Secure Data Storage Security in Cloud Computing Using

Third Party Auditor

Project Submitted to the Bharathiar University

in partial fulfillment of the requirements for the Award of the Degree of

BACHELOR OF SCIENCE IN COMPUTER SCIENCE

BY

PRIYADHARSHINI.R
(1822K2875)

Under the guidance of

Mr.JAYASHEELAN.P MCA (Ph.D)

DEPARTMENT OF COMPUTER SCIENCE

MARCH 2021
 CERTIFICATE

This is to certify that the project report entitled “Secure Data Storage Security in Cloud
Computing Using Third Party Auditor” is a bonafide record done by Ms.
PRIYADHARSHINI.R( 1822K2875) during the period of 2020-2021 of her in the Department
of Computer Science at Sri Krishna Adithya College of Arts and Science, Coimbatore
affiliated to Bharathiar University, in partial fulfillment of the requirements for the award of the
Degree of Bachelor of Computer Science under my supervision and guidance.

The project work is an original work of the candidate and to the best of my
knowledge has not been submitted, in part or in full, for any Diploma / Degree / Associate
ship / Fellow ship or other similar titles in this or any other University. No portion of the
dissertation is a re- production from any other source, published or unpublished, without
acknowledgment.
.

SIGNATURE OF THE GUIDE

SIGNATURE OF THE HOD SIGNATURE OF THE PRINCIPAL

Viva –Voice conducted on:

Internal Examiner: External Examiner:

 DECLARATION

I hereby declare that the project work entitled “CLOUD DATA SECURITY USING
THIRD PARTY AUDITOR” submitted to Sri Krishna Adithya College of Arts and Science,
Coimbatore affiliated to Bharathiar University in partial fulfillment of the requirements for
the award of the Degree of Bachelor of Computer Science is a record of original work done
by me during 2020-2021 under the supervision and guidance of Mr.jayseelan MSC,(Ph.D)
Department of Computer Science. The report has not been submitted for the award of any
Degree / Diploma / Associate ship / Fellowship.

DATE: SIGNATURE OF THE CANDIDATE

PRIYADHARSHINI.R

(1822K2875)
ACKNOWLEDGEMET
 ACKNOWLEDGEMENT

First and foremost, I thank the almighty through whom all things are possible. My
work would not be possible without the gift’s god gave me.

The success of the project depends upon the efforts invested. It’s my duty to
acknowledge and thank the individuals who has contributed towards the successful
completion of my dissertation.

I would like to express my whole hearted thanks to Smt.S.Malarvizhi,

Chairperson & Managing Trustee, Sri Krishna Institutions, Coimbatore.

I take this opportunity to express my profound and whole hearted thanks to our
Principal Dr.S.Palaniammal., Sri Krishna Adithya College of Arts and Science for
reinforcing my effort with support and guidance.

I owe my heart and profound gratitude to Dr. K. Geetha MCA., M.Phil., Ph.D
Head, Department of Computer science and my internal guide Mr.Jayasheelan .P MCA
(Ph.D) Department of Computer Science, Sri Krishna Adithya College of Arts and Science,
Coimbatore for giving continuous encouragement to complete this work. This project
wouldn’t be a success for me without their valuable comments and suggestions.

I am grateful to thank all the Staff Members in our department for their
motivation and endless inspiration to help in completing this project work.

The successful completion of my project would not have been possible without my
parent’s support. I take this opportunity to thank very much for their continuous
encouragement. I convey my thankfulness to all my friends who were with me to share
my happiness and agony.
SYNOPSIS
 SYNOPSIS

Security for the data which is stored on the cloud by user is very important issue.
User may expect some security for their data from the cloud service provider, there can be serious
issues regarding data security between user and service provider. To solve this kind of issues,
proposed system can use third party as an auditor. Here this proposed application has analyzed
different ways to ensure secure data storage in cloud. This application going to provide the security
to the user’s data by using encryption technique. For this we are using the Advanced Encryption
Standard algorithm for encryption and decryption. But some of the scenario Cloud Service
Provider may be misusage the user data, maybe data modification, corruption cab be conduct by
cloud service provide. So, there is threat to security and privacy of data. CSP may pass the user
data without user’s knowledge. For doing auditing every time from user side it’s very difficult task
to user, its leads some problem to user. Proposed system are introducing Third Party Auditor. Here
the data will be encrypted at user side and will be in encrypted form over network and to TPA.
TPA will verify the data before storing it on the cloud. There are large numbers of users of cloud
computing who are accessing and modifying the data and they need the reliable service provider
who can provide complete security for their data. So, the TPA will audit the data and check the
data integrity of client’s data. No one else rather than user is able to view data. But if someone
tries to access the data, modification data, and then there will be a file alert generated to the user.
Hence user will have more elaborated view over his data privacy. In this paper we are providing
solution for the user who needs security and privacy for their data.
CONTENTS
 CONTENTS

S.NO PARTICULARS PAGE NO

I CERTIFICATE 3

II DECLARATION 5

III ACKNOWLEDGEMENT 7

IV SYNOPSIS 9

1 1.INTRODUCTION 13

1.2.OBJECTIVES

15
2 2.SYSTEM REQUIREMENTS
2.1.HARDWARE REQUIREMENTS
2.2.SOFTWARE REQUIREMENTS

3 3.SYSTEM STUDY 17
3.1.EXISTING SYSTEM
3.1.1.DISADVANTAGES
3.2.PROPOSED SYSTEM 18
3.2.1.ADVANTAGES
3.3.FEASIBILITY STUDY 19

23
4 4.SYSTEM DESIGN AND ANALYSIS
4.1.FILE DESIGN
4.2.INPUT DESIGN
4.3.OUTPUT DESIGN 24
4.4.DATA BASE DESIGN 25
4.5.CODE DESIGN

27
SYSTEM DEVELOPMENT
28
5 5.MODULES
5.1.MODULE DESCRIPTION
 31
6 6.TESTING IMPLEMENTATION 32
6.1.OBJECTIVES OF TESTING
6.2.TESTING METHODS

36
7 7.CONCLUSION
38
8 8.BIBLIOGRAPHY

9 9.ANNEXURE 39
A.DFD DIAGRAM 40
42
B.TABLE DESIGN
47
C.SAMPLE CODE
55
10 10.SCREENSHOTS
INTRODUCTION
1.1 INTRODUCTION

Cloud storage enables users to remotely store their data and enjoy the on-demand high
quality cloud applications without the burden of local hardware and software management. Though
the benefits are clear, such a service is also relinquishing users’ Physical possession of their
outsourced data, which inevitably poses new security risks towards the correctness of the data in
cloud. In order to address this new problem and further achieve a secure and dependable cloud
storage service, we propose in this paper a flexible distributed storage integrity auditing
mechanism, utilizing the homomorphism token and distributed erasure-coded data. The proposed
design allows users to audit the cloud storage with very lightweight communication and
computation cost. The auditing result not only ensures strong cloud storage correctness guarantee,
but also simultaneously achieves fast data error localization, i.e., the identification of misbehaving
server. Considering the cloud data are dynamic in nature, the proposed design further supports
secure and efficient dynamic operations on outsourced data, including block modification,
deletion, and append. Analysis shows the proposed scheme is highly efficient and resilient against
Byzantine failure, malicious data modification attack, and even server colluding attacks.

1.2 OBJECTIVE:

• The main objective of the proposed system is to provide ensure secure data storage in cloud.
• Provide the higher security to the user’s data by using encryption technique
• Third party auditor will audit the data and check the data integrity of client’s data
• if someone tries to change the data integrity, and then there will be a file alert generated to
the user
• Proposed application providing solution for the user who needs security and privacy for
their data.
• This application minimizes the workload of the cloud data owners.
SYSTEM REQUIREMENTS
2. SYSTEM REQUIREMENTS

A System Requirements Specification (SRS) (also known as a Software Requirements

Specification) is a document or set of documentation that describes the features and behavior of a
system or software application.

2.1HARDWARE REQUIREMENT

• Hard disk : 80 GB

• RAM : 1 GB

• Processor : Pentium IV

• Monitor : 17” Color monitor

• Key board, Mouse : Multi media.

2.2 SOFTWARE REQUIREMENT

• Front End/GUI Tool : Eclipse

• Operating System : Windows Family
• Technology : Swing
• Coding language : Java
• Back End : SQL SERVER
SYSTEM STUDY
3. SYSTEM STUDY

It involves studying a procedure or business in order to identify its goals and purposes and
create systems and procedures that will achieve them in an efficient way. Use cases are a widely
used systems analysis modeling tool for identifying and expressing the functional requirements of
a system.

3.1 EXISTING SYSTEM

Cloud services increased drastically and with this growth they brought up the problem
related to data security and data integrity. The clients are also concerned about the sharing of data
with specific addressed group of people. Hence the information might be compromised by the
cloud service provider. Cloud storage moves the user’s data to large data centers, which are
remotely located. Lack of security in cloud service unauthorized data modification and corruption,
possibly due to server compromise. Data security is which has always been an important aspect of
quality of services. So present system data owner have to download the upload file and they will
verify the data integrity. So its lead more burdens and time consuming process to cloud data owner.

3.1.1. DISADVANTAGES

• Data store on cloud servers is not secure.

• This is not solving the issue of data integrity
• Data verification and data monitor is most tedious work for data owner.
• Security of information is low.
• Time consumption is more.
• This system leads more burdens and time-consuming process to cloud data owner.
3.2. PROPOSED SYSTEM

The drawbacks, which are faced during existing system, can be eradicated by using the
proposed system. The proposed system addressed the construction of an efficient audit service for
data security in clouds. The proposed system is an interactive protocol to implement the verifier
service. In this process, verifier acts as an agent of data owners. Verifier performs periodic
verification to monitor the data transfer or modification by providing an optimized schedule.
Verifier the data and check the data integrity of client’s data. Suppose server tries to change the
integrity of data, and there will be a file alert generated to the user. Hence user will have more
elaborated view over his data privacy. In this proposed application providing solution for the user
who needs security and privacy for their data.

3.2.1. ADVANTAGES

• Verifier auditor performs periodic verification to monitor the data

• Large volumes of data can be stored and process.
• Security is assured
• auditor to ensure the privacy and security issues
• Less Time consumption is more.
• Faster and Effective data retrieval process.
• successfully detect misbehavior of cloud service providers
3.3. FEASIBILITY STUDY

A system is a feasible system only if it is feasible within limited recourse and time. In this
system each and every process can be feasible for the user and also developer. It proved user
friendly input such as device independent inputs and getting proper solution for the problem.

The different types of feasible system that have to analyze are,

➢ Technical Feasibility
➢ Behavioral Feasibility
➢ Economic Feasibility
➢ Operational Feasibility

TECHNICAL FEASIBILITY

Technical Feasibility is the assessment of the technical view of the system. The system is
developed for Dot net environment; a platform independent tool is used to develop the system.

The consideration those are normally associated with the technical feasibility include the following
➢ Development risk
➢ Resource availability
➢ Technology
The development risk concerns the probability, the function of all elements and its performance
should be same in all platforms and in the system that is being developed. This system is developed
according to the standards and the development software tools are selected in such a way to avoid
the problems cited above.

The software used to develop this system is Windows XP, visual studio Dot net is done
efficiently, and the concept of SQL helps to create the application backend. These components
are also helpful in providing interactivity to Java applications.
BEHAVIORAL FEASIBILITY

It is common knowledge that computers illustrations have something to do with turnover

transfers, retraining and changes in user or developer status. The main emphasis is customer
service, personal contacts with customers.

Feasibility report is directed towards management. It evaluates the impact of the proposed changes
on the area in question. The report is a formal document for management use, brief enough and
sufficiently non-technical to be understood.

ECONOMIC FEASIBILITY

Economic feasibility or cost benefit is an assessment of the economic justification for a computer-
based system project. Though this system the administrator can use the tool from anywhere within
their concern. The system is developed using the existing resources. So, the project is economically
feasible.

This is the most frequently used method for evaluating the effectiveness of a user system. More
commonly, known as cost analysis the procedure is to determine the benefits and savings that are
expected from a candidate system and compare them with costs.

This system getting hundreds present economic feasibility. It will be achieved goal very efficiently.
And evolution of development cost (hardware and software needed) is weighted against the
ultimate income or benefit derived from the system. Finally, it is assured that this project is
economically feasible

OPERATIONAL FEASIBILITY

Operational Feasibility deals with the study of prospects of the system. This system
operationally eliminates all the tensions of the administrator and helps in effectively tracking the
project progress. This kind of automation will surely reduce the time and energy, which previously
consumed in manual work. Based on the study, the system proved to be operationally feasible.
SYSTEM DESIGN AND ANALYSIS
4. SYSTEM DESIGN

Systems design is the process of defining the architecture, modules, interfaces, and data for
a system to satisfy specified requirements. Systems design could be seen as the application of
systems theory to product development.

4.1. FILE DESIGN

The file system is used to control how data is stored and retrieved. Without a file system,
information placed in a storage area would be one large body of data with no way to tell where
one piece of information stops and the next begins. By separating the data into individual pieces,
and giving each piece a name, the information is easily separated and identified. Taking its name
from the way paper-based information systems are named, each group of data is called a file. The
structure and logic rules used to manage the groups of information and their names are called a
"file system”. There are many different kinds of file systems. Each one has different structure and
logic, properties of speed, flexibility, security, size and more. Some file systems have been
designed to be used for specific applications

4.2. INPUT DESIGN

Input Design converts the user-oriented inputs to computer-based formats. Inaccurate input
data are the most common cause of errors in data processing. Error data entered by the data
operator can be controlled by the input design. The goal of designing input is to make the data
entry easy, logical and as free from errors as much as possible.
The proposed system is completely menu-driven. It is a powerful tool for interactive
design. It helps the user comprehend the range of alternatives available and also prevents them
from making an invalid selection. All entry screens are interactive in nature. It has been designed
taking into account all the constraints of the end-user.
Some other features included are:
➢ The form title clearly states the purpose of the form
➢ Adequate space is given for data entry

4.3. OUTPUT DESIGN

Outputs are the most important and direct source of information to the customer and
management. Intelligent output design will improve the system's relationship with the user and
help in decision making. Outputs are used to make permanent hard copy of the results for later
consultation. The output generated by the system is often regarded as the criteria for evaluating
the performance of the system. The output design was based on the following factors.
➢ Usefulness determining the various outputs to be printed to the system user.
➢ Differentiating between the outputs to be displayed and those to be printed.
➢ The format for the presentation of the output.

For the proposed system, it is necessary that the output should be compatible with the existing
manual reports. The outputs have been formatted with this consideration in mind. The outputs are
obtained after all the phase, from the system can be displayed or can be produced in the hard copy.
The hard copy is highly preferred since it can be used by the controller section for future reference
and it can be used for maintaining the record.

4.4. DATABASE DESIGN

The general theme behind a database is to handle information in an integrated manner.

There is none of the artificiality that is normally embedded in separate files or applications. A
database is collection of interrelated data stored with minimum redundancy to serve many users
quickly and efficiently. The general objective is to make information access easy, quick,
inexpensive and flexible for the user.
In a database environment, common data are available which several authorized users can
use. The concept behind a database is an integrated collection of data and provides a centralized
access to the data from the program. It makes possible to treat data as a separate resource.
While designing database, several objectives must be considered:
 ➢ Controlled redundancy
➢ Data Independence
➢ More information at low cost
➢ Accuracy and Integrity
➢ Recovery from failure
➢ Privacy and security
➢ Performance
4.5. CODE DESIGN:

Code is an ordered collection of symbols designed to provide unique identification

of an attribute. Codes can be used for various purposes. They can specify object’s physical or
performance characteristics and they can be used to give operational instructions. They also can
show inter relationships and may sometimes used to achieve secrecy or confidentiality. Codes are
designed for optimum human-oriented use and machine efficiency. Codes posses uniqueness,
expandability, conciseness, uniform nets, simplicity, versatility, sort ability, meaningfulness and
operability.
Sufficient effort and time is spent in the preliminary study of the problem to design an
efficient code. Activate serve scripting is object oriented. The source code is designed so that it
can do transaction efficiently. It is the code that dose all the updating, modifications, etc. for all
object used in the project there exist an associated source code, which explains the work of that
object. It also describes the flow of the project.
Source code is enhanced by structured coding techniques by good internal comments and
features provided by the language.
The code design in this project is made modular. The modular behavior enables easy
debugging and testing. Inserting comment statement wherever enhances the coding. This is done
during the documentation process coding is done in such a way that errors can be trapped easily.
Also modifications can easily be appended due to the codes modular behavior
SYSTEM IMPLEMENTATION

In this project, propose virtualizing Harvard architecture on top of the existing memory
architecture of modern computers, including those without non-executable memory page support,
so as to prevent the injection of malicious code entirely. Harvard architecture is simply one wherein
code and data are stored separately. Data cannot be loaded as code and vice-versa. In essence, we
create an environment where in any code injected by an attacker into a process’ address space
cannot even be addressed by the processor for execution.

In this way, we are attacking the code injection problem at its root by regarding the injected
malicious code as data and making it unaddressable to the processor during an instruction fetch.
Split memory architecture produces an address space where data cannot be fetched by the
processor for execution. For an attacker attempting a code injection, this will prevent him from
fetching and executing any injected code.
SYSTEM DEVELOPMENT
5. MODULES

• Cloud infrastructure and authentication

• User Enrollment
• Data Selection and upload process
• TPA Authority
• Encryption process
• Integrity Verification
• Sms/mail Intimation

5.1. MODULES DESCRIPTION

Cloud infrastructure and authentication

Network infrastructure creation with n number of servers and clients is the first step. The
module creates the following interfaces.

• Storage server
• Client

User Enrollment

The authentication phase defines the security and authority to access the above user types,
for example every client should be authenticated before accessing the resources in the storage
cloud. Only the authenticated persons can upload and download the files. For this process user
should register with all basic information. The file should be secured before transmitted in to the
storage servers.

The first module consists of the following sub processes.

Storage server: the storage server has the responsible to respond for the client request. The
allocations of server configurations are performed in this module.

Client: the clients are separated into two types, the data owner and cloud user.
DATA SELECTION AND UPLOAD PROCESS

This module will be performed by the data owners after the successful authentication. The
data owner can select text data. After the selection of data owner can upload the document in cloud
servers.

TPA AUTHORITY

In this module the TPA can login this cloud server. After successful login the TPA will
request the file for auditing. These all process will be stored in a separate table.

SCHEDULING PROCESS:

This module schedules the TPA files which means transferred files are allocated to separate
TPA if one TPA can got file means the file will goes to another TPA.

ENCRYPTION PROCESS

Encryption is a form of encryption that allows computation on cipher texts, generating an

encrypted result which, when decrypted, matches the result of the operations as if they had been
performed on the plaintext. The purpose of homomorphism encryption is to allow computation on
encrypted data.

Algorithm its major involves three different steps: key generation process, encryption and
decryption process. It involves a public key and a private key cryptosystem so that public key can
be known to everyone and is used for encrypting secret messages of client. Messages encrypted
with the public key can only be decrypted in a reasonable amount of time using the secure share
private key.
INTEGRITY VERIFICATION

This module helps to identify the cloud user data Integrity of Encrypted data. These modules
calculate a hash value for each file stored in the cloud service. Trust Authority randomly request
file blocks to different server used to check file Integrity Verification. First calculate a hash value
for every block and compare hash values with previous hash value. By verify the values easily can
verify the Integrity effectively.

SMS/MAIL INTIMATION

SMS channel module is the gateway for sending and receiving SMS. This enables the
communication between student and management. This module performs communication setting
in order to send and receive SMS. The mobile management is the process of enhancing the mobile
service from the application. Including the relevant files and features in the application is more
important to send automated SMS intimation to file owner whenever change the file integrity in
cloud service.
TESTING AND IMPLEMENTATION
6.TESTING AND IMPLEMENTATION

6.1. OBJECTIVES OF TESTING

Software testing is a critical element of software quality assurance that represents the
ultimate review of specifications, design and coding. The user tests the developed system and
changes are made according to their needs. The testing phase involves the testing of developed
system using various kinds of data. It involves user training, system testing and successful running
of the developed system.

The changes are made according to their needs. The testing phase involves the testing of
the developed system using various kinds of data. While testing, errors are noted and corrections
are made system testing is the stage of implementation, which is aimed at ensuring that the system
works accurately and efficiently before live operation commences. The candidate system is subject
to a variety of test: stress recovery, and security and usability tests.

6.2. TESTING METHODS

UNIT TESTING

Unit testing focuses verification efforts on the smallest unit of software design, the module.
This is also known as “Module Testing” The modules are tested separately this testing is carried
out during programming stage itself. In this step each module is found to be working satisfaction
as regard to the expected output from the module.

INTEGRATION TESTING

Integration testing focuses on the design and construction of the software architecture. Data
can be lost across an interface; one module can have adverse effect on another sub functions and
show on. Thus, integration testing is a systematic technique for constructing test to uncover errors
associated with in the interface. In this project, all the modules are companied and then the entire
program is tested as a whole.
VALIDATION TESTING

Validation testing is the requirement established as a part of software requirement analysis

is validated against the software that has been constructed. This test provides the final assurance
whether the software needs all functional, behavioral and performance requirements

Thus, the proposed system under consideration has been tested by using validation testing
and found to be working satisfactory.

OUTPUT TESTING

After performing the validation testing, the next step is the output testing of the proposed
system, since no system could be useful if it does not produce required output in the specific
format. Tested asking the users about the format required by them, the output is considered into
two ways: one is on the screen and the other is printed format.

The output format on the screen is found to be correct as the format designed according to
the user needs, for the hard copy also, the output comes as specified by the user. Hence output
testing does not result in correction in the system.

WHITEBOX TESTING

White box Testing is done with the project which drive test cases that do the following

• Guarantee that all the independent paths with in modules have been exercise at least
once.
• Exercise all logical decision on the true and false side.
• Execute all loops at the boundaries and within their operation bounds.
• Exercise internal data structures to ensure the validity
It is aimed at ensuring that the system works accurately and efficiently before live operation
command.
BLACKBOX TESTING

Black box System methods focus on the functional requirement of the software. Using the
black box testing method, the following errors are identified and rectified in the package.

• Incorrect or Missing functions

• Interface Errors
• Errors in data Structures or external database access.

USER ACCEPTANCE TESTING

User acceptance testing of a system is the key factor for the success of any system. The
system under consideration is tested for user acceptance by constantly keep in touch with the
prospective system user at time of developing and making changes wherever required.
CONCLUSION
7.1. CONCLUSION

Cloud Computing is gaining remarkable popularity in the recent years for its benefits in
terms of flexibility, scalability, reliability and cost effectiveness. Despite all the promises however,
Cloud Computing has one problem: integrity and data dynamics. In this paper, we studied the
problems of data security in cloud data storage, which is essentially a distributed storage system.
An effective and flexible distributed scheme is proposed to ensure the correctness of Journal of
Computer Applications user’s data in the cloud servers. If this correctness verification is too much
resource consuming on the user’s side, the task can be delegated to the third-party auditor and the
pre-computed tokens could be either in the user’s local device or cloud server in encrypted format.

SCOPE OF FUTURE DEVELOPMENT

Every application has its own merits and demerits. The project has covered almost all the
requirements. Further requirements and improvements can easily be done since the coding is
mainly structured or modular in nature. Changing the existing modules or adding new modules
can append improvements. The project has a very vast scope in future. The project can be
implemented on intranet in future. Project can be updated in near future as and when requirement
for the same arises, as it is very flexible in terms of expansion. With the proposed software of
database Space Manager ready and fully functional the client is now able to manage and hence run
the entire work in a much better, accurate and error free manner.
BIBILIOGRAPHY
8. BIBLIOGRAPHY

Books Referred
• Alex Homer, ‘Professional VB.NET 1.1’, 2004 Edition, Wrox Publications
• Clayton crooks II ‘Learning Visual Basic .Net Through Applications’
• Roger S Pressman, ‘Software Engineering’, 2000 Edition, Dreamtech Publications
• Steven Holzner, ‘Visual Basic.NET Black Book’, 2003 Edition, Dreamtech Publications
• A.Keyton Weissinger ,“ASP IN A NUTSHELL”,Shroff Publishers and distributors
Pvt.Ltd, February 1999
• A.Russel Jones, ”ASP.NET Complete Reference”, Sybex Publications, February 18,2002
• DATABASE SYSTEM CONCEPTS, Henry F.Korth, Megraw-Hill, Third Edition, 1997.
• Steven Holzner, ‘C#.NET Black Book’, 2003 Edition, Dreamtech Publications
• SQL SERVER HIGH AVAILABILITY, Paul Bertucci, Sams publishing, First Edition, 2004. [5].
SOFTWARE ENGINEERING ONCEPT,Richared E.Fairly Tata Megraw-Hill Publications, Third
Edition, 1997.

WEBSITES
• http://www.C#corner.net
• http://www.w3schools.com/asp.net
• http://asp.net-tutorial.com
• http://en.wikipedia.org/wiki/asp.net
• www.msdn.microsoft.com
• www.vbcity.com
• www.vbdotnetheaven.com
• www.codeproject.com
• www.dotnetjohn.com
ANNEXURE
A.DFD DIAGRAM

Level-0

Register /login /upload data

Store/update cipher
text
Cloud
User data Server
security

File integrality alert /File

downloads process Integrity checking process
Level 1 cloud user

Retrieves data from

table for
Enter username and
password
authentication

Register
Cloud user /Login Process
User Register
table

Key
request
Generation

File name, size, etc

File Upload details

selection
upload
process

Mail alert File Integrity

intimation details
B. TABLE DESIGN

Register table

Primary key: User name

Field Name Data Type Description Constraints

Username Varchar (50) This field contains Not null

User name

Password Varchar (40) This field contains Not null

Password

Secret key Varchar (30) This field contains Not null

Secret key

Email id Varchar (40) This field contains Not null

Email id

Host name Varchar (50) This field contains Not null

Host name
File information table

Foreign key: User name

Field Name Data Type Description Constraints

Username Varchar (40) This field contains Not null

Username

Filename Varchar (30) This field contains Not null

Filename

File Size Varchar (60) This field contains Not null

File Size

File modified Varchar (50) This field contains Not null

File modified

CSP NVarchar (20) This field contains Not null

CSP
Verify Report table

Foreign key: User name, File name

Field Name Data Type Description Constraints

User name Varchar (50) This field contains Not null

User name

File name Varchar (40) This field contains Not null

File name

Verify date Date time This field contains Not null

Verify date

De-duplication table

Foreign key: User name

Field Name Data Type Description Constraints

User name Varchar (40) This field contains Not null

User name

System name Varchar (30) This field contains Not null

System name

Hash key Varchar (50) This field contains Not null

Hash key

Item Varchar (40) This field contains Not null

Item
 Date time Date time This field contains Not null
Date time

Status Varchar (40) This field contains Not null

Status

Data access table

Foreign key: User name

Field Name Data Type Description Constraints

Username Varchar (30) This field contains Not null

Username

File name Varchar (40) This field contains Not null

File name

Sdate Date time This field contains Not null

Sdate

Hostname Varchar (40) This field contains Not null

Hostname
C.SAMPLE CODING
importjava.io.UnsupportedEncodingException;
importjava.security.MessageDigest;
importjava.security.NoSuchAlgorithmException;
importjava.util.Arrays;
importjava.util.Base64;

importjavax.crypto.Cipher;
importjavax.crypto.spec.SecretKeySpec;

publicclassAES {

privatestaticSecretKeySpec secretKey;
privatestaticbyte[] key;

publicstaticvoidsetKey(String myKey)
{
MessageDigest sha = null;
try{
key = myKey.getBytes("UTF-8");
sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
secretKey = newSecretKeySpec(key, "AES");
}
catch(NoSuchAlgorithmException e) {
 e.printStackTrace();
}
catch(UnsupportedEncodingException e) {
e.printStackTrace();
}
}

publicstaticString encrypt(String strToEncrypt, String secret)

{
try
{
setKey(secret);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
returnBase64.getEncoder().encodeToString(cipher.doFinal(strToEncrypt.ge
tBytes("UTF-8")));
}
catch(Exception e)
{
System.out.println("Error while encrypting: "+ e.toString());
}
returnnull;
}

publicstaticString decrypt(String strToDecrypt, String secret)

{
try
 {
setKey(secret);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
returnnewString(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt
)));
}
catch(Exception e)
{
System.out.println("Error while decrypting: "+ e.toString());
}
returnnull;
}
}
importjava.io.*;
importjavax.swing.*;
importjava.awt.event.*;
importjavax.swing.filechooser.*;
classfilechooser extendsJFrame implementsActionListener {

// Jlabel to show the files user selects

staticJLabel l;

// a default constructor
filechooser()
{
}
publicstaticvoidmain(String args[])
{
// frame to contains GUI elements
JFrame f = newJFrame("file chooser");

// set the size of the frame

f.setSize(400, 400);

// set the frame's visibility

f.setVisible(true);

f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);

// button to open save dialog

JButton button1 = newJButton("save");

// button to open open dialog

JButton button2 = newJButton("open");

// make an object of the class filechooser

filechooser f1 = newfilechooser();

// add action listener to the button to capture user

// response on buttons
button1.addActionListener(f1);
button2.addActionListener(f1);
 // make a panel to add the buttons and labels
JPanel p = newJPanel();

// add buttons to the frame

p.add(button1);
p.add(button2);

// set the label to its initial value

l = newJLabel("no file selected");

// add panel to the frame

p.add(l);
f.add(p);

f.show();
}
publicvoidactionPerformed(ActionEvent evt)
{
// if the user presses the save button show the save dialog
String com = evt.getActionCommand();

if(com.equals("save")) {
// create an object of JFileChooser class
JFileChooser j =
newJFileChooser(FileSystemView.getFileSystemView().getHomeDirectory());
 // invoke the showsSaveDialog function to show the save dialog
intr = j.showSaveDialog(null);

// if the user selects a file

if(r == JFileChooser.APPROVE_OPTION)

{
// set the label to the path of the selected file
l.setText(j.getSelectedFile().getAbsolutePath());
}
// if the user cancelled the operation
else
l.setText("the user cancelled the operation");
}

// if the user presses the open dialog show the open dialog
else{
// create an object of JFileChooser class
JFileChooser j =
newJFileChooser(FileSystemView.getFileSystemView().getHomeDirectory());

// invoke the showsOpenDialog function to show the save dialog

intr = j.showOpenDialog(null);

// if the user selects a file

if(r == JFileChooser.APPROVE_OPTION)
 {
// set the label to the path of the selected file
l.setText(j.getSelectedFile().getAbsolutePath());
}
// if the user cancelled the operation
else
l.setText("the user cancelled the operation");
}
}
}
10.SCREENSHOTS

Sever login
AUDIT LOGIN