Professional Documents
Culture Documents
SRS NNN
SRS NNN
Revision History
Date
Revision
Description
Author
28/09/2015
1.0
Initial Version
Athulya Balachandran, K C
Reshma, Sruthi Suresh
10/10/2015
2.0
Second Revision
29/03/2016
3.0
Third Revision
2/04/2016
4.0
Fourth Revision
K C Reshma,Athul P
Ravi,Athulya Balachandran
Table of Contents
1. PURPOSE
1.1. SCOPE
1.2. DEFINITIONS, ACRONYMS, ABBREVIATIONS
1.2.1. Definitions
1.2.2. Acronyms
1.3. REFERENCES
1.4. OVERVIEW
2. OVERALL DESCRIPTION
10
10
10
11
11
2.5. CONSTRAINTS
12
12
3. SPECIFIC REQUIREMENTS
13
13
13
13
13
13
13
4. NON-FUNCTIONAL REQUIREMENTS
14
14
14
14
14
14
14
15
15
15
15
15
November 2016
1. Purpose
Data deduplication is one of important data compression techniques for
eliminating duplicate copies of repeating data, and it has been widely used in
cloud storage to reduce the amount of storage space and save bandwidth. To
protect the confidentiality of sensitive data while supporting deduplication, the
convergent encryption technique is used. Deduplication is performed for checking
if the contents of two files are the same and stores only one of them. The system
proposes techniques to eliminate multiple copies of same file when they are
downloaded from a server.
Objectives include:
1.1 Overview
In this new deduplication system, hybrid cloud architecture is introduced to solve
the problem. The private keys for privileges will not be issued to users directly,
which will be kept and managed by the private cloud server instead. In this way,
the users cannot share these private keys of privileges in this proposed
construction, which means that it can prevent the privilege key sharing among
users in the above straightforward construction. To get a file token, the user needs
to send a request to the private cloud server.
Page 1
November 2016
problem.
1.1.1.2 DupLESS
DupLESS provides secure deduplicated storage to resist brute-force attacks.
In DupLESS, a group of affiliated clients (e.g., company employees) encrypt
their data with the aid of a Key Server (KS) that is separate from a Storage
Service (SS). Clients authenticate themselves to the KS, but do not leak any
information about their data to it. As long as the KS remains inaccessible to
attackers, high security can be ensured. Obviously, DupLESS cannot control
data access of other data users in a flexible way.
1.1.1.3 PROOFS OF OWNERSHIP (PoW)
Proofs of Ownership (PoW) [6] is based on Merkle tree for deduplication,
which realized client-side deduplication. This method applies an erasure
coding or hash function over the original file first and then use Merkle tree on
the pre-processed data to generate the verification information. When
challenging a prover, a verifier randomly chooses several leaves of the tree
and obtains the corresponding sibling-paths of all these leaves. Only when all
paths are valid, will the verifier accept the proof. This construction can
identify deduplication at a client to save network bandwidth and guarantee
that the client holds a file rather than some part. This method does not pay
attention to data privacy and the server for data storage could be aware of the
Dept Of Information Technology
Page 2
November 2016
Page 3
November 2016
Page 4
November 2016
2. Overall Description
2.1
Product Perspective
Secure Duplication with Hybrid Architecture
By using the duplication technique, to store the data that will use S-CSP are
consisted as group of affiliated client at high level. The main aim is enterprise all
the network. To set the data back up and disaster recovery applications for reduce
the storage space. We frequently go for de-duplication. Such systems are
widespread and are often more suitable to user file backup and synchronization
applications than richer storage abstractions. De-duplication performed by S-CSP
by checking if the contents of two files are the same and stores only one of them.
2.2
Product Architecture
The below diagram depicts the architecture of the proposed system:
Page 5
November 2016
There are three entities define in our system as shown in figure 1, those are,
Users
Private cloud
Data User: A user is an entity that wants to outsource data storage to the S-CSP
and access the data later. In a storage system supporting de-duplication, the user
only uploads unique data but does not upload any duplicate data to save the
upload bandwidth, which may be owned by the same user or different users. In the
authorized de-duplication system, each user is issued a set of privileges in the
setup of the system. Each file is protected with the convergent encryption key and
privilege keys to realize the authorized de-duplication with differential privileges.
Private Cloud: Compared with the traditional de-duplication architecture in
cloud computing, this is a new entity introduced for facilitating users secure
usage of cloud service. Specifically, since the computing resources at data
user/owner side are restricted and the public cloud is not fully trusted in practice,
private cloud is able to provide data user/owner with an execution environment
and infrastructure working as an interface between user and the public cloud. The
private keys for the privileges are managed by the private cloud, who answers the
file token requests from the users. The interface offered by the private cloud
allows user to submit files and queries to be securely stored and computed
respectively.
S-CSP in public cloud: This is an entity that provides a data storage service in
public cloud. The S-CSP provides the data outsourcing service and stores data on
behalf of the users. To reduce the storage cost, the S-CSP eliminates the storage of
redundant data via de-duplication and keeps only unique data. In this paper, we
assume that S-CSP is always online and has abundant storage capacity and
computation power.
Dept Of Information Technology
Page 6
November 2016
b.
Upload Files.
c.
d.
Differential Authorization.
Generate signs
b.
c.
d.
Data confidentiality.
Accessing Files.
b.
b.
Accessing files.
Page 7
November 2016
Page 8
November 2016
3. Specific Requirements
3.1 Functional Requirements
Data owner login validation: Provide the user with a valid user name and
password.
File selection: Select the file for uploading and downloading.
Authorized duplicate check: Check for the duplicate copies of the file that need to
Key generation
File encryption
File decryption
Page 9
Page 10
November 2016
November 2016
4. Non-Functional Requirements
4.1 Safety Requirements
4.2
4.3
System Pentium IV
Hard disk
Floppy disk
Monitor color
RAM
: 2.4 GHz
: 40 GB
: 1.44 Mb
: 15 VGA
: 512 MB
4.4
Operating system
Coding language
IDE
Database
: Windows 7/XP
: Java/J2EE
: Net beans 7.4
: MYSQL
Browsers
Firefox(latest version)
Chrome(latest version)
Safari
Page 11
4.5
November 2016
Cost Effective. The software components are purely open source and thus we
Page 12