Optimizing Information Leakage in Multicloud Storage Services

Optimizing Information Leakage in Multicloud Storage Services
Abstract:
In Provable Multi files Dynamic data Possession in cloud computing deals with
stored data in Dynamic way to cloud server. Multi files Means, data to be copied in
multiple server. In the project owner to upload the data in cloud server with
automatically data to take multiple files then that files are stored in multiple server.
If upload the data in multi-server to avoid the data loss from Hacking and server
crash. In this project we introduced new technique that is Fully Homomorphic
Encryption (FHE) for take Multi files of data, File security, Data Corrupted. In this
Project we have to FHE algorithm for protect the data. That are keygen, copygen
and taggen. Above the process done in Existing system using Single file of
Dynamic Data.
Scope of the project:
In this section, we describe the concept of a hybrid scheme that combines

PKE and SHE. A message is encrypted using PKE, and converted to a ciphertext
under SHE when homomorphic computations on the message are needed. The
ciphertext is decrypted under SHE.
Objectives:
• In this project we introduced new technique that is Fully Homomorphic

Encryption (FHE) for take Multi files of data, File security, Data Corrupted.
Existing System:
• In Existing system this project all the uploaded data are stored in cloud
server Single file way. In previous data stored in single server and Owner
sharer the data authorized users. Then authorized users send the file request
to file owner this not correct way and service provider may be access files in
illegal. So automatically occur data security loss. In Existing Somewhat
Homomorphic Encryption(SHE) Algorithm used.
Disadvantage:
• Dynamic Single file.
• Service Provider may be Hack the data.
• UnAuthorized users to request the file to file owner.
Proposed System:
In proposed system of this project was uploaded data are stored in multiple server
(Multi files).In proposed one scheme FHE algorithms are used. If Owner upload
the data, automatically prepare three files then stored in three server that why for
security and avoid server overload. That copies also encrypted so cloud service
provider or any others cant hack the data. If owners upload the data, server
automatically convert to zip formats. So server reduce the file size automatically.
Owner share the file to authorized user. Then authorized user send the file request
to cloud server again server send the encrypted data to authorized user. And
authorized user get the decrypt key from data owner.
Advantage:
• Multi files Data, So reduce access time and communication from users.
• If one copy corrupted it will be redirect to another server can download the
file.
• Convert Zip while upload the data.
SYSTEM SPECIFICATION:
HARDWARE SPECIFICATION:
 Processor - I3,I5,I7
 Speed - 2.2 GHz
 RAM - 4 GB (min)
 Hard Disk - 250 GB
SOFTWARE SPECIFICATION:
 Operating system : Windows 7,8,10
 Technology Used : C#
 IDE : MicroSoft Visual Studio 2012
 Database : MicroSoftSqlServer 2012

MODULES:
1. Cloud Service provider
2. User upload with keygen
3. File Convert
4. Authorized users
5. File request
6. File recovery
7. Report Generation
MODULES DESCRIPTION:
Cloud Service provider:
Cloud Service provider to provide the service to user. User register the
details to service provider before send the file. After user registration admin verify
the user profile and accept the user request. Admin may be reject the Unauthorized
profile details.
User upload with keygen:
After admin verify the user details, User to upload the file to cloud
server.While upload the file, files are encrypted and stored in the database and
folder. While upload the data are split and store the three server. Because hacker,
cannot not hack server data. Because data parts are stored in three servers.Key gen
algorithm used in data upload and encrypted.
File Convert:
While upload data to server. All data are in ZIP format for reduce the file
occupy memory.
Authorized users:
Authorised users, these users only to download the file from the others users.
These users to send the file requset to admin and file owner
File request:
User may be share the our files to another users. Shared users to fetch the file from
file owner. Shared user to send the file request to file owner and automatically
same request send to admin. Then Admin verify the server and provide the
clearance to provide the key from file owner. After file owner to send the
temporary key to shared users.if shared users download the shared file the
temporary key automatically expire.
File recovery:
If user file may be corrupt or may be delete. So if user delete any file from
server,user can recover the deleted files from file sever. It is very useful to all
cloud users.If user to recover the deleted file, user login and get the deleted files
Report Generation:
Admin to generate the reports for how many user register in the cloud. And alos
prepare the verify and not verify details.
Architecture Diagram:
Literature Survey:
Paper1
Title: Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud

Data.
Author: Ning Cao, Cong Wang, Ming Li, Kui Ren, and Wenjing Lou
Abstract:
The first time, we define and solve the challenging problem of privacy-preserving
multi-keyword ranked search over encrypted data in cloud computing (MRSE). We
establish a set of strict privacy requirements for such a secure cloud data utilization
system. We further use “inner product similarity” to quantitatively evaluate such
similarity measure. We first propose a basic idea for the MRSE based on secure
inner product computation, and then give two significantly improved MRSE
schemes to achieve various stringent privacy requirements in two different threat
models. To improve search experience of the data search service, we further extend
these two schemes to support more search semantics. Thorough analysis
investigating privacy and efficiency guarantees of proposed schemes is given.
Experiments on the real-world data set further show proposed schemes indeed
introduce low overhead on computation and communication.
Paper2
Title: VABKS: Verifiable Attribute-based Keyword Search over Outsourced

Encrypted Data
Author: Qingji Zheng, Shouhuai Xu, and Giuseppe Ateniese.
Abstract:
It is common nowadays for data owners to outsource their data to the cloud. Since
the cloud cannot be fully trusted, the outsourced data should be encrypted. This
however brings a range of problems, such as: How should a data owner grant
search capabilities to the data users? How can the authorized data users search over
a data owner’s outsourced encrypted data? How can the data users be assured that
the cloud faithfully executed the search operations on their behalf? Motivated by
these questions, we propose a novel cryptographic solution, called verifiable
attribute-based keyword search (VABKS). The solution allows a data user, whose
credentials satisfy a data owner’s access control policy, to (i) search over the data
owner’s outsourced encrypted data, (ii) outsource the tedious search operations to
the cloud, and (iii) verify whether the cloud has faithfully executed the search
operations.
Paper3
Title: Multi-User Private Keyword Search for Cloud Computing
Author: Yanjiang Yang, Haibing Lu, and Jian Weng.
Abstract:
Enterprises outsourcing their databases to the cloud and authorizing multiple users
for access represents a typical use scenario of cloud storage services. In such a case
of database outsourcing, data encryption is a good approach enabling the data
owner to retain its control over the outsourced data. Searchable encryption is a
cryptographic primitive allowing for private keyword based search over the
encrypted database. The above setting of enterprise outsourcing database to the
cloud requires multi-user searchable encryption, whereas virtually all of the
existing schemes consider the single-user setting. To bridge this gap, we are
motivated to propose a practical multi-user searchable encryption scheme, which
has a number of advantages over the known approaches. The associated model and
security requirements are also formulated. We further discuss to extend our scheme
in several ways so as to achieve different search capabilities.
Paper4
Title: A Secure and Dynamic Multi-Keyword Ranked Search Scheme over
Encrypted Cloud Data
Author: Zhihua Xia, Xiongfei Wang, Xinghua Sun, and Qijie Wang
Abstract:
Due to the increasing popularity of cloud computing, more and more data owners
are motivated to outsource their data to cloud servers for great convenience and
reduced cost in data management. However, sensitive data should be encrypted
before outsourcing for privacy requirements, which obsoletes data utilization like
keyword-based document retrieval. In this paper, we present a secure multi-
keyword ranked search scheme over encrypted cloud data, which simultaneously
supports dynamic update operations like deletion and insertion of documents. We
construct a special tree-based index structure and propose a “Greedy Depth-first
Search” algorithm to provide efficient multi-keyword ranked search. The secure
kNN algorithm is utilized to encrypt the index and query vectors, and meanwhile
ensure accurate relevance score calculation between encrypted index and query
vectors. In order to resist statistical attacks, phantom terms are added to the index
vector for blinding search results.
Paper5
Title: Protecting Your Right: Attribute-based Keyword Search with Fine-grained

Owner-enforced Search Authorization in the Cloud
Author: Wenhai Sun, Shucheng Yu, Wenjing Lou, Y Thomas Hou, and Hui Li.
Abstract:
Search over encrypted data is a critically important enabling technique in cloud
computing, where encryption-before outsourcing is a fundamental solution to
protecting user data privacy in the untrusted cloud server environment.. Inspired by
attribute-based encryption (ABE), we present the first attribute-based keyword
search scheme with efficient user revocation (ABKS-UR) that enables scalable
fine-grained (i.e. file-level) search authorization. Our scheme allows multiple
owners to encrypt and outsource their data to the cloud server independently. Users
can generate their own search capabilities without relying on an always online
trusted authority. Fine-grained search authorization is also implemented by the
owner-enforced access policy on the index of each file.
UML DIAGRAMS:
Activity Diagram:
Class Diagram:
Usecase Diagram:
DATA FLOW DIAGARAM:
Level 1:
Level 2:
Level 3:
Overall DFD:
E-R Diagram:
Sequence Diagram:
Collaboration Diagram:
AES ALGORITHM:
AES (acronym of Advanced Encryption Standard) is a symmetric encryption

algorithm. The algorithm was developed by two Belgian cryptographer Joan
Daemen and Vincent Rijmen. AES was designed to be efficient in both hardware
and software, and supports a block length of 128 bits and key lengths of 128, 192,
and 256 bits
STEPS IN ADVANCED ENCRYPTION STANDARD:
STEP 1
Derive the set of round keys from the cipher key
STEP 2
Initialize the state array with the block data

STEP 3
Add the initial round key to the starting state array
STEP 4
Perform nine rouinds of state manipulation
STEP 5
Perform the tenth and final round of state manipulation
STEP 6
Copy the final state array out as the encrypted data
Fully Homomorphic Encryption (FHE):
The first fully homomorphic encryption scheme, solving a central open

problem in cryptography such a scheme allows one to compute arbitrary functions
over encrypted data without the decryption key one can efficiently compute a
compact cipher text that encrypts for any efficiently computable function. This
problem was posed by Rivets. Fully homomorphic encryption has numerous
applications. For example, it enables private queries to a search engine – the user
submits an encrypted query and the search engine computes a succinct encrypted
answer without ever looking at the query in the clear. It also enables searching on
encrypted data – a user stores encrypted files on a remote file server and can later
have the server retrieve only files that (when decrypted) satisfy some Boolean
constraint, even though the server cannot decrypt the files on its own. More
broadly, fully homomorphic encryption improves the efficiency of secure
multiparty computation. Our construction begins with a somewhat homomorphic
“boos trappable” encryption scheme that works when the function is the scheme’s
own decryption function. Then show how, through recursive self-embedding, boots
trappable encryption gives fully homomorphic encryption. The construction makes
use of hard problems on ideal lattices.
FULLY HOMOMORPHIC ENCRYPTION:
Step 1: File upload:
The data owner uploads the file to the cloud. The data owner will store their
file in the public and private cloud.
Step 2 Encryption of the file
The file is encrypted for the privacy preserving. The encrypted file is stored
in the cloud. The unauthorized people can access the file due to the encryption.
Step 3 splitting the file
The file is splited and stored in the different database.
SOFTWARE DESCRIPTION
Front End:
Dotnet:
Microsoft .NET technology you will have access to a new generation of

advanced software joining the best of computing and communications in a
revolutionary new way. The effect will be to totally transform the Web and every
other aspect of the computing experience. .NET enables developers, businesses,
and consumers to harness technology on their terms. .NET will allow the creation
of truly distributed Web services that will integrate and collaborate with a range of
complementary services to help customers in ways that today’s dotcoms can only
dream of. The fundamental idea behind .NET is that the focus is shifting from
individual Web sites or devices connected to the Internet to constellations of
computers, devices, and services that work together to deliver broader, richer
solutions. People will have control over how, when, and what information is
delivered to them. Computers, devices and services will be able to collaborate with
each other to provide rich services, instead of being isolated islands where the user
provides the only integration. Businesses will be able to offer their products and
services in a way that lets customers seamlessly embed them in their own
electronic fabric. Microsoft .NET will make computing and communicating
simpler and easier than ever. It will spawn a new generation of Internet services,
and enable tens of thousands of software developers to create revolutionary online
services and businesses. It will put you back in control, and enable greater control
of your privacy, digital identity, and data. And software is what makes it all
possible. However, Microsoft’s .NET technology will only succeed if others adopt
this new standard.
As mentioned on the .NET Framework page, .NET Framework is designed for

cross-language compatibility. Cross-language compatibility means .NET
components can interact with each other irrespective of the languages they are
written in. An application written in VB .NET can reference a DLL file written in
C# or a C# application can refer to a resource written in VC++, etc. This language
interoperability extends to Object-Oriented inheritance. This cross-language
compatibility is possible due to common language runtime. As you read on
the .NET Framework page, when the .NET program is compiled, the output of the
compiler is not an executable file but a file that contains a special type of code
called the Microsoft Intermediate Language (MSIL). This MSIL is a low-level
language which is designed to be read and understood by the common language
runtime. Because all .NET executables exist as IL, they can freely operate. The
Common Language Specification defines the minimum standards that .NET
language compliers must confirm to. Thus, any code compiled by a .NET complier
can interoperate with the .NET Framework. The Common Type System (CTS)
defines the rules concerning data types and ensures that code is executed in a safe
environment. Since all .NET applications are converted to IL before execution all
primitive data types are represented as .NET types. This means that, a VB Integer
and a C# integer are both represented in IL code as System.Int32. Because both the
languages use a common type system, it is possible to transfer data between
components and avoid time-consuming conversions.
MicroSoft Visual Studio:
Microsoft Visual Studio is an integrated development environment (IDE)

from Microsoft. It is used to develop computer programs for Microsoft Windows,
as well as web sites, web apps, web services and mobile apps. Visual Studio uses
Microsoft software development platforms such as Windows API, Windows
Forms, Windows Presentation Foundation, Windows Store and Microsoft
Silverlight. It can produce both native code and managed code.
Visual Studio includes a code editor supporting IntelliSense (the code

completion component) as well as code refactoring. The integrated debugger works
both as a source-level debugger and a machine-level debugger. Other built-in tools
include a code profiler, forms designer for building GUI applications, web
designer, class designer, and database schema designer. It accepts plug-ins that
enhance the functionality at almost every level—including adding support
for source control systems (like Subversion) and adding new toolsets like editors
and visual designers for domain-specific languages or toolsets for other aspects of
the software development lifecycle (like the Team Foundation Server client: Team
Explorer).
Visual Studio supports 36 different programming languages and allows the

code editor and debugger to support (to varying degrees) nearly any programming
language, provide a language-specific service exists. Built-in languages include C,
C++ and C++ (via Visual C++), VB.NET (via Visual Basic.NET), C# (via Visual
C#), F#(as of Visual Studio 2010) and Typescript (as of Visual Studio 2012
Update 2) . Support for other languages services installed separately. It also
supports XML/XSLT, HTML/XHTML, JavaScript and CSS. Java (and J#) were
supports in the past.
Back End:
SQL Server, the most popular Open Source SQL database management system, is
developed, distributed, and supported by Oracle Corporation. The SQLServer Web
site (http://www.sqlserver.com/) provides the latest information about SQLServer
software.
SQL Server is a database management system:
A database is a structured collection of data. It may be anything from a simple

shopping list to a picture gallery or the vast amounts of information in a corporate
network. To add, access, and process data stored in a computer database, you need
a database management system such as SQL Server. Since computers are very
good at handling large amounts of data, database management systems play a
central role in computing, as standalone utilities, or as parts of other applications.
SQL Server databases are relational:
A relational database stores data in separate tables rather than putting all the data
in one big storeroom. The database structures are organized into physical files
optimized for speed. The logical model, with objects such as databases, tables,
views, rows, and columns, offers a flexible programming environment. You set up
rules governing the relationships between different data fields, such as one-to-one,
one-to-many, unique, required or optional, and “pointers” between different tables.
The database enforces these rules, so that with a well-designed database, your
application never sees inconsistent, duplicate, orphan, out-of-date, or missing data.
The SQL part of “SQL Server” stands for “Structured Query Language”. SQL is
the most common standardized language used to access databases. Depending on
your programming environment, you might enter SQL directly (for example, to
generate reports), embed SQL statements into code written in another language, or
use a language-specific API that hides the SQL syntax.
SQL is defined by the ANSI/ISO SQL Standard. The SQL standard has been
evolving since 1986 and several versions exist. In this manual, “SQL-92” refers to
the standard released in 1992, “SQL:1999” refers to the standard released in 1999,
and “SQL:2003” refers to the current version of the standard. We use the phrase
“the SQL standard” to mean the current version of the SQL Standard at any time.
SQL Server software is Open Source:

Open Source means that it is possible for anyone to use and modify the software.
Anybody can download the SQL Server software from the Internet and use it
without paying anything. If you wish, you may study the source code and change it
to suit your needs. The SQL Server software uses the GPL (GNU General Public
License), http://www.fsf.org/licenses/, to define what you may and may not do
with the software in different situations. If you feel uncomfortable with the GPL or
need to embed SQL code into a commercial application, you can buy a
commercially licensed version from us. See the SQL Licensing Overview for more
information (http://www.sqlserver.com/company/legal/licensing/).
The SQL Server Database Server is very fast, reliable, scalable, and easy to
use:
If that is what you are looking for, you should give it a try. SQL Server can
run comfortably on a desktop or laptop, alongside your other applications, web
servers, and so on, requiring little or no attention. If you dedicate an entire machine
to SQL Server, you can adjust the settings to take advantage of all the memory,
CPU power, and I/O capacity available. SQLServer can also scale up to clusters of
machines, networked together.
You can find a performance comparison of SQLServer Server with other

database managers on our benchmark page “The SQLServer Benchmark Suite”.
SQLServer was originally developed to handle large databases much faster

than existing solutions and has been successfully used in highly demanding
production environments for several years. Although under constant development,
SQLServer today offers a rich and useful set of functions. Its connectivity, speed,
and security make SQLServer highly suited for accessing databases on the Internet.
SQL Server works in client/server or embedded systems:
The SQLServer Database Software is a client/server system that consists of a

multi-threaded SQL server that supports different backends, several different client
programs and libraries, administrative tools, and a wide range of application
programming interfaces (APIs).
We also provide SQLServer Server as an embedded multi-threaded library

that you can link into your application to get a smaller, faster, easier-to-manage
standalone product.
A large amount of contributed SQLServer software is available:
SQLServer has a practical set of features developed in close cooperation with

our users. It is very likely that your favorite application or language supports the
SQLServer Database Server.
PROJECT DESCRIPTION
Problem Definition:
Outsourcing data to a remote cloud service provider (CSP) allows

organizations to store more data on the CSP than on private computer systems.
Such outsourcing of data storage enables organizations to concentrate on
innovations and relieves the burden of constant server updates and other computing
issues.
Overview of the Project:
Outsourcing data to remote servers has become a growing trend for many
organizations to alleviate the burden of local data storage and maintenance. In this
work we have studied the problem of creating multiple copies of dynamic data file
and verifying those copies stored on untrusted cloud servers. We have proposed a
new FHE scheme, which supports outsourcing of multi-copy dynamic data, where
the data owner is capable of not only archiving and accessing the data copies
stored by the CSP, but also updating and scaling these copies on the remote
servers.
Data Base Design
A database is a collection of interrelated data stored with minimum

redundancy to serve many users quickly and efficiently. The general Objectives of
the database design are to make the data access easy, inexpensive and flexible to
the user. The data in the system has to be stored and retrieved from database.
Designing the database is the part of system design. Data elements and data
structures to be stored have been identified at analysis stage and are structured and
put together to design the data storage and retrieval system.
INPUT DESIGN
The input of a system can be defined as the information that is provided to

the system. This is used for future processing by the system to obtain meaningful
information, which helps in decision-making. Input design is the process of
converting user-oriented inputs to a computer-based format.
Input is a part of overall system design, which requires special attention.

Inaccurate input data are the most common cause of errors in error processing.
Input design can control errors entered by users. Entered data have to be checked
for their accuracy and direction of errors. Appropriate error message have to be
displayed. When an invalid data is entered, the user should not be allowed to type
that data
OUTPUT DESIGN
The computer output is the most important and direct source of information
to the user. Efficient and intelligible output design improves the system’s
relationship with the user and helps in decision making.
Output design was studied going actively during the study phase. The
objective of the output design is defined the contents and format of all documents
and reports in an attractive
and useful format.
SYSTEM TESTING
Testing is the process of detecting errors. Testing plays a critical role in

assuring quality and ensuring the reliability of software. The results of testing are
used later on during maintenance also.
TESTING OBJECTIVES
The main objective of testing is to uncover a host of errors, systematically

and with minimum effort and time.
Testing is a process of executing a program with the intent of finding an error
A good test case is one that has a high probability of finding error, if it exists
The tests are inadequate to detect possibly present errors
The software more or less confirms to the quality and reliable standards
TESTING LEVELS
System testing is stage of implementation which is aimed at ensuring that

the system works accurately and efficient before live operation commences.
Testing is vital the success of the system. System testing makes a logical
assumption that if all the parts of the system are correct, the goal will be
successfully achieved.
Unit Testing
In the lines of strategy, all the individual functions and modules were put to
the test independently. By following this strategy all the errors in coding were
identified and corrected. This method was applied in combination with the White
and Black Box testing Techniques to find the errors in each module.
Integration Testing
Data can be lost across the interface; one module can have an adverse effect
on others. Integration testing is a systematic testing for constructing program
structure. While at the same time conducting tests to uncover errors associated
within the interface. Integration testing addresses the issues associated with the
dual problems of verification and program construction. After the software has
been integrated a set of high order sets and conducted.
The objective is to take unit tested modules and combine them test it as a whole.
Thus, in the integration-testing step all the errors uncovered are corrected for the
next testing steps.
Validation Testing
The outputs that come out of the system are as a result of the inputs that go
into the system. The correct and the expected outputs that go into the system
should be correct and proper. So this testing is done to check if the inputs are
correct and they are validated before it goes into the system for processing.
Acceptance Testing
User acceptance of a system is the key factor for the success of any system.
The system under consideration is tested for the user acceptance by constantly
keeping in touch with the prospective system users at the time of developing and
making changes whenever required. This is done in regard to the following point:
Input screen design
Output screen design
An acceptance test has the objective of selling the user on the validity and
reliability of the system. It verifies that the system’s procedures operate to system
specifications and that the integrity of important data is maintained. Performance
of an acceptance test is actually the user’s show. User motivation is very important
for the successful performance of the system. After that a comprehensive report is
prepared.
SYSTEM IMPLEMENTATION
A software application in general is implemented after navigating the
complete life cycle method of a project. Various life cycle processes such as
requirement analysis, design phase, verification, testing and finally followed by the
implementation phase result in a successful project management. System
implementation is an important stage of theoretical design is turned into practical
system.
Implementation Procedure
Implementation is the stage of the project when the theoretical design is

turned out into a working system. Thus it can be considered to be the most critical
stage in achieving a successful new system and in giving the user, confidence that
the new system will work and be effective. The implementation stage involves
careful planning, investigation of the existing system and it’s constraints on
implementation, designing of methods to achieve changeover and evaluation of
changeover methods.
Each program is tested individually at the time of development using the

data and has verified that this program linked together in the way specified in the
programs specification, the computer system and its environment is tested to the
satisfaction of the user. The system that has been developed is accepted and proved
to be satisfactory for the user and so the system is going to be implemented very
soon. A simple operating procedure is included so that the user can understand the
different functions clearly and quickly. The final stage is to document the entire
system which provides components and the operating procedures of the system.
FEASIBILITY STUDY
The feasibility of the project is analyzed in this phase and business proposal
is put forth with a very general plan for the project and some cost estimates.
During system analysis the feasibility study of the proposed system is to be carried
out. This is to ensure that the proposed system is not a burden to the company. For
feasibility analysis, some understanding of the major requirements for the system
is essential.
ECONOMICAL FEASIBILITY
This study is carried out to check the economic impact that the system will
have on the organization. The amount of fund that the company can pour into the
research and development of the system is limited. The expenditures must be
justified. Thus the developed system as well within the budget and this was
achieved because most of the technologies used are freely available. Only the
customized products had to be purchased.
TECHNICAL FEASIBILITY
This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a high
demand on the available technical resources. This will lead to high demands on the
available technical resources. This will lead to high demands being placed on the
client. The developed system must have a modest requirement, as only minimal or
null changes are required for implementing this system.
SOCIAL FEASIBILITY
The aspect of study is to check the level of acceptance of the system by the
user. This includes the process of training the user to use the system efficiently.
The user must not feel threatened by the system, instead must accept it as a
necessity. The level of acceptance by the users solely depends on the methods that
are employed to educate the user about the system and to make him familiar with
it. His level of confidence must be raised so that he is also able to make some
constructive criticism, which is welcomed, as he is the final user of the system.
Code
AdminHome.aspx:
<%@ Page Language="C#" AutoEventWireup="true"

CodeFile="CloudHome.aspx.cs" Inherits="AdminPage" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" class="no-js">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Hybrid Two-Tier Framework</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="Free HTML5 Template by

FREEHTML5.CO" />
<meta name="keywords" content="free html5, free template, free bootstrap,
html5, css3, mobile first, responsive" />
<meta name="author" content="FREEHTML5.CO" />

<link rel="shortcut icon" href="favicon.ico">



<link rel="stylesheet" href="css/themify-icons.css">

<link rel="stylesheet" href="css/bootstrap.css">

<link rel="stylesheet" href="css/owl.carousel.min.css">
<link rel="stylesheet" href="css/owl.theme.default.min.css">

<link rel="stylesheet" href="css/magnific-popup.css">


<link rel="stylesheet" href="css/superfish.css">

<link rel="stylesheet" href="css/easy-responsive-tabs.css">

<link rel="stylesheet" href="css/animate.css">

<link rel="stylesheet" href="css/style.css">

<script src="js/modernizr-2.6.2.min.js"></script>



<header id="fh5co-header-section" role="header" class="" >
<div class="container">


<h1 id="fh5co-logo" class="pull-left"><a><img

src="images/admin.png" height="80" width="100"></a></h1>

<nav id="fh5co-menu-wrap" role="navigation">
<ul class="sf-menu" id="fh5co-primary-

menu">
<li class="active"><a
href="CloudHome.aspx">Home</a></li>
<li><a
href="DataUserDetails.aspx">Data User Details</a></li>
<li><a
href="DataOwnerDetails.aspx">Data Owner Details</a></li>
<li><a href="Home.aspx">Logout</a></li>
</ul>
</nav>

</div>
</header>
<div id="fh5co-hero" style="background-image: url(images/slide_2.jpg);">
<div class="overlay"></div>
<div class="col-md-12">
<div class="fh5co-hero-wrap">
<div class="fh5co-hero-intro">
<h1 class="to-animate hero-animate-

1">Hybrid Two-Tier Framework for Enhancing security in Cloud
Environment</h1>
</div>
</div>
</div>
</div>
</div>


<script src="js/jquery-1.10.2.min.js"></script>

<script src="js/jquery.easing.1.3.js"></script>

<script src="js/bootstrap.js"></script>

<script src="js/owl.carousel.min.js"></script>
<script src="js/jquery.magnific-popup.min.js"></script>

<script src="js/hoverIntent.js"></script>
<script src="js/superfish.js"></script>
<script src="js/easyResponsiveTabs.js"></script>

<script src="js/fastclick.js"></script>

<script src="js/jquery.parallax-scroll.min.js"></script>

<script src="js/jquery.waypoints.min.js"></script>

<script src="js/main.js"></script>
</div>
</form>
</body>
</html>
CodeFile="DataOwnerDetails.aspx.cs" Inherits="DataOwnerDetails" %>
<!DOCTYPE html>



 <html class="no-js"> 
<head>

FREEHTML5.CO" />




<meta property="og:title" content=""/>
<meta property="og:image" content=""/>
<meta property="og:url" content=""/>
<meta property="og:site_name" content=""/>

<meta property="og:description" content=""/>
<meta name="twitter:title" content="" />
<meta name="twitter:image" content="" />
<meta name="twitter:url" content="" />
<meta name="twitter:card" content="" />





</head>
<body>

src="images/admin.png" height="80" width="100"></a></h1>

menu">
<li> <a
href="CloudHome.aspx">Home</a></li>
<li><a
href="DataUserDetails.aspx">Data User Details</a></li>
href="DataOwnerDetails.aspx">Data Owner Details</a></li>
</ul>
</nav>

</div>
</header>
<div id="fh5co-hero">

<div id="fh5co-main" class="to-animate hero-animate-3">
<h1 class="row text-center" style="padding-right: 300px;"><b>Data

Owner Details</b></h1>
<div class="row">
<div class="form-group">
<form id="f1" runat="server">
<table align="center">
<tr>
<td>
<h3><asp:GridView
ID="GridView_viewownerdetails" runat="server">
</asp:GridView></h3>
</td>
</tr>
</table>
<tr>
<td>
<asp:DropDownList
ID="DropDownList_viewownername" runat="server" class="form-control input-
lg" Width="200px" ></asp:DropDownList>
</td>
<td class="btn btn-outline btn-md">
<asp:Button ID="Button_ownerrequestaccept"
runat="server" Text="Accept" class="form-control input-lg"
OnClick="Button_ownerrequestaccept_Click"/>
</td>
</tr>
</table>
<tr>
<td>
<asp:TextBox ID="TextBox1_ownername"
runat="server" class="form-control input-lg" placeholder="Owner
ID"></asp:TextBox>
</td>
<td class="btn btn-outline btn-md">
<asp:Button ID="Button1_delete" runat="server"

Text="Delete" class="form-control input-lg" OnClick="Button1_delete_Click" />
</td>
</tr>
</table>
</form>
</div>
</div>
</div>
</div>
</div>
</div>

</div>
</div>
</div>
</div>
</div>







</body>
</html>
AdminHome.aspx.cs:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
public partial class DataOwnerDetails : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
if (!IsPostBack)
gv_viewownerdetails();
dl_viewownername();
SqlConnection con = new

SqlConnection(ConfigurationManager.ConnectionStrings["Security"].ConnectionS
tring.ToString());
SqlCommand cmd;
SqlDataAdapter da;
DataTable dt = new DataTable();
SqlDataReader dr;
public void gv_viewownerdetails()
con.Open();
cmd = new SqlCommand("select OwnerID,Name,MobileNo,MailID,Request
from OwnerRegister",con);
da = new SqlDataAdapter(cmd);
da.Fill(dt);
GridView_viewownerdetails.DataSource = dt;
GridView_viewownerdetails.DataBind();
con.Close();
public void dl_viewownername()
con.Open();
cmd = new SqlCommand("select Name from OwnerRegister where

Request='Not Accept'", con);
dr = cmd.ExecuteReader();
while (dr.Read())
DropDownList_viewownername.Items.Add(dr[0].ToString());
con.Close();
}
protected void Button_ownerrequestaccept_Click(object sender, EventArgs e)
con.Open();
cmd = new SqlCommand("update OwnerRegister set Request='Accept' where

Name='" + DropDownList_viewownername.Text + "'", con);
cmd.ExecuteNonQuery();
con.Close();
Response.Write("<script>alert('Accepted')</script>");
protected void Button1_delete_Click(object sender, EventArgs e)
con.Open();
cmd = new SqlCommand("delete from OwnerRegister where

OwnerID='"+TextBox1_ownername.Text+"'", con);
con.Close();
Response.Write("<script>alert('Deleted')</script>");
}
}
private void gv_viewuserdetails()
con.Open();
cmd = new SqlCommand("select UserID,Name,MobileNo,MailID,Request

from UserRegister", con);
da = new SqlDataAdapter(cmd);
da.Fill(dt);
GridView_viewuserdetails.DataSource = dt;
GridView_viewuserdetails.DataBind();
con.Close();
private void dl_viewusername()
con.Open();
cmd = new SqlCommand("select Name from UserRegister where

Request='Not Accept'",con);
while(dr.Read())
DropDownList_viewusername.Items.Add(dr[0].ToString());
con.Close();
protected void Button_userrequestaccept_Click(object sender, EventArgs e)
con.Open();
cmd = new SqlCommand("update UserRegister set Request='Accept' where

Name='"+DropDownList_viewusername.Text+"'", con);
con.Close();
Response.Write("<script>alert('Accepted')</script>");
protected void Button1_delete_Click(object sender, EventArgs e)

{
con.Open();
cmd = new SqlCommand("delete from UserRegister where UserID='" +

TextBox1_username.Text + "'", con);
con.Close();
Response.Write("<script>alert('Deleted')</script>");
File upload:
FileUpload.aspx:

CodeFile="FileUpload.aspx.cs" Inherits="FileUpload" %>
<!DOCTYPE html>




 <html class="no-js"> 
<head>

FREEHTML5.CO" />



<meta property="og:title" content=""/>
<meta property="og:image" content=""/>
<meta property="og:url" content=""/>
<meta property="og:site_name" content=""/>
<meta property="og:description" content=""/>
<meta name="twitter:title" content="" />
<meta name="twitter:image" content="" />
<meta name="twitter:url" content="" />
<meta name="twitter:card" content="" />






</head>
<body>

src="images/Owner.png" height="80" width="100"></a></h1>

menu">
<li><a
href="OwnerHome.aspx">Home</a></li>
href="FileUpload.aspx">File Upload</a></li>
<li>
<a href="#" >File Details</a>
<ul class="fh5co-sub-menu">
<li><a href="PublicFileDetails.aspx">Public Files</a></li>

<li><a href="PrivateFileDetails.aspx">Private
Files</a></li>
</ul>
</li>
<li><a href="DataUserDetailss.aspx">Data User

Details</a></li>
<li><a href="FileRequestDetailss.aspx">File Request

Details</a></li>
</ul>
</nav>

</div>
</header>
<div id="fh5co-hero">

<div class="fh5co-hero-intro">
<div id="fh5co-main" class="to-animate hero-animate-3">
<h2 class="row text-center" style="padding-right: 359px;">Owner

Upload File</h2>
<div class="row">
<form id="f1" runat="server">
<table>
<tr>
<td>
<asp:TextBox ID="TextBox5" runat="server"

class="form-control input-lg" ReadOnly="True"></asp:TextBox><br />
</td>
</tr>
<tr>
<td>

placeholder="File ID" class="form-control input-lg"
ReadOnly="True"></asp:TextBox><br />
</td>
</tr>
<tr>
<td>

placeholder="File Name" class="form-control input-lg"
required=""></asp:TextBox><br />
</td>
</tr>
<tr>
<td>

placeholder="File Key 1" class="form-control input-lg"></asp:TextBox>
</td>
<td style="padding-left: 45px;">
<asp:Button ID="Button_keygenerate"
runat="server" Text="Generate Key" class="btn btn-primary btn-lg"
OnClick="Button_keygenerate_Click"/>
</td>
</tr>
<tr>
<td>

placeholder="File Key 2" class="form-control input-lg"></asp:TextBox><br />
</td>
</tr>
<tr>
<td>
<asp:FileUpload ID="FileUpload1"
runat="server" class="form-control input-lg"/><br />
</td>
</tr>
<tr>
<td>
<asp:DropDownList ID="DropDownList1"
runat="server" class="form-control input-lg"></asp:DropDownList><br />
</td>
</tr>
<tr>
<td>
<asp:Button ID="Button_fileupload"
runat="server" Text="Upload" class="btn btn-primary btn-lg"
OnClick="Button_fileupload_Click" />
</td>
</tr>
</table>
</form>
</div>
</div>
</div>
</div>
</div>
</div>

</div>
</div>
</div>
</div>
</div>






</body>
</html>
FileUpload.aspx.cs:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.IO;
using System.Text;
using System.Security.Cryptography;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.IO.Compression;
public partial class FileUpload : System.Web.UI.Page
public FileStream fs;
string mergeFolder;
protected void Page_Load(object sender, EventArgs e)

{
if(!IsPostBack)
fileid();
dl_secure();
if(Session["OwnerName"]!=null)
TextBox5.Text = Session["OwnerName"].ToString();
List<string> Packets = new List<string>();
SqlConnection con = new

SqlConnection(ConfigurationManager.ConnectionStrings["Security"].ConnectionS
tring.ToString());
SqlCommand cmd;
SqlDataAdapter da;
DataTable dt = new DataTable();
DataSet ds = new DataSet();
private void fileid()
string a="";
con.Open();
cmd = new SqlCommand("select top 1 FileID from Server order by FileID

desc",con);
SqlDataReader dr;
if(dr.Read())
a = dr[0].ToString();
int b = int.Parse(a);
TextBox1.Text = (1 + b).ToString();
else
{
TextBox1.Text = "1";
con.Close();
private void dl_secure()
DropDownList1.Items.Add("Public");
DropDownList1.Items.Add("Private");
protected void Button_keygenerate_Click(object sender, EventArgs e)
char[] chararr =
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX
YZ".ToCharArray();
string strrandom = string.Empty;

Random objran = new Random();
int noofcharacters = Convert.ToInt32(4);
for (int i = 0; i < noofcharacters; i++)
int pos = objran.Next(1, chararr.Length);
if (!strrandom.Contains(chararr.GetValue(pos).ToString()))
strrandom += chararr.GetValue(pos);
else
i--;
TextBox3.Text = strrandom;
char[] chararr1 =
"OPQRSTUVWXYZabcdefghijklmn0123456789opqrstuvwxyzABCDEFGHIJKL
MN".ToCharArray();
string strrandom1 = string.Empty;
Random objran1 = new Random();
int noofcharacters1 = Convert.ToInt32(4);
for (int j = 0; j < noofcharacters1; j++)
int pos = objran1.Next(1, chararr1.Length);
if (!strrandom1.Contains(chararr1.GetValue(pos).ToString()))
strrandom1 += chararr1.GetValue(pos);
else
j--;
TextBox4.Text = strrandom1;
public bool SplitFile(string SourceFile, int nNoofFiles)

{
bool Split = false;
try
FileStream fs = new FileStream(SourceFile, FileMode.Open,

FileAccess.Read);
int SizeofEachFile = (int)Math.Ceiling((double)fs.Length / nNoofFiles);
for (int i = 0; i < nNoofFiles; i++)
string baseFileName = Path.GetFileNameWithoutExtension(SourceFile);
string Extension = Path.GetExtension(SourceFile);
FileStream outputFile = new

FileStream(Path.GetDirectoryName(SourceFile) + "\\" + baseFileName + "." +
i.ToString().PadLeft(3, Convert.ToChar("0")) + Extension + ".tmp",

FileMode.Create, FileAccess.Write);
mergeFolder = Path.GetDirectoryName(SourceFile);
int bytesRead = 0;
byte[] buffer = new byte[SizeofEachFile];
if ((bytesRead = fs.Read(buffer, 0, SizeofEachFile)) > 0)
outputFile.Write(buffer, 0, bytesRead);
string packet = baseFileName + "." + i.ToString().PadLeft(3,

Convert.ToChar("0")) + Extension.ToString();
Packets.Add(packet);
outputFile.Close();
fs.Close();
catch (Exception Ex)

{
throw new ArgumentException(Ex.Message);
return Split;
protected void Button_fileupload_Click(object sender, EventArgs e)
if (FileUpload1.HasFile)
string filename = Path.GetFileName(FileUpload1.FileName);
Stream str = FileUpload1.PostedFile.InputStream;
BinaryReader br = new BinaryReader(str);
byte[] size = br.ReadBytes((int)str.Length);
FileUpload1.SaveAs((@"D:\Split File1\") + filename);
SplitFile((@"D:\Split File1\" + filename), Convert.ToInt32(3));

DESCryptoServiceProvider provider = new DESCryptoServiceProvider();
provider.Key = ASCIIEncoding.ASCII.GetBytes("11224488");
provider.IV = ASCIIEncoding.ASCII.GetBytes("11224488");
ICryptoTransform transform = provider.CreateEncryptor(provider.Key,

provider.IV);
FileStream inputStream = new FileStream((@"D:\Split File1\" + filename),

FileMode.Open, FileAccess.Read);
byte[] byteInput = new byte[inputStream.Length];
inputStream.Read(byteInput, 0, byteInput.Length);
inputStream.Close();
FileStream sourceFile = File.OpenRead((@"D:\Split File1\") + filename);
FileStream destFile = File.Create(@"D:\ZIP FILE\ZIP FILES\" + filename

+ ".zip");
GZipStream compStream = new GZipStream(destFile,

CompressionMode.Compress);
try
int theByte = sourceFile.ReadByte();
while (theByte != -1)
compStream.WriteByte((byte)theByte);
theByte = sourceFile.ReadByte();
finally
compStream.Dispose();
String Name = TextBox2.Text;
string key1 = TextBox3.Text;
string key2 = TextBox4.Text;
string Secure = DropDownList1.Text;

con.Open();
cmd = new SqlCommand("insert into

Server(FileName,UploadFile,FileType,FileData,FileKey1,FileKey2,Secure,Owner
Name)values(@Name,@File,@Type,@Data,@Key1,@Key2,@Secure,@OwnerN
ame)", con);
cmd.Parameters.AddWithValue("@Name", Name);
cmd.Parameters.AddWithValue("@File", filename);
cmd.Parameters.AddWithValue("@Type", "application/word");
cmd.Parameters.AddWithValue("@Data", size);
cmd.Parameters.AddWithValue("@Key1", key1);
cmd.Parameters.AddWithValue("@Key2", key2);
cmd.Parameters.AddWithValue("@Secure", Secure);
cmd.Parameters.AddWithValue("@OwnerName",TextBox5.Text);
con.Close();
string filename1 = Path.GetFileName(Packets[0].ToString());
con.Open();
Server1(FileName,UploadFile)values(@Name,@File)", con);
cmd.Parameters.AddWithValue("@File", filename1);
con.Close();
con.Open();

con.Close();
con.Open();

con.Close();
Response.Write("<Script>alert('File Uploaded Successfully')</script>");
TextBox2.Text = "";
TextBox3.Text = "";
TextBox4.Text = "";
fileid();
else
Response.Write("<Script>alert('Please Select a File')</script>");
}
}
SCREENSHOTS:
User Login
Admin login:
File view
File UPload:
Admin Verification corner:
Conclusion:
We proposed a hybrid scheme that combines public key encryption and somewhat
homomorphic encryption. The proposed scheme is suitable for cloud computing
environments since it has small bandwidth, low storage requirement, and supports
efficient computing on encrypted data. Our solution provides a trade-off between
the size of the transmitted ciphertexts and the conversion costs. While the
ciphertext expansion of PKE is larger than that of AES, it can be homomorphically
evaluated with a SHE of much smaller multiplicative depth. The parameters of our
hybrid scheme are very large when the message space of the underlying FHE is
ZN. For an efficient implementation, we need a method to evaluate mod N
arithmetic using an FHE whose message space is ZM for small.
Future Enhancement:
In this have to add extra features in future like
1. Send Alert Notification details to send via send SMS.
2. In future in this concept to in android app.
References:
• R. Barbulescu, P. Gaudry, A. Joux, and E. Thom´e. A quasi-polynomial

algorithm for discrete logarithm in finite fields of small characteristic. IACR
Cryptology ePrint Archive, 2014.
• J. Cheon, J.-S. Coron, J. Kim, M. Lee, T. Lepoint, M. Tibouchi, and A. Yun.

Batch fully homomorphic encryption over the integers. In T. Johansson and
P. Nguyen, editors, Advances in Cryptology - EUROCRYPT 2013, volume
7881 of Lecture Notes in Computer Science, pages 315–335. Springer Berlin
Heidelberg, 2013.
• A. Joux. A new index calculus algorithm with complexity L(1/4+o(1)) in

very small characteristic. IACR Cryptology ePrint Archive, 2014.
• S. Goldwasser and S. Micali. Probabilistic encryption. J. Comput. Syst. Sci.,

28(2):270–299, 2015.
• J. Fan and F. Vercauteren. Somewhat practical fully homomorphic

encryption. IACR Cryptology ePrint Archive, 2012:144, 2015.
• W. Li, K. Xue, Y. Xue and J. Hong, “TMACS: a robust and verifiable

threshold multi-authority access control system in public cloud storage,”
IEEE Trans. Parallel and Distributed Systems, vol. 27, no. 5, pp. 1484-1496,
2015
• J. Li, H. Wang, Y. Zhang and J. Shen, “Ciphertext-policy at-tribute-based

encryption with hidden access policy and testing, ” KSII Transactions on
Internet and Information Systems, vol. 10, no. 7, pp. 3339-3352, 2016.
• Z. J. Fu, K. Ren, J. G. Shu, X. M. Sun, and F. X. Huang, “Enabling

personalized search over encrypted outsourced data with efficiency
improvement,” IEEE Transactions on Parallel and Distributed Systems, ,
vol. 27, no. 9, pp. 2546–2559, 2016.

Optimizing Information Leakage in Multicloud Storage Services

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Optimizing Information Leakage in Multicloud Storage Services

Uploaded by

Copyright:

Available Formats

Optimizing Information Leakage in Multicloud Storage Services

Scope of the project:

In this section, we describe the concept of a hybrid scheme that combines

• In this project we introduced new technique that is Fully Homomorphic

• Dynamic Single file.

• Service Provider may be Hack the data.

• UnAuthorized users to request the file to file owner.

• Convert Zip while upload the data.

 Speed - 2.2 GHz

 Hard Disk - 250 GB

 Operating system : Windows 7,8,10

 IDE : MicroSoft Visual Studio 2012

 Database : MicroSoftSqlServer 2012

1. Cloud Service provider

2. User upload with keygen

Cloud Service provider:

User upload with keygen:

Title: Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud

Title: VABKS: Verifiable Attribute-based Keyword Search over Outsourced

Author: Qingji Zheng, Shouhuai Xu, and Giuseppe Ateniese.

Title: Multi-User Private Keyword Search for Cloud Computing

Author: Yanjiang Yang, Haibing Lu, and Jian Weng.

Title: Protecting Your Right: Attribute-based Keyword Search with Fine-grained

DATA FLOW DIAGARAM:

AES (acronym of Advanced Encryption Standard) is a symmetric encryption

STEPS IN ADVANCED ENCRYPTION STANDARD:

Derive the set of round keys from the cipher key

Initialize the state array with the block data

Add the initial round key to the starting state array

Perform nine rouinds of state manipulation

Perform the tenth and final round of state manipulation

Copy the final state array out as the encrypted data

Fully Homomorphic Encryption (FHE):

The first fully homomorphic encryption scheme, solving a central open

FULLY HOMOMORPHIC ENCRYPTION:

Step 1: File upload:

Step 2 Encryption of the file

Step 3 splitting the file

The file is splited and stored in the different database.

Microsoft .NET technology you will have access to a new generation of

As mentioned on the .NET Framework page, .NET Framework is designed for

MicroSoft Visual Studio:

Microsoft Visual Studio is an integrated development environment (IDE)

Visual Studio includes a code editor supporting IntelliSense (the code

Visual Studio supports 36 different programming languages and allows the

SQL Server is a database management system:

A database is a structured collection of data. It may be anything from a simple

SQL Server databases are relational:

SQL Server software is Open Source:

You can find a performance comparison of SQLServer Server with other

SQLServer was originally developed to handle large databases much faster

The SQLServer Database Software is a client/server system that consists of a

We also provide SQLServer Server as an embedded multi-threaded library

A large amount of contributed SQLServer software is available:

SQLServer has a practical set of features developed in close cooperation with

Outsourcing data to a remote cloud service provider (CSP) allows

Data Base Design

A database is a collection of interrelated data stored with minimum

The input of a system can be defined as the information that is provided to

Input is a part of overall system design, which requires special attention.

and useful format.

Testing is the process of detecting errors. Testing plays a critical role in

The main objective of testing is to uncover a host of errors, systematically