1

CHAPTER 1

INTRODUCTION

1.1 CLOUD COMPUTING

In the recent years the technology has been growing and there may be
tremendous changes in applications and services for various domains. Cloud
computing is the next stage in evolution of the Internet. The term cloud in cloud
computing provides the means through which everything from computing power to
computing infrastructure, applications, business processes to personal collaboration.
It can be delivered to you as a service wherever and whenever you need. The cloud
itself is a set of hardware, networks, storage, services, and interfaces that enable the
delivery of computing as a service.
Cloud Computing refers the applications delivered as services over the
Internet and the hardware and systems software in the data centers that provide
those services shown in Fig 1.1. It provide efficient access to personal files and data
from any computer with internet access. This technology allows much more
efficient computation by centralizing storage, memory and processing.

Fig.1.1 Cloud computing Architecture

 2

Three criteria have been used to detect whether a particular service is a cloud
service:
 The service is accessible via a web browser (nonproprietary) or web services
API.
 Zero capital expenditure is necessary to get started.
 You pay only for what you use as you use it.

1.2 CLOUD COMPONENTS

A Cloud system consists of 3 major components such as clients, datacenter,
and distributed servers. Each element has a definite purpose and plays a specific
role.
Clients
End users interact with the clients to manage information related to the
cloud. Clients generally fall into three categories.
 Mobile: Windows Mobile Smartphone, smartphones, like a
Blackberry, or an iPhone.
 Thin: They don’t do any computation work. They only display the
information. Servers do all the works for them. Thin clients don’t
have any internal memory.
 Thick: These use different browsers like IE or Mozilla Firefox or
Google Chrome to connect to the Internet cloud.
Now-a-days thin clients are more popular as compared to other clients
because of their low price, security, low consumption of power, less noise, easily
replaceable and repairable etc.

Datacenter
Datacenter is a collection of servers hosting different applications. An end
user connects to the datacenter to subscribe different applications. A datacenter may
exist at a large distance from the clients. Now-a-days a concept called virtualization
 3

is used to install software that allows multiple instances of virtual server

applications.

Distributed Servers
Distributed servers are the parts of a cloud which are present throughout the
internet hosting different applications. But while using the application from the
cloud, the user will feel that he is using this application from its own machine.

1.3 TYPES OF CLOUDS

Based on the domain or environment in which clouds are used, clouds can be
divided into 3 categories:
1) Public cloud: The services provided by a public cloud are offered over the
Internet and are owned and operated by a cloud provider.
Examples: online photo storage services, e-mail services, or social
networking sites.
2) Private cloud: In a private cloud, the cloud infrastructure is operated solely
for a specific organization, and is managed by the organization or a third
party.
3) Hybrid cloud: In a hybrid cloud, the service is shared by several
organizations and made available only to those groups. The infrastructure
may be owned and operated by the organizations or by a cloud service
provider. A hybrid cloud is a combination of different methods of resource
pooling (for example, combining public and community clouds).

1.4 CHARACTERISTICS
The characteristics of cloud computing include on-demand self-service,
broad network access, resource pooling, rapid elasticity and measured service.
On-demand self-service means that customers (usually organizations) can
request and manage their own computing resources. Broad network access allows
services to be offered over the Internet or private networks. Pooled resources means
 4

that customers draw from a pool of computing resources, usually in remote data
centers. Services can be scaled larger or smaller and use of a service is measured
and customers are billed accordingly.

1.5 SERVICES PROVIDED BY CLOUD COMPUTING

Service means different types of applications provided by different servers
across the cloud. It is generally given as “as a service”. Services in a cloud are of
three types as shown in Fig 1.2.
 Software as a Service (SaaS)
 Platform as a Service (PaaS)
 Hardware as a Service (HaaS) or Infrastructure as a Service (IaaS)

Fig.1.2 Cloud service model

1.6 DATA OUTSOURCING

Data security and privacy becomes more important when using cloud
computing. Data owners outsource their data to the cloud for the reasons of
economy, scalability and efficient accessibility. To satisfy the need for data storage
and high performance computation, many cloud computing service providers have
 5

appeared, such as Amazon Simple Storage Service (Amazon S3), Google App
Engine, Microsoft Azure, Dropbox and so on.
There are two obvious advantages to store data in Cloud Servers:
1) The data owners save themselves out from the trouble of buying
extra storage servers and hiring server management engineers
2) It is easy to data owner to share their data with intended recipients
when the data is stored in the cloud.
The cloud usually managed and maintained by cloud provider who
considered as semi-trusted third party. So, Data owners will be a need to encrypt the
data stored at cloud. Only authorized members can download it and decrypt them
with given keys.

1.7 GROUP KEY MANAGEMENT

Group key management protocols that allows a group of users to agree on a
shared group key, which can be used to protect a shared file system stored remotely
in the cloud. It support the refreshment of the group key at each group membership
modifications. To achieve secure group communication, several group key
management schemes are proposed.
The first scheme is the centralized group key distribution where-by a key
server is entitled to generate keys and distribute them to the group. The key server
maintains long-term shared keys with each group member in order to enable secure
two-party communication for actual key distribution. The problem with this
approach is that there is a single point to failure with the key server and additional
fault tolerance features needs to be implemented to avoid it. Another major problem
is that the key server will be severely overloaded if more peers (nodes) join the
system and scalability cannot be achieved efficiently.
The second scheme is the decentralized group key distribution where an
existing group member is dynamically selected to act as a key server. This scheme
is more robust because, if there is any partition, then a new key server can be
selected by the existing members in that group.
 6

1.8 SYSTEM OVERVIEW

Data owners (Group Leader GL) outsource their data to the cloud to satisfy
the need for data storage and high performance computation. The data in cloud
usually managed and maintained by cloud provider who considered as semi-trusted
third party. So, GL will be a need to encrypt the data stored at cloud. Only
authorized group members can download it and decrypt them with given keys. GL
create the group and make available the data to his Group members (GM). The
group leader can effectively grant the access of group management to one or more
chosen group members. GL promote the group member as a Group Admin (GA).
The group has many subgroups. Each subgroup maintained by using Group Diffie-
Hellman (GDH) and links with other subgroups using Tree-based Group Diffie-
Hellman (TGDH). In combined GDH and TGDH, generate Subgroup key (SK)
using GDH and generate Group key (GK) using TGDH Protocol. The binary tree
used to organize the subgroups. Let N(n1,n2,…ns) be the total number of group
members, and M(M1,M2,…Ms) be the number of subgroup, then there will be N/M
subgroups.

1.9 OBJECTIVE OF THE PROJECT

• To provide secure group sharing

• To reduce computation load

• To support forward and backward secrecy

• To support Dynamic membership
• To implement combined GDH-TGDH protocol
 7

CHAPTER 2

LITERATURE REVIEW

2.1 A Dynamic Secure Group Sharing Framework in Public Cloud

Computing

Authors: Kaiping Xue, Peilin Hong

The Group Sharing framework combines proxy signature, enhanced TGDH

and proxy re-encryption together into a protocol. By applying the proxy signature
technique, the group leader can effectively grant the privilege of group management
to one or more chosen group members.

The enhanced TGDH scheme enables the group to negotiate and update the
group key pairs with the help of Cloud Servers, which does not require all of the
group members been online all the time. Cloud Servers have powerful computing
and storing capability to help with the group key maintaining process, but cannot
leak private information of the group, including data, group members’ security
parameter information and so on.

By adopting proxy re-encryption, most computationally intensive operations

can be delegated to Cloud Servers without disclosing any private information. Any
offline group member can launch group key synchronization when he/she becomes
online again in the next time.

The framework supports the updating of the group key pair whenever group
members’ joining or leaving happens, which transfers most of the computational
complexity and communication overhead to Cloud Servers without leaking the
privacy.
 8

2.2 Invitation-oriented TGDH: Key management for dynamic groups in

an asynchronous communication model

Authors: I.L’m, S. Szebeni, and L. Butty’n

Group key management protocols that allows a group of users to agree on a

shared group key, which can be used to protect a shared file system stored remotely
in the cloud. It support the refreshment of the group key at each group membership
modifications, and they work in an asynchronous communication model, which
makes them suitable for practical cloud based storage systems, where users may not
be on-line simultaneously all the time.

TGDH is a distributed, so it does not require any trusted third party, group
key-agreement protocol based on the Decisional Diffie-Hellman problem. This
protocol assumes an authenticated channel. The scheme is based on a binary key-
tree. The scheme is fully decentralized, and its design is led by a practical,
invitation-oriented approach, similar to Dropbox, where data is shared with new
users with just one click.

In addition, compared to other similar solutions, where the required number

of exponentiations and messages is a function of the group size, the protocols are
more efficient, as they require only constant number of exponentiations on average,
worst case logarithmic number of exponentiations and only a constant number of
messages even if membership modifications are controlled by arbitrary user.
 9

2.3 Hybrid attribute and re-encryption based key management for secure
and scalable mobile applications in clouds

Authors: P. Tysowski and M. Hasan

A key management system has been proposed for secure data outsourcing
applications, whereby attribute-based encryption effectively permits authorized
users to access secure content in the cloud based on the satisfaction of an attribute-
based policy.

The scheme has been modified so that a data owner and a trusted authority
cooperate in the key generation and encryption processes such that computationally
intensive cryptographic operations and requests are minimized for the data owner;
this is of importance to a population of mobile users that must conserve their
consumption of battery and usage of wireless communication.

Attribute-based encryption are proposed to allow authorized users access to

cloud data based on the satisfaction of required attributes such that the higher
computational load from cryptographic operations is assigned to the cloud provider
and the total communication cost is lowered for the mobile user.

Furthermore, data re-encryption may be optionally performed by the cloud

provider to reduce the expense of user revocation in a mobile user environment
while preserving the privacy of user data stored in the cloud. The protocol has been
realized on commercially popular mobile and cloud platforms.
 10

2.4 Group key agreement efficient in communication

Authors: Y. Kim, A. Perrig, and G. Tsudik

Group key management is one of the basic building blocks in securing group
communication. Most prior research in group key management focused on
minimizing computation overhead, in particular minimizing expensive
cryptographic operations. Operations considered in membership
changes like Single member changes include member join or leave and multiple
member changes include group merge and group partition.

However, continued advances in computing power have not been matched

by a decrease in network communication delay. Thus, communication latency,
especially in high-delay long-haul networks, increasingly dominates the key setup
latency, replacing computation delay as the main latency contributor. Hence, there
is a need to minimize the size of messages and, especially, the number of rounds in
cryptographic protocols. Since most previously proposed group key management
techniques optimize computational (cryptographic) overhead, they are particularly
impacted by high communication delay.

The majority of research in group key agreement (one way of implementing

distributed group key management) was mainly concerned with increasing the
security while minimizing cryptographic computation cost.

In this work, here discuss and analyze a specific group key agreement
technique which supports dynamic group membership and handles network failures,
such as group partitions and merges. This technique is very communication-
efficient and provably secure against hostile eavesdroppers as well as various other
attacks specific to group settings.
 11

2.5 Efficient Region-Based Group Key Agreement Protocol for Ad Hoc

Networks using Elliptic Curve Cryptography

Authors: K.Kumar, Dr.V.Sumathy and J.Nafeesa Begum

GECDH & TGECDH scheme is the best protocol in terms of overall

performance for secure group communication in ad hoc networks. It separate the
group into several regional subgroups, which are independent of each other,
particularly in the operations of key management.

The regional subgroup key to be different from the key for outer group i.e.
backbone key. This difference adds more freedom of managing the group members
such as joining and leaving. When there is a membership change, the corresponding
regional sub group key and the Outer group key are changed in order to protect their
secrecies.

Region Based GECDH &TGECDH scheme over wireless adhoc networks

uses smaller keys; it uses less computation cost than the DLP-based scheme for the
same security level. This approach consumes very less memory compared to GDH
and TGDH. GDH and TGDH are occupy large memory when the members go on
increasing. But our Region-based approach takes very less memory even when the
members get increased.

The protocol has limitations are Group Controller have two sets of group
key, it takes up critical time to generate the new contributory group key.
 12

CHAPTER 3

SYSTEM INFORMATION

3.1 EXISTING SYSTEM

• A Dynamic Secure Group Sharing Framework combines proxy signature,
enhanced TGDH and proxy re-encryption together into a protocol
• Tree-based Group Diffie-Hellman (TGDH) used for group sharing
• The group leader can grant the privilege of group management to one or
more chosen group members by using proxy signature.
• Support forward and backward secrecy

3.1.1 Limitations
 The overall partition cost in TGDH is high.
 TGDH is reasonable against relatively few nodes (max 30 nodes). But when
the members increase, the 𝑂(𝑛) steps is really time consuming

3.2 PROPOSED SYSTEM

• Implement GDH-TGDH Protocol

• Generate Subgroup key using GDH Protocol

• Generate Group key using TGDH Protocol

• Support Dynamic membership

• Support forward and backward secrecy

3.2.1 Advantages

 Computation load is distributed among many subgroups

 Key updated when membership changes ( join/leave)
 Key synchronization
 Support forward and backward secrecy
 13

3.3. SYSTEM REQUIREMENTS

3.3.1 HARDWARE REQUIREMENTS

Min-Processor : PENTIUM IV

Memory Size : 2 GB

HDD : 250 GB (MINIMUM)

3.3.2 SOFTWARE REQUIREMENTS

USER INTERFACE : HTML5, CSS3, JS

SERVER : APACHE, GLASSFISH

DATABASE : MYSQL 5

SERVER SIDE SCRIPT : PHP5.6

CLIENT SIDE SCRIPT : JAVASCRIPT

DEVELOPMENT TOOLS : NETBEANS, XAMPP

 14

3.4 SOFTWARE DESCRIPTION

3.4.1 MySQL Server
MySQL is a multithreaded, multi-user SQL database management system
which has, according to MySQL AB, more than 10 million installations. MySQL is
owned and sponsored by a single for-profit firm, the Swedish company MySQL
AB, which holds the copyright to most of the code base. This is similar to the JBoss
model and how the free Software Foundation handles copyright in its projects, and
dissimilar to how the Apache project does it, where the software is developed by a
public community, and the copyright to the code base is owned by its individual
authors.
There are APIs available that allow applications written in numerous
programming languages to access MySQL databases such as C, C++, C#, D,
Borland Delphi (via db Express), Eiffel, Smalltalk, Java (with a native Java driver
implementation), Lisp, Perl, PHP, Python, Ruby, REAL basic (Mac) and Free
Basic. Each of these uses a specific API. An ODBC interface called MyODBC
allows additional programming languages that support the ODBC interface to
communicate with a MySQL database, such as ASP or Cold fusion. MySQL is
mostly implemented in ANSI C.
MySQL is popular for web applications and acts as the database component
of the LAMP, MAMP, and WAMP platforms (Linux/Mac/Windows-Apache-
MySQL-PHP/Perl/Python), and for open-source bug tracking tools like Bugzilla. Its
popularity as a web application is closely tied to the popularity of PHP, which is
often combined with MySQL and nicknamed as Dynamic Duo. It is easy to find
many references that combine the two in websites and books (PHP and MySQL for
Dummies, PHP and MySQL Bible, Beginning PHP and MySQL, etc.). PHP and
MySQL are also essential components for running the popular WordPress blogging
platform. Wikipedia runs on MediaWiki software, which also uses PHP and a
MySQL database.
A widespread and popular alternative, written in PHP, is the free software
web application phpMyAdmin which is a server side tool. For client side MySQL
 15

administration and development, the leading tools are Navicat MySQL GUI by
PremiumSoft and MySQL admin family by SQL Maestro Group, which provide the
same functionality as phpMyAdmin but more advanced in the import/export, query
building, OLAP, BLOB editing, backup. Navicat is also available for PostgreSQL -
Navicat PostgreSQL Manager.

NetBeans
NetBeans refers to both a platform framework for Java desktop applications,
and an Integrated Development Environment (IDE) for developing with Java,
JavaScript, PHP, Python, Ruby, Groovy, C, C++, Scale, Closure, and others. The
NetBeans IDE is an integrated development environment available for Windows,
Mac, Linux, and Solaris. The NetBeans project consists of an open-source IDE and
an application platform that enable developers to rapidly create web, enterprise,
desktop, and mobile applications using the Java platform, as well as JavaFX, PHP,
JavaScript and Ajax, Ruby and Ruby on Rails, Groovy and Grails, and C/C++.
The NetBeans IDE is written in Java and runs everywhere where a JVM is
installed, including Windows, Mac OS, Linux, and Solaris. A JDK is required for
Java development functionality, but is not required for development in other
programming languages. NetBeans JavaScript Editor provides extended support for
JavaScript, Ajax, and CSS. JavaScript editor features comprise syntax highlighting,
refactoring, code completion for native objects and functions, generation of
JavaScript class skeletons etc.
 16

CHAPTER 4

SYSTEM ORGANIZATION

4.1 SYSTEM ARCHITECTURE

There are so many Cloud computing service providers have appeared, such
as Amazon Simple Storage Service (Amazon S3), Google App Engine, Microsoft
Azure, Dropbox and so on. Data owners has two advantages to store data in Cloud
Servers:
1) The data owners save themselves out from the trouble of buying extra
storage servers and hiring server management engineers
2) It is easy to data owner to share their data with intended recipients when
the data is stored in the cloud.
The cloud usually managed and maintained by cloud provider who considered as
semi-trusted third party. So, Data owners will be a need to encrypt the data stored at
cloud. Only authorized members can download it and decrypt them with given keys.

Fig 4.1 System Architecture

 17

GL create the group and make available the data to his Group members
(GM). The system architecture is shown in above Fig.4.1.The group leader can
effectively grant the access of group management to one or more chosen group
members. GL promote the group member as a Group Admin (GA). The group has
many subgroups. Each subgroup maintained by using Group Diffie-Hellman (GDH)
and links with other subgroups using Tree-based Group Diffie-Hellman (TGDH). In
combined GDH and TGDH, generate Subgroup key (SK) using GDH and generate
Group key (GK) using TGDH Protocol. The binary tree used to organize the
subgroups. Let N(n1,n2,…ns) be the total number of group members, and M(M1,M2,
…Ms) be the number of subgroup, then there will be N/M subgroups. Group
formation using GDH and TGDH is shown in Fig.4.2.

Fig 4.2 Group formation using GDH and TGDH

Each subgroup has equal number of group members and it’s controlled under
the supervision of subgroup leader. A leader promote a group member as admin.
Subgroup leader distribute the Subgroup Key (SK) and Group Key (GK) to all its
group member. By using Subgroup Key (SK) the group members can communicate
with in subgroup and using Group Key (GK) the group members can communicate
with another subgroup member.
 18

4.2 MODULES DESCRIPTION

4.2.1 Module 1: User

There are three kinds of users in cloud based group sharing applications:

GROUP LEADER:

There is only one group Leader for a group, who is the group creator and the
top level group administrator. He/she buys or obtains storage and computing
resource from the cloud provider. GL can authorize specific group members to
manage the group, and this privilege of management can also be revoked by GL.
GL provides initial group security parameters for all group members in the group.

GROUP ADMINISTRATOR:

There are 0, 1 or more authorized group administrators in a group. They can

maintain group membership, and acts as sponsors to implement group key updating.
Their privilege of management can be revoked by the group leader at any time.
They also have all the functions of basic group members, such as uploading and
downloading.

GROUP MEMBER:

Each group member can implement file download and upload operations in
the authenticated group. Each GM can get some related public information from
Cloud Servers and compute the specific set of security parameters, such as group
key pair.
 19

4.2.2 Module 2: Group Diffie-Hellman (GDH)

Alice Public Bob

α – Primitive root
XA XB
P- Prime Number

YA=α XA (mod P) YB=αXB(mod P)

YA,YB

YB YA

K= (YB)XA (mod P) K= (YA)XB(mod P)

Fig 4.3 Diffie-Hellman key exchange

The Diffie-Hellman key exchange is one of the simplest and most efficient way by
which the keys can be exchanged by two parties. If Alice and Bob need to agree on
a key for their message exchange, then both agree on a long prime number 𝑝 and a
primitive root or base 𝛼. Alice has her secret private key 𝑥 and she calculates 𝛼𝑥
(mod p) and sends this value to Bob. Meanwhile Bob who has his own secret
private key 𝑦 calculates 𝛼y (mod p) and sends it to Alice. Now Alice and Bob both
compute 𝛼𝑥𝑦 mod p using each other values. Now both use this key for encrypting
their message which they want to send it to one another. It is mathematically
impossible to find 𝑥 and 𝑦 using 𝑝, 𝛼, 𝛼𝑥 (mod p) and 𝛼y (mod p). Diffie-Hellman
key exchange process shown in above Fig. 3.3.

GDH includes
 20

1. Member join

When a new member joins, it initiates communication with the group leader.
After initialization, the leader changes its contribution and sends public key to
this new member. The new member receives the public key. Then, The leader
initiating the rekeying operations for generating a new key for the subgroup.

2. Member leave

When a member leaves group to which it belongs the group key must be
changed to preserve the forward secrecy. The leaving member informs the group
leader. He changes its private key value, computes the public value and
broadcasts the public value to all the remaining members of group.

4.2.2 Module 3: Tree-based Group Diffie-Hellman (TGDH)

The TGDH provides key adjustment protocols to cope with the membership
changes in any dynamic peer group. It provides protocols for node(s) join, leave,
merge and partition. The binary tree used to organize the subgroups. Let N(n 1,n2,…
ns) be the total number of group members, and M(M 1,M2,…Ms) be the number of
subgroup, then there will be N/M subgroups.

CHAPTER 5
 21

IMPLEMENTATION

System implementation is the important stage of project when the theoretical

design is tuned into practical system. The main stages in the implementation are as
follows:

 Planning
 Training
 System testing and
 Changeover Planning

Planning is the first task in the system implementation. Planning means

deciding on the method and the time scale to be adopted. At the time of
implementation of any system people from different departments and system
analysis involve. They are confirmed to practical problem of controlling various
activities of people outside their own data processing departments. The line
managers controlled through an implementation coordinating committee. The
committee considers ideas, problems and complaints of user department, it must
also consider;

 The implication of system environment

 Self-selection and allocation form implementation tasks
 Consultation with unions and resources available
 Standby facilities and channels of communication

TESTING

The purpose of testing is to discover errors. Testing is the process of trying to

discover every conceivable fault or weakness in a work product. It provides a way
to check the functionality of components, sub-assemblies, assemblies and/or a
finished product it is the process of exercising software with the intent of ensuring
that the Software system meets its requirements and user expectations and does not
 22

fail in an unacceptable manner. There are various types of test. Each test type
addresses a specific testing requirement.

TYPES OF TESTING

UNIT TESTING

Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program input produces valid
outputs. All decision branches and internal code flow should be validated. It is the
testing of individual software units of the application .it is done after the completion
of an individual unit before integration. This is a structural testing, that relies on
knowledge of its construction and is invasive. Unit tests perform basic tests at
component level and test a specific business process, application, and/or system
configuration. Unit tests ensure that each unique path of a business process performs
accurately to the documented specifications and contains clearly defined inputs and
expected results.

INTEGRATION TESTING

Integration tests are designed to test integrated software components to

determine if they actually run as one program. Testing is event driven and is more
concerned with the basic outcome of screens or fields. Integration tests demonstrate
that although the components were individually satisfaction, as shown by
successfully unit testing, the combination of components is correct and consistent.
Integration testing is specifically aimed at exposing the problems that arise from
the combination of components.

FUNCTIONAL TESTING
 23

Functional tests provide systematic demonstrations that functions tested are

available as specified by the business and technical requirements, system
documentation and user manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be exercised.

Systems/Procedures : interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements, key

functions, or special test cases. In addition, systematic coverage pertaining to
identify Business process flows; data fields, predefined processes, and successive
processes must be considered for testing. Before functional testing is complete,
additional tests are identified and the effective value of current tests is determined.

SYSTEM TESTING

System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test.
System testing is based on process descriptions and flows, emphasizing pre-driven
process links and integration points.

WHITE BOX TESTING

White Box Testing is a testing in which the software tester has knowledge of
the inner workings, structure and language of the software, or at least its purpose. It
is used to test areas that cannot be reached from a black box level.

BLACK BOX TESTING

 24

Black Box Testing is testing the software without any knowledge of the inner
workings, structure or language of the module being tested. Black box tests, as most
other kinds of tests, must be written from a definitive source document, such as
specification or requirements document, such as specification or requirements
document. It is a testing in which the software under test is treated, as a black box
.you cannot “see” into it. The test provides inputs and responds to outputs without
considering how the software works.

ACCEPTANCE TESTING

User Acceptance Testing is a critical phase of any project and requires

significant participation by the end user. It also ensures that the system meets the
functional requirements.

TEST STRATEGY AND APPROACH

Field testing will be performed manually and functional tests will be written
in detail.

Test objectives

 All field entries must work properly.

 Pages must be activated from the identified link.
 The entry screen, messages and responses must not be delayed.
 Features to be tested
 Verify that the entries are of the correct format
 No duplicate entries should be allowed
 All links should take the user to the correct page.

Test Results

All the test cases mentioned above passed successfully. No defects encountered.

CHAPTER 6
 25

CONCLUSIONS AND FUTURE WORK

Combined GDH and TGDH has been proposed which can enhance the
secure group sharing using secret keys among group members. Using group key
agreement scheme which effectively distribute the secret key to multiple subgroups.
This scheme use multiple keys which exploits asymmetric keys. The computation
load is distributed among many subgroups and also support forward and backward
secrecy. The group key updated when subgroup membership changes (join, leave)
occurs. When the number of subgroup increases, O (n) steps is really time
consuming to build a tree. The proposed scheme can achieve the design goal, and
keep a lower computational complexity and communication overhead in each group
member’s side. Compared with other schemes, the new proposed scheme can
significantly reduce the storage and communication overheads in the rekeying
process, with acceptable computational overhead. In future work, propose a new
key agreement protocol which will support for subgroup increases. And construct a
tree in log (n) steps using effective group key agreement algorithm in future.

REFFERENCES
 26

1. Y.Amir, Y. Kim, C. Nita-Rotaru, and G. Tsudik, “On the performance of

group key agreement protocols,” ACM Transactions on Information and
System Security (TISSEC), vol. 7, no. 3, pp. 457–488,2004.

2. Kaiping Xue, Peilin Hong, ”A Dynamic Secure Group Sharing Framework

in Public Cloud Computing”, IEEE Transactions on Cloud Computing , vol.
2, no.4, pp. 459–470,2014.

3. Y. Kim, A. Perrig, and G. Tsudik, “Group key agreement efficient in

communication,” IEEE Transactions on Computers, vol. 53, no. 7, pp. 905–
921, 2004.

4. K.Kumar, Dr.V.Sumathy and J.Nafeesa Begum “Cost Effective Region-

Based Group Key Agreement Protocol for Secure Group
Communication,”IEEE, 2008.

5. I.L’m, S. Szebeni, and L. Butty’n, “Invitation-oriented TGDH: Key

management for dynamic groups in an asynchronous communication
model,”IEEE, pp. 269–276, 2012.

6. A. T. Sherman and D. A. McGrew, “Key establishment in large dynamic

groups using one-way function trees,” IEEE Transactions on Software
Engineering, vol. 29, no. 5, pp. 444–458, 2003.

7. Steiner, G. Tsudik, and M. Waidner, “Key agreement in dynamic peer

groups,” IEEE Transactions on Parallel and Distributed Systems, vol. 11, no.
8, pp. 769–780, 2000.

8. Y. Tang, P. Lee, J. Lui, and R. Perlman, “Secure overlay cloud storage with
access control and assured deletion,” IEEE Transactions on Dependable and
Secure Computing, vol. 9, no. 6, pp. 903–916,2012.

9. P. Tysowski and M. Hasan, “Hybrid attribute-and re-encryption based key

management for secure and scalable mobile applications in clouds,”IEEE
Transactions on Cloud Computing, vol. 1 no. 2, pp. 172–186, 2013.

10. W. Yu, Y. Sun, and K. R. Liu, “Optimizing the rekeying cost for
contributory group key agreement schemes,” IEEE Transactions on
Dependable and Secure Computing, vol. 4, no. 3, pp. 228–242, 2007.