Data Security and Privacy Using Data Partition Centric Key Management in Cloud

DATA SECURITY AND PRIVACY USING DATA PARTITION
CENTRIC KEY MANAGEMENT IN CLOUD
CONTENTS PAGES
ABSTRACT 3
SYMBOLS & ABBREVIATIONS
1. INTRODUCTION 4
2. LITERATURE SURVEY 9
2.1 Introduction
2.2 Existing System
2.3 Proposed System
2.4 Introduction
2.5 Software Requirement Specification
2.5.1 User requirement
2.5.2 Software requirement
2.5.3 Hardware requirement
2.6 Feasibility Study
3. SYSTEM DESIGN 30
3.1 Introduction
3.2 DFD / ER / UML diagram (any other project diagrams)
MIST Page 1
4. IMPLEMENTATION & RESULTS 42

4.1 Introduction, Module design
4.2 Method of Implementation
4.2.1 Sample Coding
4.2.2 Output Screens
4.2.3 Result Analysis
5. TESTING & VALIDATION
5.1 Introduction
5.2 Design of test cases and scenarios
5.3 Validation
6. CONCLUSION :
8 . Future Enhancement
MIST Page 2
Data Security and Privacy Using Data

Partition Centric Key Management in Cloud
ABSTRACT:
The Cloud Computing is a next generation platform, which provides
virtualization with resource pool. There are three types of cloud service models,
Infrastructureas- a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-
Service (SaaS).Most of the scientific research focus on IaaS model, which manage
virtualization and storage. IaaS allows customer to scale based on user demand and
user only pays for the resource usage. Data security plays a crucial role in cloud
environment and user trust is most challenging problem of cloud services. This
research paper proposed new methodology that secures data and provide privacy to
the customer in cloud. Our technique providing security by using data partition
approach and that partitioned data will be proceed further parallel for encryption
mechanism. Here privacy is given by centric key management scheme
MIST Page 3
INTRODUCTION
The use of cloud computing has improved rapidly in many

organizations. Subashini and Kavitha argue that small and medium companies use
cloud computing services for various reasons, including providing fast access to
their applications and reducing their infrastructure costs. The cloud computing
projects spending in USA between 2010 to 2015 will be at 40% annual growth rate
(CAGR) and will pass $7 billion by 2015 . In addition, researchers estimated that
12% of software market will move toward cloud computing within the next 5 years
and the amount growth of cloud computing market will reach $95 billion. Security
and privacy are considered to be the critical aspects in a cloud computing
environment due to the sensitive and important information stored in the cloud for
customers. Cloud providers should address security and privacy issues as a matter
of high and urgent priority.
Dealing with “single cloud” providers is becoming less popular with

customers due to potential problems such as service availability failure and the
possibility that there are malicious insiders in the single cloud. In recent years,
there has been a move towards “multi-clouds”, “intercloud” or “cloud-of-clouds”.
This paper focuses more on the issues related to the data security and privacy
aspects in cloud computing, such as data integrity, data confidentiality and service
availability. As data and information will be shared with a third party, cloud
computing customers want to avoid an unsafe or untrusted cloud provider.
Protecting private and important information, such as credit card details or a
patient’s medical records from attackers or malicious insiders is of critical
importance. In addition, the potential for migration from a single cloud to a multi-
MIST Page 4
cloud environment is examined and research related to security issues in single and
multi-clouds in cloud computing is surveyed. The remainder of this paper is
organized as follows. Section II describes the beginning of cloud computing and its
components. In addition, it presents examples of cloud providers and the benefits
of using their services. Section III discusses security risks in cloud computing.
Section IV analyses the new generation of cloud computing, that is, multi-clouds
and recent solutions to address the security of cloud computing, as well as
examining their limitations. Section V presents suggestions for future work.
Section VI will conclude the paper.
According to cloud computing has been defined as ‘‘a style of

computing where massively scalable IT-enabled capabilities are delivered ‘as a
service’ to external customers using Internet technologies’’. Moreover, NIST
describes cloud computing as “a model for enabling convenient, on- demand
network access to a shared pool of configurable computing resources (e.g.,
networks, servers, storage, applications, and services) that can be rapidly
provisioned and released with minimal management effort or service provider
interaction”.
Cloud computing is term that describes various type of computing concepts

that uses a high number of computers connected via network such as the Internet.
In general Cloud computing is a type of computing that depends on sharing
computing resources rather than using local servers or personal devices to perform
application. Cloud viewed asthe third party, on-demand, self-service that
implemented on pay-per-use mechanism and it is scalable computing resources
MIST Page 5
whose services offered by the Cloud paradigm promise to reduce capital as well as
operational expenditures for hardware and software. It classified based on Location
of the cloud computing and Type of services offered .Based on Location its types
are: public cloud, private cloud, hybrid cloud, community cloud. Based on type of
services it’s categorized in Infrastructure as a service (IaaS) , Platform as a Service
(PaaS) , Software as a service (SaaS). Public cloud is offered by third party service
provider and it involves resources that are outside the user premises. Customer has
no visibility and no control over the computing infrastructure where it is hosted
and this infrastructure is shared between any organizations.
MIST Page 6
Fig.1 Service Layers of Cloud Environment If computing infrastructure is

dedicated to particular organization and not shared with other than this setup is
private cloud. The hybrid cloud uses hybrid approach. The above classification is
well accepted in the industry. David Linthicum shows further classification on the
basis of service provided. These are listed below: Storage-as-aservice, Database-
as-a-service, Information-as-a-service, Process-as-a-service, Application-as-a-
service, Platform-asa- service, Integration-as-a-service, Security-as-a-service,
Testing-as-a-service, Infrastructure-as-a-service.
MIST Page 7
2.SYSTEM ANALYSIS
2.1 LITERATURE SURVEY
The Theoretical background of the mainly used to know how to get

interacted with user and to know the updates and to obtain the solutions to our
problems.
2.2 EXISTING SYSTEM:
The limitation of cloud computing are the security issues of cloud

computing. It comes to know that there are no security standards available for
secure cloud computing .Users has serious concerns about confidential of sensitive
information. Privacy is not provided for critical data being processed in the public
accessible cloud. The main security problems involve user data privacy, data
security, protection, cloud computing administration and cloud computing platform
stability. Customers should have the right of the supervision and have audit of
cloud computing services for fully ensure the security of customer data. The data
must be protected from virus, worms and Trojan in cloud computing platform
within the network of internal and external .We introduced a new security layer
between user and cloud as combined three layer (PaaS, IaaS, SaaS) that provide
mechanism which deal with user data security, privacy and authentication.
MIST Page 8
2.3 PROPOSED SYSTEM:
In proposed security layer, cloud-client data is not just sent to cloud

directly instead data processed intelligently and sent to cloud. This mechanism
ensures client data security but to provide authentication, before data processed,
secure connection between client and cloud is created logically. For providing
privacy to client data, we introduce a new way that deal with encryption
mechanism and provide privacy to client data. User data is processed in two
different passes, in first pass user data is partitioned dynamically and then
partitioned encrypted using parallelism. In real time scenario of cloud service,
customer satisfaction about trust of data is most important thing. Whenever
customer wants any type of a service by cloud providers, he always communicates
via internet. To secure data our method is most appropriate. Now here problem is
how customer comes to know that he communicates with only his cloud provider
and vice versa.
PHP
PHP, one of the Web’ s most popular programming languages.

According to Net craft ( www.netcraft.com ), PHP was running on more than 20
million Web servers in July 2007 ( http://www.php.net/usage.php ). At the time of
writing, it ’ s the fourth most popular programming language in the world
according to TIOBE ( http://www.tiobe.com/index.php/ content/paperinfo/tpci/ ),
beaten only by Java, C, and C++. With the introduction of version 5.3, there’ s
never been a better time to learn PHP.
MIST Page 9
PHP is a programming language for building dynamic, interactive

Web sites. As a general rule, PHP programs run on a Web server, and serve Web
pages to visitors on request. One of the key features of PHP is that you can embed
PHP code within HTML Web pages, making it very easy for you to create dynamic
content quickly.
What exactly does the phrase “ dynamic, interactive Web sites ”

mean? A dynamic Web page is a page whose contents can change automatically
each time the page is viewed. Contrast this with a static Web page, such as a
simple HTML file, which looks the same each time it’ s displayed (at least until
the page is next edited). Meanwhile, an interactive Web site is a site that responds
to input from its visitors. A Web forum is a good example users can post new
messages to the forum, which are then displayed on the site for all to see. Another
simple example is a “ contact us ” form, where visitors interact with the page by
filling out and sending a form, which is then emailed to the Webmaster.
FEATURES OF PHP:
 Simple
 Secure
 Portable
SIMPLE:
It is simple for professional programmer to learn & they can use it effectively. If
we already know structure oriented programming, then learning php is very easy.
MIST Page 10
SECURE:
As we know many people are effected by viral infection when they

download an executable file or program. Rather than, virus programs we have
malicious programs that can gather private information, such as credit card
number, bank account balances & passwords by searching the contents of your
computers local file system.
PORTABLE:
As already we have discussed about compatibility of operating
system, computers, chips. In Internet the programs have to be dynamically
downloaded to all the various types of platforms like windows for wamp ,linux for
lamp and support all platforms using xampp.
Database Management System (DBMS):
A Database is an integrated collection of user related data stored with minimum

redundancy, serves many users/applications quickly and efficiently. A database
system is basically a computerized record keeping system, i.e. it is a computerized
system whose overall purpose is to maintain information and make that
information available on demand.
DBMS is a collection of inter-related data and set of programs that
allow several users to access and manipulate data. Its main purpose is to provide
users with an abstract view of the data, i.e. the system hides certain details of how
the data is stored and maintained.
Database Management System is divided into 4 main components
 Database.
 Hardware.
MIST Page 11
 Software.
 User.
Database: It consists of collection of persistent data that is used by the application

system.
Hardware: The processor(s) and associated main memory that are used to support
the execution of database system software..
Software: The layer between the physical database and the users that handles all
requests from the user for access to the database.
User: There are three types of users
 Application Programmers
 End User
 Database Administrator (DBA)
TYPES OF DBMS
There are four major categories of DBMS data models.
 Hierarchical
 Network
 Inverted
 Relational
MIST Page 12
RELATIONAL DATABASE MANAGEMENT SYSTEMS
Database Management System has evolved from hierarchical to

network to relational models. Today, the most widely accepted database model is
the relational model. The relational database management system uses only its
relational capabilities to manage the information stored in the database. The
relational model has three different aspects.
 Structures.
 Operation.
 Integrity rules.
Structures:
They are well-defined objects that store the data of a database

structure and the data contained within them can be manipulated by operations.
Operations:
They are clearly defined actions that allow users to manipulate the
data and structures of a database. The operations on a database must adhere to a
predefined set of integrity rules.
ARCHITECTURE:
Client-Server Architecture Figure shows a typical PHP/MySQL

client-server architecture along with the development platform used to build and
test it.
MIST Page 13
Two processes (or tasks) are of concern on the server: the database
(MySQL, for us) and the web server (usually Apache or Microsoft IIS). The PHP
processor runs under control of the web server and executes the PHP files that
compose the application. The four labels in the server box correspond to the
elements of the so-called LAMP stack: operating system (Linux), web server
(Apache), database (MySQL), and language (PHP). As I’ll explain, the first
doesn’t have to be Linux and the second doesn’t have to be Apache. Generally, the
last two don’t have to be MySQL and PHP, but they are in this book, since that’s
our focus. There are usually lots of applications running on the client, but only the
browser that’s connected to the web server running the PHP application is of
concern to us. Since you’re a developer, you also care about the development
platform, which consists of two essential applications, at least: an editor that can
create and modify PHP files and a transfer utility that can copy those files to the
web server, typically an FTP (File Transfer Protocol) or SFTP (Secure File
MIST Page 14
Transfer Protocol) utility, sometimes built into the editor. It’s convenient to
reproduce the whole server platform on the development system so the PHP files
can be accessed directly by the editor, and so you can run the application locally.
To do this, it’s necessary to install a server platform on the development computer
and then to open up a browser on that computer to interface with the application.
Fig illustrates this process. When the application is ready to deploy, an FTP utility
copies the PHP files to the remote server, as figure shows
Client-Server Architecture
The server platform runs on an operating system, naturally, and on
that runs the web server and the database system,MySQL. For us, the web server is
programmed in PHP, and I’ll give my reasons why that’s almost always my choice,
and that of lots of other people, too.
MIST Page 15
The LAMP Stack “LAMP” is a clever term for the Linux-Apache-MySQL-PHP

stack, but it’s not strictly speaking a stack, because, while the web server certainly
runs under the operating system, and PHP runs on the web server, the database
runs directly on the operating system, independently of the web server. (Two other
popular languages also begin with the letter: PERL and Python, so sometimes the P
in LAMP refers to one of them.)
I have another quibble with the term “LAMP”: In practice it doesn’t
make much difference what form of UNIX the operating system (OS) is—BSD
and Solaris behave like Linux as far as I’m concerned as an application developer,
although there are significant differences in how those systems are administered,
purchased, and deployed. Windows is a commonly used server OS, too, although
that choice will affect your application somewhat. Finally, while Apache runs over
60% of web sites according to w3techs.com, that still leaves the other 40%, mostly
split between Microsoft’s IIS and Nginx. As with the operating system, your
coding won’t be much affected, but some matters related to how the application is
set up will be,
All of my examples will be for UNIX-like operating systems and
Apache, and I’ll make sure I’m clear about that when it matters. So, in essence, it’s
the MP part of LAMP that we care about, with P standing for PHP. Some 99% of
everything in Server Operating System
According to w3techs.com, 65% of web sites run on some form of
UNIX and the other 35% run on Windows. There’s really nothing else out there.
(They list Mac OS separately, but it’s UNIX as far as PHP/MySQL development is
concerned.)
There are four areas of Windows differences at the PHP level.
MIST Page 16
1. Path and file name differences.

2. Different line endings in text files.
3. API (application program interface) differences that affect a few PHP functions.
They’re
clearly noted in the PHP documentation.
4. Command lines executed from a PHP program or directly from the shell or
command
processor.
The chief path and file name differences are as follows:
Windows accepts forward slashes in paths in most PHP functions, but
you might get a backslash in a path supplied by a user interactively or when you
read one from a file. I usually convert backslashes to forward ones whenever I
input a path on Windows. Native However, both formats are common on both
systems, so this isn’t really a I’ve dealt with Mac OS and Windows differences a
lot in my native applications that run on those systems, but never in my
PHP/MySQL applications, because I’ve managed to avoid ever running on a
Windows server. Your life may not be so simple, however.
If you get commercial web hosting from one of the numerous
commercial shared-hosting companies, they’re almost always going to use Linux
or BSD, with Windows sometimes being an extra-cost option. Stick with the
cheaper Linux or BSD hosting.
Web Server You’ll almost always use Apache as the web server on
systems and IIS on Window systems, although Apache also runs on Windows.
Apache configuration is hard to learn, but there are two saving graces
for PHP/MySQL programmers. You rarely have to do much with Apache directly,
MIST Page 17
aside from occasionally editing an.htaccess file to establish options for a

directory.Apache is so widely used that if you Google whatever issue you’re
wrestling with, you’ll usually Usability issues aside, Apache is efficient, reliable,
cheap, well-documented, and ubiquitous, so it’s my web server of choice, by a
wide margin. Your primary interface with Apache is with the file system that it
uses. Every web site has a document root on the server, and your PHP files need to
go under that root directory, or in a subdirectory of it.
If I copy the file login.php to that directory with an FTP utility, I can
run that PHP program from a browser by requesting the URL. I usually run lots of
applications on my web site, so I put them in subdirectories under the document
root, and then direct users to a URL with a path after the domain name. For
example, my site Classic Cameras is located e-mail, and my customer doesn’t
really care about the cosmetics of the URL.
Database System There are lots of SQL database systems out there for
web applications, and I’ve used all the major ones, including Microsoft SQL
Server, Oracle, IBM DB2, PostgreSQL, and, of course, MySQL. The first three are
excellent commercial systems. PostgreSQL is an open source system, with origins
much older than MySQL, but it’s less widely used than MySQL, although many
hosting companies offer it as an option.
In the past, MySQL supported such a limited form of SQL that it was
annoying to use for a database professional spoiled by a more complete system like
Oracle or PostgreSQL. But recent versions have changed that, and I now find that
it has everything I want except for check conditions. My reason for preferring
MySQL is simply that I find life easier if I use just one set of platform
MIST Page 18
technologies, and because MySQL is always there and works extremely well, it’s
always my first choice.
Sun Microsystems bought MySQL in 2008, and Oracle bought Sun
about two years later, so now, somewhat ironically, Oracle owns MySQL. Despite
some concern that Oracle might neglect MySQL development and/or support in
order not to cannibalize Oracle sales, it hasn’t done so, and MySQL remains just as
viable as ever. Nonetheless,
there’s some unease with that situation, so the MySQL original
authors have taken the open source MySQL code and produced a compatible
system called MariaDB, which aims to be binary compatible with it. As MySQL is
still the version most widely supported by hosting companies and cloud servers,
that’s the one I use.
Do what you can to make sure you’re using at least Version 5.5 of
MySQL, as that’s the version I’m going to assume you have in this book. That’s
where MySQL is as of this writing, Of course, it will be on to , and so on. If your
application is new, start with the newest stable version. Very high-performance
web sites don’t send SQL queries to the database, because they take too much
processing time and make it difficult to cache results for reuse by other queries.
applications, you want to use SQL. The performance of MySQL will be more than
adequate.
MIST Page 19
Server Programming Language:
PHP is always there. I’ve never found a hosting company that didn’t
offer it. Java is sometimes an extra-cost option, if it’s available at all, and Python
and Ruby are often unavailable. PERL is as common as PHP, but it’s an even
worse language. It’s fast. It’s so widely used that there’s lots of optimization for it,
especially when used with Apache.
It has an extraordinary collection of extensions that allow it to handle most
any webapplication. Every web service (Amazon, Facebook, Flickr, etc.) has a
PHP interface. Without supporting PHP, they know their support is incomplete. By
contrast, they can get away with ignoring For these reasons, w3techs.comreports
that PHP is used on almost 80% of web sites. (.NET is 20% and Java is 4%;some
sites use more than one language.)
So, the answer to why PHP, since I can and have used almost every
language that ever existed, is that it’s pleasant enough to use, always available,
extremely well supported, and nearly always has a function to There are three other
languages you’ll be using, as web application developers always use at least four
languages.
The three others are
a. HTML (including CSS),
b. JavaScript, and
c. SQL, to talk to the database.
HTML and JavaScript run in the browser; never on the server. SQL is
passed to the database from your PHP program, or sometimes used directly on the
database, so it’s a server language.
MIST Page 20
Design is the first step in moving from problem domain to the solution
domain. Design is essentially the bridge between requirements specification and
the final solution.
The goal of design process is to produce a model or representation of

a system, which can be used later to build that system. The produced model is
called the “Design of the System”. It is a plan for a solution for the system.
HTML:
HTML is a hypertext mark-up language which is in reality a backbone

of any website. Every website can’t be structured without the knowledge of html.
If we make our web page only with the help of html, than we can’t add many of the
effective features in a web page, for making a web page more effective we use
various platforms such as CSS. So here we are using this language to make our
web pages more effective as well as efficient. And to make our web pages dynamic
we are using Java script.
CSS :
CSS Stands for "Cascading Style Sheet." Cascading style sheets are
used to format the layout of Web pages. They can be used to define text styles,
table sizes, and other aspects of Web pages that previously could only be defined
in a page's HTML. The basic purpose of CSS is to separate the content of a web
document (written in any mark up language) from its presentation (that is written
using Cascading Style Sheets). There are lots of benefits that one can extract
through CSS like improved content accessibility, better flexibility and moreover,
MIST Page 21
CSS gives a level of control over various presentation characteristics of the

document. It also helps in reducing the complexity and helps in saving overall
presentation time. CSS gives the option of selecting various style schemes and
rules according to the requirements and it also allows the same HTML document to
be presented in more than one varying style.
JAVA SCRIPT
JavaScript is considered to be one of the most famous scripting

languages of all time. JavaScript, by definition, is a Scripting Language of the
World Wide Web. The main usage of JavaScript is to add various Web
functionalities, Web form validations, browser detections, creation of cookies and
so on. JavaScript is one of the most popular scripting languages and that is why it
is supported by almost all web browsers available today like Firefox,
We used the browser Opera or Internet Explorer. JavaScript is

considered to be one of the most powerful scripting languages in use today. It is
often used for the development of client-side web development. JavaScript is used
to make web pages more interactive and dynamic. JavaScript is a light weight
programming language and it is embedded directly into the HTML code.
JavaScript, as the name suggests, was influenced by many languages, especially
Java.
PHP
MIST Page 22
Precisely, PHP is a very powerful server-side scripting language for

developing dynamic web applications. Using PHP, one can build interactive and
dynamic websites with ease. PHP script can be embedded straight into the heart of
html code. PHP is compatible with various web servers like Apache and the
Microsoft’s IIS as well. All the PHP scripts are executed on the server and it
supports various databases like MySQL, Oracle, Solid, Generic ODBC etc;
however, it is mostly used with MySQL.
SQL
SQL stands for Structured Query Language. SQL lets us access and
manipulate databases. SQL is an ANSI (American National Standards Institute)
standard. SQL can execute queries against a database ,retrieve data from a
database, insert records in a database, update records in a database, delete records
from a database, create new databases , create new tables in a database , create
stored procedures in a database, create views in a database, set permissions on
tables, procedures, and views.
Functional Requirements:
1. Functional requirements are associated with specific functions,

tasks or behaviours the system must support. The functional requirements
address the quality characteristic of functionality while the other quality
characteristics are concerned with various kinds of non-functional
requirements. Because non-functional requirements tend to be stated in
terms of constraints on the results of tasks which are given as functional
requirements (e.g., constraints on the speed or efficiency of a given task), a
MIST Page 23
task-based functional requirements statement is a useful skeleton upon

which to construct a complete requirements statement. That is the approach
taken in this work. It can be helpful to think of non-functional requirements
as adverbially related to tasks or functional requirements:
Non-Functional Requirements
Non-functional requirements are requirements that specify criteria that

can be used to judge the operation of a system, rather than specific behaviors. This
should be contrasted with functional requirements that specify specific behavior or
functions. In general, functional requirements define what a system is supposed to
do whereas non-functional requirements define how a system is supposed to be.
Non-functional requirements are often called qualities of a system. Other terms for
non-functional requirements are "constraints", "quality attributes", "quality goals"
and "quality of service requirements". Qualities, aka. Non-functional requirements,
can be divided into two main categories.
1. Execution qualities, such as security and usability, are observable at run

time.
2. Evolution qualities, such as testability, maintainability, extensibility and
scalability, are embodied in the static structure of the software system.
MIST Page 24
Scalability:
The network-deployment cost for scaling up these systems must be

manageable merely having the technology to provide a user service is not
sufficient. The service-provider involvement requires that different infrastructure
services be available. This information helps service providers to determine where
to invest next. The data-collection facility is that service want to integrate into
their service and system.
Interoperability:
It is important that the interface is simple and intuitive Instead of

making products and services ever more sophisticated, they must be made
intuitive, simple, and useful in solving problems.
Reliability:
In order to be more reliable JainSIP is used. It enhances the

performance as well as the reliability of the system and communicate with more
number of people at a time. It is imperative that the service reaches thousands of
people, and that it is absolutely reliable.
Portability:
In order to be more portable we use Application server Tomcat5.0 and

even the voice server is independent of the platform.
MIST Page 25
Extensibility:
The application should be widely extensible, where we can include

many services like fax can be added in to UMS server. Also many call routing
mechanism can be included.
Efficiency:
The system should function in an efficient manner with proper

acknowledgements and responses at high speed.
MODULES
USER:
In this module user register and login to the site. And user can view the files and
they want to download from the admin request and key will be sent to user mail
.with that key user can download the files.
Admin:
In this module admin can login the site and can upload the files on the cloud with
centric key management and he will give the permission to users.
MIST Page 26
2.2System Requirements Specifications
2.2 System Requirements
Hardware specifications:-
Processor : Any Processor Speed 1.1 GHz (min)
RAM : 256 MB (min)
Hard Disk Capacity : 40 GB (min)
Monitor : Any Monitor
Keyboard : Standard Keyboard
Mouse : Two or Three Button Mouse
Software requirements:-
Operating System : Windows XP/7/8.
Scripting Language : PHP
Technology : PHP
Front End : HTML, CSS and JavaScript
Database : MYSQL
Web Server : Apache server
MIST Page 27
Tool : Notepad++.
SYSTEM STUDY
FEASIBILITY STUDY:
The feasibility of the project is analyzed in this phase and business

proposal is put forth with a very general plan for the project and some cost
estimates. During system analysis the feasibility study of the proposed system is
to be carried out. This is to ensure that the proposed system is not a burden to
the company. For feasibility analysis, some understanding of the major
requirements for the system is essential.
Three key considerations involved in the feasibility analysis are
 ECONOMICAL FEASIBILITY
 TECHNICAL FEASIBILITY
 SOCIAL FEASIBILITY
MIST Page 28
ECONOMICAL FEASIBILITY
This study is carried out to check the economic impact that the system
will have on the organization. The amount of fund that the company can pour into
the research and development of the system is limited. The expenditures must be
justified. Thus the developed system as well within the budget and this was
achieved because most of the technologies used are freely available. Only the
customized products had to be purchased.
TECHNICAL FEASIBILITY
This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a high
demand on the available technical resources. This will lead to high demands on the
available technical resources. This will lead to high demands being placed on the
client. The developed system must have a modest requirement, as only minimal or
null changes are required for implementing this system.
SOCIAL FEASIBILITY
The aspect of study is to check the level of acceptance of the system

by the user. This includes the process of training the user to use the system
efficiently. The user must not feel threatened by the system, instead must accept it
as a necessity. The level of acceptance by the users solely depends on the methods
that are employed to educate the user about the system and to make him familiar
MIST Page 29
with it. His level of confidence must be raised so that he is also able to make some
constructive criticism, which is welcomed, as he is the final user of the system.
System design
DATA FLOW DIAGRAMS
A data flow diagram is graphical tool used to describe and analyze

movement of data through a system. These are the central tool and the basis from
which the other components are developed. The transformation of data from input
to output, through processed, may be described logically and independently of
physical components associated with the system. These is known as the logical
data flow diagrams. The physical data flow diagrams show the actual implements
and movement of data between people, departments and workstations. A full
description of a system actually consists of a set of data flow diagrams. Using two
familiar notations Yourdon, Gane and Sarson notation develops the data flow
diagrams. Each component in a DFD is labeled with a descriptive name. Process is
further identified with a number that will be used for identification purpose. The
development of DFD’S is done in several levels. Each process in lower level
diagrams can be broken down into a more detailed DFD in the next level. The top-
level diagram is often called a “context diagram”.
Context Diagram:
MIST Page 30
It contains a single process, but it plays a very important role in

studying the current system. The context diagram defines the system that will be
studied in the sense that it determines the boundaries. Anything that is not inside
the process identified in the context diagram will not be part of the system study.
It represents the entire software element as a single bubble with input and output
data indicated by incoming and outgoing arrows respectively.
A DFD is also known as a “bubble chart” has the purpose of
clarifying system requirements and identifying major transformations that will
become programs in system design. So it is the starting point of the design to the
lowest level of detail. A DFD consists of a series of bubbles joined by data flows in
the system.
DFD SYMBOLS:
In the DFD, there are four symbols
 A square defines a source(originator) or destination of system data

 An arrow identifies data flow. It is the pipeline through which the
information flows. Data move in a specific direction from an origin to a
destination.
 A circle or a bubble represents a process that transforms incoming data flow
into outgoing data flows.
 An open rectangle is a data store, data at rest or a temporary repository of
data
MIST Page 31
Symbols Elementary references
Process that transforms data flow
Data Flow
Source or Destination of data
Data Store
CONSTRUCTING A DFD:
Several rules of thumb are used in drawing DFD’S:
 Process should be named and numbered for an easy interface. Each name
should be representative of the process.
 The direction of flow is from top to bottom and from left to right. Data
traditionally flow from source to the destination although they may flow back to
the source. One way to indicate this is to draw long flow line back to a source. An
alternative way is to repeat the source symbol as a destination. Since it is used
more than once in the DFD it is marked with a short diagonal.
MIST Page 32
 When a process is exploded into lower level details, they are numbered.
 The names of data stores and destinations are written in capital letters.
Process and dataflow names have the first letter of each work capitalized.
A DFD typically shows the minimum contents of data store. Each data
store should contain all the data elements that flow in and out.
Questionnaires should contain all the data elements that flow in and out.
Missing interfaces redundancies and like is then accounted for often through
interviews.
Salient features of DFD’S:
1. The DFD shows flow of data, not of control loops and decision are
controlled considerations do not appear on a DFD.
2. The DFD does not indicate the time factor involved in any process whether
the data flow take place daily, weekly, monthly or yearly.
3. The sequence of events is not brought out on the DFD.
Types of data flow diagrams
DFD’s are of two types

a. Physical DFD.
b. Logical DFD.
Physical DFD:
MIST Page 33
Structured analysis states that the current system should be first

understand correctly. The physical DFD is the model of the current system and
is used to ensurethat the current system has been clearly understood. Physical
DFDs shows actual devices, departments, and people etc., involved in the
current system.
Logical DFD:
Logical DFDs are the model of the proposed system. They clearly
should show the requirements on which the new system should be built. Later
during design activity this is taken as the basis for drawing the system’s
structure charts.
RULES GOVERNING THE DFD’S:
PROCESS
 No process can have only outputs.

 No process can have only inputs. If an object has only inputs than it must be
a sink.
 A process has a verb phrase level.
DATA STORE
 Data cannot move directly from one data store to another data store, a
process must move data.
MIST Page 34
 Data cannot move directly from an outside source to a data store, a process,
which retrieves, must move data from the source and place the data into data store.
 A data store has a noun phrase level.
4.3 UNIFIED MODELING LANGUAGE:
UML stands for Unified Modelling Language are a third

generation method for specifying, visualizing and documenting the artefacts of an
object oriented system under development. Object modelling is the process by
which the logical objects in the real world (problem space) are represented
(mapped) by the actual objects in the program (logical or a mini world). This visual
representation of the objects, their relationships and their structures is for the ease
of understanding. This is a step while developing any product after analysis.
The goal from this is to produce a model of the entities

involved in the project which later need to be built. The representations of the
entities that are to be used in the product being developed need to be designed.
Software design is a process that gradually changes as

various new, better and more complete methods with a broader understanding of
the whole problem in general come into existence.
MIST Page 35
The Unified Modeling Language encompasses a number of models.

 Use case diagrams
 Class diagrams
 Sequence diagrams
USECASE DIAGRAM
Use case diagram consists of use cases and actors and

shows the interaction between them. The key points are:
 The main purpose is to show the interaction between the use cases and
the actor.
 To represent the system requirement from user’s perspective.
 use cases are the functions that are to be performed in the module.
 An actor could be the end-user of the system or an external system.
MIST Page 36
CLASS DIAGRAM
Class Diagram consists of the classes and the objects and the interaction
between them. It mainly deals with the interaction between classes in the system,
their behavior and properties of the system. Apart from classes this also provides
inheritance relationships in the project. Class diagrams consist of basically two
parts: first one is the member variables and class variables and the second part
consists of the total number of methods available in the class.
MIST Page 37
SEQUENCE DIAGRAM
The purpose of sequence diagram is to show the flow of functionality through

a use case. In other words, we call it a mapping process in terms of data transfers
from the actor through the corresponding objects.
The key points are:
The main purpose is to represent the logical flow of data with respect to a process
 A sequence diagram displays the objects and not the classes.
MIST Page 38
MIST Page 39
Activity Diagram:
An Activity Diagram is a behavioral diagram that shows the flow or

sequence of activities through a system. The terms activity diagram and process
flow are often used interchangeably. However, the term activity diagram is
typically more restrictive as it refers to one of thirteen standard Unified Model
Language (UML) diagrams. Activity Diagrams are one of the most commonly
used diagrams since its notation and origin are based on the widely known
flowchart notation.
MIST Page 40
MIST Page 41
4. IMPLEMENTATION & RESULT
<!DOCTYPE html>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;

charset=utf-8"/>
<title>DATA SECURITY PROJECT</title>
<link rel="stylesheet" href="css/style.css" type="text/css" />


</head>
<body>
MIST Page 42
<style>
.t
text-shadow:#FF3399 2px 0px 0px;
font-size:24px;
color:#3300FF;
.home
text-align:center;
overflow:hidden;
font-family:Georgia, "Times New Roman", Times, serif;
font-size:16px;
color:#000000;
</style>
MIST Page 43
<div class="header">
<div><h3 align="center" class="t" >Privacy protection issue on

cloud with key management and based on encryption prediction </h3></div>
<div id="navigation">
<ul>
<li class="selected"><a
href="index.php">HOME</a></li>
<li><a
href="register.php">REGISTER</a></li>
<li><a href="login.php">LOGIN</a></li>
<li><a href="about.php">ABOUT</a></li>
<li><a href="contact.php">CONTACT
US</a></li>
</ul>
</div>
</div>
<div class="body">
MIST Page 44
<link rel="stylesheet" type="text/css" href="engine1/style.css" />
<script type="text/javascript" src="engine1/jquery.js"></script>

<body style="background-color:#f0f0f0;margin:0">

<div id="wowslider-container1">
<div class="ws_images"><ul>
<li><img src="data1/images/1.jpg" alt="1" title=""

id="wows1_0"/></li>

id="wows1_1"/></li>
MIST Page 45
<li><a href="http://wowslider.net"><img
src="data1/images/3.jpg" alt="wowslider.net" title="" id="wows1_2"/></a></li>

id="wows1_3"/></li>
</ul></div>
</div>
<script type="text/javascript" src="engine1/wowslider.js"></script>
<script type="text/javascript" src="engine1/script.js"></script>

</div>
</div>
<div align="left">
<ul class="home">
<li>The Cloud Computing is a next

generation
MIST Page 46
platform, which provides virtualization with resource pool.</li>
<li>There are three types of cloud service models, Infrastructureas-
a-Service (IaaS), Platform-as-a-Service (PaaS) and
Software-as-a-Service (SaaS).</li>
<li>Most of the scientific research
focus on IaaS model, which manage virtualization and storage.</li>
<li>IaaS allows customer to scale based on user demand and user
only pays for the resource usage.</li>
<li>Data security plays a crucial
role in cloud environment and user trust is most challenging
problem of cloud services. </li><li>This research paper proposed new
methodology that secures data and provide privacy to the
customer in cloud. </li><li>Our technique providing security by using
data partition approach and that partitioned data will be
proceed further parallel for encryption mechanism. </li><li>Here
privacy is given by centric key management scheme.</li>
</ul>
MIST Page 47
</div>
</div>
<div class="connect">
</div>
</div>
</div>
<div class="footer">
<p>© 2016 Designed By Sadik Diwan. All Rights

Reserved.</p>
</div>
</body>
</html>
MIST Page 48
TESTING
Testing is a process, which reveals errors in the program. It is the

major quality measure employed during software development. During testing, the
program is executed with a set of conditions known as test cases and the output is
evaluated to determine whether the program is performing as expected.
Software testing is the process of testing the functionality and

correctness of software by running it. Process of executing a program with the
intent of finding an error.
A good test case is one that has a high probability of finding an as yet
undiscovered error. A successful test is one that uncovers an as yet undiscovered
error. Software testing is usually performed for two reasons.
 Defect detection
 Reliability estimation
6.1 TESTING OBJECTIVES
 Testing is a process of executing a program with the intent of finding an

error.
 A good test case is one that has a high probability of finding an as yet
undiscovered.
 A successful test is one that uncovers an as yet undiscovered error.
6.2 TESTING PRINCIPLES:
MIST Page 49
 All tests should be traceable to customer requirements.

 Tests should be planned large before testing begins.
 Testing should begin “In the Small” and progress towards “In the Large”.
6.3 TYPES OF TESTING:
In order to make sure that the system does not have errors, the
different levels of testing strategies that are applied at differing phases of software
development are:
Unit Testing:
Unit Testing is done on individual modules as they are completed and

become executable. It is confined only to the designer's requirements.
Each module can be tested using the following two strategies:
i) Black Box Testing:
In this strategy some test cases are generated as input conditions that
fully execute all functional requirements for the program. This testing has been
uses to find errors in the following categories:
 Incorrect or missing functions
 Interface errors
 Errors in data structure or external database access
 Performance errors
 Initialization and termination errors.
 In this testing only the output is checked for correctness. The logical flow of
the data is not checked.
MIST Page 50
ii) White Box testing:
In this the test cases are generated on the logic of each module by
drawing flow graphs of that module and logical decisions are tested on all the
cases.
It has been uses to generate the test cases in the following cases:
a) Guarantee that all independent paths have been executed.

b) Execute all logical decisions on their true and false sides.
c) Execute all loops at their boundaries and within their
operational bounds.
a) Execute internal data structures to ensure their valid
2. Integrating Testing:
Integration testing ensures that software and subsystems work

together as a whole. It tests the interface of all the modules to make sure that the
modules behave properly when integrated together.
3. System Testing:
Involves in-house testing of the entire system before delivery to the user. Its
aim is to satisfy the user the system meets all requirements of the client's
specifications.
MIST Page 51
4. Acceptance Testing:
It is a pre-delivery testing in which entire system is tested at client's

site on real world data to find errors.
Validation:
The system has been tested and implemented successfully and thus
ensured that all the requirements as listed in the software requirements
specification are completely fulfilled. In case of erroneous input corresponding
error messages are displayed.
COMPILING TEST
It was a good idea to do our stress testing early on, because it gave us
time to fix some of the unexpected deadlocks and stability problems that only
occurred when components were exposed to very high transaction volumes.
EXECUTION TEST
This program was successfully loaded and executed. Because of good

programming there were no execution errors.
OUTPUT TEST
The successful output screens are placed in the output screens section
above.
MIST Page 52
Test case 1:check data Priority (H, L): High
Test Objective: To check whether the user inserted data is available or not.
Test Description:When user click on Report url in new window view uploaded data
in all clouds.
Requirements Verified: Yes
Test Environment: Apache Server.
Test Setup/Pre-Conditions: Server should be in on state
Actions Expected Results
The user user view data stored in clouds See all clouds have same data or not.
through this form
Pass: Yes Conditions pass: No Fail: No
Problems / Issues: NIL
MIST Page 53
Notes: Successfully Executed
Test case 2:Login without UserID. Priority (H, L): High
Test Objective: To check whether the user/administrator can login without his userid
Test Description: when a user or administrator clicks the link, a login form will be
displayed. In this form if user wants to login he has to enter userid and password. If he
doesn’t enter and then tries to login, he will get a message indicating “user id is
mandatory”
The user/administrator will login through A relevant message should appear.

the login form
MIST Page 54
MIST Page 55
Test case 3:change password Priority (H, L):High
Test Objective: To check whether the user can change his password when desired
Test Description: when a user or administrator clicks the link to change the password,
then a window appears to reset password. In that a new password is given and then
updated.
The user/administrator will login through When user logins with new password then
the login form he should be allowed to login
MIST Page 56
Test case 4:admin create cloud. Priority (H, L): High
Test Objective: Whether the admin click on cloud create cloud is create or not .
Test Description: when a administrator click on a create cloud url then a new
window appears in that provide filled all details of cloud then click on submit.
Actions : Expected Results
The administrator create new clouds A relevant message should appear cloud is
through this form create successfully.
MIST Page 57
RESULTS
SCREEN SHOTS
Home page
CONCLUSION:
As it was known that in cloud computing, securitychallenges are

still persistent especially in public-cloud computing. This research paper
proposes a new way to provide data security, privacy & authentication on
different cloud models. Especially in public-cloud model, by introducing a
new layer in-between the client and the service
provider (i.e. cloud). This paper suggests use of an “asymmetric public key
cryptography” algorithm as part of the key management to ensure the
authentication between client and service provider. After creating the
logical authentic link between client and service provider, large client-data
MIST Page 58
is partitioned and is encrypted in parallel. By using this data partition

approach, considerable amount of time
Future enhancement:
After creating the logical authentic link between client and

service provider, large client-data is partitioned and is encrypted in parallel.
By using this data partition approach, considerable amount of time
REFERENCES:
[1] P. Mell and T. Grance, “The NIST Definition of Cloud Computing

Version 15,” Nat’l Inst. of Standards and Technology, Information
Technology Laboratory, vol. 53, p. 50, http://csrc.nist.gov/groups/SNS/cloud-
computing/, 2010.
[2] SeongMin Yoo, Pyung Park, JinSeop Shin, JinSeok oh, HoYong
Rya, JaeCheol Ryou. “User-Centric Key Management Scheme for
Personal Cloud Storage” ,2013 IEEE
[3] Wu Suyan, Li wenbo and Hu Xiangyi. “Study of Digital Signature
with Encryption Based on Combined Symmetric Key”, 2009 IEEE.
[4] Dripto Chatterjee, Joyshree Nath, Suvadeep Dasgupta and Asoke
Nath. “A new Symmetric key Cryptography Algorithm using
extended MSA method: DJSA symmetric key algorithm”, 2011 IEEE.
[5] Neeraj Khanna, Joyshree Nath, Joel James, Amlan Chakrabarti,
MIST Page 59
Sayantan Chakraborty, Asoke Nath. “New Symmetric key

Cryptographic algorithm using combined bit manipulation and
MSA encryption algorithm: NJJSAA symmetric key algorithm”, 2011 IEEE.
[6] Niraj Kumar, Pankaj Gupta, Monika Sahu and Dr. M A Rizvi.
“Boolean algebra based Effective and Efficient Asymmetric Key Cryptography
Algorithm: BAC Algorithm”, 2013 IEEE.
[7] Thongpon Teerakanok and Sinchai Kamolphiwong. “Accelerating
Asymmetric-Key Cryptography using Parallel-key Cryptographic
Algorithm (PCA)”, 2009 IEEE.
MIST Page 60

Data Security and Privacy Using Data Partition Centric Key Management in Cloud

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Data Security and Privacy Using Data Partition Centric Key Management in Cloud

Transféré par

Droits d'auteur :

Formats disponibles

DATA SECURITY AND PRIVACY USING DATA PARTITION

CENTRIC KEY MANAGEMENT IN CLOUD

SYMBOLS & ABBREVIATIONS

2.6 Feasibility Study

4. IMPLEMENTATION & RESULTS 42

Data Security and Privacy Using Data

The use of cloud computing has improved rapidly in many

Dealing with “single cloud” providers is becoming less popular with

According to cloud computing has been defined as ‘‘a style of

Cloud computing is term that describes various type of computing concepts

Fig.1 Service Layers of Cloud Environment If computing infrastructure is

2.1 LITERATURE SURVEY

The Theoretical background of the mainly used to know how to get

2.2 EXISTING SYSTEM:

The limitation of cloud computing are the security issues of cloud

2.3 PROPOSED SYSTEM:

In proposed security layer, cloud-client data is not just sent to cloud

PHP, one of the Web’ s most popular programming languages.

PHP is a programming language for building dynamic, interactive

What exactly does the phrase “ dynamic, interactive Web sites ”

As we know many people are effected by viral infection when they

A Database is an integrated collection of user related data stored with minimum

Database: It consists of collection of persistent data that is used by the application

User: There are three types of users

RELATIONAL DATABASE MANAGEMENT SYSTEMS

Database Management System has evolved from hierarchical to

They are well-defined objects that store the data of a database

Client-Server Architecture Figure shows a typical PHP/MySQL

The LAMP Stack “LAMP” is a clever term for the Linux-Apache-MySQL-PHP

1. Path and file name differences.

aside from occasionally editing an.htaccess file to establish options for a

Server Programming Language:

The goal of design process is to produce a model or representation of

HTML is a hypertext mark-up language which is in reality a backbone

CSS gives a level of control over various presentation characteristics of the

JavaScript is considered to be one of the most famous scripting

We used the browser Opera or Internet Explorer. JavaScript is

Precisely, PHP is a very powerful server-side scripting language for

1. Functional requirements are associated with specific functions,

task-based functional requirements statement is a useful skeleton upon

Non-functional requirements are requirements that specify criteria that

1. Execution qualities, such as security and usability, are observable at run

The network-deployment cost for scaling up these systems must be

It is important that the interface is simple and intuitive Instead of

In order to be more reliable JainSIP is used. It enhances the

In order to be more portable we use Application server Tomcat5.0 and

The application should be widely extensible, where we can include

The system should function in an efficient manner with proper

2.2System Requirements Specifications

2.2 System Requirements

Processor : Any Processor Speed 1.1 GHz (min)

RAM : 256 MB (min)

Hard Disk Capacity : 40 GB (min)

Monitor : Any Monitor

Keyboard : Standard Keyboard

Mouse : Two or Three Button Mouse

Operating System : Windows XP/7/8.

Scripting Language : PHP

Front End : HTML, CSS and JavaScript

Web Server : Apache server

The feasibility of the project is analyzed in this phase and business

Three key considerations involved in the feasibility analysis are

The aspect of study is to check the level of acceptance of the system

<p>© 2016 Designed By Sadik Diwan. All Rights