Académique Documents
Professionnel Documents
Culture Documents
A User Manual on
By
Prof. A. W. Bhade
CERTIFICATE
Submitted by:
Mr. Nitin V. Bahekar (15007007)
Mr. Rohit R. Jamnare (15007041)
Mr. Shubham R. Chaudhari (15007043)
Mr. Lankesh A. Purekar (15007057)
--------------------------- -----------------------
Guide & Head of Department External Examiner
Prof. A. W. Bhade
---------------------------
Principal
Dr. R. S. Dalu
DECLARATION
We hereby declare that the project entitled, “Two-Cloud Secure Database for
Place:
Date:
We take this opportunity to express our profound gratitude and deep regards to our
guide Prof. A. W. Bhade for her exemplary guidance, monitoring and constant
encouragement throughout the course of this thesis. The blessing, help and guidance given
by her time to time shall carry us a long way in the journey of life on which we are about to
embark.
We are obliged to our Head of the department Prof. A. W. Bhade for giving this great
opportunity. We are grateful for their cooperation during the period of our assignment.
i
HONOR CODE
We certify that we have properly cited any material taken from other sources and have
obtained permission for any copyrighted material included in this report. We take full
responsibility for any code submitted as part of this project and the contents of this report.
ii
ABSTRACT:
Industries and individuals outsource database to realize convenient and low-cost applications
and services. In order to provide sufficient functionality for SQL queries, many secure
database schemes have been proposed. However, such schemes are vulnerable to privacy
leakage to cloud server. The main reason is that database is hosted and processed in cloud
server, which is beyond the control of data owners.
For the huge database system, those schemes cannot provide sufficient privacy protection
against practical challenges, e.g, privacy leakage of statistical properties, access pattern.
Furthermore increase in problems in database like data redundancy and lacking in data
integrity will inevitably leak more information to the cloud server. In this project, we
proposed two- cloud architecture for secure database, with a series of intersection protocol. In
the two cloud architecture on cloud is for the storing the keys and other is for the data storing
purpose when we store data on the cloud, it is not on the command of the user all the data is
under the control of the TPA who applies auditing schemes on database. But being a cloud
holder TPA has access to manipulate the data. But in the proposed system we can say that as
the data is stored on one cloud and is encrypted with encryption algorithm, and the keys with
which the data is being encrypted are stored on the other cloud. The TPA have access to the
database but whereas the data is in the encrypted form this makes the more secure database.
TPA can apply auditing on every rows and column.
iii
INDEX
Acknowledgements i
Honor Code ii
Abstract iii
List of Figures iv
1. INTRODUCTION
1.1 Introduction .......................................................................................................... 1
1.2 Scope .................................................................................................................... 2
1.3 Identification of need ........................................................................................... 4
1.4 Motivation ........................................................................................................... 4
1.5 Aim ...................................................................................................................... 5
1.6 Types of Cloud Computing ................................................................................. 7
2. LITERATURE REVIEW
2.1 Background History ............................................................................................. 10
2.2 Related Work ....................................................................................................... 10
2.3 Pitfalls of Existing System ................................................................................... 12
2.4 Privacy-Preserving Public Auditing for Secure Cloud Storage ........................... 13
2.5 Scalable and Efficient Provable Data Possession ................................................. 15
2.6 Dynamic Provable Data Possession ..................................................................... 15
2.7 Summary and Discussion ..................................................................................... 16
3. SYSTEM DEVELOPMENT
3.1 Software Requirement...........................................................................................17
3.2 Features provided by this project ......................................................................... 17
3.3 Problem Definition ............................................................................................... 17
3.4 Proposed System .................................................................................................. 17
3.5 Plan & Module ..................................................................................................... 18
3.6 Advantages of Proposed System ......................................................................... 20
5. PERFORMANCE ANALYSIS
7. CONCLUSION
REFERENCES............................................................................................................. 35
LIST OF FIGURES
v
1. INTRODUCTION
1.1 Introduction
Cloud computing is a type of internet based computing that provides shared computer
processing resources and data to computers and other devices on demand, and provide the
storage space to the users to store their documents, images, songs etc, can also retrieve
whenever they want. But there is no surety about security of the document.
The typical scenario for outsourced database is described in Figure. 1 as that in CryptDB[7]:
A cloud client, such as an IT enterprise, wants to outsource its database to the cloud, which
contains valuable and sensitive information (e.g. transaction records, account information,
disease information), and then access to the database (e.g. SELECT, UPDATE, etc.) [8], [9],
[10], [11], [12]. Due to the assumption that cloud provider is honest-but-curious [13], [11],
the cloud might try his/her best to obtain private information for his/her own benefits. Even
worse, the cloud could forward such sensitive information to the business competitors for
profit, which is an unacceptable operating risk. The privacy challenge of outsourced database
is two-hold. 1) Sensitive data is stored in cloud, the corresponding private information may
be exposed to cloud servers; 2) Besides data privacy, clients’ frequent queries will inevitably
and gradually reveal some private information on data statistic properties. Thus, data and
queries of the outsourced database should be protected against the cloud service provider.One
straightforward approach to mitigate the security risk of privacy leakage is to encrypt the
private data and hide the query/access patterns.
Unfortunately, as far as we know, few academia researches satisfy both properties so far.
CryptDB [7] is the first attempt to provide a secure remote database application, which
guarantees the basic confidentiality and privacy requirement, and provides diverse SQL
queries over encrypted data as well. CryptDB uses a series of cryptographic tools to achieve
this security functionality. Especially, order preserving encryption [11] is utilized to realize
numeric related range query processes. From the perspective of query functionality, CryptDB
supports most kinds of numerical SQL queries with such cryptology. However, such privacy
leakage hasn’t been well addressed thoroughly, since OPE is relatively weak to provide
sufficient privacy assurance.
1.2 Scope
With the increasing development of cloud computing technologies, it is not hard to imagine
that in the near future more and more businesses will be moved into the cloud and also
demand for the large database to store their information with security and retrieve it only by
the authoriCloud Service Providers (CSP) provide the services to the users and also manage
an enterprise infrastructure class that offers a scalable, reliable and secure environment to the
users, and requires a very low marginal cost to the sharing nature of resources. It is regular
process for users to use cloud storage services to share data with others in team. Current
system believes that sharing data among multiple users is perhaps one of the most engaging
features that motivate cloud storage. A unique problem introduced during the process of
public auditing for shared data in the cloud is how to preserve identity privacy from the TPA,
because the identities of signers on shared data may indicate that a particular user in the
group or a special block in shared data is a higher valuable target than others. For example,
Alice and Bob work together as a group and share a file in the cloud. The shared file is
divided into a number of small blocks, which are independently signed by users. Once a
block in this shared file is modified by a user, this user needs to sign the new block using her
public/private key pair. The TPA needs to know the identity of the signer on each block in
this shared file, so that it is able to audit the integrity of the whole file based on requests from
Alice or Bob
As shown in Figure. 1.1., after performing several auditing tasks, some private and sensitive
information may reveal to the TPA. On one hand, most of the blocks in shared file are signed
by Alice, which may indicate that Alice is a important role in this group, such as a group
leader.
On the other hand, the 8-th block is frequently modified by different users. It means this
block may contain high value data, such as a final bid in an auction that Alice and Bob need
to discuss
Auditing Task 1 B B B
Auditing Task 2 B B B
Auditing Task 3 B B B
From the work in , the privacy can be preserved against the cloud, if the sensitive knowledge
is partitioned into two parts, and distributed to two non-colluding clouds. In the literature , the
authors also introduce a two-party system to design a secure k query scheme, which enables
the client to query k most similar records from the cloud securely. This divide-and-conquer
mechanism can know any private information from one singe isolated part of the knowledge,
and each of both clouds only knows its own part.
In this project, we introduce a secure two-cloud database service architecture, where two
seperate clouds are used and both of them will perform different task(i.e one cloud for storing
keys and other for storing data). Based on this architecture, we further propose a series of
interaction protocols for a client to conduct numeric-related query over encrypted data from
remote cloud servers. The numeric-related query includes common query statements, such as
greater than, less than, between, etc.
1.4 Motivation
Cloud computing is a computing model in which resources are provided to the users
based on their demand. In cloud computing resources are provided by the cloud service
provider known as CSP. Cloud has a number of users which daily uploading the data, User
can also share the data with other users. So cloud needs a proper way of maintenance and
security. TPA plays a role for maintain and analyzing the cloud properly, so it has motivated
as proposed system can try to provide the privacy to all the documents and data and keep it
secure from the unauthorized users, also maintain the data integrity in cloud. Proposed
system is going to provide security to the data and user can share secured data with team
members who are authenticated to access that data.
1.5 Aim
1.6 Objectives
Current dissertation is dedicated to achieve some of the following objectives.
To achieve data privacy over the shared cloud environment to maintain confidentiality
of user sensitive data.
To identify & analyze the corrupted block of data in cloud via TPA.
To implement secured data sharing by using ring signature.
To build a secure mechanized user whenever it required.
Data confidential against cloud servers is hence frequently desired when users
outsource data for storage in the cloud. It has the large scope for the enterprises, academics
and private sectors also to store their data on the cloud with security.
Characteristics
Cloud computing has a variety of characteristics, which are given below.
Shared Infrastructure:- Uses a virtualized software model, enabling the sharing of
physical services, storage, and networking capabilities. The cloud infrastructure,
regardless of deployment model, seeks to make the most of the available
infrastructure across a number of users.
Dynamic Provisioning:- Allows for the provision of services based on current
demand requirements. This is done automatically using software automation, enabling
the expansion and contraction of service capability, as needed. This dynamic scaling
needs to be done while maintaining high levels of reliability and security.
Network Access:- Needs to be accessed across the internet from a broad range of
devices such as PCs, laptops, and mobile devices, using standards-based APIs (for
example, ones based on HTTP) Deployments of services in the cloud include
everything from using business applications to the latest application on the newest
smart phones.
Managed Metering:- Uses metering for managing and optimizing the service and to
provide reporting and billing information. In this way, consumers are billed for
services according to how much they have actually used during the billing period.
Broad network access:- Your team can access using their smart phones, tablets,
laptops, and office computers. They can use these devices wherever they are located
with a simple online access point. This mobility is particularly attractive for
businesses so that during business hours or on off-times, employees can stay on top of
projects, contracts, and customers whether they are on the road or in the office. Broad
network access includes private clouds that operate within a company’s firewall,
public clouds, or a hybrid deployment.
Resource pooling:- The cloud enables your employees to enter and use data within
the business management software hosted in the cloud at the same time, from any
location, and at any time. This is an attractive feature for multiple business offices and
field service or sales teams that are usually outside the office.
Rapid elasticity:- If anything, the cloud is flexible and scalable to suit your
immediate business needs. You can quickly and easily add or remove users, software
features, and other resources.
Measured service:- Going back to the affordable nature of the cloud, you only pay
for what you use. You and your cloud provider can measure storage levels, processing,
bandwidth, and the number of user accounts and you are billed appropriately. The amount of
resources that you may use can be monitored and controlled from both your side and your
cloud provider’s side which provides transparency.
1.7 Types of Cloud Computing:
As shown in above figure 1.7.1. there are several types of cloud computing which are
as follows.We are discussing here four types of models Public,Private,hybrid and
community.
Figure 1.7.1. Types of cloud computing
Public Model:
Public clouds are made available to the general public by a service provider who hosts
the cloud infrastructure. Generally, public cloud providers like Amazon AWS, Microsoft and
Google own and operate the infrastructure and offer access over the Internet. With this
model, customers have no visibility or control over where the infrastructure is located. It is
important to note that all customers on public clouds share the same infrastructure pool with
limited configuration, security protections and availability variances.Public Cloud customers
benefit from economies of scale, because infrastructure costs are spread across all users,
allowing each individual client to operate on a lowcost, “pay-as-you-go” model. Another
advantage of public cloud infrastructures is that they are typically larger in scale than an in-
house enterprise cloud, which provides clients with seamless, on-demand scalability. These
clouds offer the greatest level of efficiency in shared resources; however, they are also more
vulnerable than private clouds. A public cloud is the obvious choice when .
Your standardized workload for applications is used by lots ofpeople, such as email.
You need to test and develop application code.
You’re doing collaboration projects.
Private Model:
Hybrid Model:
Using Cloud Storage, users can remotely store their data and enjoy the on-demand high
quality applications and services from a shared pool of configurable computing resources,
without the burden of local data storage and maintenance. However, the fact that users no
longer have physical possession of the outsourced data makes the data integrity protection in
Cloud Computing a formidable task, especially for users with constrained computing
resources. Moreover, users should be able to just use the cloud storage as if it is local, without
worrying about the need to verify its integrity. Thus, enabling public auditability for cloud
storage is of critical importance so that users can resort to a third party auditor (TPA) to
check the integrity of outsourced data and be worry-free. To securely introduce an effective
TPA, the auditing process should bring in no new vulnerabilities towards user data privacy,
and introduce no additional online burden to user. It propose a secure cloud storage system
supporting privacy-preserving public auditing. We further extend result to enable the TPA to
perform audits for multiple users simultaneously and efficiently. Extensive security and
performance analysis show the proposed schemes are provably secure and highly efficient.
To address these problems, work utilizes the technique of public key based homomorphic
linear authenticator (or HLA for short), which enables TPA to perform the auditing without
demanding the local copy of data and thus drastically reduces the communication and
computation overhead as compared to the straightforward data auditing approaches [10].
BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed
Systems:
Audit logs, providing information about the current and past states of systems, are one of the
most important parts of modern computer systems. Providing security for audit logs on an
untrusted machine in a large distributed system is a challenging task, especially in the
presence of active adversaries. In such a system, it is critical to have forward security such
that when an adversary compromises a machine, she cannot modify or forge the log entries
accumulated before the compromise. Unfortunately, existing secure audit logging schemes
have significant limitations that make them impractical for real-life applications: Existing
Public Key Cryptography (PKC) based schemes are computationally expensive for logging in
task intensive or resource-constrained systems, while existing symmetric schemes are not
publicly verifiable and incur significant storage and communication overheads. In this paper,
we propose a novel forward secure and aggregate logging scheme called Blind-Aggregate-
Forward (BAF) logging scheme, which is suitable for large distributed systems. BAF can
produce publicly verifiable forward secure and aggregate signatures with near-zero
computational, storage, and communication costs for the loggers, without requiring any
online Trusted Third Party (TTP) support. We prove that BAF is secure under appropriate
computational assumptions, and demonstrate that BAF is significantly more efficient and
scalable than the previous schemes. Therefore, BAF is an ideal solution for secure logging in
both task intensive and resource-constrained systems. To address the above problems, a set
of cryptographic countermeasures have been proposed to enable secure logging on untrusted
machines, without assuming a tamper-resistant hardware or continuous real-time log verifier
In order to fulfill this requirement, we propose a novel forward secure and aggregate logging
scheme for secure audit logging in distributed systems, which we call Blind Aggregate-
Forward (BAF) logging scheme. BAF can address all the aforementioned limitations of the
existing approaches simultaneously [10].
Storage outsourcing is a rising trend which prompts a number of interesting security issues,
many of which have been extensively investigated in the past. However, Provable Data
Possession (PDP) is a topic that has only recently appeared in the research literature. The
main issue is how to frequently, efficiently and securely verify that a storage server is
faithfully storing its client’s (potentially very large) outsourced data. The storage server is
assumed to be untrusted in terms of both security and reliability [10]. PDP uses RSA-based
scheme for security. A publicly available version of PDP is also available which enables any
one to verify the data. It also causes problems when data owners are separated from data
users. These schemes are proved to be insecure against replay attacks. Moreover, they are not
suitable for multi cloud storage environment. Other PDP schemes such as dynamic PDP and
scalable PDP [10].
In our system we design a cloud computing with data security. For providing the data
security of data on cloud computing by using Two cloud Architecture in which one cloud is
for storing the data and another cloud is for storing key data information. Also perform
auditing scheme on database to maintain the integrity of data.
CHAPTER 3
SYSTEM DEVELOPMENT
OS
o Linux
o Windows
o Mac OS
Excel file reader
o MS Excel
o Libre Calc
Command Prompt / Terminal
Eclipse IDE
MySql
Data owner login the system with his generated signature and upload the documents
on the cloud.
Data owner can also modify the data after uploading the document and can share with
other users or group members if he wants to share the data.
Provide security to the documents with the user signature and documents signature.
Update signature to the cloud server and by using TPA maintain the privacy of all
documents.
TPA can access only the document information like size, no uses time, modification
done by the user if any, last update etc, not the data.
User can access the document if and only if he has the valid verified signature
provided by the data owner.
Maintain the data integrity and apply privacy preserving on the cloud storage.
• Authorized user can easily modify, upload, and share their data
4.1 Eclipse
The Java Development Kit (JDK) is an implementation of either one of the Java
Platform, Standard Edition, Java Platform, Enterprise Edition, or Java Platform, Micro
Edition platforms released by Oracle Corporation in the form of a binary product aimed
at Java developers on Solaris, Linux, macOS or Windows. The JDK includes a private JVM
and a few other resources to finish the development of a Java Application.
In addition to the most widely used JDK discussed in this article, there are other
JDKs commonly available for a variety of platforms, some of which started from the Sun
JDK source and some that did not. All adhere to the basic Java specifications, but often differ
in explicitly unspecified areas, such as garbage collection, compilation strategies, and
optimization techniques.
4.4 JSP,Servlet
A servlet is a Java class which is used to extend the capabilities of servers that host
applications accessed by means of a request-response model. Servlets are mainly used to
extend the applications hosted by webs servers, however, they can respond to other types of
requests too. For such applications, HTTP-specific servlet classes are defined by Java Servlet
technology.
A JSP is a text document which contains two types of text: static data and dynamic data. The
static data can be expressed in any text-based format (like HTML, XML, SVG and WML),
and the dynamic content can be expressed by JSP elements. A servlet is a Java programming
language class that is used to extend the capabilities of servers that host applications accessed
by means of a request-response programming model. Although servlets can respond to any
type of request, they are commonly used to extend the applications hosted by web servers.
For such applications, Java Servlet technology defines HTTP-specific servlet classes.
The javax.servlet and javax.servlet.http packages provide interfaces and classes for writing
servlets. All servlets must implement the Servlet interface, which defines life-cycle methods.
When implementing a generic service, you can use or extend the GenericServlet class
provided with the Java Servlet API. The HttpServlet class provides methods, such
as doGet and doPost, for handling HTTP-specific services.
CHAPTER 5
PERFORMANCE ANALYSIS
In this section, we firstly give an overview of our proposed two-cloud scheme, and
then present the detailed interaction protocols to realize range query with privacy
preservation on outsourced encrypted database.
In the existing system, small scale organization could not continuously run their own
website on their server so they allot TPA for this process handling, so our database is also
available in their server. So there may be a chance of data leaking and data malfunctioning. If
we try to encrypt the data for security purpose then it consume more cost in terms of retrieval
time. Unnecessary encryption scheme can slow down the performance.
When some user trying to share his database to another user then this sharing is done
though cloud but the intruders can also access the file from cloud by firing some fuzzy query.
As cloud service providers take care of a number of clients each day, they can become
overwhelmed and may even come up against technical outages. This can lead to your
business processes being temporarily suspended. Additionally, if your internet connection is
offline, you will not be able to access any of your applications, server or data from the cloud.
Although cloud service providers implement the best security standards and industry
certifications, storing data and important files on external service providers always opens up
risks. Using cloud-powered technologies means you need to provide your service provider
with access to important business data. Meanwhile, being a public service opens up cloud
service providers to security challenges on a routine basis. The ease in procuring and
accessing cloud services can also give nefarious users the ability to scan, identify and exploit
loopholes and vulnerabilities within a system. For instance, in a multi-tenant cloud
architecture where multiple users are hosted on the same server, a hacker might try to break
into the data of other users hosted and stored on the same server. However, such exploits and
loopholes are not likely to surface, and the likelihood of a compromise is not great. Since the
cloud infrastructure is entirely owned, managed and monitored by the service provider, it
transfers minimal control over to the customer. The customer can only control and manage
the applications, data and services operated on top of that, not the backend infrastructure
itself. Key administrative tasks such as server shell access, updating and firmware
management may not be passed to the customer or end user.
5.3 Proposed System performance:
In our proposed scheme, both stored data and query logic are partitioned into two parts. This
improves the privacy preservation of range query, while the complexity increases, too. In
fact, the complexity of client is no significant increase compared with common OPES
schemes, such as for a query, the client in these schemes needs to send a query request, and
then receive and decrypt the response to get the results. The client in our scenario also only
needs a round trip communication to perform a query.
As for the clouds, the communication overhead between two clouds does not exist in single
cloud schemes. However, as mentioned in Section 5.1 in [12], the two clouds are in fact two
different clouds (e.g. Amazon and Azure), the communication latency between the clouds is
relative low. What is more, during a query, only one interaction is required for both clouds in
our scheme. In total, our system does increase complexity to some extent, but it is acceptable,
as the increase in overhead is small and the security has been greatly improved.
The frontend developed contains three Actors in the use case analysis i.e, USER, TPA,
ADMIN. The first page consist of the login page which is individual login to these actors.
Each login process will have its separate login Id and login password that will be generated at
the time of registration. After each registration the admin is first login takes the charge to add
the user and allot the TPA. User register on the portal and then the user is being added by the
admin, the user have privileges to access the facilities of the cloud such as upload a file or
download a file. Similarly, when the user are added Admin a lot the TPA to each user and the
data of the user is sent for the auditing to the TPA. The beauty of the project is that when the
data is sent for the auditing the data is in the encrypted format. If at all TPA download the
data but could not read the information.
Figure 5.2.3 LOGIN page.
LOGIN page Figure 5.2.3:-This page has three types of login ADMIN login, USER login,
TPA login.
There are two credentials to login 1) Username 2) Password. The password required is in the
form high security that contains character and the numeric values.
USER:- In the Figure 5.2.1 shown USER can register to the database through the user login..
User have the privilege to create the database, add table, add file to cloud manages the files
from the cloud. User can share the file which is in the database, while sharing the file it is
confirmed that the file is shared with the claimed user or not.
TPA LOGIN:- In the Figure 5.2.2 shown TPA can login through this Page. TPA have access
to database of all the user, TPA can download the files but will be in encrypted form. TPA is
the developer so TPA has knowledge of the database so fires the query onto the database for
auditing purposes .Permission to TPA is not granted because the data is in the encrypted
format and the key is shared among the claimed sender and the receiver only.
USER database:- In the Figure 5.2.5 shown User can manage the data on cloud. User can
download the data, Upload the data, and can share the data. The data stored on the cloud has
access to only the user and when the data is downloaded, stored in the secondary memory.
There are some functionalities provided to the user that is the viewing the details of the file
and inserting the new file or add the details.
User databases are the databases that someone like us create. In one of these databases is
affected by some issue the overall SQL server will still keep functioning bit any applications
using that particular database will be unavailable. These databases collectively maintain and
manage lot of information about the SQL server system like logins , databases , linked
servers , jobs , schedules , reports , report data sources etc.
Figure 5.2.6 USER database.
USER Table:- In the Figure 5.2.6 shown user can create the database and fire some queries to
manage the database, and perform some action on the database. Table name is set by the user
and the data in the table is also feed by the user.
As shown in Figure 5.2.7 Admin has facility that he can block a particular user. User who
trying to register himself but Admin doesn’t want to do that, because there are many reasons.
Like the users entry may get full or he is illegal user. Block user can also be unblock .
Figure 5.2.8 Allotment of TPA to user.
As shown in Figure 5.2.8 Admin can allot TPA to users. Different users can have different
TPA.so depending upon needs Admin can allot required TPA to each user.
As shown in figure 5.2.9 TPA which holds the database of his own users can see the metadata
of the user’s database. He can apply auditing scheme to each database to check integrity of
data. When users are trying to upload data in cloud then first of all these database will be
confirm by TPA.
Figure 5.2.10 Database snapshot- 1
In figure 5.2.10 the database that is required to create in this development is shown. The
number of tables available is listed by using commands in MySQL command line.also the
users that are available in userdata table is also listed. These are the users who register
themselves in cloud storage. User confirmed by TPA is shown by entry 1.
Figure 5.2.11 shows the database snapshot shows the total TPA who are registered in cloud.
Whenever new TPA is trying to register the first of all it is confirmed by admin then the entry
is stored in database. The second table is showing data in the form of various file format.
Different files from different users are uploaded in cloud. These files are first confirmed by
TPA then only entry is made about that file.
Figure 5.2.12 Encrypted file download the file with different key
As shown in figure 5.2.12 whenever user try to download the file from cloud then it required
the particular key whatever is available for that file. If user entered worng key then file will
open but it is in encrypted form.
CHAPTER 6
USER MANUAL
Consumer who wants to store huge data on cloud then this two cloud architecture is best for
Step 1: First user has to install MySQL database, and also has setup for JDK with installed
Eclipse IDE neon version. A browser is required is to run the project. User must be friendly
Step 2: Before storing database in cloud, first user has to register him to the admin. After the
registration admin allots user one single TPA for each user. After registration admin will
User can upload the file by clicking the upload file button also can store database in cloud in
MySQL queries. User has an option to share file just by clicking single option. Also, when
the registration process is taken into consideration users can be registered by two ways: one
when the user fills the information and requests the admin to accept the request so user gets
registered. Other way is directly the admin himself can add the user according to his need
Step 4: User when logged in has options such as Upload Files, View Upload Files, Received
Files from Cloud, Search in File from Cloud. When he chooses Upload Files he has access to
all the media files and word files. He chooses the appropriate file to send and uploads it over
Step 5: When the first user sends the file to the other user the file needs to be verified by the
TPA, when the TPA verifies the file, if the file is authenticate then he confirms the file, else
and allow the access to claimed user. The claimed user decrypts the file using the shared key.
The key must be known by the user to fetch the file or the file won’t be decrypted.
Step 7: When the TPA receives the files he not only can confirm the file but also can apply
auditing on the database which they have been allocated to them by the Admin.
Step 8: TPA has access of cloud database, even TPA can download the files but could not
access it. Because files are in encrypted form. TPA also has view of key cloud which is also
in encrypted form.
CONCLUSION
7.1 Conclusion:
In this project, we presented two-cloud architecture with a series of interaction protocols for
outsourced database service, which ensures the privacy preservation of data contents. At the
same time, with the support of two cloud architecture it was possible to maintain the integrity
in the database range, it not only protects the confidentiality of static data, but also addresses
potential privacy leakage in statistical properties. Security requirements shows that when the
scheme applied on the huge database content the scheme worked very efficiently. This was
noticed that it was not cost affordable to maintain the scheme for the small databases, because
maintain another cloud specially for the keys storing purposes make take Security analysis
shows that our scheme can meet the privacy-preservation requirements. Furthermore,
performance evaluation result shows that our proposed scheme is efficient.
In future this application will be available for all platforms. This application can go
live with web application where user can save their records in cloud. It will establish
transparency and accountability and thereby will help to reduce turnaround time, and
processing delays of files.
In our future work, we will consider to further enhance the security while ensuring
practicality, and we will extend our proposed scheme to support more operations, such as
“SUM/AVG”. Taking the view of increasing database continuity and overload the database
contain the huge amount of secure and precise as well as distributed data we can use this
technique to maintain the integrity and security over high extent, because there is separate
cloud for the key distribution and using the separate cloud for the small database makes it
costly and it does not make sense.
So this algorithm or technique is applied on the highly secret data which want high security
and data which have high priority than anything then in two cloud secure architecture is the
most secure to use for security and the data hiding.
One more to the present technology is that when we store our database to Gmail cloud and
we want to share it with another people in that scenario we can use this secure architecture.
8. REFERENCES
[1] Kaiping Xue , Shaohua Li, Jianan Hong, Yingjie Xue “Two-Cloud Secure Database for
Numeric-Related SQL Range Queries with Privacy Preserving” IEEE Transactions on
Information Forensics and Security ( Volume: 12 , Issue: 7 , July 2017).
[3]S. Benabbas, R. Gennaro, and Y. Vahlis, “Verifiable delegation of computation over large
datasets,” in Annual Cryptology Conference. Springer, 2011, pp. 111–131.
[5] C. Wang, Q. Wang, K. Ren, N. Cao, and W. Lou, “Toward secure and dependable storage
services in cloud computing,” IEEE Transactions on Services Computing, vol. 5, no. 2, pp.
220–232, 2012.
[6] D. Zissis and D. Lekkas, “Addressing cloud computing security issues,” Future
Generation Computer Systems, vol. 28, no. 3, pp. 583–592, 2012.
[7] H. T. Dinh, C. Lee, D. Niyato, and P. Wang, “A survey of mobile cloud computing:
architecture, applications, and approaches,” Wireless Communications and
8obileComputing,vol.13,no.18,pp.1587–1611, 2013.
[8] K. Xue and P. Hong, “A dynamic secure group sharing framework in public cloud
computing,” IEEE Transactions on Cloud Computing, vol. 2, no. 4, pp. 459–470, 2014.
[10] X. Chen, J. Li, X. Huang, J. Ma, and W. Lou, “New publicly verifiable databases with
efficient updates,” IEEE Transactions on Dependable and Secure Computing, vol. 12, no. 5,
pp. 546–556, 2015.
[11] J.W. Ritting house and J.F. Ransome, Cloud computing: implementation, management,
and security. CRC press, 2016.
[12] X. Chen, J. Li, J. Weng, J. Ma, and W. Lou, “Verifiable computation over large database
with incremental updates,” IEEE Transactions on Computers, vol. 65, no. 10, pp. 3184–3195,
2016.
[13]W. Li, K. Xue, Y. Xue, and J. Hong, “TMACS: A robust and verifiable threshold multi-
authority access control system in public cloud storage,” IEEE Transactions on Parallel &
Distributed Systems, vol. 27, no. 5, pp. 1484–1496, 2016.
[14]https://www.levelcloud.net/why-levelcloud/cloud-education-center/advantages-and-
disadvantages-of-cloud-computing/