ABSTRACT

Cloud computing has emerged as one of the most influential paradigms in the IT

industry in recent years. Since this new computing technology requires users to entrust their

valuable data to cloud providers, there have been increasing security and privacy concerns on

outsourced data. Several schemes employing Attribute-based encryption (ABE) have been

proposed for access control of outsourced data in cloud computing; however, most of them

suffer from inflexibility in implementing complex access control policies. In order to realize

scalable, flexible, and fine-grained access control of outsourced data in cloud computing, in

this paper, to propose hierarchical attribute-set-based encryption (HASBE) by extending

cipher text-policy attribute-set-based encryption (ASBE) with a hierarchical structure of

users. The proposed scheme not only achieves scalability due to its hierarchical structure, but

also inherits flexibility and fine-grained access control in supporting compound attributes of

ASBE. In addition, HASBE employs multiple value assignments for access expiration time to

deal with user revocation more efficiently than existing schemes.. To implement our scheme

and show that it is both efficient and flexible in dealing with access control for outsourced

data in cloud computing with comprehensive experiments.

INTRODUCTION

Cloud computing is a new computing paradigm that is built on virtualization, parallel

and distributed computing, utility computing, and service-oriented architecture. In the last
several years, cloud computing has emerged as one of the most influential paradigms in the
IT industry, and has attracted extensive attention from both academia and industry. Cloud
computing holds the promise of providing computing. Although the great benefits brought by
cloud computing paradigm are exciting for IT companies, academic researchers, and potential
cloud users, security problems in cloud computing become serious obstacles which, without
being appropriately addressed, will prevent cloud computing’s extensive applications and
usage in the future.

One of the prominent security concerns is data security and privacy in cloud
computing due to its Internet- based data storage and management. In cloud computing, users
have to give up their data to the cloud service provider for storage and business operations,
while the cloud service provider is usually a commercial enterprise which cannot be totally
trusted. This is the first data security requirement. Data confidentiality is not the only security
requirement. Access control is a classic security topic which dates back to the 1960s or early
1970s and various access control models have been proposed since then.

However, a CP-ABE system may not work well when enterprise users outsource their
data for sharing on cloud servers, due to the following reasons First, one of the biggest
merits of cloud computing is that users can access data stored in the cloud anytime and
anywhere using any device, such as thin clients with limited bandwidth, CPU, and memory
capabilities. Therefore, the encryption system should provide high performance. Second, in
the case of a large-scale industry, a delegation mechanism in the generation of keys inside an
enterprise is needed. Although some CP-ABE schemes support delegation between users,
which enables a user to generate attribute secret keys containing a subset of his own attribute
secret keys for other users, we hope to achieve a full delegation, that is, a delegation
mechanism between attribute authorities (AAs), which independently make decisions on the
structure and semantics of their attributes. Third, in case of a large-scale industry with a high
turnover rate, a scalable revocation mechanism is a must. The existing CP-ABE schemes
usually demand users to heavily depend on AAs and maintain a large amount of secret keys
storage, which lacks flexibility and scalability.
 As promising as it is, cloud computing is also facing many challenges that, if not well
resolved, may impede its fast growth. Data security, as it exists in many other applications, is
among these challenges that would raise great concerns from users when they store sensitive
information on cloud servers. These concerns originate from the fact that cloud servers are
usually operated by commercial providers which are very likely to be outside of the trusted
domain of the users. Data confidential against cloud servers is hence frequently desired when
users outsource data for storage in the cloud. In some practical application systems, data
confidentiality is not only a security/privacy issue, but also of juristic concerns.

As a significant research area for system protection, data access control has been
evolving in the past thirty years and various techniques have been developed to effectively
implement fine-grained access control, which allows flexibility in specifying differential
access rights of individual users. Traditional access control architectures usually assume the
data owner and the servers storing omniscient reference monitor responsible for defining and
enforcing access control policies.

This assumption however no longer holds in cloud computing since the data owner
and cloud servers are very likely to be in two different domains. On one hand, cloud servers
are not entitled to access the outsourced data content for data confidentiality; on the other
hand, the data resources are not physically under the full control of the owner. For the
purpose of helping the data owner enjoy fine-grained access control of data stored on
untrusted cloud servers, a feasible solution would be encrypting data through certain
cryptographic primitive(s), and disclosing decryption keys only to authorized users.
Unauthorized users, including cloud servers, are not able to decrypt since they do not have
the data decryption keys. This general method actually has been widely adopted by existing
works which aim at securing data storage on untrusted servers. One critical issue with this
branch of approaches is how to achieve the desired security goals without introducing a high
complexity on key management and data encryption.
1.1PROBLEM DEFINITION

However, this scheme falls short of flexibility in attribute management and lacks scalability
in dealing with multiple-levels of attribute authorities. The note that in contrast to KP-ABE,
cipher text-policy ABE (CP-ABE) turns out to be well suited for access control due to its
expressiveness in describing access control policies.

Hierarchical attribute-set-based encryption (HASBE) scheme for access control in cloud

computing. HASBE extends the cipher text-policy attribute-set-based encryption (CP-ASBE,
or ASBE for short) scheme by Bobba et al. with a hierarchical structure of system users, so as
to achieve scalable, flexible and fine-grained access control. The contribution of the paper is
multi fold. First, then show how HASBE extends the ASBE algorithm with a hierarchical
structure to improve scalability and flexibility while at the same time inherits the feature of
fine-grained access control of ASBE. Second, to demonstrate how to implement a full-
fledged access control scheme for cloud computing based on HASBE. The scheme provides
full support for hierarchical user grant, file creation, file deletion, and user revocation in
cloud computing.

Data confidentiality is not the only security requirement. Flexible and fine-grained access
control is also strongly desired in the service-oriented cloud computing model. A health-care
information system on a cloud is required to restrict access of protected medical records to
eligible doctors and a customer relation management system running on a cloud may allow
access of customer information to high-level executives of the company only. In these cases,
access control of sensitive data is either required by legislation (e.g., HIPAA) or company
regulations. Access control is a classic security topic which dates back to the 1960s or early
1970s, and various access control models have been proposed since then. Among them, Bell-
La Padula (BLP) and BiBa are two famous security models. To achieve flexible and fine-
grained access control, a number of schemes have been proposed more recently.
Unfortunately, these schemes are only applicable to systems in which data owners and the
service providers are within the same trusted domain. Since data owners and service
providers are usually not in the same trusted domain in cloud computing, a new access
control scheme employing attributed-based encryption is proposed by Yu et al. which adopts
the so-called key-policy attribute-based encryption (KP-ABE) to enforce fine-grained access
control. However, this scheme falls short of flexibility in attribute management and lacks
scalability in dealing with multiple-levels of attribute authorities. We note that in contrast to
KP-ABE, cipher text-policy ABE (CP-ABE) turns out to be well suited for access control due
to its expressiveness in describing access control policies.

MAIN CONTRIBUTIONS

 Our main design goal is to help the enterprise users to efficiently share
confidential data on cloud servers. Specifically, we want to make our scheme
more applicable in cloud computing by simultaneously achieving fine-grained
access control, high performance, practicability, and scalability.

 In this paper, we first propose a hierarchical attribute-based encryption

(HABE) model by combining a HIBE system and a CP-ABE system, to
provide fine-grained access control and full delegation. Based on the HABE
model, we construct a HABE scheme by making a performance-expressivity
tradeoff, to achieve high performance. Finally, we propose a scalable
revocation scheme by delegating to the CSP most of the computing tasks in
revocation, to achieve a dynamic set of users efficiently.
 2. SYSTEM ANALYSIS

2.1 EXISTING SYSTEM

 Existing system is difficult in sharing and managing data.

 These solutions inevitably introduce a heavy computation overhead on the data owner
for key distribution and data management when fine grained data access control is
desired, and thus do not scale well.

 Our existing solution applies cryptographic methods by disclosing data decryption

keys only to authorize users.

 Although the great benefits brought by cloud computing paradigm are exciting for IT
companies, academic researchers, and potential cloud users, security problems in
cloud computing become serious obstacles which, without being appropriately
addressed, will prevent cloud computing’s extensive applications and usage in the
future.
 One of the prominent security concerns is data security and privacy in cloud
computing due to its Internet based data storage and management.
DISADVANTAGES OF EXISTING SYSTEM

 Software update/patches could change security settings, assigning privileges too low,
or even more alarmingly too high allowing access to your data by other parties.

 Security concerns Experts claim that their clouds are 100% secure but it will not be
their head on the block when things go awry.

 It's often stated that cloud computing security is better than most enterprises. Also,
how do you decide which data to handle in the cloud and which to keep to internal
systems once decided keeping it secure could well be a full-time task?
2.1 PROPOSED SYSTEM

 We propose a hierarchical attribute-set-based encryption (HASBE) scheme for access

control in cloud computing. HASBE extends the cipher text-policy attribute- set-
based encryption (CP-ASBE, or ASBE for short) scheme with a hierarchical structure
of system users, so as to achieve scalable, flexible and fine-grained access control.

 The proposed scheme not only achieves scalability due to its hierarchical structure,
but also inherits flexibility and fine-grained access control in supporting compound
attributes of ASBE.
 In addition, HASBE employs multiple value assignments for access expiration time
to deal with user revocation more efficiently than existing schemes.
 In addition, HASBE employs multiple value assignments for access expiration time to
deal with user revocation more efficiently than existing schemes. We formally prove
the security of HASBE based on security of the cipher text-policy attribute-based
encryption (CP-ABE) scheme by be then court et al. and analyze its performance and
computational complexity.
ADVANTAGES OF PROPOSED SYSTEM

 Low initial capital investment.

 Secure and scalable file sharing.

 Shorter start-up time for new services.

 Lower maintenance and operation costs.

 Higher utilization through virtualization.

3. SYSTEM REQUIREMENT SPECIFICATION

3.1 HARDWARE REQUIREMENTS

 Hard disk 120 GB

 RAM 2048 MB

 Processor Intel Core Pentium, i3/AMD 2000 and Above

 Monitor 17” Color monitor

 Key board, Mouse Multi media.

3.2 SOFTWARE REQUIREMENTS

 Front End VISUAL STUDIO.NET 2010/12/16/20

 Platform ASP.NET

 Code Behind C#.NET

 Back End SQL SERVER 20008

 Operating System Windows 7/8/10/11

 4. SOFTWARE DESCRIPTION

4.1 FRONT-END

Visual Studio .NET is the single IDE that all the .NET languages can use. It
makes everything available to all languages.

Visual Studio .NET is a great Multilanguage development environment and

offers a complete set of tools to build Windows Forms , ASP.NET Web applications , and
XML Web services.

Start Page
The Start page offers three tabs at the top of the window that enables to
modify Visual Studio.NET as well as find important information. The tabs are
 HTML Server Controls versus Web Server Controls

Control Type When to use this Control Type

HTML Server When converting traditional ASP 3.0 Web pages to

Controls ASP.NET Web pages and speed of completion is a
concern. It is a lot easier to change your HTML
elements to HTML server controls than it is to
change them to Web server controls.

When you prefer a more HTML-type programming

model.

When you wish to explicitly control the

code that is generated for the browser.

Web Server Controls When you require a rich set of functionality to

perform complicated page requirements.

When you are developing web pages that will be

viewed by a multitude of browser types and that
require different code based on these types.

When you prefer a more Visual Basic-type

programming model that is based on the use of
controls and control properties.
Projects tab This tab is the one to start new projects and launch projects that already exists.
This tab lets you to create a new project or open an existing project.

Online Resources tab This tab provides a number of online resources when connected to
the Internet.

My Profile tab This tab enables to customize the Visual Studio.NET environment to
resemble the structured environment that is familiar with.

Server Explorer This window enables to perform a number of functions such as database
connectivity, performance monitoring, and interacting with event logs.

By using Server Explorer you can log on to a remote server and view database and system
data about that server. Many of the functions that are performed with the Enterprise Manager
in SQL Server can now be executed in the Server Explorer.

Solution Explorer
This provides an organized view of the projects in the application.The toolbar
within the Solution Explorer enables to

 View code page of the selected item.

 View design page of the selected item.

 Refresh the state of the selected item.

 Copy the Web project between Web servers.

 Show all the files in the project, including the hidden files.

 See Properties of the selected item.

Class View

The Class View window can be viewed from the Start Page by clicking the Class
View tab. The Class View shows all the classes that are contained within your solution.

The Class View shows the hierarchical relationship among the classes in your solution
as well as the number of other items including methods, enumerations, namespaces, unions,
and events. It is possible to organize the view of these items within the window by right-
clicking anywhere in the Class View area and choosing how the items are sorted.

Toolbox

The Toolbox window enables to specify elements that will be part of the Windows
Forms or Web Forms. It provides a drag and drop means of adding elements and controls to
the pages or forms. The code snippets can also be stored within the Toolbox.

Properties window

This window provides the properties of an item that is part of the application. This
enables to control the style and behavior of the item selected to modify.

Dynamic Help

This window shows a list of help topics. The help topics change based on the item
selected or the action being taken.

The Dynamic Help window shows the help items displayed when you have a Button
control on the page selected. After the item is selected, a list of targeted help topic is
displayed. The topics are organized as a list of links. Clicking one of the links in the Dynamic
Help window opens the selected help topic in the Document window.

Document window

The Document window is the main window within Visual Studio.NET where the
applications are built.

The Document window shows open files in either Design or HTML mode. Each open
file is represented by a tab at the top of the Document window. Any number of files can be
kept open at the same time, and you can switch between the open files by clicking the
appropriate tab.

Design mode versus HTML mode

isual Studio.NET offers two modes for viewing and building files Design and
HTML. By clicking the Design tab at the bottom of the Document window, you can see how
the page will view to the user. The page is built in the Design mode by dragging and
dropping elements directly onto the design page or form. Visual Studio .NET automatically
generates the appropriate code.

When the page is viewed in HTML mode, it shows the code for the page. It
enables to directly modify the code to change the way in which the page is presented.

Working with SQL Server through the Server Explorer

Using Visual Studio.NET , there is no need to open the Enterprise Manager

from SQL Server. Visual Studio.NET has the SQL Servers tab within the Server Explorer
that gives a list of all the servers that are connected to those having SQL Server on them.
Opening up a particular server tab gives five options

 Database Diagrams

 Tables

 Views

 Stored Procedures

 Functions

Database Diagrams

To create a new diagram right click Database diagrams and select New Diagram. The
Add Tables dialog enables to select one to all the tables that you want in the visual diagram
you are going to create.

Visual Studio .NET looks at all the relationships between the tables and then creates a
diagram that opens in the Document window.

Each table is represented in the diagram and a list of all the columns that are available
in that particular table. Each relationship between tables is represented by a connection line
between those tables.

The properties of the relationship can be viewed by right clicking the relationship line.
Tables

The Server Explorer allows to work directly with the tables in SQL Server. It gives a
list of tables contained in the particular database selected.

By double clicking one of the tables, the table is seen in the Document window. This
grid of data shows all the columns and rows of data contained in the particular table.

The data can be added or deleted from the table grid directly in the Document
window. To add a new row of data , move to the bottom of the table and type in a new row of
data after selecting the first column of the first blank row. You can also delete a row of data
from the table by right clicking the gray box at the left end of the row and selecting Delete.

By right clicking the gray box at the far left end of the row, the primary key can be set
for that particular column. The relationships to columns in other tables can be set by selecting
the Relationships option.

To create a new table right-click the Tables section within the Server Explorer and
selecting New Table. This gives the design view that enables to start specifying the columns
and column details about the table.

To run queries against the tables in Visual Studio .NET, open the view of the query
toolbar by choosing View->Toolbars->Query.

To query a specific table, open that table in the Document window. Then click the
SQL button which divides the Document window into two panes-one for query and other to
show results gathered from the query.

The query is executed by clicking the Execute Query button and the result is produced
in the lower pane of the Document window.

Views

To create a new view , right-click the View node and select New View. The
Add Table dialog box enables to select the tables from which the view is produced. The next
pane enables to customize the appearance of the data in the view.
4.2 BACK END

The OLAP Services feature available in SQL Server version 7.0 is now called
SQL Server 2000 Analysis Services. The term OLAP Services has been replaced with the
term Analysis Services. Analysis Services also includes a new data mining component. The
Repository component available in SQL Server version 7.0 is now called Microsoft SQL
Server 2000 Meta Data Services. References to the component now use the term Meta Data
Services. The term repository is used only in reference to the repository engine within Meta
Data Services

SQL-SERVER database consist of six type of objects,

They are,

1. TABLE

2. QUERY

3. FORM

4. REPORT

5. MACRO

TABLE

A database is a collection of data about a specific topic.

VIEWS OF TABLE

We can work with a table in two types,

1. Design View

2. Datasheet View

Design View

To build or modify the structure of a table we work in the table design

view. We can specify what kind of data will be hold.
Datasheet ViewTo add, edit or analyses the data itself we work in tables datasheet view
mode.

QUERY

A query is a question that has to be asked the data. Access gathers data that answers
the question from one or more table. The data that make up the answer is either dynaset (if
you edit it) or a snapshot(it cannot be edited).Each time we run query, we get latest
information in the dynaset.Access either displays the dynaset or snapshot for us to view or
perform an action on it ,such as deleting or updating.

FORMS

A form is used to view and edit information in the database record by record .A form
displays only the information we want to see in the way we want to see it. Forms use the
familiar controls such as textboxes and checkboxes. This makes viewing and entering data
easy.

Views of Form

We can work with forms in several primarily there are two views,

They are,

1. Design View

2. Form View

Design View

To build or modify the structure of a form, we work in forms design view. We can
add control to the form that are bound to fields in a table or query, includes textboxes, option
buttons, graphs and pictures.

Form View

The form view which display the whole design of the form.
REPORT

A report is used to vies and print information from the database. The report can
ground records into many levels and compute totals and average by checking values from
many records at once. Also the report is attractive and distinctive because we have control
over the size and appearance of it.

MACRO

A macro is a set of actions. Each action in macros does something. Such as opening a
form or printing a report .We write macros to automate the common tasks the work easy and
save the time.

MODULE

Modules are units of code written in access basic language. We can write and use
module to automate and customize the database in very sophisticated ways.

WHAT IS “.NET”?

Microsoft .NET is a set of Microsoft software technologies for rapidly building and
integrating XML Web services, Microsoft Windows-based applications, and Web solutions.
The .NET Framework is a language-neutral platform for writing programs that can easily and
securely interoperate. There’s no language barrier with .NET there are numerous languages
available to the developer including Managed C++, C#, Visual Basic and Java Script.
The .NET framework provides the foundation for components to interact seamlessly, whether
locally or remotely on different platforms. It standardizes common data types and
communications protocols so that components created in different languages can easily
interoperate.

“.NET” is also the collective name given to various software components built upon
the .NET platform. These will be both products (Visual Studio.NET and Windows.NET
Server, for instance) and services (like Passport, .NET My Services, and so on).
THE .NET FRAMEWORK

The .NET Framework has two main parts

1. The Common Language Runtime (CLR).

2. A hierarchical set of class libraries.

The CLR is described as the “execution engine” of .NET. It provides the environment within
which programs run. The most important features are

 Conversion from a low-level assembler-style language, called Intermediate Language

(IL), into code native to the platform being executed on.
 Memory management, notably including garbage collection.
 Checking and enforcing security restrictions on the running code.
 Loading and executing programs, with version control and other such features.

The following features of the .NET framework are also worth description

Managed Code - is code that targets .NET, and which contains certain extra information -
“metadata” - to describe itself. Whilst both managed and unmanaged code can run in the
runtime, only managed code contains the information that allows the CLR to guarantee, for
instance, safe execution and interoperability.

Managed Data - With Managed Code comes Managed Data. CLR provides memory
allocation and Deal location facilities, and garbage collection. Some .NET languages use
Managed Data by default, such as C#, Visual Basic.NET and JScript.NET, whereas others,
namely C++, do not. Targeting CLR can, depending on the language you’re using, impose
certain constraints on the features available. As with managed and unmanaged code, one can
have both managed and unmanaged data in .NET applications - data that doesn’t get garbage
collected but instead is looked after by unmanaged code.

Common Type System - The CLR uses something called the Common Type System (CTS)
to strictly enforce type-safety. This ensures that all classes are compatible with each other, by
describing types in a common way. CTS define how types work within the runtime, which
enables types in one language to interoperate with types in another language, including cross-
language exception handling. As well as ensuring that types are only used in appropriate
ways, the runtime also ensures that code doesn’t attempt to access memory that hasn’t been
allocated to it.

Common Language Specification - The CLR provides built-in support for language
interoperability. To ensure that you can develop managed code that can be fully used by
developers using any programming language, a set of language features and rules for using
them called the Common Language Specification (CLS) has been defined. Components that
follow these rules and expose only CLS features are considered CLS-compliant.

THE CLASS LIBRARY

.NET provides a single-rooted hierarchy of classes, containing over 7000 types. The
root of the namespace is called System; this contains basic types like Byte, Double, Boolean,
and String, as well as Object. All objects derive from System. Object. As well as objects,
there are value types. Value types can be allocated on the stack, which can provide useful
flexibility. There are also efficient means of converting value types to object types if and
when necessary.

The set of classes is pretty comprehensive, providing collections, file, screen, and
network I/O, threading, and so on, as well as XML and database connectivity.

The class library is subdivided into a number of sets (or namespaces), each providing
distinct areas of functionality, with dependencies between the namespaces kept to a
minimum.

LANGUAGES SUPPORTED BY .NET

The multi-language capability of the .NET Framework and Visual Studio .NET
enables developers to use their existing programming skills to build all types of applications
and XML Web services. The .NET framework supports new versions of Microsoft’s old
favorites Visual Basic and C++ (as VB.NET and Managed C++), but there are also a number
of new additions to the family.

Visual Basic .NET has been updated to include many new and improved language
features that make it a powerful object-oriented programming language. These features
include inheritance, interfaces, and overloading, among others. Visual Basic also now
supports structured exception handling, custom attributes and also supports multi-threading.

Visual Basic .NET is also CLS compliant, which means that any CLS-compliant language
can use the classes, objects, and components you create in Visual Basic .NET.

Managed Extensions for C++ and attributed programming are just some of the enhancements
made to the C++ language. Managed Extensions simplify the task of migrating existing C++
applications to the new .NET Framework.

C# is Microsoft’s new language. It’s a C-style language that is essentially “C++ for Rapid
Application Development”. Unlike other languages, its specification is just the grammar of
the language. It has no standard library of its own, and instead has been designed with the
intention of using the .NET libraries as its own.

Microsoft Visual J# .NET provides the easiest transition for Java-language developers into
the world of XML Web Services and dramatically improves the interoperability of Java-
language programs with existing software written in a variety of other programming
languages.

Active State has created Visual Perl and Visual Python, which enable .NET-aware
applications to be built in either Perl or Python. Both products can be integrated into the
Visual Studio .NET environment. Visual Perl includes support for Active State’s Perl Dev
Kit.
Other languages for which .NET compilers are available include

 FORTRAN
 COBOL
 Eiffel
Fig1 .Net Framework

ASP.NET Windows Forms

XML WEB SERVICES

Base Class Libraries

Common Language Runtime

Operating System
 5. PROJECT DESCRIPTION

5.1 MODULES DESCRIPTION

1. Data Owner Module

2. Data Consumer Module

3. Cloud Server Module

4. Attribute based key generation Module

DATA OWNER MODULE

 In this module, the data owner uploads their data in the cloud server. For the security
purpose the data owner encrypts the data file and then store in the cloud.

 The data owner can change the policy over data files by updating the expiration time.

 The Data owner can have capable of manipulating the encrypted data file. And the
data owner can set the access privilege to the encrypted data file.

DATA CONSUMER MODULE

 In this module, the user can only access the data file with the encrypted key if the user
has the privilege to access the file.

 For the user level, all the privileges are given by the Domain authority and the Data
user’s are controlled by the Domain Authority only.

 Users may try to access data files either within or outside the scope of their access
privileges, so malicious users may collude with each other to get sensitive files
beyond their privileges.
CLOUD SERVER MODULE

 The cloud service provider manages a cloud to provide data storage service.

 Data owners encrypt their data files and store them in the cloud for sharing with data
consumers.

 To access the shared data files, data consumers download encrypted data files of their
interest from the cloud and then decrypt them.

ATTRIBUTE BASED KEY GENERATION MODULE

 In the ABE module, cipher texts are not encrypted to one particular user as in
traditional public key cryptography.
 Rather, both cipher texts and users’ decryption keys are associated with a set of
attributes or a policy over attributes.
 A user is able to decrypt a cipher text only if there is a match between his decryption
key and he cipher text.
 6.SYSTEM DESIGN

6.1 DATA BASE DIAGRAM

DataConsumer

DataOwnerReg

DomainAuth

Gos
UploadFiles
ARCHITECTURAL DIAGRAM
 CLOUD SERVER

DOMAIN DATA FILE UPLOAD

AUTHOR OWNER
ITY
PERSONAL
INFO

LEVEL 1

Files

CLOUDUSER CLOUD ABE

STORGE

Keys
LEVEL 2

USER CLOUD FILES

SERVE
R

DECERYPTION ENCRYPTION

LEVEL 3

FILES KEY
DES GENERATIION

END CLOUD
USER KEY
STORAGE
VERIFICATION

HIERARCHICAL STRUCTURE OF SYSTEM USERS

 7. IMPLEMENTATION AND TESTING

7.1 SYSTEM TESTING

Testing is done for each module. After testing all the modules, the modules are
integrated and testing of the final system is done with the test data, specially designed to
show that the system will operate successfully in all its aspects conditions. The procedure
level testing is made first. By giving improper inputs, the errors occurred are noted and
eliminated. Thus the system testing is a confirmation that all is correct and an opportunity to
show the user that the system works. The final step involves Validation testing, which
determines whether the software function as the user expected. The end-user rather than the
system developer conduct this test most software developers as a process called “Alpha and
Beta test” to uncover that only the end user seems able to find.

This is the final step in system life cycle. Here we implement the tested error-free
system into real-life environment and make necessary changes, which runs in an online
fashion. Here system maintenance is done every months or year based on company policies,
and is checked for errors like runtime errors, long run errors and other maintenances like
table verification and reports.

7.3 INTEGRATION TESTING

Integration testing is a systematic technique for constructing tests to uncover error

associated within the interface. In the project, all the modules are combined and then the
entire programmer is tested as a whole. In the integration-testing step, all the error uncovered
is corrected for the next testing steps.
 8. CONCLUSION AND FUTURE ENHANCEMENT

In this Project, we introduced the HASBE scheme for realizing scalable, flexible, and
fine-grained access control in cloud computing. The HASBE scheme seamlessly incorporates
a hierarchical structure of system users by applying a delegation algorithm to ASBE. HASBE
not only supports compound attributes due to flexible attribute set combinations, but also
achieves efficient user revocation because of multiple value assignments.

FUTURE ENHANCEMENT

Eventough the proposed method HASBE achieves scalability due to its hierarchical
structure, future enhancement It is important to increase confidentiality of the data’s in the
third party servers.
APPENDIX

SAMPLE CODINGS

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Data.SqlClient;

using System.Data;

using System.Configuration;

using System.Security.Cryptography;

public partial class _Default System.Web.UI.Page

SqlConnection con = new

SqlConnection(ConfigurationManager.ConnectionStrings["con"].ConnectionString);

protected void Page_Load(object sender, EventArgs e)

protected void btnSubmit_Click(object sender, EventArgs e)

try

{
 con.Open();

string pass = CipherUtility.Encrypt<RijndaelManaged>(TextBox2.Text, "password",

"salt");

SqlCommand insertcmd = new SqlCommand("insert into DataConsumer values('" +

TextBox1.Text + "','" + pass + "','" + TextBox3.Text + "','" + TextBox4.Text + "','" +
TextBox5.Text + "','" + TextBox6.Text + "')", con);

insertcmd.ExecuteNonQuery();

con.Close();

Response.Write("<script>alert('Successfully Inserted')</script>");

catch (Exception)

Response.Write("<script>alert('Not Successfully Inserted')</script>");

protected void btnClick_Click(object sender, EventArgs e)

try

con.Open();

SqlCommand selctcmd = new SqlCommand("select Username,Password from

DataConsumer", con);

SqlDataReader dr = selctcmd.ExecuteReader();

while (dr.Read())

string uname = dr.GetString(0);

string pass = dr.GetString(1);

string password = CipherUtility.Decrypt<RijndaelManaged>(pass, "password",

"salt");
 if (txtUsername.Text == uname && txtPassword.Text == password)

Response.Redirect("DataConsumerHome.aspx");

catch (Exception)

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Data.SqlClient;

using System.Data;

using System.Configuration;
using System.Security.Cryptography;

public partial class _Default System.Web.UI.Page

SqlConnection con = new

SqlConnection(ConfigurationManager.ConnectionStrings["con"].ConnectionString);

protected void Page_Load(object sender, EventArgs e)

protected void bbtngo_Click(object sender, EventArgs e)

try

con.Open();

SqlCommand selctcmd = new SqlCommand("select

PublicKey,MasterKey,SecretKey,FileContent from UploadFiles", con);

DataTable dt = new DataTable();

SqlDataAdapter sda = new SqlDataAdapter(selctcmd);

sda.Fill(dt);

int rowcount = dt.Rows.Count;

foreach(DataRow row in dt.Rows)

string pkey = row["PublicKey"].ToString();

string mkey = row["MasterKey"].ToString();

string skey = row["SecretKey"].ToString();

string content = row["FileContent"].ToString();

 //string password = CipherUtility.Decrypt<RijndaelManaged>(pass, "password",
"salt");

if (rbtnoption.SelectedValue == "0")

if (txtkey.Text == pkey)

TextBox1.Text = content;

else if (rbtnoption.SelectedValue == "1")

if (txtkey.Text == mkey)

// con.Open();

SqlCommand cmd = new SqlCommand("select * from UploadFiles where

MasterKey='" + mkey + "'", con);

SqlDataAdapter sda1 = new SqlDataAdapter(cmd);

DataSet dsda = new DataSet();

sda1.Fill(dsda);

GridView1.DataSource = dsda;

GridView1.DataBind();

else if (rbtnoption.SelectedValue == "2")

if (txtkey.Text == skey)

{
 //con.Open();

SqlCommand cmd = new SqlCommand("select * from UploadFiles where

SecretKey='" + skey + "'", con);

SqlDataAdapter sda1 = new SqlDataAdapter(cmd);

DataSet dsda = new DataSet();

sda1.Fill(dsda);

GridView1.DataSource = dsda;

GridView1.DataBind();

catch (Exception)

protected void GridView1_RowCommand(object sender, GridViewCommandEventArgs

e)

if (e.CommandName == "download")

int index = Convert.ToInt32(e.CommandArgument);

GridViewRow row = GridView1.Rows[index];

string filename = row.Cells[1].Text;

string dir = row.Cells[2].Text;

Response.Clear();
 Response.ContentType = @"application\octet-stream";

System.IO.FileInfo file = new System.IO.FileInfo(Server.MapPath("~/Uploaded/" +

filename));

Response.AddHeader("Content-Disposition", "attachment; filename=" + file.Name);

Response.TransmitFile(Server.MapPath("~/Uploaded/" + filename));

Response.Flush();

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.IO;

using System.Text;

using System.Data;

using System.Data.SqlClient;

using System.Configuration;

using System.Security.Cryptography;
public partial class _Default System.Web.UI.Page

SqlConnection con = new

SqlConnection(ConfigurationManager.ConnectionStrings["con"].ConnectionString);

protected void Page_Load(object sender, EventArgs e)

public void btnStore_Click(object sender, EventArgs e)

lblMessage.Text = "Generating Keys to access the file";

string filename = FileUpload1.PostedFile.FileName;

string fileext = FileUpload1.PostedFile.ContentType;

string path = Server.MapPath("~/Uploaded/" + filename);

FileUpload1.SaveAs(path);

string content = File.ReadAllText(path);

string publickey = Caesar(filename, 8);

string masterkey = CipherUtility.Encrypt<AesManaged>(path, "cloud", "salty");

string fileattribute1 = Transform(filename);

string fileattribute2 = Caesar(filename,18);

string secretkey = CipherUtility.Encrypt<AesManaged>(content, "cloud", "salty");

txtpblic.Text = publickey;

TextBox1.Text = fileattribute1;

TextBox2.Text = fileattribute2;

TextBox3.Text = masterkey;

TextBox4.Text = secretkey;
 TextBox5.Text = content;

try

con.Open();

SqlCommand insertcmd = new SqlCommand("insert into UploadFiles values('" +

filename + "','" + fileext + "','" + content + "','" + path + "','" + TextBox1.Text + "','" +
TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','" + TextBox5.Text +
"')", con);

insertcmd.ExecuteNonQuery();

con.Close();

// Response.Write("<script>alert('Successfully Inserted')</script>");

catch (Exception)

Response.Write("<script>alert('Not Successfully Inserted')</script>");

public static string Caesar(string value, int shift)

char[] buffer = value.ToCharArray();

for (int i = 0; i < buffer.Length; i++)

// Letter.

char letter = buffer[i];

// Add shift to all.

letter = (char)(letter + shift);

 // Subtract 26 on overflow.

// Add 26 on underflow.

if (letter > 'z')

letter = (char)(letter - 26);

else if (letter < 'a')

letter = (char)(letter + 26);

// Store.

buffer[i] = letter;

return new string(buffer);

public static string Transform(string value)

char[] array = value.ToCharArray();

for (int i = 0; i < array.Length; i++)

int number = (int)array[i];

if (number >= 'a' && number <= 'z')

if (number > 'm')

number -= 13;
 }

else

number += 13;

else if (number >= 'A' && number <= 'Z')

if (number > 'M')

number -= 13;

else

number += 13;

array[i] = (char)number;

return new string(array);

public void btnuplod_Click(object sender, EventArgs e)

Response.Write("<script>alert('Successfully Inserted')</script>");

}
}

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Data;

using System.Data.SqlClient;

using System.Configuration;

using System.Security.Cryptography;

public partial class _Default System.Web.UI.Page

SqlConnection con = new

SqlConnection(ConfigurationManager.ConnectionStrings["con"].ConnectionString);

protected void Page_Load(object sender, EventArgs e)

protected void btnSubmit_Click(object sender, EventArgs e)

try
 {

con.Open();

string pass = CipherUtility.Encrypt<RijndaelManaged>(TextBox6.Text, "password",

"salt");

SqlCommand insertcmd = new SqlCommand("insert into DataOwnerReg values('" +

TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','"
+ TextBox5.Text + "','" + pass + "','" + TextBox7.Text + "')", con);

insertcmd.ExecuteNonQuery();

con.Close();

Response.Write("<script>alert('Successfully Inserted')</script>");

catch (Exception)

Response.Write("<script>alert('Not Successfully Inserted')</script>");

protected void btnClick_Click(object sender, EventArgs e)

try

con.Open();

SqlCommand selctcmd = new SqlCommand("select DomainOwner,Password from

DataOwnerReg", con);

SqlDataReader dr = selctcmd.ExecuteReader();

while (dr.Read())

string uname = dr.GetString(0);

string pass = dr.GetString(1);

 string password = CipherUtility.Decrypt<RijndaelManaged>(pass, "password",
"salt");

if (txtUsername.Text == uname && txtPassword.Text == password)

Response.Redirect("DataOwnerHome.aspx");

catch (Exception)

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Data.SqlClient;

using System.Data;

using System.Configuration;

using System.Security.Cryptography;
public partial class _Default System.Web.UI.Page

SqlConnection con = new

SqlConnection(ConfigurationManager.ConnectionStrings["con"].ConnectionString);

protected void Page_Load(object sender, EventArgs e)

protected void btnSubmit_Click(object sender, EventArgs e)

try

con.Open();

string pass = CipherUtility.Encrypt<RijndaelManaged>(TextBox6.Text, "password",

"salt");

SqlCommand insertcmd = new SqlCommand("insert into DomainAuth values('" +

TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','"
+ TextBox5.Text + "','" + pass+"','" + TextBox7.Text + "')", con);

insertcmd.ExecuteNonQuery();

con.Close();

Response.Write("<script>alert('Successfully Inserted')</script>");

catch (Exception)

Response.Write("<script>alert('Not Successfully Inserted')</script>");

protected void btnClick_Click(object sender, EventArgs e)

{
 try

con.Open();

SqlCommand selctcmd = new SqlCommand("select Username,Password from

DomainAuth", con);

SqlDataReader dr = selctcmd.ExecuteReader();

while (dr.Read())

string uname = dr.GetString(0);

string pass = dr.GetString(1);

string password = CipherUtility.Decrypt<RijndaelManaged>(pass, "password",

"salt");

if (txtUsername.Text == uname && txtPassword.Text == password)

Response.Redirect("DataOwnerReg.aspx");

catch (Exception)

SCREEN LAYOUT
 9. REFERENCES

[1] R.Buyya,C.ShinYeo,J.Broberg,andI.Brandic,“Cloudcomputing and emerging it platforms

Vision, hype, and reality for delivering computing as the 5th utility,” Future Generation
Comput. Syst., vol. 25, pp. 599–616, 2009.

[2] Amazon Elastic Compute Cloud (Amazon EC2) [Online]. Available

http //aws.amazon.com/ec2/

[3] Amazon Web Services (AWS) [Online]. Available https //s3.amazonaws.com/

[4] R. Martin, “IBM brings cloud computing to earth with massive new data centers,”
InformationWeek Aug. 2008 [Online]. Available http //
www.informationweek.com/news/hardware/data_centers/209901523

[5] Google App Engine [Online]. Available http //code.google.com/appengine/

[6] K. Barlow and J. Lane, “Like technology from an advanced alien culture
Google apps for education at ASU,” in Proc. ACM SIGUCCS
User Services Conf., Orlando, FL, 2007.

[7] B. Barbara, “Salesforce.com Raising the level of networking,” Inf.

Today, vol. 27, pp. 45–45, 2010.

[8] J. Bell, Hosting Enterprise Data in the Cloud—Part 9 Investment Value

Zetta, Tech. Rep., 2010.

[9] A. Ross, “Technical perspective A chilly sense of security,” Commun.

ACM, vol. 52, pp. 90–90, 2009.

[10] D. E. Bell and L. J. LaPadula, Secure Computer Systems Unified Exposition

and Multics Interpretation The MITRE Corporation, Tech.
Rep., 1976.
[11] K. J. Biba, Integrity Considerations for Secure Computer Sytems The
MITRE Corporation, Tech. Rep., 1977.

[12] H. Harney, A. Colgrove, and P. D. McDaniel, “Principles of policy in

secure groups,” in Proc. NDSS, San Diego, CA, 2001.

[13] P. D. McDaniel and A. Prakash, “Methods and limitations of security policy

reconciliation,” in Proc. IEEE Symp. Security and Privacy, Berkeley, CA, 2002.

[14] T. Yu and M. Winslett, “A unified scheme for resource protection in automated trust
negotiation,” in Proc. IEEE Symp. Security and Privacy, Berkeley, CA, 2003.

[15] J. Li, N. Li, and W. H. Winsborough, “Automated trust negotiation

using cryptographic credentials,” in Proc. ACM Conf. Computer and Communications
Security (CCS), Alexandria, VA, 2005.