Complying with Data Handling Requirements in Cloud

ABSTRACT
In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity
and importance as underlying infrastructure for more complex cloud services, today’s cloud storage systems
do not account for compliance with regulatory, organizational, or contractual data handling requirements by
design. Since legislation increasingly responds to rising data protection and privacy concerns, complying with
data handling requirements becomes a crucial property for cloud storage systems. We present PRADA, a
practical approach to account for compliance with data handling requirements in key-value based cloud
storage systems. To achieve this goal, PRADA introduces a transparent data handling layer, which empowers
clients to request specific data handling requirements and enables operators of cloud storage systems to
comply with them. We implement PRADA on top of the distributed database Cassandra and show in our
evaluation that complying with data handling requirements in cloud storage systems is practical in real-world
cloud deployments as used for micro blogging, data sharing in the Internet of Things, and distributed email
storage.
 CHAPTER 1
INTRODUCTION
 

1.1 GENERAL:

Now a day’s many web services outsource the storage of data to cloud storage systems. While this offers multiple benefits, clients
and lawmakers frequently insist that storage providers comply with different data handling requirements (DHRs), ranging from restricted
storage locations or durations to properties of the storage medium such as full disk encryption. However, cloud storage systems do not
support compliance with DHRs today. Instead, the selection of storage nodes is primarily optimized towards reliability, availability, and
performance, and thus mostly ignores the demand for DHRs. Even worse, DHRs are becoming increasingly diverse, detailed, and difficult
to check and enforce, while cloud storage systems are becoming more versatile, spanning different continents or infrastructures, and even
second-level providers. Hence, clients cannot ensure compliance with DHRs when their data is outsourced to cloud storage systems.

This apparent lack of control is not merely an academic problem. Since customers have no influence on the treatment of their data
in today’s cloud storage systems, a large set of customers cannot benefit from the advantages offered by the cloud. The Intel IT Center
surveys [9] among 800 IT professionals, that 78% of organizations have to comply with regulatory mandates. Again, 78% of organizations
are concerned that cloud offers are unable to meet their requirements. In consequence, 57% of organizations actually refrain from
outsourcing regulated data to the cloud. The lack of control over the treatment of data in cloud storage hence scares away many clients.
This especially holds for the healthcare, financial, and government sectors.
 Supporting DHRs enables these clients to dictate adequate treatment of their data and thus allows cloud storage
operators to enter new markets. Additionally, it empowers operators to efficiently handle differences in regulations (e.g., data
protection). Although the demand for DHRs is widely acknowledged, practical support is still severely limited. Related work
primarily focuses on DHRs while processing data, limits itself to location requirements, or treats the storage system as a black
box and tries to coarsely enforce DHRs from the outside. Practical solutions for supporting arbitrary DHRs when storing data
in cloud storage systems are still missing – a situation that is disadvantageous to clients and operators of cloud storage
systems.

Our contributions. In this paper, we present PRADA, a general key-value based cloud storage system that offers rich
and practical support for DHRs to overcome current compliance limitations. Our core idea is to add one layer of indirection,
which flexibly and efficiently routes data to storage nodes according to the imposed DHRs. We demonstrate this approach
along classical key-value stores, while our approach also generalizes to more advanced storage systems. Specifically, we make
the following contributions:

 We comprehensively analyze DHRs and the challenges they impose on cloud storage systems. Our analysis shows that a
wide range of DHRs exist, which clients and operators of cloud storage systems have to address.

 We present PRADA, our approach for supporting DHRs in cloud storage systems. PRADA adds an indirection layer on top
of the cloud storage system to store data tagged with DHRs only on nodes that fulfill these requirements. Our design of
PRADA is incremental, i.e., it does not impair data without DHRs. PRADA supports all DHRs that can be expressed as
properties of storage nodes as well as any combination thereof. As we show, this covers a wide range of actual use cases.

 We prove the feasibility of PRADA by implementing it for the distributed database Cassandra (we make our
implementation available) and by quantifying the costs of supporting DHRs in cloud storage systems. Additionally, we
show PRADA’s applicability in a cloud deployment along three real-world use cases: a Twitter clone storing two million
authentic tweets, a distributed email store handling half a million emails, and an IoT platform persisting 1.8 million IoT
1.2 SCOPE OF THE PROJECT

We present PRADA, a practical approach to account for compliance with data handling requirements in key-value based cloud
storage systems. To achieve this goal, PRADA introduces a transparent data handling layer, which empowers clients to request
specific data handling requirements and enables operators of cloud storage systems to comply with them. We implement PRADA on
top of the distributed database Cassandra and show in our evaluation that complying with data handling requirements in cloud storage
systems is practical in real-world cloud deployments as used for micro blogging, data sharing in the Internet of Things, and distributed
email storage.

1.3 OBJECTIVE

In this paper, we present PRADA, a general key-value based cloud storage system that offers rich and practical support for
DHRs to overcome current compliance limitations. Our core idea is to add one layer of indirection, which flexibly and efficiently
routes data to storage nodes according to the imposed DHRs. We demonstrate this approach along classical key-value stores, while
our approach also generalizes to more advanced storage systems.
1.4 PROBLEM STATEMENT

Accounting for compliance with data handling requirements (DHRs), i.e., offering control over where and how data is
stored in the cloud, becomes increasingly important due to legislative, organizational, or customer demands. Despite these
incentives, practical solutions to address this need in existing cloud storage systems are scarce. In this paper, we proposed
PRADA, which allows clients to specify a comprehensive set of fine-grained DHRs and enables cloud storage operators to
enforce them. Our results show that we can indeed achieve support for DHRs in cloud storage systems. Of course, the additional
protection and flexibility offered by DHRs comes at a price: We observe a moderate increase for query completion times, while
achieving constant storage overhead and upholding a near optimal storage load balance even in challenging scenarios.
1.5 EXISTING SYSTEM
 
Existing work primarily focuses on DHRs while processing data, limits itself to location
requirements or treats the storage system as a black box and tries to coarsely enforce DHRs from the
outside.
Practical solutions for supporting arbitrary DHRs when storing data in cloud storage systems are
still missing – a situation that is disadvantageous to clients and operators of cloud storage systems.

1.5.1 DISADVANTAGE OF EXISTING SYSTEM

Provide less security, feasibility, supporting.

Practical solutions for supporting arbitrary DHRs when storing data in cloud storage systems are still missing – a
situation that is disadvantageous to clients and operators of cloud storage systems.
 1.5.2 LITERATURE SURVEY

TITLE : Distributed SECONDO: A Highly Available and Scalable System for Spatial Data Processing
AUTHOR : J. K. Nidzwetzki and R. H. G¨ uting
YEAR : 2015
 
DESCRIPTION
 
Cassandra is a highly available and scalable data store but it provides only limited capabilities for data analyses.
However, database management systems (DBMS) provide a lot of functions to analyze data but most of them scale
poorly. In this paper, a novel method is proposed to couple Cassandra with a DBMS. The result is a highly available and
scalable system that provides all the functions from the DBMS in a distributed manner. Cassandra is used as a data store
and the DBMS Secondo is used as a query processing engine. Secondo is an extensible DBMS, it provides various data
models, e.g. models for spatial data and moving objects data. With Distributed Secondo functions like spatial joins can be
performed distributed and parallelized on many computers.
TITLE : CPPL: Compact Privacy Policy Language
 
AUTHOR : M. Henze et al.
YEAR : 2016
 
DESCRIPTION
 
Recent technology shifts such as cloud computing, the Internet of Things, and big data lead to a significant transfer of
sensitive data out of trusted edge networks. To counter resulting privacy concerns, we must ensure that this sensitive
data is not inadvertently forwarded to third-parties, used for unintended purposes, or handled and stored in violation
of legal requirements. Related work proposes to solve this challenge by annotating data with privacy policies before
data leaves the control sphere of its owner. However, we find that existing privacy policy languages are either not
flexible enough or require excessive processing, storage, or bandwidth resources which prevents their widespread
deployment. To fill this gap, we propose CPPL, a Compact Privacy Policy Language which compresses privacy
policies by taking advantage of flexibly specifiable domain knowledge. Our evaluation shows that CPPL reduces
policy sizes by two orders of magnitude compared to related work and can check several thousand of policies per
second. This allows for individual per-data item policies in the context of cloud computing, the Internet of Things, and
big data.
TITLE : A Dynamic Tenant-Defined Storage System for Efficient Resource Management in Cloud Applications
AUTHOR : P.J. Maenhaut et al
YEAR : 2017
 
DESCRIPTION
Software-Defined Storage (SDS) is an evolving concept for the management of data storage from the software's
perspective. Multi-tenant applications running on the cloud can benefit from the concepts introduced by SDS by
managing the allocation of data storage from the tenant's perspective. A multi-tenant application should guarantee
both data separation and performance isolation towards every tenant, and migration of tenant data over time should be
minimized as this is both an expensive and time consuming operation. Furthermore, with cloud computing compliance
with regulatory policies regarding the storage of data remains a key hurdle, as end users often have no way to specify
their requirements.
In this article, we present a dynamic and extensible system for the management of storage resources in multi-
tenant cloud applications. In the presented approach, tenants are hierarchically clustered based on multiple scenario-
specific characteristics, and allocated to storage resources using a hierarchical bin packing algorithm (static
allocation). As the load changes over time, the system corresponds to these changes by reallocating storage resources
when required (dynamic reallocation). We evaluate both the static and dynamic behavior of our system. Experiments
confirm that the system achieves good results regarding the average bin usage, migrations over time and clustering of
related tenants. On average, less than 0.01% of the total amount of data is reallocated during each migration using the
dynamic Hierarchical First-Fit Decreasing (dHFFD) algorithm while achieving an average bin usage similar to First-
Fit Decreasing (FFD). The dynamic Hierarchical Greedy Decreasing (dHGD) algorithm reduces the number of
migrations by a factor 100 compared to dHFFD, but at the cost of provisioning additional storage instances.
  
TITLE : Swift Analytics: Optimizing Object Storage for Big Data Analytics
AUTHOR : L. Rupprecht et al
YEAR : 2017
 
DESCRIPTION
 
Due to their scalability and low cost, object-based storage systems are an attractive storage solution and widely
deployed. To gain valuable insight from the data residing in object storage but avoid expensive copying to a distributed
file system (e.g. HDFS), it would be natural to directly use them as a storage backend for data-parallel analytics
frameworks such as Spark or MapReduce. Unfortunately, executing data-parallel frameworks on object storage exhibits
severe performance problems, reducing average job completion times by up to 6.5x. We identify the two most severe
performance problems when running data-parallel frameworks on the OpenStack Swift object storage system in
comparison to the HDFS distributed file system: (i) the fixed mapping of object names to storage nodes prevents local
writes and adds delay when objects are renamed, (ii) the coarser granularity of objects compared to blocks reduces data
locality during reads. We propose the Swift Analytics object storage system to address them: (i) it uses locality-aware
writes to control an object's location and eliminate unnecessary I/O related to renames during job completion, speeding
up analytics jobs by up to 5.1x, (ii) it transparently chunks objects into smaller sized parts to improve data-locality,
leading to up to 3.4x faster reads
TITLE : Monitoring Personal Data Transfers in the Cloud
AUTHOR : A. De Oliveira et al.
YEAR : 2013
 
DESCRIPTION

Cloud computing brings a number of compliance risks to organisations because physical perimeters are not clearly
delimited. Many regulations relate to the location of the data processing (and storage), including the EU Data
protection directive. A major problem for cloud service consumers, acting as data controllers, is how to demonstrate
compliance to data transfer constraints. We address the lack of tools to support accountable data localization and
transfer across cloud software, platform and infrastructure services, usually run by data processors. In this paper we
design a framework for automating the collection of evidence that obligations with respect to personal data handling
are being carried out in what concerns personal data transfers. We experiment our approach in the Open Stack open
source IaaS implementation, showing how auditors can verify whether data transfers were compliant.
1.6 PROPOSED SYSTEM

In this paper, we present PRADA, a general key-value based cloud storage system that offers rich and practical support for DHRs to
overcome current compliance limitations.
 Our core idea is to add one layer of indirection, which flexibly and efficiently routes data to storage nodes according to the imposed
DHRs.
We demonstrate this approach along classical key-value stores, while our approach also generalizes to more advanced storage systems.

1.6.1 ADVANTAGES OF PROPOSED SYSTEM

We comprehensively analyze DHRs and the challenges they impose on cloud storage systems.
Our design of PRADA is incremental, i.e., it does not impair data without DHRs.
We prove the feasibility of PRADA by implementing it for the distributed database
 CHAPTER 2
PROJECT DESCRIPTION

2.1 GENERAL

We tackle the challenge of supporting DHR compliance in cloud storage systems which are realized
over a set of nodes in different data centers. To explain our approach in a simple yet general setting, we assume
that data is addressed by a distinct key, i.e., a unique identifier for each data item. Key-value based cloud
storage systems provide a general, good starting point, since they are widely used and their underlying
principles have been adopted in more advanced cloud storage systems. We discuss how our approach can be
applied to other types of cloud storage systems.
2.2 METHODOLOGIES
Following modules involves

2.2.1 Modules Name

 User Interface Design

 Admin
 Operator
 User
 2.2.2 MODULES EXPLANATION AND DIAGRAM

 User Interface Design

To connect with server user must give their username and password then only they can able to connect the server.
If the user already exits directly can login into the server else user must register their details such as username,
password, Email id, City and Country into the server. Database will create the account for the entire user to maintain
upload and download rate. Name will be set as user id. Logging in is usually used to enter a specific page. It will
search the query and display the query.
 User Page

User Login Server

Page

Error
Message

Database
Admin
We comprehensively analyze DHRs and the challenges they impose on cloud storage systems. Our analysis shows
that a wide range of DHRs exist, which clients and operators of cloud storage systems have to address.
2) We present PRADA, our approach for supporting DHRs in cloud storage systems. PRADA adds an indirection
layer on top of the cloud storage system to store data tagged with DHRs only on nodes that fulfill these
Authorized licensed use limited to: Auckland University of Technology.
Admin is the second module in our project, where crucial functional requirements of the project will be
carried out. The roles and responsibilities of the admin are it verify all user request details, and display al users.
 Admin

Login Page

Admin Home Page

User request details Accept user User Files Feed Back

requests

Database
Operator
This is the third module in our project where Operator plays the main part of the project role. Enter operator
name and password then login to the application. First verified in database then display home page. Operator
having some options Files requests, read files, update request and delete request all deleted files. The support of
DHRs presents clear business incentives to cloud storage operators as it opens new markets and eases compliance
with regulation. Business incentives are given by the unique selling point that DHRs present to the untapped
market of clients unable to outsource their data to cloud storage systems nowadays due to unfulfillable DHRs.
Indeed, cloud providers already adapted to some carefully selected requirements.
 Operator

Login Page

Operator Home Page

Files request details Read Files Update requests Delete request

and files

Database
User

This is the fifth module in our project where user process. User has to register and login with valid username and
password. After login successful he can do some operations such as user details. User having some options create
new files, read file, update file and delete file also. User verify all details also.
 User

Login Page

User Home Page

Create New Files Read Files Update Files Delete Files

Database
2.2.3 GIVEN INPUT EXPECTED OUTPUT:
User Interface Design
Input : Enter Login name and Password (User, Router, CA, Publisher)
Output : If valid user name and password then directly open the home page otherwise show error message and
redirect to the registration page.

Admin
Input : Enter email and password , verify all details.
Output : Admin verify all user requests and accept user data then data send to user. Admin will verify all data status
and user feedback also.

Operator
Input : Operator Login name and Password
Output: If valid operator name and password then directly open the operator home page otherwise show error message
and redirect to the operator login page then verify user stored data and given permission to all files.

User
Input : Enter the name and password and stored data.
Output: If valid user name and password then directly open the user home page. All the resources added by user
options. User having some options create new files, read file, update file and delete file also. User verify all details also.
2.3 TECHNIQUE USED OR ALGORITHM USED

Algorithm: PRADA (Practical Approach for data handling)

The most important modifications of PRADA involve the CRUD (create, read, update, delete) operations.
Create: The coordinator first checks whether a create request is accompanied by DHRs.
Read.: Processing read requests in PRADA is performed.
Update: The update of already stored data involves the (potentially partial) update of stored data as well as the possible update of
associated DHRs.
Delete: Delete requests are processed analogously to read Requests.
 
Load balance metric: Intuitively, a good load balancing aims at all nodes being (nearly) equally loaded, i.e., the imbalance between the
load of nodes should be minimized. While underloaded nodes constitute a waste of resources, overloaded nodes drastically decrease the
overall performance of the cloud storage system.
Load balancing in PRADA: Key-value based cloud storage systems achieve a reasonably balanced load in two steps: (i) Equal
distribution of data at insert time, e.g., by applying a hash function to identifier keys, and (ii) re-balancing the cluster if absolutely
necessary by moving data between nodes. More advanced systems support additional mechanisms, e.g., load balancing over geographical
regions.
Since our focus in this paper lies on proving the general feasibility of supporting data compliance in cloud storage, we focus on the
properties of key-value based storage.
 CHAPTER 3
REQUIREMENTS ENGINEERING
3.1 GENERAL
Security Our goal is to provide a secure execution environment that provides a confidentiality
service to sensitive program logic in cloud applications, so the applications released to cloud
marketplaces are protected from malicious cloud users who attempt to commit software thefts.

3.2 HARDWARE REQUIREMENTS

The hardware requirements may serve as the basis for a contract for the implementation of the
system and should therefore be a complete and consistent specification of the whole system. They are used by
software engineers as the starting point for the system design. It shoals what the system do and not how it
should be implemented.

HARDWARE
PROCESSOR : PENTIUM IV 2.6 GHz, Intel Core 2 Duo.
RAM : 512 MB DD RAM
MONITOR : 15” COLOR
HARD DISK : 40 GB
3.3 SOFTWARE REQUIREMENTS

The software requirements document is the specification of the system. It should include both a definition
and a specification of requirements. It is a set of what the system should do rather than how it should do it. The
software requirements provide a basis for creating the software requirements specification. It is useful in
estimating cost, planning team activities, performing tasks and tracking the teams and tracking the team’s
progress throughout the development activity.

FRONT END : J2EE (JSP, SERVLET)

BACK END : MY SQL 5.5 OR MS SQL SERVER
OPERATING SYSTEM : WINDOWS 7
IDE : ECLIPSE
3.3 FUNCTIONAL REQUIREMENTS
A functional requirement defines a function of a software-system or its component. A function is described as a set of inputs,
the behaviour, and outputs. The outsourced computation is data is more secured.

Admin
• User request
• All Users Details
• Feed Back

Operator
• Files Request
• Read Files
• Update Request
• Delete Request
• Deleted Files Details

User
• Create New File
• Read File
• Update File
• Delete File

 
QR code embedded with the Payload and Extraction
 Send Message and Encrypt the payload
 Scramble the encrypted payload
 QR Code Generator
 Read the generated QR Code and get the normal message
 QR Code Generator
 Unscramble the scrambled payload and Decrypt the payload and
 Accept Messages from Users and View Ordinary QR Code
3.5 NON FUNCTIONAL REQUIREMENTS
The major non-functional Requirements of the system are as follows
Usability
The system is designed with completely automated process hence there is no or less user intervention.
Reliability
The system is more reliable because of the qualities that are inherited from the chosen platform java. The code built
by using java is more reliable.
Performance
This system is developing in the high level languages and using the advanced front-end and back-end technologies
it will give response to the end user on client system with in very less time.
Supportability
The system is designed to be the cross platform supportable. The system is supported on a wide range of hardware
and any software platform, which is having JVM, built into the system.
Implementation
The system is implemented in web environment using struts framework. The apache tomcat is used as the web
server and windows xp professional is used as the platform. Interface the user interface is based on Struts provides
HTML Tag
 CHAPTER 4
DESIGN ENGINEERING
4.1 GENERAL

Design Engineering deals with the various UML [Unified Modelling language] diagrams for the
implementation of project. Design is a meaningful engineering representation of a thing that is to be built.
Software design is a process through which the requirements are translated into representation of the software.
Design is the place where quality is rendered in software engineering. Design is the means to accurately
translate customer requirements into finished product.
4.1.1 USE CASE DIAGRAM:

Register

User Login

User Request

Accept Users

Database
Admin
Upload Files

Read Files

Update Files
Operator

Delete Files
4.1.2 Class diagram:

Admin
Register
Login
Login Name
UserRequest
Password
UserAcceptDetails Email
PhoneNumber
Password
EmailId
login()
Address
requests() login()
responses()
register()
accept()

User
Operator Register
Login
Login
View
ViewDetails
Database Upload
Check
Read
UploadRequest AdminDetails
Update
ReadRequest OperatorDetails
Delete
UpdateRequest UserDetails
DeleteRequest
register()
request()
login()
Login() response()
view()
request()
upload()
response()
read()
view()
update()
delete()
4.1.3 OBJECT DIAGRAM:

Admin : Admin Login : Login Register : Register

Database : Database

Operator : Operator User : User

4.1.4 State Diagram

Register / Login

Admin Operator User

Upload files request Uplodad files

User requests

Read files request Read files

Accept requests

Update files request Update files

User details

Delete files requests Delete files

Database
4.1.5 Sequence Diagram:

User Admin Operator Database

User Register
User Register Successfully

User request send to admin

Admin Login

Admin Login Successfully

User request details

Accept users

Upload file request

File uploaded
Read file request

Read files successfully

Updated file
Updated files successully
Delete files
Delete files successfully

Result
4.1.6 COLLABORATION DIAGRAM :

4: Admin Login
6: User request details
Admin Database

5: Admin Login Successfully

1: User Register

9: File uploaded
11: Read files successfully
13: Updated files successully
3: User request send to admin 15: Delete files successfully
2: User Register Successfully
7: Accept users
16: Result
8: Upload file request
10: Read file request
12: Updated file
14: Delete files
User Operator
4.1.7 Activity Diagram 

Register / Login

Admin Operator User

User Requests Upload Files Request Upload Files

Accept Users Read Files Request Read Files

View Details Update Files Request Update Files

Delete Files Request Delete Files

Dataabase
4.1.8 COMPONENT DIAGRAM

Admin Login Register

Operator Database User

Upload Files Update Files Delete Files

Read Files
4.1.9 E-R DIAGRAM

User
Admin
UID Email
Register

PWD
Login
PWD
Login

View Request
Details Data
Files

Name
Verify Operator
Acceptances Send
Requirement
s

Request &
Response
Database
4.1.10 Data Flow Diagram:
LEVEL 0:

User Page

User Login Server

Page

Error
Message

Database
LEVEL 1:

User

Login Page

User Home Page

Create New Files Read Files Update Files Delete Files

Database
4.1.11 DEPLOYMENT DIAGRAM

Admin Login Register

Database

Operator User
4.2 SYSTEM ARCHITECTURE:
 

Register &
User Create Files Delete Files
Login

Home Page Read & Update Files Send to operator

Operator Login
Users request

Upload & Read

Checking Database
Time
Router Home Details
Update & Delete
Page

Status & Feedback

Admin Login
User request
View All
Data
Home Page
User

Accept users
 CHAPTER 5
DEVELOPMENT TOOLS
5.1 GENERAL
This chapter is about the software language and the tools used in the development of the project. The platform used
here is JAVA. The Primary languages are JAVA,J2EE and J2ME. In this project J2EE is chosen for implementation.

5.2 FEATURES OF JAVA

5.2.1 THE JAVA FRAMEWORK

Java is a programming language originally developed by James Gosling at Microsystems and released in 1995
as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++
but has a simpler object model and fewer low-level facilities. Java applications are typically compiled to byte code
that can run on any Java Virtual Machine (JVM) regardless of computer architecture. Java is general-purpose,
concurrent, class-based, and object-oriented, and is specifically designed to have as few implementation dependencies
as possible. It is intended to let application developers "write once, run anywhere".
Java is considered by many as one of the most influential programming languages of the 20th century, and is
widely used from application software to web applications the java framework is a new platform independent that
simplifies application development internet. Java technology's versatility, efficiency, platform portability, and security
make it the ideal technology for network computing. From laptops to datacenters, game consoles to scientific
supercomputers, cell phones to the Internet, Java is everywhere!
5.2.2 OBJECTIVES OF JAVA

To see places of Java in Action in our daily life, explore java.com.

Why Software Developers Choose Java
Java has been tested, refined, extended, and proven by a dedicated community. And numbering more than 6.5 million
developers, it's the largest and most active on the planet. With its versatility, efficiency, and portability, Java has
become invaluable to developers by enabling them to:
•Write software on one platform and run it on virtually any other platform
•Create programs to run within a Web browser and Web services
•Develop server-side applications for online forums, stores, polls, HTML forms processing, and more
•Combine applications or services using the Java language to create highly customized applications or services
•Write powerful and efficient applications for mobile phones, remote processors, low-cost consumer products, and
practically any other device with a digital heartbeat

Some Ways Software Developers Learn Java

Today, many colleges and universities offer courses in programming for the Java platform. In addition, developers can
also enhance their Java programming skills by reading Sun's java.sun.com Web site, subscribing to Java technology-
focused newsletters, using the Java Tutorial and the New to Java Programming Center, and signing up for Web, virtual,
or instructor-led courses.
ObjectOriented

To be an Object Oriented language, any language must follow at least the four characteristics.
1. Inheritance   :It is the process of creating the new classes and using the behavior of the existing classes by
extending them just to reuse  the existing code and adding addition a features as needed.
2. Encapsulation: It is the mechanism of combining the information and providing the abstraction.
3. Polymorphism: As the name suggest one name multiple form, Polymorphism is the way of providing the
different functionality by the functions having the same name based on the signatures of the  methods.
4. Dynamic binding: Sometimes we don't have the knowledge of objects about their specific types while writing
our code. It is the way of providing the maximum functionality to a program about the specific type at runtime.    
5.2.3 JAVA SWING OVERVIEW

Abstract Window Toolkit (AWT) is cross-platform

Swing provides many controls and widgets to build user interfaces with. Swing class names typically begin with a J
such as JButton, JList, JFrame. This is mainly to differentiate them from their AWT counterparts and in general is
one-to-one replacements. Swing is built on the concept of Lightweight components vs AWT and SWT's concept
of Heavyweight components. The difference between the two is that the Lightweight components are rendered
(drawn) using purely Java code, such as drawLine and drawImage, whereas Heavyweight components use the native
operating system to render the components.

Some components in Swing are actually heavyweight components. The top-level classes and any derived
from them are heavyweight as they extend the AWT versions. This is needed because at the root of the UI, the
parent windows need to be provided by the OS. These top-level classes
include JWindow, JFrame, JDialog and JApplet. All Swing components to be rendered to the screen must be able to
trace their way to a root window of one of those classes.
Note: It generally it is not a good idea to mix heavyweight components with lightweight components
(other than as previously mentioned) as you will encounter layering issues, e.g., a lightweight component
that should appear "on top" ends up being obscured by a heavyweight component. The few exceptions to
this include using heavyweight components as the root pane and for popup windows. Generally speaking,
heavyweight components will render on top of lightweight components and will not be consistent with the
look and feel being used in Swing. There are exceptions, but that is an advanced topic. The truly
adventurous may want to consider reading this article from Sun on mixing heavyweight and lightweight
components
5.2.4 Evolution of Collection Framework:

Almost all collections in Java are derived from the java.util.Collection interface. Collection defines the basic parts of
all collections. The interface states the add() and remove() methods for adding to and removing from a collection
respectively. Also required is the toArray() method, which converts the collection into a simple array of all the elements
in the collection. Finally, the contains() method checks if a specified element is in the collection. The Collection
interface is a subinterface of java.util.Iterable, so the iterator() method is also provided. All collections have an iterator
that goes through all of the elements in the collection. Additionally, Collection is a generic. Any collection can be
written to store any class. For example, Collection<String> can hold strings, and the elements from the collection can be
used as strings without any casting required.

There are three main types of collections:

•Lists: always ordered, may contain duplicates and can be handled the same way as usual arrays
•Sets: cannot contain duplicates and provide random access to their elements
•Maps: connect unique keys with values, provide random access to its keys and may host duplicate values
LIST

Lists are implemented in the JCF via the java.util.List interface. It defines a list as essentially a more flexible
version of an array. Elements have a specific order, and duplicate elements are allowed. Elements can be
placed in a specific position. They can also be searched for within the list. Two concrete classes implement
List. The first is java.util.ArrayList, which implements the list as an array. Whenever functions specific to a list
are required, the class moves the elements around within the array in order to do it. The other implementation
is java.util.LinkedList. This class stores the elements in nodes that each have a pointer to the previous and next
nodes in the list. The list can be traversed by following the pointers, and elements can be added or removed
simply by changing the pointers around to place the node in its proper place.
SET:

Java's java.util.Set interface defines the set. A set can't have any duplicate elements in it. Additionally, the set has no
set order. As such, elements can't be found by index. Set is implemented
by java.util.HashSet,java.util.LinkedHashSet, and java.util.TreeSet. HashSet uses a hash table. More specifically, it
uses a java.util.HashMap to store the hashes and elements and to prevent duplicates. Java.util.LinkedHashSet extends
this by creating a doubly linked list that links all of the elements by their insertion order. This ensures that the
iteration order over the set is predictable. java.util.TreeSet uses a red-black tree implemented by a java.util.TreeMap.
The red-black tree makes sure that there are no duplicates. Additionally, it allows Tree Set to
implement java.util.SortedSet.
The java.util.Set interface is extended by the java.util.SortedSet interface. Unlike a regular set, the elements in a
sorted set are sorted, either by the element's compareTo() method, or a method provided to the constructor of the
sorted set. The first and last elements of the sorted set can be retrieved, and subsets can be created via minimum and
maximum values, as well as beginning or ending at the beginning or ending of the sorted set. The SortedSet interface
is implemented by java.util.TreeSet
MAP:

Maps are defined by the java.util.Map interface in Java. Maps are simple data structures that associate a key
with a value. The element is the value. This lets the map be very flexible. If the key is the hash code of the
element, the map is essentially a set. If it's just an increasing number, it becomes a list. Maps are implemented
by java.util.HashMap, java.util.LinkedHashMap, and java.util.TreeMap. HashMap uses a hash table. The hashes
of the keys are used to find the values in various buckets. LinkedHashMap extends this by creating a doubly
linked list between the elements. This allows the elements to be accessed in the order in which they were
inserted into the map. TreeMap, in contrast to HashMap and LinkedHashMap, uses a red-black tree. The keys
are used as the values for the nodes in the tree, and the nodes point to the values in the map
THREAD:
Simply put, a thread is a program's path of execution. Most programs written today run as a single thread, causing
problems when multiple events or actions need to occur at the same time. Let's say, for example, a program is not
capable of drawing pictures while reading keystrokes. The program must give its full attention to the keyboard input
lacking the ability to handle more than one event at a time. The ideal solution to this problem is the seamless
execution of two or more sections of a program at the same time. 

CREATING THREADS
Java's creators have graciously designed two ways of creating threads: implementing an interface and extending a
class. Extending a class is the way Java inherits methods and variables from a parent class. In this case, one can
only extend or inherit from a single parent class. This limitation within Java can be overcome by implementing
interfaces, which is the most common way to create threads. (Note that the act of inheriting merely allows the class
to be run as a thread. It is up to the class to start() execution, etc.)
Interfaces provide a way for programmers to lay the groundwork of a class. They are used to design the
requirements for a set of classes to implement. The interface sets everything up, and the class or classes that
implement the interface do all the work. The different set of classes that implement the interface have to follow the
same rules.
5.3 CONCLUSION

Swing's high level of flexibility is reflected in its inherent ability to override the native
host operating system (OS)'s GUI controls for displaying itself. Swing "paints" its controls using
the Java 2D APIs, rather than calling a native user interface toolkit. The Java thread scheduler is
very simple. All threads have a priority value which can be changed dynamically by calls to the
threads setPriority() method . Implementing the above concepts in our project to do the efficient
work among the Server.
 CHAPTER 6
SAMPLE SOURCE CODE
6.1 GENERAL

The Implementation is nothing but sores code of project.

6.2 IMPLEMENTATION

LoginServlet.java

package com.control;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.bean.Bean;
import com.dao.SecurityDAO;
public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
String mail = null;
int uid = 0;
Bean b = new Bean();
String email = request.getParameter("email");
String password = request.getParameter("password");
if(email.equalsIgnoreCase("admin@gmail.com")&& password.equalsIgnoreCase("admin"))
{ RequestDispatcher rd = request.getRequestDispatcher("adminhome.jsp?
status=Welcome Admin");
rd.include(request, response);
}
else if(email.equalsIgnoreCase("operator@gmail.com")&& password.equalsIgnoreCase("operator"))
{
RequestDispatcher rd = request.getRequestDispatcher("operatorhome.jsp?status=Welcome
Operator");
rd.include(request, response);
} else {
b.setEmail(email);
b.setPassword(password);
try {
int status = new SecurityDAO().checkloginstatus(b);
if(status==1)
{
ArrayList<Bean> al = new SecurityDAO().login(b);
System.out.println("Array List--->"+al);
if(!al.isEmpty()){
for(Bean value: al)
{
uid = value.getUid();
uname = value.getName();
mail = value.getEmail();
}
HttpSession ses = request.getSession();
ses.setAttribute("uid", uid);
ses.setAttribute("email", mail);
ses.setAttribute("uname", uname);
RequestDispatcher rd = request.getRequestDispatcher("customerhome.jsp?status=Welcome
"+uname);
rd.include(request, response);
}
}
else if(status==2)
{
RequestDispatcher rd = request.getRequestDispatcher("login.jsp?status=Admin can not
accept your request");
rd.include(request, response);
}
else if(status==0)
{
RequestDispatcher rd = request.getRequestDispatcher("login.jsp?status=Email or password
not matched");
rd.include(request, response);
}
} catch (Exception e) {
e.printStackTrace();
RequestDispatcher rd = request.getRequestDispatcher("login.jsp?status=Some Internal Error");
rd.include(request, response);
}
}
}
}
OperatorAcceptNewFileServlet.java
 
package com.control;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.dao.SecurityDAO;
public class OperatorAcceptNewFileServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
int fid = Integer.parseInt(request.getParameter("fid"));
try{
Thread.sleep(5000);
int i = new SecurityDAO().operatorAcceptFiles(fid);
if(i!=0)
{ RequestDispatcher rd = request.getRequestDispatcher("acceptNewFiles_operator.jsp?status=Accepted Successfull");
rd.include(request, response);
RequestDispatcher rd = request.getRequestDispatcher("acceptNewFiles_operator.jsp?status=Faild to Accept");
rd.include(request, response);
}
}catch (Exception e) {
e.printStackTrace();
RequestDispatcher rd = request.getRequestDispatcher("acceptNewFiles_operator.jsp?status=Some Internal
Error");
rd.include(request, response);
} }
}
 
CustomerUploadFileServlet.java
 
package com.control;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Iterator;
import java.util.List;
import java.util.Random;
import javax.crypto.Cipher;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import com.bean.Bean;
import com.util.Encrypt;
public class CustomerUploadFileServlet extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
HttpSession ses = request.getSession();
String target = "uploadfile_customer.jsp?status=File Not Available";
String email = (String)ses.getAttribute("email");
int uid = (Integer)ses.getAttribute("uid");
String extension = "";
Bean b = new Bean();
DiskFileItemFactory factory = new DiskFileItemFactory();
ServletFileUpload upload = new ServletFileUpload(factory);
try { List fileItems = upload.parseRequest(request);
Iterator i = fileItems.iterator();
int k = 0;
FileItem file = (FileItem)fileItems.get(0); String fname = file.getName();
System.out.println("File name--->"+fname);
extension = fname.substring(fname.lastIndexOf("."));
if(extension.equals(".txt"))
{ b.setFile(file.get());
b.setEmail(email);
b.setUid(uid);
b.setName(fname);
Random ra = new Random();
long l = ra.nextInt(100000000);
String key = Long.toString(l);
System.out.println("Key---->"+key);
b.setPublickey(key);
Random dran = new Random();
long dkey = dran.nextInt(100000000);
String deletekey = Long.toString(dkey);
b.setDeletekey(deletekey);
int chieperMode = Cipher.ENCRYPT_MODE;
String encryptkey = "14314399“;
chieperMode = new Encrypt().encryptDecrypt(encryptkey, chieperMode, b);
if(chieperMode!=0)
{ RequestDispatcher rd = request.getRequestDispatcher("uploadfile_customer.jsp?status=Customer
File Uploded Successfull, wait for Permission from Operator");
rd.include(request, response);
 }
else
{
RequestDispatcher rd = request.getRequestDispatcher("uploadfile_customer.jsp?
status=Faild to File Uploaded");
rd.include(request, response);
}
}
else
{
RequestDispatcher rd = request.getRequestDispatcher("uploadfile_customer.jsp?status=Upload file
only in text(.txt) fromat");
rd.include(request, response);
}
}catch (Exception e) {
e.printStackTrace();
RequestDispatcher rd = request.getRequestDispatcher("uploadfile_customer.jsp?status=Some Internal Error");
rd.include(request, response);
}
}
}

 
OperatorAcceptNewFileServlet.java
 
package com.control;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.dao.SecurityDAO;
public class OperatorAcceptNewFileServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
int fid = Integer.parseInt(request.getParameter("fid"));
try{
Thread.sleep(5000);
int i = new SecurityDAO().operatorAcceptFiles(fid);
if(i!=0)
{ RequestDispatcher rd = request.getRequestDispatcher("acceptNewFiles_operator.jsp?
status=Accepted Successfull");
rd.include(request, response);
}
else {
RequestDispatcher rd = request.getRequestDispatcher("acceptNewFiles_operator.jsp?status=Faild to Accept");
rd.include(request, response);
} }catch (Exception e) {
e.printStackTrace();
RequestDispatcher rd = request.getRequestDispatcher("acceptNewFiles_operator.jsp?status=Some Internal
Error");
rd.include(request, response);
}
}
}
OperatorAcceptUpdateFileServlet.java
 
package com.control;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.dao.SecurityDAO;
public class OperatorAcceptUpdateFileServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
int i = Integer.parseInt(request.getParameter("fid"));
try{
Thread.sleep(5000);
int j = new SecurityDAO().operatorUpdateFiles(i);
if(j!=0)
{
RequestDispatcher rd = request.getRequestDispatcher("updaterequest_operator.jsp?status=Updated
Successfull");
rd.include(request, response);
} else {
RequestDispatcher rd = request.getRequestDispatcher("updaterequest_operator.jsp?status=Not Updated");
rd.include(request, response);
} }catch (Exception e) {
e.printStackTrace();
RequestDispatcher rd = request.getRequestDispatcher("updaterequest_operator.jsp?status=Some Internal Error");
rd.include(request, response);
}
}
}
Encrypt.java
 
package com.util;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import com.bean.Bean;
import com.dbcon.DbConn;
public class Encrypt extends DbConn {
static Connection con;
Cipher ecipher;
public static int encryptDecrypt(String key, int chieperMode,Bean b) throws Exception, InvalidKeyException,
NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, IOException
{
con=getConnection();
int i = 0;
DESKeySpec deskey = new DESKeySpec(key.getBytes());
SecretKeyFactory se = SecretKeyFactory.getInstance("DES");
SecretKey secretkey = se.generateSecret(deskey);
Cipher chiper =Cipher.getInstance("DES/ECB/PKCS5Padding");
if(chieperMode == Cipher.ENCRYPT_MODE)
{ chiper.init(Cipher.ENCRYPT_MODE,secretkey,SecureRandom.getInstance("SHA1PRNG"));
PreparedStatement ps = con.prepareStatement("insert into
files(fileid,filename,userid,email,filekey,uploadeddate,uploadedfile,operatoraccept,deletekey) values(?,?,?,?,?,NOW(),?,'sent to
operator',?)");
ps.setInt(1, b.getFileid());
ps.setString(2, b.getName());
ps.setInt(3, b.getUid());
ps.setString(4, b.getEmail());
ps.setString(5, b.getPublickey()+'3'+'5');
ps.setBytes(6, b.getFile());
ps.setString(7, b.getDeletekey()+'7'+'9');
i=ps.executeUpdate(); }
else if(chieperMode == Cipher.DECRYPT_MODE)
{ chiper.init(Cipher.DECRYPT_MODE,secretkey,SecureRandom.getInstance("SHA1PRNG"));
//CipherOutputStream cos = new CipherOutputStream(fo, chiper);
//write(fi, cos);}
return chieperMode;
}
public static int updateencryptdecrypt(String key, int chieperMode,Bean b) throws Exception, InvalidKeyException,
NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, IOException
{ con=getConnection();
System.out.println("Connection---->"+con);
int i = 0;
DESKeySpec deskey = new DESKeySpec(key.getBytes());
SecretKeyFactory se = SecretKeyFactory.getInstance("DES");
SecretKey secretkey = se.generateSecret(deskey);
Cipher chiper =Cipher.getInstance("DES/ECB/PKCS5Padding");
if(chieperMode == Cipher.ENCRYPT_MODE)
{ chiper.init(Cipher.ENCRYPT_MODE,secretkey,SecureRandom.getInstance("SHA1PRNG"));
PreparedStatement ps = con.prepareStatement("update files set uploadedfile=?,filekey=?,updatestatus='update
sent',operatoraccept='update request' where fileid=? and userid=?");
ps.setInt(3, b.getUid());
ps.setString(4, b.getMobile());
ps.setString(2, b.getPublickey());
ps.setBytes(1, b.getFile());
i=ps.executeUpdate();
} else if(chieperMode == Cipher.DECRYPT_MODE)
{ chiper.init(Cipher.DECRYPT_MODE,secretkey,SecureRandom.getInstance("SHA1PRNG"));
//CipherOutputStream cos = new CipherOutputStream(fo, chiper);
//write(fi, cos);
}
return chieperMode;
}
}
 CHAPTER 7
SNAPSHOTS

7.1 GENERAL:
This project is implements like web application using COREJAVA and the Server process is
maintained using the SOCKET & SERVERSOCKET and the Design part is played by Cascading
Style Sheet.

7.2 VARIOUS SNAPSHOTS

 CHAPTER 8
 SOFTWARE TESTING
 
8.1 GENERAL
The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or
weakness in a work product. It provides a way to check the functionality of components, sub assemblies, assemblies and/or a
finished product It is the process of exercising software with the intent of ensuring that the Software system meets its
requirements and user expectations and does not fail in an unacceptable manner. There are various types of test. Each test
type addresses a specific testing requirement.
 
8.2 DEVELOPING METHODOLOGIES
The test process is initiated by developing a comprehensive plan to test the general functionality and special features
on a variety of platform combinations. Strict quality control procedures are used. The process verifies that the application
meets the requirements specified in the system requirements document and is bug free. The following are the considerations
used to develop the framework from developing the testing methodologies.
8.3 Types of Tests
8.3.1 Unit testing
Unit testing involves the design of test cases that validate that the internal program logic is functioning properly, and
that program input produce valid outputs. All decision branches and internal code flow should be validated. It is the testing of
individual software units of the application .it is done after the completion of an individual unit before integration. This is a
structural testing, that relies on knowledge of its construction and is invasive. Unit tests perform basic tests at component
level and test a specific business process, application, and/or system configuration. Unit tests ensure that each unique path of
a business process performs accurately to the documented specifications and contains clearly defined inputs and expected
results.

8.3.2 Functional test

Functional tests provide systematic demonstrations that functions tested are available as specified by the business and
technical requirements, system documentation, and user manuals.
Functional testing is centered on the following items:
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures: interfacing systems or procedures must be invoked.
8.3.3 System Test
System testing ensures that the entire integrated software system meets requirements. It tests a configuration to
ensure known and predictable results. An example of system testing is the configuration oriented system integration test.
System testing is based on process descriptions and flows, emphasizing pre-driven process links and integration points.

8.3.4 Performance Test

The Performance test ensures that the output be produced within the time limits, and the time taken by the system
for compiling, giving response to the users and request being send to the system for to retrieve the results.

8.3.5 Integration Testing

Software integration testing is the incremental integration testing of two or more integrated software components
on a single platform to produce failures caused by interface defects.
The task of the integration test is to check that components or software applications, e.g. components in a software
system or – one step up – software applications at the company level – interact without error.
8.3.6 Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires significant participation by the end user. It also
ensures that the system meets the functional requirements.

Acceptance testing for Data Synchronization:

•The Acknowledgements will be received by the Sender Node after the Packets are received by the Destination Node
•The Route add operation is done only when there is a Route request in need
•The Status of Nodes information is done automatically in the Cache Updating process

8.3.7 Build the test plan

Any project can be divided into units that can be further performed for detailed processing. Then a testing strategy for
each of this unit is carried out. Unit testing helps to identity the possible bugs in the individual component, so the component
that has bugs can be identified and can be rectified from errors.
 CHAPTER 9
APPLICATION
9.1 GENERAL

Compliance with DHRs has to be realized by the operator of the cloud storage system. Only the operator knows about the
characteristics of the storage nodes and can thus make the ultimate decision on which node to store a specific data item. Different
works exist that propose cryptographic guarantees, accountability mechanisms, information flow control, or virtual proofs of physical
reality to relax trust assumptions on the operator, i.e., providing the client with assurance that DHRs are (strictly) adhered to. Our goals
are different: Our main aim is for functional improvements of the status quo. Thus, these works are orthogonal to our approach and can
possibly be combined if the operator is not sufficiently trusted.

9.2 FUTIRE ENHANCEMENTS

Further reducing this overhead is only possible by encoding some DHRs in the key used for accessing data,
but this requires everyone accessing the data to be in possession of the DHRs, which is unlikely. A fundamental
improvement could be achieved by replicating all relay information to all nodes of the cluster, but this is viable
only for small cloud storage systems and does not offer scalability. We argue that indirection can likely not be
avoided, but still pose this as an open research question. Third, the question arises how clients can be assured that
an operator indeed enforces their DHRs and no errors in the specification of DHRs have occurred. This has been
widely studied and the proposed approaches such as audit logging, information flow control, and provable data
possession can also be applied to PRADA.
 CHAPTER 10
CONCLUSION & REFERENCES

10.1 CONCLUSION:

Accounting for compliance with data handling requirements (DHRs), i.e., offering control over where and how data is stored in the
cloud, becomes increasingly important due to legislative, organizational, or customer demands. Despite these incentives, practical solutions
to address this need in existing cloud storage systems are scarce. In this paper, we proposed PRADA, which allows clients to specify a
comprehensive set of fine-grained DHRs and enables cloud storage operators to enforce them. Our results show that we can indeed achieve
support for DHRs in cloud storage systems. Of course, the additional protection and flexibility offered by DHRs comes at a price: We
observe a moderate increase for query completion times, while achiev-ing constant storage overhead and upholding a near optimal storage
load balance even in challenging scenarios.
Importantly, however, data without DHRs is not impaired by PRADA. When a responsible node receives a request for data without
DHRs, it can locally check that no DHRs apply to this data: For create requests, the INSERT statement either contains DHRs or not, which
can be checked efficiently and locally. In contrast, for read, update, and delete requests, PRADA performs a simple and local check whether
a reference to a target node for this data exists. The overhead for this step is comparable to executing an if statement and hence negligible.
Only if a reference exists, which implies that the data was inserted with DHRs, PRADA induces overhead. Our extensive evaluation con-
firms that, for data without DHRs, PRADA shows the same query completion times, storage overhead, and bandwidth consumption as an
unmodified Cassandra system in all considered settings (indistinguishable results for Cassandra and PRADA* in Figures 5 to 8.)
Consequently, clients can choose (even at a granularity of individual data items), if DHRs are worth a modest performance decrease.
PRADA’s design is built upon a transparent indirection layer, which effectively handles compliance with DHRs. This design decision
limits our solution in three ways. First, the overall achievable load balance depends on how well the nodes’ capabilities to fulfill certain
DHRs matches the actual DHRs requested by the clients. However, for a given scenario, PRADA is able to achieve nearly optimal load
balance as shown in Figure 10. Second, indirection introduces an overhead of 0.5 round-trip times for reads, updates, and deletes.
While we limit our approach for providing data compliance in cloud storage to key-value based storage systems, the key-value paradigm is
also general enough to provide a practical starting point for storage systems that are based on different paradigms. Additionally, the design
of PRADA is flexible enough to extend (with some more work) to other storage systems. For example, Google’s globally distributed
database Spanner (rather a multi-version database than a key-value store) allows applications to influence data locality (to increase
performance) by carefully choosing keys. PRADA could be applied to Spanner by modifying Spanner’s approach of directory-bucketed
key-value map-pings. Likewise, PRADA could realize data compliance for distributed main memory databases, e.g., VoltDB, where tables
of data are partitioned horizontally into shards [29]. Here, the decision on how to distribute shards over the nodes in the cluster could be
taken with DHRs in mind. Similar adaptations could be performed for commercial products, such as Clustrix [30], that separate data into
slices.
To conclude, PRADA resolves a situation, i.e., missing support for DHRs, that is disadvantageous to both clients and operators of cloud
storage systems. By offering the enforcement of arbitrary DHRs when storing data in cloud storage systems, PRADA enables the use of
cloud storage systems for a wide range of clients who previously had to refrain from outsourcing storage, e.g., due to compliance with
applicable data protection legislation. At the same time, we empower cloud storage operators with a practical and efficient solution to
handle differences in regulations and offer their services to new clients.
10.2 REFERENCE

[1] R. Gellman, “Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing,” World Privacy Forum, 2009.
[2] S. Pearson and A. Benameur, “Privacy, Security and Trust Issues Arising from Cloud Computing,” in IEEE CloudCom, 2010.
[3] United States Congress, “Gramm-Leach-Bliley Act (GLBA),” Pub.L. 106-102, 113 Stat. 1338, 1999.
[4] D. Song et al., “Cloud Data Protection for the Masses,” Computer, vol. 45, no. 1, 2012.
[5] T. F. J. M. Pasquier et al., “Information Flow Audit for PaaS Clouds,” in IEEE IC2E, 2016.
[6] V. Abramova and J. Bernardino, “NoSQL Databases: MongoDB vs Cassandra,” in C3S2E, 2013.
[7] R. Buyya, R. Ranjan, and R. N. Calheiros, “InterCloud: Utility- Oriented Federation of Cloud Computing Environments for Scaling of
Application Services,” in ICA3PP, 2010.
[8] D. Bernstein et al., “Blueprint for the Intercloud - Protocols and Formats for Cloud Computing Interoperability,” in ICIW, 2009.
[9] Intel IT Center, “Peer Research: What’s Holding Back the Cloud?” Tech. Rep., 2012.
[10] D. Catteddu and G. Hogben, “Cloud Computing – Benefits, Risks and Recommendations for Information Security,” European
Network and Information Security Agency (ENISA), 2009.
[11] M. Henze, R. Hummen, and K. Wehrle, “The Cloud Needs Cross- Layer Data Handling Annotations,” in IEEE S&P Workshops, 2013.
[12] T. W¨ uchner, S. M¨ uller, and R. Fischer, “Compliance-Preserving Cloud Storage Federation Based on Data-Driven Usage Control,”
in IEEE CloudCom, 2013.
[13] S. Betg´e-Brezetz et al., “End-to-End Privacy Policy Enforcement in Cloud Infrastructure,” in IEEE CloudNet, 2013.
[14] W. Itani, A. Kayssi, and A. Chehab, “Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing
Architectures,” in IEEE DASC, 2009.
[15] D. Espling et al., “Modeling and Placement of Cloud Services with Internal Structure,” IEEE Transactions on Cloud Computing, vol.
4, no. 4, 2014.
[16] Z. N. J. Peterson, M. Gondree, and R. Beverly, “A Position Paper on Data Sovereignty: The Importance of Geolocating Data in the
Cloud,” in USENIX HotCloud, 2011.
[17] G. J. Watson et al., “LoSt: Location Based Storage,” in ACM CCSW, 2012.
[18] I. Papagiannis and P. Pietzuch, “CloudFilter: Practical Control of Sensitive Data Propagation to the Cloud,” in ACM CCSW, 2012.
[19] J. Spillner, J. M¨ uller, and A. Schill, “Creating optimal cloud storage systems,” Future Generation Computer Systems, vol. 29, no. 4,
2013.
[20] RWTH Aachen University, “PRADA Source Code Repository,” https://github.com/COMSYS/prada.
[21] M. Henze et al., “Practical Data Compliance for Cloud Storage,” in IEEE IC2E, 2017.
[22] P. Samarati and S. De Capitani di Vimercati, “Data Protection in Outsourcing Scenarios: Issues and Directions,” in ACM ASIACSS,
2010.
[23] M. Henze et al., “Towards Data Handling Requirements-aware Cloud Computing,” in IEEE CloudCom, 2013.
[24] A. Greenberg et al., “The Cost of a Cloud: Research Problems in Data Center Networks,” SIGCOMM Comput. Commun. Rev., vol. 39,
no. 1, 2008.
[25] G. DeCandia et al., “Dynamo: Amazon’s Highly Available Keyvalue Store,” in ACM SOSP, 2007.
[26] A. Lakshman and P. Malik, “Cassandra: A Decentralized Structured Storage System,” ACM SIGOPS Operating Systems Review, vol.
44, no. 2, 2010.
[27] M. T. O¨ zsu and P. Valduriez, Principles of Distributed Database Systems, 3rd ed. Springer, 2011.
[28] J. C. Corbett et al., “Spanner: Google’s Globally-distributed Database,” in USENIX OSDI, 2012.
[29] M. Stonebraker and A. Weisberg, “The VoltDB Main Memory DBMS,” IEEE Data Eng. Bull., vol. 36, no. 2, 2013.
[30] Clustrix, Inc., “Scale-Out NewSQL Database in the Cloud,” http: //www.clustrix.com/.
[31] S. Pearson and M. C. Mont, “Sticky Policies: An Approach for Managing Privacy across Multiple Parties,” Computer, vol. 44, no. 9,
2011.
[32] S. Pearson, Y. Shen, and M. Mowbray, “A Privacy Manager for Cloud Computing,” in CloudCom, 2009.
[33] R. Agrawal et al., “Auditing Compliance with a Hippocratic Database,” in VLDB, 2004.
[34] J. Bacon et al., “Information Flow Control for Secure Cloud Computing,” IEEE Transactions on Network and Service Management,
vol. 11, no. 1, 2014.
[35] U. R¨ uhrmair et al., “Virtual Proofs of Reality and their Physical Implementation,” in IEEE S&P, 2015.
[36] United States Congress, “Health Insurance Portability and Accountability Act of 1996 (HIPAA),” Pub.L. 104–191, 110 Stat. 1936,
1996.
[37] “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with
regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection
Regulation),” L119, 4/5/2016, 2016.
[38] PCI Security Standards Council, “Payment Card Industry (PCI) Data Security Standard – Requirements and Security Assessment
Procedures, Version 3.1,” 2015.
[39] R. Buyya et al., “Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility,”
Future Generation Computer Systems, vol. 25, no. 6, 2009.
[40] T. Ristenpart et al., “Hey, You, Get off of My Cloud: Exploring Information Leakage in Third-party Compute Clouds,” in ACM CCS,
2009.
[41] P. Massonet et al., “A Monitoring and Audit Logging Architecture for Data Location Compliance in Federated Cloud Infrastructures,”
in IEEE IPDPS Workshops, 2011.
[42] United States Congress, “Sarbanes-Oxley Act (SOX),” Pub.L. 107–204, 116 Stat. 745, 2002.
[43] A. Mantelero, “The EU Proposal for a General Data Protection Regulation and the roots of the ‘right to be forgotten’,” Computer Law
& Security Review, vol. 29, no. 3, 2013.
[44] H. A. J¨ager et al., “Sealed Cloud – A Novel Approach to Safeguard against Insider Attacks,” in Trusted Cloud Computing. Springer,
2014.
[45] J. Singh et al., “Regional clouds: technical considerations,” University of Cambridge, Computer Laboratory, Tech. Rep. UCAM-CLTR-
863, 2014.
[46] S. Pearson, “Taking Account of Privacy when Designing Cloud Computing Services,” in Proceedings of the 2009 ICSE Workshop on
Software Engineering Challenges of Cloud Computing. IEEE, 2009.
[47] E. Barker, “Recommendation for Key Management – Part 1: General (Revision 4),” NIST Special Publication 800-57, National
Institute of Standards and Technology, 2015.
[48] A. Corradi, L. Leonardi, and F. Zambonelli, “Diffusive Load- Balancing Policies for Dynamic Applications,” IEEE Concurrency, vol. 7,
no. 1, 1999.
[49] L. Rainie and J. Anderson, “The Future of Privacy,” Pew Research Center, http://www.pewinternet.org/2014/12/18/futureof- privacy/,
2014.
[50] R. van Renesse et al., “Efficient Reconciliation and Flow Control for Anti-entropy Protocols,” in LADIS, 2008.
[51] J. K. Nidzwetzki and R. H. G¨ uting, “Distributed SECONDO: A Highly Available and Scalable System for Spatial Data Processing,” in
SSTD, 2015.
[52] DataStax, Inc., “Apache CassandraTM 2.0 Documentation,” http: //docs.datastax.com/en/cassandra/2.0/pdf/cassandra20.pdf, 2016, last
updated: 21 January 2016.
[53] The Apache Software Foundation, “Apache Cassandra,” https:// cassandra.apache.org/.
[54] T. Rabl et al., “Solving Big Data Challenges for Enterprise Application Performance Management,” Proc. VLDB Endow., vol. 5, no.
12, 2012.
[55] The Apache Software Foundation, “Cassandra Query Language (CQL) v3.3.1,” https://cassandra.apache.org/doc/cql3/CQL.html, 2015.
[56] T. J. Parr and R. W. Quong, “ANTLR: A predicated-LL(k) parser generator,” Software: Practice and Experience, vol. 25, no. 7, 1995.
[57] S. Hemminger, “Network Emulation with NetEm,” in linux.conf.au, 2005.
[58] S. Sanghrajka, N. Mahajan, and R. Sion, “Cloud Performance Benchmark Series: Network Performance – Amazon EC2,” Cloud
Commons Online, 2011.
[59] J. Walker, “HotBits: Genuine Random Numbers,” http://www. fourmilab.ch/hotbits.
[60] IBM Corporation, “IBM ILOG CPLEX Optimization Studio,” http: //www.ibm.com/software/products/en/ibmilogcpleoptistud/. [61]
Dropbox Inc., “400 million strong,” https://blogs.dropbox.com/ dropbox/2015/06/400-million-users/, 2015.
[62] AmazonWeb Services, Inc., “AmazonWeb Services General Reference Version 1.0,” http://docs.aws.amazon.com/general/latest/
gr/aws-general.pdf.
[63] Microsoft Corporation, “Microsoft Azure Cloud Computing Platform & Services,” https://azure.microsoft.com/.
[64] “Twissandra,” http://twissandra.com/.
[65] J. Yang and J. Leskovec, “Patterns of Temporal Variation in Online Media,” in Proceedings of the Fourth ACM International
Conference on Web Search and Data Mining (WSDM). ACM, 2011.
[66] K. Giannakouris and M. Smihily, “Cloud computing – statistics on the use by enterprises,” Eurostat Statistics Explained, 2014.
[67] The Apache Software Foundation, “Apache James Project,” http: //james.apache.org/.
[68] “ElasticInbox – Scalable Email Store for the Cloud,” http://www. elasticinbox.com/.
[69] B. Klimt and Y. Yang, “Introducing the Enron Corpus,” in First Conference on Email and Anti-Spam (CEAS), 2004.
[70] M. Henze et al., “A Comprehensive Approach to Privacy in the Cloud-based Internet of Things,” FGCS, 2016.
[71] M. Henze et al., “CPPL: Compact Privacy Policy Language,” in ACM WPES, 2016.
[72] T. Pasquier et al., “Data-centric access control for cloud computing,” in ACM SACMAT, 2016.
[73] Bug Labs, Inc., “dweet.io – Share your thing like it ain’t no thang.” https://dweet.io/.
[74] N. J. A. Harvey et al., “SkipNet: A Scalable Overlay Network with Practical Locality Properties,” in USENIX USITS, 2003.
[75] S. Zhou, G. R. Ganger, and P. A. Steenkiste, “Location-based Node IDs: Enabling Explicit Locality in DHTs,” Carnegie Mellon
University, Tech. Rep., 2003.
[76] S. A. Weil et al., “CRUSH: Controlled, Scalable, Decentralized Placement of Replicated Data,” in ACM/IEEE SC, 2006.
[77] P.-J. Maenhaut et al., “A Dynamic Tenant-Defined Storage System for Efficient Resource Management in Cloud Applications,”
Journal of Network and Computer Applications, 2017.
[78] L. Rupprecht et al., “SwiftAnalytics: Optimizing Object Storage for Big Data Analytics,” in IEEE IC2E, 2017.