Professional Documents
Culture Documents
1.1 Cloud Computing
1.1 Cloud Computing
CHAPTER 1
INTRODUCTION
Three criteria have been used to detect whether a particular service is a cloud
service:
The service is accessible via a web browser (nonproprietary) or web services
API.
Zero capital expenditure is necessary to get started.
You pay only for what you use as you use it.
Datacenter
Datacenter is a collection of servers hosting different applications. An end
user connects to the datacenter to subscribe different applications. A datacenter may
exist at a large distance from the clients. Now-a-days a concept called virtualization
3
Distributed Servers
Distributed servers are the parts of a cloud which are present throughout the
internet hosting different applications. But while using the application from the
cloud, the user will feel that he is using this application from its own machine.
1.4 CHARACTERISTICS
The characteristics of cloud computing include on-demand self-service,
broad network access, resource pooling, rapid elasticity and measured service.
On-demand self-service means that customers (usually organizations) can
request and manage their own computing resources. Broad network access allows
services to be offered over the Internet or private networks. Pooled resources means
4
that customers draw from a pool of computing resources, usually in remote data
centers. Services can be scaled larger or smaller and use of a service is measured
and customers are billed accordingly.
appeared, such as Amazon Simple Storage Service (Amazon S3), Google App
Engine, Microsoft Azure, Dropbox and so on.
There are two obvious advantages to store data in Cloud Servers:
1) The data owners save themselves out from the trouble of buying
extra storage servers and hiring server management engineers
2) It is easy to data owner to share their data with intended recipients
when the data is stored in the cloud.
The cloud usually managed and maintained by cloud provider who
considered as semi-trusted third party. So, Data owners will be a need to encrypt the
data stored at cloud. Only authorized members can download it and decrypt them
with given keys.
CHAPTER 2
LITERATURE REVIEW
The enhanced TGDH scheme enables the group to negotiate and update the
group key pairs with the help of Cloud Servers, which does not require all of the
group members been online all the time. Cloud Servers have powerful computing
and storing capability to help with the group key maintaining process, but cannot
leak private information of the group, including data, group members’ security
parameter information and so on.
The framework supports the updating of the group key pair whenever group
members’ joining or leaving happens, which transfers most of the computational
complexity and communication overhead to Cloud Servers without leaking the
privacy.
8
TGDH is a distributed, so it does not require any trusted third party, group
key-agreement protocol based on the Decisional Diffie-Hellman problem. This
protocol assumes an authenticated channel. The scheme is based on a binary key-
tree. The scheme is fully decentralized, and its design is led by a practical,
invitation-oriented approach, similar to Dropbox, where data is shared with new
users with just one click.
2.3 Hybrid attribute and re-encryption based key management for secure
and scalable mobile applications in clouds
A key management system has been proposed for secure data outsourcing
applications, whereby attribute-based encryption effectively permits authorized
users to access secure content in the cloud based on the satisfaction of an attribute-
based policy.
The scheme has been modified so that a data owner and a trusted authority
cooperate in the key generation and encryption processes such that computationally
intensive cryptographic operations and requests are minimized for the data owner;
this is of importance to a population of mobile users that must conserve their
consumption of battery and usage of wireless communication.
Group key management is one of the basic building blocks in securing group
communication. Most prior research in group key management focused on
minimizing computation overhead, in particular minimizing expensive
cryptographic operations. Operations considered in membership
changes like Single member changes include member join or leave and multiple
member changes include group merge and group partition.
In this work, here discuss and analyze a specific group key agreement
technique which supports dynamic group membership and handles network failures,
such as group partitions and merges. This technique is very communication-
efficient and provably secure against hostile eavesdroppers as well as various other
attacks specific to group settings.
11
The regional subgroup key to be different from the key for outer group i.e.
backbone key. This difference adds more freedom of managing the group members
such as joining and leaving. When there is a membership change, the corresponding
regional sub group key and the Outer group key are changed in order to protect their
secrecies.
The protocol has limitations are Group Controller have two sets of group
key, it takes up critical time to generate the new contributory group key.
12
CHAPTER 3
SYSTEM INFORMATION
3.1.1 Limitations
The overall partition cost in TGDH is high.
TGDH is reasonable against relatively few nodes (max 30 nodes). But when
the members increase, the 𝑂(𝑛) steps is really time consuming
3.2.1 Advantages
Min-Processor : PENTIUM IV
Memory Size : 2 GB
DATABASE : MYSQL 5
administration and development, the leading tools are Navicat MySQL GUI by
PremiumSoft and MySQL admin family by SQL Maestro Group, which provide the
same functionality as phpMyAdmin but more advanced in the import/export, query
building, OLAP, BLOB editing, backup. Navicat is also available for PostgreSQL -
Navicat PostgreSQL Manager.
NetBeans
NetBeans refers to both a platform framework for Java desktop applications,
and an Integrated Development Environment (IDE) for developing with Java,
JavaScript, PHP, Python, Ruby, Groovy, C, C++, Scale, Closure, and others. The
NetBeans IDE is an integrated development environment available for Windows,
Mac, Linux, and Solaris. The NetBeans project consists of an open-source IDE and
an application platform that enable developers to rapidly create web, enterprise,
desktop, and mobile applications using the Java platform, as well as JavaFX, PHP,
JavaScript and Ajax, Ruby and Ruby on Rails, Groovy and Grails, and C/C++.
The NetBeans IDE is written in Java and runs everywhere where a JVM is
installed, including Windows, Mac OS, Linux, and Solaris. A JDK is required for
Java development functionality, but is not required for development in other
programming languages. NetBeans JavaScript Editor provides extended support for
JavaScript, Ajax, and CSS. JavaScript editor features comprise syntax highlighting,
refactoring, code completion for native objects and functions, generation of
JavaScript class skeletons etc.
16
CHAPTER 4
SYSTEM ORGANIZATION
There are so many Cloud computing service providers have appeared, such
as Amazon Simple Storage Service (Amazon S3), Google App Engine, Microsoft
Azure, Dropbox and so on. Data owners has two advantages to store data in Cloud
Servers:
1) The data owners save themselves out from the trouble of buying extra
storage servers and hiring server management engineers
2) It is easy to data owner to share their data with intended recipients when
the data is stored in the cloud.
The cloud usually managed and maintained by cloud provider who considered as
semi-trusted third party. So, Data owners will be a need to encrypt the data stored at
cloud. Only authorized members can download it and decrypt them with given keys.
GL create the group and make available the data to his Group members
(GM). The system architecture is shown in above Fig.4.1.The group leader can
effectively grant the access of group management to one or more chosen group
members. GL promote the group member as a Group Admin (GA). The group has
many subgroups. Each subgroup maintained by using Group Diffie-Hellman (GDH)
and links with other subgroups using Tree-based Group Diffie-Hellman (TGDH). In
combined GDH and TGDH, generate Subgroup key (SK) using GDH and generate
Group key (GK) using TGDH Protocol. The binary tree used to organize the
subgroups. Let N(n1,n2,…ns) be the total number of group members, and M(M1,M2,
…Ms) be the number of subgroup, then there will be N/M subgroups. Group
formation using GDH and TGDH is shown in Fig.4.2.
Each subgroup has equal number of group members and it’s controlled under
the supervision of subgroup leader. A leader promote a group member as admin.
Subgroup leader distribute the Subgroup Key (SK) and Group Key (GK) to all its
group member. By using Subgroup Key (SK) the group members can communicate
with in subgroup and using Group Key (GK) the group members can communicate
with another subgroup member.
18
There are three kinds of users in cloud based group sharing applications:
GROUP LEADER:
There is only one group Leader for a group, who is the group creator and the
top level group administrator. He/she buys or obtains storage and computing
resource from the cloud provider. GL can authorize specific group members to
manage the group, and this privilege of management can also be revoked by GL.
GL provides initial group security parameters for all group members in the group.
GROUP ADMINISTRATOR:
GROUP MEMBER:
Each group member can implement file download and upload operations in
the authenticated group. Each GM can get some related public information from
Cloud Servers and compute the specific set of security parameters, such as group
key pair.
19
α – Primitive root
XA XB
P- Prime Number
YB YA
The Diffie-Hellman key exchange is one of the simplest and most efficient way by
which the keys can be exchanged by two parties. If Alice and Bob need to agree on
a key for their message exchange, then both agree on a long prime number 𝑝 and a
primitive root or base 𝛼. Alice has her secret private key 𝑥 and she calculates 𝛼𝑥
(mod p) and sends this value to Bob. Meanwhile Bob who has his own secret
private key 𝑦 calculates 𝛼y (mod p) and sends it to Alice. Now Alice and Bob both
compute 𝛼𝑥𝑦 mod p using each other values. Now both use this key for encrypting
their message which they want to send it to one another. It is mathematically
impossible to find 𝑥 and 𝑦 using 𝑝, 𝛼, 𝛼𝑥 (mod p) and 𝛼y (mod p). Diffie-Hellman
key exchange process shown in above Fig. 3.3.
GDH includes
20
1. Member join
When a new member joins, it initiates communication with the group leader.
After initialization, the leader changes its contribution and sends public key to
this new member. The new member receives the public key. Then, The leader
initiating the rekeying operations for generating a new key for the subgroup.
2. Member leave
When a member leaves group to which it belongs the group key must be
changed to preserve the forward secrecy. The leaving member informs the group
leader. He changes its private key value, computes the public value and
broadcasts the public value to all the remaining members of group.
The TGDH provides key adjustment protocols to cope with the membership
changes in any dynamic peer group. It provides protocols for node(s) join, leave,
merge and partition. The binary tree used to organize the subgroups. Let N(n 1,n2,…
ns) be the total number of group members, and M(M 1,M2,…Ms) be the number of
subgroup, then there will be N/M subgroups.
CHAPTER 5
21
IMPLEMENTATION
Planning
Training
System testing and
Changeover Planning
TESTING
fail in an unacceptable manner. There are various types of test. Each test type
addresses a specific testing requirement.
TYPES OF TESTING
UNIT TESTING
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program input produces valid
outputs. All decision branches and internal code flow should be validated. It is the
testing of individual software units of the application .it is done after the completion
of an individual unit before integration. This is a structural testing, that relies on
knowledge of its construction and is invasive. Unit tests perform basic tests at
component level and test a specific business process, application, and/or system
configuration. Unit tests ensure that each unique path of a business process performs
accurately to the documented specifications and contains clearly defined inputs and
expected results.
INTEGRATION TESTING
FUNCTIONAL TESTING
23
SYSTEM TESTING
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test.
System testing is based on process descriptions and flows, emphasizing pre-driven
process links and integration points.
White Box Testing is a testing in which the software tester has knowledge of
the inner workings, structure and language of the software, or at least its purpose. It
is used to test areas that cannot be reached from a black box level.
Black Box Testing is testing the software without any knowledge of the inner
workings, structure or language of the module being tested. Black box tests, as most
other kinds of tests, must be written from a definitive source document, such as
specification or requirements document, such as specification or requirements
document. It is a testing in which the software under test is treated, as a black box
.you cannot “see” into it. The test provides inputs and responds to outputs without
considering how the software works.
ACCEPTANCE TESTING
Field testing will be performed manually and functional tests will be written
in detail.
Test objectives
Test Results
All the test cases mentioned above passed successfully. No defects encountered.
CHAPTER 6
25
Combined GDH and TGDH has been proposed which can enhance the
secure group sharing using secret keys among group members. Using group key
agreement scheme which effectively distribute the secret key to multiple subgroups.
This scheme use multiple keys which exploits asymmetric keys. The computation
load is distributed among many subgroups and also support forward and backward
secrecy. The group key updated when subgroup membership changes (join, leave)
occurs. When the number of subgroup increases, O (n) steps is really time
consuming to build a tree. The proposed scheme can achieve the design goal, and
keep a lower computational complexity and communication overhead in each group
member’s side. Compared with other schemes, the new proposed scheme can
significantly reduce the storage and communication overheads in the rekeying
process, with acceptable computational overhead. In future work, propose a new
key agreement protocol which will support for subgroup increases. And construct a
tree in log (n) steps using effective group key agreement algorithm in future.
REFFERENCES
26
8. Y. Tang, P. Lee, J. Lui, and R. Perlman, “Secure overlay cloud storage with
access control and assured deletion,” IEEE Transactions on Dependable and
Secure Computing, vol. 9, no. 6, pp. 903–916,2012.
10. W. Yu, Y. Sun, and K. R. Liu, “Optimizing the rekeying cost for
contributory group key agreement schemes,” IEEE Transactions on
Dependable and Secure Computing, vol. 4, no. 3, pp. 228–242, 2007.