected by the user from the hard disk or any other image
supported devices.
2. System defines pictures: pictures are selected by the user from the database of the password
system.

In this method when any user try to access the cloud service they will be provided with
two option sign in and sign up. At server side calculation in sign up registration is made for
user.
Steps of registration:
1)
2)
3)
4)
5)

Sign up initiate
Select password images sequence
Select manual image
Select graphical password for each image
Calculate hash (digital signature algorithm) for each point using discretized
centralization
6) Accepting string for sound signature
7) Register

Steps of sign in
1)
2)
3)
4)
5)
6)
7)
8)
9)

Start sign in
Display image #1
Accept password
If required generate sound signature
Calculate hash using digital signature algorithm and discretized centralization
Authenticate each image
If invalid signature found show random invalid image for re-verification
If re-verification is ok continue accepting graphical password for next image
If all image authenticate login

In sign in the user have to give username which he or she has given during sign in and
select password from given image. validation of user is done then cloud access is given to
particular user. They access their account with uploading and downloading facility.

ASSIGNMENT NO. 3

UNIFIED MODELLING LANGUAGE (UML) DIAGRAMS:

Use-Case Diagram:

Use case diagrams are closely connected to scenarios. A scenario is an example of what happens
when someone interacts with the system. In our Project First upon Normal User login & then
authenticated from server side get access to cloud to use his services. If user not legitimate then
he should register first to access cloud services. In registration process user must select graphical
password & sound signature which gives hint in case of user unable to remember the password.
The graphical image password given by user stored in server side database. After completion of
registration process user is authorized to use the available services from cloud. During login
process user must enter the password which is provided by him at the time registration. The
image sequence should be remembered to get access. At that time sound signature gives him hint
to remember the image password. The interaction of user to the cloud with the help of
application which is act as mediator between the client & cloud
Activity Diagram:

An activity diagram is essentially a fancy flowchart. Activity diagrams and state chart diagrams
are related. The activity diagram shows the how those activities depend on one another. Activity
diagrams can be divided into object swimlanes that determine which object is responsible
for which activity. A single transition comes out of each activity, connecting it to the next
activity. A transition may branch into two or more mutually exclusive transitions.
A transition may fork into two or more parallel activities. The fork and the subsequent
join of the threads coming out of the fork appear in the diagram as solid bars.
In our project, Normal User Log-In the application then server authenticate to user hence user get
login successfully. If the user is not legitimate user then registration first and then login. During
registration user must select sequence of images and sound signature for hint. After registration
complete user must login with desired password. If login successful then user get access of cloud
if unsuccessful must get image sequence from sound signature hint.

Class Diagram:

A Class diagram gives an overview of a system by showing its classes and the
relationships among them. Class diagrams are static. In Class Diagram contain class name,
attribute, and operation.
In Our Project, In class Diagram there are main six classes.
1) User
2) Application
3) Signup
4) SignIn
5) Database
6) Forgot password
In User class, contain attributes like user_name, User_Id. And in login, signup, select images,
signin, forgot password and logout are the operation.
Second is a Application class, In application class there is Java image I/O, Java 2D API, SAPI,
Process Builder are attributes of Application class. There are some operation in application class

like as sign_up, select_image select_soundsignsture update_database, sign_in, forgot_pass etc.In

signup class images and sound are attribute and select image and sound are the operations. Also
in signln only images is attribute and save and update are operation. And last one is
forgot_password class in which images, sound, SAPI And process builder are attribute and play
sound, sequence of images and verify is the operations.

Collaboration Diagram:

Collaboration diagrams are also interaction diagrams. They convey the same information as
sequence diagrams, but they focus on object roles instead of the times that messages are sent.
Each message in a collaboration diagram has a sequence number.
In our project, Normal User Log-In the application then server authenticate to user hence user get
login successfully. If the user is not legitimate user then registration first and then login. During
registration user must select sequence of images and sound signature for hint. After registration

complete user must login with desired password. If login successful then user get access of cloud
if unsuccessful must get image sequence from sound signature hint.

Sequence Diagram:

A sequence diagram is an interaction diagram that details how operations are carried out what
messages are sent and when Sequence diagrams are organized according to time. The time
progresses as you go down the page. The objects involved in the operation are listed from left to
right according to when they take part in the message sequence.
In this diagram for showing message we use arrow. Dotted line shows the lifeline of objects.
There is activation bar below the objects.

ASSIGNMENT NO. 4

TESTING TECHNOLOGY
System testing is a critical phase implementation. Testing of the system involves
hardware devise and debugging of the computer programs and testing information processing
procedures. Testing can be done with text data, which attempts to stimulate all possible
conditions that may arise during processing. If structured programming Methodologies have
been adopted during coding the testing proceeds from higher level to lower level of program
module until the entire program is tested as unit. The testing methods adopted during the testing
of the system were unit testing and integrated testing.
UNIT TESTING:
Unit testing focuses first on the modules, independently of one another, to locate
errors. This enables the tester to detect errors in coding and logical errors that is contained within
that module alone. Those resulting from the interaction between modules are initially avoided.

INTEGRATION TESTING:
Integration testing is a systematic technique for constructing the program structure
while at the same time to uncover the errors associated with interfacing. The objective is to take
unit-tested module and build a program structure that has been detected by designing. It also tests
to find the discrepancies between the system and its original objectives. Subordinate stubs are
replaced one at time actual module. Tests were conducted at each module was integrated. On
completion of each set another stub was replaced with the real module.
FUNCTIONAL TESTING:
Functional testing is a technique in which all the functionalities of the program are
tested to check whether all the functions that where proposed during the planning phase are full
filled. This is also to check that if all the functions proposed are working properly. This is further
done in two phases:
1. One before the integration to see if all the unit components work properly
2. Second to see if they still work properly after they have been integrated to check if some
functional compatibility issues arise.

PERFORMANCE TESTING:

Expected Result
1. The client should be able to connect to the cloud properly without any problems.
2. The connection establishment between the client and the cloud should take
minimal time.
3. The client should be able receive data from the cloud uninterruptedly.
4. Information provided by the application should be correct and as per the users
need.

Observation

1. Connection can be established easily provided that the cloud server is on.
2. The connection with the cloud server takes time as it uses Internet connection.
3. Receiving data from the cloud takes time.
4. Information coming from the database is correct.

LOAD / STRESS TESTING:

Expected Result
1. Response time should be unaffected irrespective of the no of users.
2. The introduction of the newer clients should not make the cloud to work hap
hazardously.
3. Continuous use of the cloud by different clients should not result into the server
getting slowed down.
4. Response time should not be degraded if there is congestion in network.

Observation
The speed of transmission was fine even when the newer clients were getting
added. The response of the server was satisfying even with the introduction of
newer client.