IJESRT: 8(9), September, 2019 ISSN: 2277-9655

International Journal of Engineering Sciences &Research

X Technology
(A Peer Reviewed Online Journal)
Impact Factor: 5.164

IJESRT

Chief Editor Executive Editor

Dr. J.B. Helonde Mr. Somil Mayur Shah

Website: www.ijesrt.com Mail: editor@ijesrt.com

O
 ISSN: 2277-9655
[Chadha, et al., 8(9): September, 2019] Impact Factor: 5.164
IC™ Value: 3.00 CODEN: IJESS7

IJESRT
INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH
TECHNOLOGY
SERVER SAFE APPLICATION
Harman Chadha*1, Abhishek Raj2, Prashant Singh3 & Kuldeep Kumar4

DOI: 10.5281/zenodo.3407054
ABSTRACT
Conceptual Cloud relates with an arrangement of equipment, stockpiling of system, infrastructure,
administrations, interfaces which are expected to join and convey the administration for figuring. The part of
cloud is to give the administration the conveyance of programming and capacity of information on web in light
of client request. On account of these administrations cloud figuring has turned into a critical stage for
organizations to construct their frameworks upon. With developing attention of cloud figuring, related
vulnerabilities are likewise expanding on the grounds that cloud administrations are regularly conveyed by
outsider. Hence security of the data in the cloud is a pertinent issue for clients of cloud. The proposed work plan
is to dispense with the worries in regards to security of information by utilizing multilevel cryptographic
algorithms to enhance the cloud security according to alternate point of view of cloud clients. Here we have
applied the security on the server which on a bigger level will be implemented on cloud.

KEYWORDS: Cloud Computing, Cryptographic Algorithm, Data Authentication, Data Integrity,

Infrastructure, Internet, Security Issue.
1. INTRODUCTION
Cloud Computing gives us a methods by which we can get to the applications as utilities, over the Internet. It
permits us to make, arrange, and redo applications on the web. It offers online information stockpiling,
framework and application. The term Cloud alludes to a Network or Internet. At the end of the day, we can state
that Cloud is something, which is available at remote area. Cloud can give benefits over system, i.e., on open
systems or on private systems, i.e., WAN, LAN or VPN. Applications, for example, email, web conferencing,
client relationship administration (CRM), all keep running in cloud. The cloud makes it workable for clients to
get to data from anyplace at whatever time. It expels the requirement for clients to be in an indistinguishable area
from the equipment that stores information. Once the web association is built up either with remote or
broadband, client can get to administrations of cloud registering through different equipment. This equipment
could be a desktop, portable PC, tablet or telephone.

Cloud processing contains 2 parts ―the front end and the back end. The front end incorporates customer's
gadgets which depends on center Java , Jsp. What's more, the backend alludes to the cloud itself. The entire
cloud is managed by a focal server that is utilized to screen customer's requests (Figure 1.1)

Figure 1.1 Cloud computing Implementation

http: // www.ijesrt.com© International Journal of Engineering Sciences & Research Technology
[50]

IJESRT is licensed under a Creative Commons Attribution 4.0 International License.

 ISSN: 2277-9655
[Chadha, et al., 8(9): September, 2019] Impact Factor: 5.164
IC™ Value: 3.00 CODEN: IJESS7

With cloud computing, various clients can get to a solitary server to recover and refresh their information
without obtaining licenses for various applications. The origination of cloud computing is related intimately with
the foundation as an administrations (IaaS), stage as an administrations (PaaS), System as an administrations
(SaaS). Cryptography, in present day days is considered blend of three sorts of calculations. They are (1)
Symmetric-key calculations (2) Asymmetric-key calculations and (3) Hashing. Uprightness of information is
guaranteed by hashing calculations.

An intrusion detection system (IDS) is a type of security software designed to automatically alert administrators
when someone or something is trying to compromise information system through malicious activities or through
security policy violations.

An IDS works by monitoring system activity through examining vulnerabilities in the system, the integrity of
files and conducting an analysis of patterns based on already known attacks. It also automatically monitors the
Internet to search for any of the latest threats which could result in a future attack.

2. LITERATURE REVIEW
A few works identified with our work, which shows the security of information in cloud computing as take after:

In 2010, S Subashini and V Kavitha proposes a security structure by various techniques gave powerfully, that
one of the parts of this system alludes to give information security by capacity and access to information in light
of meta-information, which is comparative to putting away related information in various zones in view of
metadata, and if the demolition of client information happens, it can be recovered. Each piece of the system in
security as an administration is accommodated functional applications by suppliers of security as a layer or
different layers of required applications.

In 2011, V. Krishna Reddy and Dr. L. S. S. Reddy proposed the security problems at different levels of the
architecture of cloud computing services have been studied. Security of customer-related data is a substantial
need for services which is provided by each model of cloud computing. They have studied matters of on-going
security software as a service (SaaS), platform as a service (PaaS) and Infrastructure as a Service (IaaS).

In 2014, Swarnalata Bollavarapu and Bharat Gupta propose data storage security system in cloud computing.
This system use algorithms like RSA, ECC and RC4 for encryption and decryption techniques.

In 2015, Dr. Salim Ali Abbas, Amal Abdul Baqi Maryoosh provided a secure, effective, and flexible method to
improve data storage security in cloud computing. By using Identity-Based Cryptography the key management
complexity will decrease and not need to certificate issued, also the use of Elliptic Curve Cryptography provides
data confidentiality and use Elliptic curve digital signature algorithm provides data integrity.

3. CHALLENGES IN CLOUD
While the cloud benefit offerings introduce a shortsighted perspective of IT if there should arise an occurrence of
IaaS or an oversimplified perspective of programming in the event that PaaS or a shortsighted perspective of
assets use if there should arise an occurrence of SaaS, the basic frameworks level bolster difficulties are
tremendous and profoundly mind boggling. These originate from the need to offer a consistently reliable and
heartily oversimplified perspective of computing while the fundamental frameworks are very disappointment
inclined, heterogeneous, asset hoarding, and displaying genuine security inadequacies. Cloud Computing, a rise
innovation, has put many difficulties in various angles. Some of these are appeared in the accompanying figure
3.1 beneath:

http: // www.ijesrt.com© International Journal of Engineering Sciences & Research Technology

[51]

IJESRT is licensed under a Creative Commons Attribution 4.0 International License.

 ISSN: 2277-9655
[Chadha, et al., 8(9): September, 2019] Impact Factor: 5.164
IC™ Value: 3.00 CODEN: IJESS7

Figure 3.1 Challenges in cloud.

3.1 Security and privacy

Security and Privacy of data is the greatest test to cloud computing. Security and protection issues can be
overcome by utilizing encryption, security equipment and security applications.

3.2 Convey-ability
This is another test to cloud computing that applications ought to effortlessly be relocated starting with one cloud
supplier then onto the next. There ought not be merchant secure. Be that as it may, it is not yet made conceivable
on the grounds that each of the cloud supplier utilizes diverse standard dialects for their stages.

3.3 Interoperability
Application on one stage ought to have the capacity to fuse administrations from other stage. It is made
conceivable by means of web administrations. Be that as it may, composing such web administrations is
extremely unpredictable.

3.4 Computing performance

To convey information escalated applications on cloud requires high system data transfer capacity, which brings
about high cost. On the off chance that done at low data transmission, then it doesn't meet the required
computing execution of cloud application.

3.5 Unwavering quality and availability

It is important for cloud frameworks to be solid and strong on the grounds that the vast majority of the
organizations are presently getting to be distinctly reliant on administrations gave by outsider.

4. PROPOSED SYSTEM
In this proposition, we propose a powerful and adaptable conveyed conspire with unequivocal element
information support to guarantee the rightness of clients' information in the cloud. By using the symmetric token
with element confirmation of asset use, our plan accomplishes the security and uprightness of information
stockpiling on clouds. Besides when information defilement has been distinguished amid the capacity asset

utilization our plan can practically ensure the synchronous limitation of information blunders, i.e., the ID of the
getting into mischief customer.
a. Contrasted with a hefty portion of its ancestors, which just give paired outcomes about the capacity
state over the circulated servers, the test reaction convention in our work additionally gives the
restriction of information mistake.
b. Dissimilar to earlier works for guaranteeing remote information trustworthiness, the new plan underpins
secure and effective element operations on information pieces, including: refresh, erase and affix.
c. Broad security and execution examination demonstrates that the proposed plan is exceedingly proficient
and strong against Byzantine disappointment, pernicious information adjustment assault, and
considerably server conspiring assaults.

http: // www.ijesrt.com© International Journal of Engineering Sciences & Research Technology

[52]

IJESRT is licensed under a Creative Commons Attribution 4.0 International License.

 ISSN: 2277-9655
[Chadha, et al., 8(9): September, 2019] Impact Factor: 5.164
IC™ Value: 3.00 CODEN: IJESS7

The Proposed System is separated into three noteworthy parts i.e. Front end, Back end and Database. As of now
this framework is actualized as Client Server System yet in future (large scale) will be executed in cloud server.

The principle point of this exploration is to comprehend the security dangers and distinguish the suitable security
strategies used to alleviate them in Cloud Computing. The primary targets of this examination are:

 To comprehend the security issues and the procedures utilized as a part of the present universe of Cloud
Computing.
 To recognize the security challenges, those are normal later on of Cloud Computing.

 To recommend counter measures for the future difficulties to be confronted in Cloud Computing.

Furthermore the system is added with an IDS mechanism to further enhance the security in the system. Here we
make the use of the adaptive intrusion detection system which is a framework to protect the system against
attacks related to unauthorized access.

Bayesian network is a complete model for the variables and their relationships, it can be used to answer
probabilistic queries about them. A Bayesian network can be considered a mechanism for automatically applying
Bayes' theorem to complex problems.

The most common exact inference methods are: variable elimination, which eliminates (by integration or
summation) the non-observed non-query variables one by one by distributing the sum over the product; clique
tree propagation, which caches the computation so that many variables can be queried at one time and new
evidence can be propagated quickly; and recursive conditioning and AND/OR search, which allow for a space-
time trade-off and match the efficiency of variable elimination when enough space is used.

4.1 Program Code

The AES algorithm to encrypt the password.

class AESencrp {

private static final String ALGO = "AES";

private static final byte[] keyValue =

new byte[] { 'T', 'h', 'e', 'B', 'e', 's', 't',

'S', 'e', 'c', 'r','e', 't', 'K', 'e', 'y' };

public static String encrypt(String Data) throws Exception { Key key = generateKey();

Cipher c = Cipher.getInstance(ALGO);
c.init(Cipher.ENCRYPT_MODE, key);

byte[] encVal = c.doFinal(Data.getBytes());

String encryptedValue = new BASE64Encoder().encode(encVal); return encryptedValue;

public static String decrypt(String encryptedData) throws Exception { Key key = generateKey();
Cipher c = Cipher.getInstance(ALGO);
c.init(Cipher.DECRYPT_MODE, key);
byte[] decordedValue = new
http: // www.ijesrt.com© International Journal of Engineering Sciences & Research Technology
[53]

IJESRT is licensed under a Creative Commons Attribution 4.0 International License.

 ISSN: 2277-9655
[Chadha, et al., 8(9): September, 2019] Impact Factor: 5.164
IC™ Value: 3.00 CODEN: IJESS7
BASE64Decoder().decodeBuffer(encryptedData);
byte[] decValue = c.doFinal(decordedValue);
String decryptedValue = new String(decValue);

return decryptedValue;

}
private static Key generateKey() throws Exception {

Key key = new SecretKeySpec(keyValue, ALGO);

return key;

Screenshots:

Server

http: // www.ijesrt.com© International Journal of Engineering Sciences & Research Technology

[54]

IJESRT is licensed under a Creative Commons Attribution 4.0 International License.

 ISSN: 2277-9655
[Chadha, et al., 8(9): September, 2019] Impact Factor: 5.164
IC™ Value: 3.00 CODEN: IJESS7

Client

Adaptive IDS

http: // www.ijesrt.com© International Journal of Engineering Sciences & Research Technology

[55]

IJESRT is licensed under a Creative Commons Attribution 4.0 International License.

 ISSN: 2277-9655
[Chadha, et al., 8(9): September, 2019] Impact Factor: 5.164
IC™ Value: 3.00 CODEN: IJESS7

New User Addition

5. ATTRIBUTES OF CLOUD COMPUTING

To better comprehend Cloud computing, the US National Institute of Science and Technology (NIST)
characterize it as: "Cloud computing is a model for empowering omnipresent, helpful, on-request organize
access to a mutual pool of configurable computing assets (e.g., systems, servers, stockpiling, applications, and
administrations) that can be quickly provisioned and discharged with insignificant administration exertion or
customer and specialist organization cooperation. This cloud show advances accessibility and is made out of five
fundamental qualities, three administration models, and four sending models". NIST characterize cloud
computing basic attributes as takes after [3]:

5.1 On-request Self-benefit: A cloud client can independently arrangement computing capacities, for example,
server time and system stockpiling, in this way, taking out the requirement for a go between, since the client can
oversee naturally and get to the assets required as required without requiring human connection with each
specialist organization

5.2 Broad Network Access: Regardless of the end-client stage, clients advantage from the cloud and control
them through standard components.

5.3 Resource Pooling: Cloud assets, for example, stockpiling, preparing, memory, and system transfer speed are
pooled to accommodate various customers utilizing a multi -inhabitant display, as per the client's request. Private
cloud may just be offsite at an area controlled by the proprietor or the supplier may permit customers to
determine general server areas.

5.4 Rapid Elasticity: In the cloud, if assets can be powerfully and flexibly assigned and discharged. This gives
versatility to progressively or less assets on request naturally. This is one reason Denial-of-Service (DoS)
assaults are diminishing, as organizations with sufficient cloud records are no longer helpless.

5.5 Measured administrations: The control and improvement of assets is done consequently in the cloud utilizing
metering ability, as indicated by the sort of administration stockpiling, handling, transmission capacity, and
dynamic client accounts. This gives straightforwardness to both the cloud merchant and the customers by
checking, controlling, and announcing asset utilization for the used administration.

http: // www.ijesrt.com© International Journal of Engineering Sciences & Research Technology

[56]

IJESRT is licensed under a Creative Commons Attribution 4.0 International License.

 ISSN: 2277-9655
[Chadha, et al., 8(9): September, 2019] Impact Factor: 5.164
IC™ Value: 3.00 CODEN: IJESS7

6. CONCLUSION
In this proposal, we examined the issue of information security in cloud information stockpiling, which is
basically a conveyed stockpiling framework. To guarantee the rightness of clients information in cloud
information stockpiling, we proposed a viable and adaptable appropriated plot with express element information
bolster, including piece refresh, erase, and add. In this proposition, we propose a compelling and adaptable
circulated plot with express element information support to guarantee the accuracy of clients' information in the
cloud. By using the symmetric token with element check of asset utilization, our plan accomplishes the security
and honesty of information stockpiling on clouds. Also when information debasement has been recognized amid
the capacity asset utilization our plan can practically ensure the concurrent restriction of information mistakes,
i.e., the ID of the getting out of hand customer.

Bayesian networks provide automatic detection capabilities, they learn from audit data and can detect both
normal and abnormal connections. Our system demonstrated a high performance when detecting Intrusions.

REFERENCES
[1] Anthony T.Velte, Toby J.Velte, Robert Elsenpeter, “Cloud Computing, A Practical approach”
[2] B. Hayes, “Cloud Computing,” Commun. ACM, vol. 51, no. 7, pp. 9–11, Jul. 2008.
[3] P. Mell and T. Grance, “The NIST definition of cloud computing (draft),” NIST special publication,
vol. 800, no. 145, p. 7, 2011.
[4] J. Krogstie, Model-based development and evolution of information systems a quality approach.
London; New York: Springer, 2012.
[5] G. Anthes, “Security in the cloud,” Communications of the ACM, vol. 53, no. 11, p. 16, Nov. 2010.
[6] Q. Zhang, L. Cheng, and R. Boutaba, “Cloud computing: state-of-the-art and research challenges,”
Journal of Internet Services and Applications, vol. 1, no. 1, pp. 7–18, Apr. 2010.
[7] D. Thain, T. Tannenbaum, and M. Livny, “Distributed computing in practice: the Condor experience,”
Concurrency and Computation: Practice and Experience, vol. 17, no. 2–4, pp. 323– 356, Feb. 2005.
[8] M. Feilner, Open VPN building and operating virtual private networks. Birmingham, U.K.: Packt,2006.
[9] S. Murugesan, “Understanding Web 2.0,” IT Professional, vol. 9, no. 4, pp. 34–41, Jul. 2007.
[10] R. Buyya, C. S. Yeo, and S. Venugopal, “Market-Oriented Cloud Computing: Vision, Hype, and
Reality for Delivering IT Services as Computing Utilities,” in High Performance Computing and
Communications, 2008. HPCC ’08. 10th IEEE International Conference on, 2008, pp. 5–13.
[11] J. Peng, X. Zhang, Z. Lei, B. Zhang, W. Zhang, and Q. Li, “Comparison of Several Cloud Computing
Platforms,” in Information Science and Engineering (ISISE), 2009 Second International Symposium
on, 2009, pp. 23–27.
[12] P. Sempolinski and D. Thain, “A Comparison and Critique of Eucalyptus, OpenNebula and Nimbus,”
in Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second International
Conference on, 2010, pp. 417–426.
[13] D. Ogrizovic, B. Svilicic, and E. Tijan, “Open source science clouds,” in MIPRO, 2010 Proceedings of
the 33rd International Convention, 2010, pp. 1189–1192.
[14] Johansen Krister and Lee Stephen. Network Security:Bayesian Network Intrusion Detection (BNIDS)
May 3,2003.
[15] Peter Spirtes, Clark Glymour, and Richard Scheines Causation, Prediction, and Search. Springer
Verlag, New York, 1993.
[16] Thomas S. Verma and Judea Pearl. Equivalence and synthesis of causal models. In P.P. Bonissone,
M.Henrion, L.N. Kanal, and J.F. Lemmer, editors, Uncertainty in Artificial Intelligence 6, pages 255-
268. Elsevier Science Publishers B.V. (North Holland), 1991.
[17] Gregory F. Cooper and Edward Herskovits. A Bayesian method for the induction of probabilistic
networks from data. Machine Learning, 1992.

http: // www.ijesrt.com© International Journal of Engineering Sciences & Research Technology

[57]

IJESRT is licensed under a Creative Commons Attribution 4.0 International License.