Fast Phrase Document.docx

INTRODUCTION What is cloud computing? Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet). The name comes from the common use of a cloud-shaped symbol as an abstraction for the complex infrastructure it contains in system diagrams. Cloud computing entrusts remote services with a user's data, software and computation. Cloud computing consists of hardware and software resources made available on the Internet as managed third-party services. These services typically provide access to advanced software applications and high-end networks of server computers.

Structure of cloud computing How Cloud Computing Works? The goal of cloud computing is to apply traditional supercomputing, or highperformance computing power, normally used by military and research facilities,

to perform tens of trillions of computations per second, in consumer-oriented applications such as financial portfolios, to deliver personalized information, to provide data storage or to power large, immersive computer games. The cloud computing uses networks of large groups of servers typically running low-cost consumer PC technology with specialized connections to spread dataprocessing chores across them. This shared IT infrastructure contains large pools of systems that are linked together. Often, virtualization techniques are used to maximize the power of cloud computing.

Characteristics and Services Models: The salient characteristics of cloud computing based on the definitions provided by the National Institute of Standards and Terminology (NIST) are outlined below: 

On-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service’s provider.



Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).



Resource pooling: The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location-independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level

of abstraction (e.g., country, state, or data center). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines. 

Rapid elasticity: Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time.



Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be managed, controlled, and reported providing transparency for both the provider and consumer of the utilized service.

Characteristics of cloud computing Services Models:

Cloud Computing comprises three different service models, namely Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-asa-Service (SaaS). The three service models or layer are completed by an end user layer that encapsulates the end user perspective on cloud services. The model is shown in figure below. If a cloud user accesses services on the infrastructure layer, for instance, she can run her own applications on the resources of a cloud infrastructure and remain responsible for the support, maintenance, and security of these applications herself. If she accesses a service on the application layer, these tasks are normally taken care of by the cloud service provider.

Structure of service models Benefits of cloud computing: 1. Achieve economies of scale – increase volume output or productivity with fewer people. Your cost per unit, project or product plummets.

2. Reduce spending on technology infrastructure. Maintain easy access to your information with minimal upfront spending. Pay as you go (weekly, quarterly or yearly), based on demand. 3. Globalize your workforce on the cheap. People worldwide can access the cloud, provided they have an Internet connection. 4. Streamline processes. Get more work done in less time with less people. 5. Reduce capital costs. There’s no need to spend big money on hardware, software or licensing fees. 6. Improve accessibility. You have access anytime, anywhere, making your life so much easier! 7. Monitor projects more effectively. Stay within budget and ahead of completion cycle times. 8. Less personnel training is needed. It takes fewer people to do more work on a cloud, with a minimal learning curve on hardware and software issues. 9. Minimize licensing new software. Stretch and grow without the need to buy expensive software licenses or programs. 10.Improve flexibility. You can change direction without serious “people” or “financial” issues at stake. Advantages: 1. Price:Pay for only the resources used. 2. Security: Cloud instances are isolated in the network from other instances for improved security. 3. Performance: Instances can be added instantly for improved performance. Clients have access to the total resources of the Cloud’s core hardware. 4. Scalability: Auto-deploy cloud instances when needed.

5. Uptime: Uses multiple servers for maximum redundancies. In case of server failure, instances can be automatically created on another server. 6. Control: Able to login from any location. Server snapshot and a software library lets you deploy custom instances. 7. Traffic: Deals with spike in traffic with quick deployment of additional instances to handle the load.

ABSTRACT Cloud computing has generated much interest in the research community in recent years for its many advantages, but has also raise security and privacy concerns. The storage and access of confidential documents have been identified as one of the central problems in the area. In particular, many researchers investigated solutions to search over encrypted documents stored on remote cloud servers. While many schemes have been proposed to perform conjunctive keyword search, less attention has been noted on more specialized searching techniques. In this

paper, we present a phrase search technique based on Bloom filters that is significantly faster than existing solutions, with similar or better storage and communication cost. Our technique uses a series of n-gram filters to support the functionality. The scheme exhibits a trade-off between storage and false positive rate, and is adaptable to defend against inclusion-relation attacks. A design approach based on an application’s target false positive rate is also described.

SYSTEM ANALYSIS EXISTING SYSTEM:  Boneh et al. proposed one of the earliest works on keyword searching. Their scheme uses public key encryption to allow keywords to be searchable without revealing data content.  Waters et al. investigated the problem for searching over encrypted audit logs. Many of the early works focused on single keyword searches.  Recently, researchers have proposed solutions on conjunctive keyword search, which involves multiple keywords.  Other interesting problems, such as the ranking of search results and searching with keywords that might contain errors termed fuzzy keyword search, have also been considered. The ability to search for phrases was also recently investigated.  Some of the existing system has examined the security of the proposed solutions and, where flaws were found, solutions were proposed DISADVANTAGES OF EXISTING SYSTEM:

 The cloud can read any data it desired, providing no privacy to its users. The storage of private keys and encrypted data by the cloud provider is also problematic in case of data breach.  By recognizing the almost exponential distribution of keywords, the entries in the keyword location tables are split into pairs to achieve normalization without the high cost of storing unused random data. However, the use of encrypted indexes and the need to perform client-side encryption and decryption may still be computationally expensive in certain applications.  Its space-efficiency comes at the cost of requiring a brute force location verification during phrase search. Since all potential locations of the keywords must be verified, the amount of computation required grows proportionally to the file size. As a result, the scheme exhibits a high processing time.

PROPOSED SYSTEM:  In this paper, we present a phrase search scheme which achieves a much faster response time than existing solutions. The scheme is also scalable, where documents can easily be removed and added to the corpus. We also describe modifications to the scheme to lower storage cost at a small cost in response time and to defend against cloud providers with statistical knowledge on stored data.  Although phrase searches are processed independently using our technique, they are typically a specialized function in a keyword search scheme, where the primary function is to provide conjunctive keyword searches. Therefore,

we describe both the basic conjunctive keyword search algorithm and the basic phrase search algorithm along with design techniques. ADVANTAGES OF PROPOSED SYSTEM:  Our framework differs from some of the earlier works, where keywords generally consist of meta-data rather than content of the files and where a trusted key escrow authority is used due to the use of Identity based encryption.  When compared to recent works, where an organization wishes to outsource computing resources to a cloud storage provider and enable search for its employees, where the aim is to return properly ranked files. Most other recent works related to search over encrypted data have considered similar models such as, where the client acts as both data owner and user.

IMPLEMENTATION MODULES:  System Framework  Data Owner  Data User  Cloud Server MODULES DESCRIPTION: System Framework:

In this framework, we designed a standard keyword search protocol. During setup, the data owner generates the required encryption keys for hashing and encryption operations. Then, all documents in the database are parsed for keywords. Bloom filters tied to hashed keywords and n-grams are attached. The documents are then symmetrically encrypted and uploaded to the cloud server. To add files to the database, the data owner parses the files as in setup and uploads them with Bloom filters attached to the cloud server. To remove a file from the data, the data owner simply sends the request to the cloud server, who removes the file along with the attached Bloom filters. To perform a search, the data user enters keyword then it computes and sends a trapdoor encryption of the queried keywords to the cloud to initiate a protocol and returns accurate file. Here we implement some modules they are Data Owner, Data User and Cloud Server. Data Owner: In Data Owner module, Initially Data Owner must have to register their detail and after login he/she has to verify their login through OTP. Then data Owner can upload files into cloud server with encrypted keywords and hashing algorithms. He/she can view the files that are uploaded in cloud. Data Owner can approve or reject the file request sent by data users. Data User: In Data User module, Initially Data Users must have to register their detail and then login into cloud. Data Users can search all the files upload by data owners. He/she can send request to the files and then request will send to the data owners. If data owner approve the request then he/she will receive the decryption key in registered mail Cloud Server:

In this module, we develop Cloud Server module. In Cloud Server module, Cloud Provider can view all the Data owners and data users’ details. CP can able see the files in cloud uploaded by the data owners.

SYSTEM REQUIREMENTS: HARDWARE REQUIREMENTS: • System

: Pentium IV 2.4 GHz.

• Hard Disk

: 40 GB.

• Floppy Drive

: 1.44 Mb.

• Monitor

: 15 VGA Colour.

• Mouse

: Logitech.

• Ram

: 512 Mb.

SOFTWARE REQUIREMENTS: • Operating system : - Windows XP/7. • Coding Language : JAVA/J2EE • Data Base

: MYSQL

SYSTEM STUDY

FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and business proposal is put forth with a very general plan for the project and some cost estimates. During system analysis the feasibility study of the proposed system is to be carried out. This is to ensure that the proposed system is not a burden to the company. For feasibility analysis, some understanding of the major requirements for the system is essential.

Three key considerations involved in the feasibility analysis are

 ECONOMICAL FEASIBILITY  TECHNICAL FEASIBILITY  SOCIAL FEASIBILITY

ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the system will have on the organization. The amount of fund that the company can pour into the research and development of the system is limited. The expenditures must be justified. Thus the developed system as well within the budget and this was achieved because most of the technologies used are freely available. Only the customized products had to be purchased.

TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility, that is, the technical requirements of the system. Any system developed must not have a high demand on the available technical resources. This will lead to high demands on the available technical resources. This will lead to high demands being placed on the client. The developed system must have a modest requirement, as only minimal or null changes are required for implementing this system.

SOCIAL FEASIBILITY

The aspect of study is to check the level of acceptance of the system by the user. This includes the process of training the user to use the system efficiently. The user must not feel threatened by the system, instead must accept it as a necessity. The level of acceptance by the users solely depends on the methods that are employed to educate the user about the system and to make him familiar with it. His level of confidence must be raised so that he is also able to make some constructive criticism, which is welcomed, as he is the final user of the system.

LITERATURE SURVEY

1) Public Key Encryption with keyword Search

AUTHORS: Dan Boneh and Giovanni Di Crescenzo

We study the problem of searching on data that is encrypted using a public key system. Consider user Bob who sends email to user Alice encrypted under Alice’s public key. An email gateway wants to test whether the email contains the keyword “urgent” so that it could route the email accordingly. Alice, on the other hand does not wish to give the gateway the ability to decrypt all her messages. We define and construct a mechanism that enables Alice to provide a key to the gateway that enables the gateway to test whether the word “urgent” is a keyword in the email without learning anything else about the email. We refer to this mechanism as Public Key Encryption with keyword Search. As another example, consider a mail server that stores various messages publicly encrypted for Alice by others. Using our mechanism Alice can send the mail server a key that will enable the server to identify all messages containing some specific keyword, but learn nothing else. We define the concept of public key encryption with keyword search and give several constructions.

2) Building an Encrypted and Searchable Audit Log AUTHORS: Brent R. Waters, Dirk Balfanz, Glenn Durfee and D. K. Smetters

Audit logs are an important part of any secure system, and they need to be carefully designed in order to give a faithful representation of past system activity. This is especially true in the presence of adversaries who might want to tamper with the audit logs. While it is important that auditors can inspect audit logs to assess past system activity, the content of an audit log may contain sensitive information, and should therefore be protected from unauthorized parties. Protecting the contents of audit logs from unauthorized parties (i.e., encrypting it), while making it efficiently searchable by authorized auditors poses a problem. We describe an approach for constructing searchable encrypted audit logs which can be combined with any number of existing approaches for creating tamper-resistant logs. In particular, we implemented an audit log for database queries that uses hash chains for integrity protection and identity based encryption with extracted keywords to enable searching on the encrypted log. Our technique for keyword search on encrypted data has wide application beyond searchable audit logs

3) Secure Conjunctive Keyword Searches for Unstructured Text

AUTHORS: Florian Kerschbaum

There are a number of searchable encryption schemes that allow secure conjunctive keyword searches over encrypted data, but all of them assume that the position of the keywords is known. This is a pity, since in unstructured text, e.g. the body of an e-mail, this position is unknown and one has to construct O(mn) search tokens for n keywords in a text of length m. In this paper we present a searchable encryption scheme that allows conjunctive keyword searches without specifying the position requiring only one search token with constant ciphertext length. We prove the security of our scheme using the external Diffie-Hellman assumption in the random oracle model.

4) Achieving effective cloud search services: multi-keyword ranked search over encrypted cloud data supporting synonym query AUTHORS: Zhangjie Fu, Xingming Sun, Nigel Linge

Abstract: In recent years, consumer-centric cloud computing paradigm has emerged as the development of smart electronic devices combined with the emerging cloud computing technologies. A variety of cloud services are delivered to the consumers with the premise that an effective and efficient cloud search service is achieved. For consumers, they want to find the most relevant products or data, which is highly desirable in the "pay-as-you use" cloud computing paradigm. As sensitive data (such as photo albums, emails, personal health records, financial records, etc.) are encrypted before outsourcing to cloud, traditional keyword search techniques are useless. Meanwhile, existing search approaches over encrypted cloud data support only exact or fuzzy keyword search, but not semantics-based multi-keyword ranked search. Therefore, how to enable an effective searchable system with support of ranked search remains a very challenging problem. This paper proposes an effective approach to solve the problem of multi-keyword ranked search over encrypted cloud data supporting synonym queries. The main contribution of this paper is summarized in two aspects: multi-keyword ranked search to achieve more accurate search results and synonym-based search to support synonym queries. Extensive experiments on real-world dataset were performed to validate the approach, showing that the proposed solution is very effective and efficient for multikeyword ranked searching in a cloud environment.

5) Difference Set Attacks on Conjunctive Keyword Search Schemes

AUTHORS: Hyun Sook Rhee, Ik Rae Jeong, Jin Wook Byun, Dong Hoon Lee

In a keyword search scheme a user stores encrypted data on an untrusted server and gives a database manager a capability for a keyword which enables a database manager to find encrypted data containing the keyword without revealing the keyword to the database manager. Conjunctive keyword search scheme enables a user to obtain data containing all of several keywords through only one query. One of the security requirements of conjunctive keyword search schemes is that a malicious adversary should not be able to generate new valid capabilities from the observed capabilities. In this paper we show that conjunctive keyword search schemes are not secure. In particular, given two capabilities corresponding two sets of keywords, an adversary is able to generate a new capability corresponding to the difference set of two keywords sets.

SYSTEM DESIGN SYSTEM ARCHITECTURE:

UML DIAGRAMS

UML stands for Unified Modeling Language. UML is a standardized general-purpose modeling language in the field of object-oriented software engineering. The standard is managed, and was created by, the Object Management Group. The goal is for UML to become a common language for creating models of object oriented computer software. In its current form UML is comprised of two major components: a Meta-model and a notation. In the future, some form of method or process may also be added to; or associated with, UML. The Unified Modeling Language is a standard language for specifying, Visualization, Constructing and documenting the artifacts of software system, as well as for business modeling and other non-software systems. The UML represents a collection of best engineering practices that have proven successful in the modeling of large and complex systems.

The UML is a very important part of developing objects oriented software and the software development process. The UML uses mostly graphical notations to express the design of software projects.

GOALS: The Primary goals in the design of the UML are as follows: 1. Provide users a ready-to-use, expressive visual modeling Language so that they can develop and exchange meaningful models. 2. Provide extendibility and specialization mechanisms to extend the core concepts. 3. Be independent of particular programming languages and development process. 4. Provide a formal basis for understanding the modeling language. 5. Encourage the growth of OO tools market. 6. Support higher level development concepts such as collaborations, frameworks, patterns and components. 7. Integrate best practices.

USE CASE DIAGRAM: A use case diagram in the Unified Modeling Language (UML) is a type of behavioral diagram defined by and created from a Use-case analysis. Its purpose is to present a graphical overview of the functionality provided by a system in terms of actors, their goals (represented as use cases), and any dependencies between those use cases. The main purpose of a use case diagram is to show what system functions are performed for which actor. Roles of the actors in the system can be depicted.

Registration

Login

Upload File

View Uploaded Files Details Data Owner

File Request Response Request of User View uploaded file by Data Owners View User & Owner Details

View Requested File

Data User

Download File

Verify key and Download Cloud Logout

CLASS DIAGRAM: In software engineering, a class diagram in the Unified Modeling Language (UML) is a type of static structure diagram that describes the structure of a system by showing the system's classes, their attributes, operations (or methods), and the relationships among the classes. It explains which class contains information.

Data Owner Login Upload Files () View Uploaded Files () View File Request by Users () Approve File Request ()

Data User Login View Files uploaded by Data Search Files() Owners() View Files uploaded by Data Send File Request () Owners() VerifyFile Send keyRequest Sent by()data Owner () View requested Verify key Sent by File() data Owner () View requested File()

SEQUENCE DIAGRAM: A sequence diagram in Unified Modeling Language (UML) is a kind of interaction diagram that shows how processes operate with one another and in what order. It is a construct of a Message Sequence Chart. Sequence diagrams are sometimes called event diagrams, event scenarios, and timing diagrams.

SERVICE

DO

Cloud

DU Upload File

View Upload File Details

Search Files

Send File Request

Request Approval Enter Decryption key and Verify

View Requested File

View User & Owner Details

Download Requested File View Uploaded Files on Cloud Servers

ACTIVITY DIAGRAM: Activity diagrams are graphical representations of workflows of stepwise activities and actions with support for choice, iteration and concurrency. In the Unified Modeling Language, activity diagrams can be used to describe the business and operational step-by-step workflows of components in a system. An activity diagram shows the overall flow of control.

Star t DO

DU SOFTWARE ENVIRONMENT

LOGIN

Cloud LOGIN

LOGIN

Java Technology Upload Files ,View Uploaded Files ,Response Request to the Users,

Java technology is both a

Search files, View Searched files, View Files uploaded by Data Owners, programming language Send File Request , Verify key Sent by data Owner, View requested File

and a

View User Details ,View Owners Details, View Uploaded Files on Cloud platform. Server.

The Java Programming Language The Java programming language is a high-level language that can be characterized by all of the following buzzwords:

 Simple  Architecture neutral  Object oriented  Portable  Distributed  High performance  Interpreted  Multithreaded  Robust  Dynamic  Secure

With most programming languages, you either compile or interpret a program so that you can run it on your computer. The Java programming language is unusual in that a program is both compiled and interpreted. With the compiler, first you translate a program into an intermediate language called Java byte codes —the platform-independent codes interpreted by the interpreter on the Java platform. The interpreter parses and runs each Java byte code instruction on the computer. Compilation happens just once; interpretation occurs each time the program is executed. The following figure illustrates how this works.

You can think of Java byte codes as the machine code instructions for the Java Virtual Machine (Java VM). Every Java interpreter, whether it’s a development tool or a Web browser that can run applets, is an implementation of the Java VM. Java byte codes help make “write once, run anywhere” possible. You can compile your program into byte codes on any platform that has a Java compiler. The byte codes can then be run on any implementation of the Java VM. That means that as long as a computer has a Java VM, the same program written in the Java programming language can run on Windows 2000, a Solaris workstation, or on an iMac.

The Java Platform A platform is the hardware or software environment in which a program runs. We’ve already mentioned some of the most popular platforms like Windows 2000, Linux, Solaris, and MacOS. Most platforms can be described as a combination of the operating system and hardware. The Java platform differs from most other platforms in that it’s a software-only platform that runs on top of other hardware-based platforms. The Java platform has two components: 

The Java Virtual Machine (Java VM)



The Java Application Programming Interface (Java API)

You’ve already been introduced to the Java VM. It’s the base for the Java platform and is ported onto various hardware-based platforms. The Java API is a large collection of ready-made software components that provide many useful capabilities, such as graphical user interface (GUI) widgets. The Java API is grouped into libraries of related classes and interfaces; these libraries are known as packages. The next section, What Can Java Technology Do? Highlights what functionality some of the packages in the Java API provide. The following figure depicts a program that’s running on the Java platform. As the figure shows, the Java API and the virtual machine insulate the program from the hardware.

Native code is code that after you compile it, the compiled code runs on a specific hardware platform. As a platform-independent environment, the Java platform can be a bit slower than native code. However, smart compilers, well-tuned interpreters, and just-in-time byte code compilers can bring performance close to that of native code without threatening portability. What Can Java Technology Do? The most common types of programs written in the Java programming language are applets and applications. If you’ve surfed the Web, you’re probably already familiar with applets. An applet is a program that adheres to certain conventions that allow it to run within a Java-enabled browser. However, the Java programming language is not just for writing cute, entertaining applets for the Web. The general-purpose, high-level Java programming language is also a powerful software platform. Using the generous API, you can write many types of programs. An application is a standalone program that runs directly on the Java platform. A special kind of application known as a server serves and supports clients on a network. Examples of servers are Web servers, proxy servers, mail servers, and print servers. Another specialized program is a servlet. A servlet can almost be thought of as an applet that runs on the server side. Java Servlets are a popular choice for building interactive web applications, replacing the use of CGI scripts. Servlets are similar to applets in that they are runtime extensions of applications. Instead of working in browsers, though, servlets run within Java Web servers, configuring or tailoring the server.

How does the API support all these kinds of programs? It does so with packages of software components that provides a wide range of functionality. Every full implementation of the Java platform gives you the following features: 

The essentials:

Objects, strings, threads, numbers, input and output, data

structures, system properties, date and time, and so on. 

Applets:



Networking:

The set of conventions used by applets. URLs, TCP (Transmission Control Protocol), UDP (User

Data gram Protocol) sockets, and IP (Internet Protocol) addresses. 

Internationalization:

Help for writing programs that can be localized for

users worldwide. Programs can automatically adapt to specific locales and be displayed in the appropriate language. 

Security:

Both low level and high level, including electronic signatures,

public and private key management, access control, and certificates. 

Software components:

Known as JavaBeansTM, can plug into existing

component architectures. 

Object serialization:

Allows lightweight persistence and communication

via Remote Method Invocation (RMI). 

Java Database Connectivity (JDBCTM):

Provides uniform access to a wide

range of relational databases. The Java platform also has APIs for 2D and 3D graphics, accessibility, servers, collaboration, telephony, speech, animation, and more. The following figure depicts what is included in the Java 2 SDK.

How Will Java Technology Change My Life? We can’t promise you fame, fortune, or even a job if you learn the Java programming language. Still, it is likely to make your programs better and requires less effort than other languages. We believe that Java technology will help you do the following: 

Get started quickly:

Although the Java programming language is a

powerful object-oriented language, it’s easy to learn, especially for programmers already familiar with C or C++. 

Write less code:

Comparisons of program metrics (class counts, method

counts, and so on) suggest that a program written in the Java programming language can be four times smaller than the same program in C++. 

Write better code:

The Java programming language encourages good

coding practices, and its garbage collection helps you avoid memory leaks. Its object orientation, its JavaBeans component architecture, and its wide-ranging, easily extendible API let you reuse other people’s tested code and introduce fewer bugs.



Develop programs more quickly:

Your development time may be as much

as twice as fast versus writing the same program in C++. Why? You write fewer lines of code and it is a simpler programming language than C++. 

Avoid platform dependencies with 100% Pure Java:

You can keep your

program portable by avoiding the use of libraries written in other languages. The 100% Pure JavaTM Product Certification Program has a repository of historical process manuals, white papers, brochures, and similar materials online. 

Write once, run anywhere:

Because 100% Pure Java programs are

compiled into machine-independent byte codes, they run consistently on any Java platform. 

Distribute software more easily:

You can upgrade applets easily from a

central server. Applets take advantage of the feature of allowing new classes to be loaded “on the fly,” without recompiling the entire program. ODBC Microsoft Open Database Connectivity (ODBC) is a standard programming interface for application developers and database systems providers. Before ODBC became a de facto standard for Windows programs to interface with database systems, programmers had to use proprietary languages for each database they wanted to connect to. Now, ODBC has made the choice of the database system almost irrelevant from a coding perspective, which is as it should be. Application developers have much more important things to worry about than the syntax that is needed to port their program from one database to another when business needs suddenly change.

Through the ODBC Administrator in Control Panel, you can specify the particular database that is associated with a data source that an ODBC application program is written to use. Think of an ODBC data source as a door with a name on it. Each door will lead you to a particular database. For example, the data source named Sales Figures might be a SQL Server database, whereas the Accounts Payable data source could refer to an Access database. The physical database referred to by a data source can reside anywhere on the LAN. The ODBC system files are not installed on your system by Windows 95. Rather, they are installed when you setup a separate database application, such as SQL Server Client or Visual Basic 4.0. When the ODBC icon is installed in Control Panel, it uses a file called ODBCINST.DLL. It is also possible to administer your ODBC data sources through a stand-alone program called ODBCADM.EXE. There is a 16-bit and a 32-bit version of this program and each maintains

a

separate

list

of

ODBC

data

sources.

From a programming perspective, the beauty of ODBC is that the application can be written to use the same set of function calls to interface with any data source, regardless of the database vendor. The source code of the application doesn’t change whether it talks to Oracle or SQL Server. We only mention these two as an example. There are ODBC drivers available for several dozen popular database systems. Even Excel spreadsheets and plain text files can be turned into data sources. The operating system uses the Registry information written by ODBC Administrator to determine which low-level ODBC drivers are needed to talk to the data source (such as the interface to Oracle or SQL Server). The loading of the ODBC drivers is transparent to the ODBC application

program. In a client/server environment, the ODBC API even handles many of the network issues for the application programmer. The advantages of this scheme are so numerous that you are probably thinking there must be some catch. The only disadvantage of ODBC is that it isn’t as efficient as talking directly to the native database interface. ODBC has had many detractors make the charge that it is too slow. Microsoft has always claimed that the critical factor in performance is the quality of the driver software that is used. In our humble opinion, this is true. The availability of good ODBC drivers has improved a great deal recently. And anyway, the criticism about performance is somewhat analogous to those who said that compilers would never match the speed of pure assembly language. Maybe not, but the compiler (or ODBC) gives you the opportunity to write cleaner programs, which means you finish sooner. Meanwhile, computers get faster every year.

JDBC In an effort to set an independent database standard API for Java; Sun Microsystems developed Java Database Connectivity, or JDBC. JDBC offers a generic SQL database access mechanism that provides a consistent interface to a variety of RDBMSs. This consistent interface is achieved through the use of “plugin” database connectivity modules, or drivers. If a database vendor wishes to have JDBC support, he or she must provide the driver for each platform that the database and Java run on. To gain a wider acceptance of JDBC, Sun based JDBC’s framework on ODBC. As you discovered earlier in this chapter, ODBC has widespread support on a variety of platforms. Basing JDBC on ODBC will allow vendors to bring JDBC drivers to market much faster than developing a completely new connectivity solution.

JDBC was announced in March of 1996. It was released for a 90 day public review that ended June 8, 1996. Because of user input, the final JDBC v1.0 specification was released soon after. The remainder of this section will cover enough information about JDBC for you to know what it is about and how to use it effectively. This is by no means a complete overview of JDBC. That would fill an entire book.

JDBC Goals Few software packages are designed without goals in mind. JDBC is one that, because of its many goals, drove the development of the API. These goals, in conjunction with early reviewer feedback, have finalized the JDBC class library into a solid framework for building database applications in Java. The goals that were set for JDBC are important. They will give you some insight as to why certain classes and functionalities behave the way they do. The eight design goals for JDBC are as follows:

1. SQL Level API The designers felt that their main goal was to define a SQL interface for Java. Although not the lowest database interface level possible, it is at a low enough level for higher-level tools and APIs to be created. Conversely, it is at a high enough level for application programmers to use it confidently. Attaining this goal allows for future tool vendors to “generate” JDBC code and to hide many of JDBC’s complexities from the end user. 2. SQL Conformance SQL syntax varies as you move from database vendor to database vendor. In an effort to support a wide variety of vendors, JDBC will allow any query

statement to be passed through it to the underlying database driver. This allows the connectivity module to handle non-standard functionality in a manner that is suitable for its users. 3. JDBC must be implemental on top of common database interfaces The JDBC SQL API must “sit” on top of other common SQL level APIs. This goal allows JDBC to use existing ODBC level drivers by the use of a software interface. This interface would translate JDBC calls to ODBC and vice versa. 4. Provide a Java interface that is consistent with the rest of the Java system Because of Java’s acceptance in the user community thus far, the designers feel that they should not stray from the current design of the core Java system. 5. Keep it simple This goal probably appears in all software design goal listings. JDBC is no exception. Sun felt that the design of JDBC should be very simple, allowing for only one method of completing a task per mechanism. Allowing duplicate functionality only serves to confuse the users of the API. 6. Use strong, static typing wherever possible Strong typing allows for more error checking to be done at compile time; also, less error appear at runtime. 7. Keep the common cases simple Because more often than not, the usual SQL calls used by the programmer are simple SELECT’s, INSERT’s, DELETE’s and UPDATE’s, these queries should be simple to perform with JDBC. However, more complex SQL statements should also be possible.

Finally we decided to proceed the implementation using Java Networking. And for dynamically updating the cache table we go for MS Access database. Java ha two things: a programming language and a platform. Java is a high-level programming language that is all of the following Simple

Architecture-neutral

Object-oriented

Portable

Distributed

High-performance

Interpreted

multithreaded

Robust

Dynamic

Secure Java is also unusual in that each Java program is both compiled and interpreted. With a compile you translate a Java program into an intermediate language called Java byte codes the platform-independent code instruction is passed and run on the computer.

Compilation happens just once; interpretation occurs each time the program is executed. The figure illustrates how this works.

Interpreter

Java Program

Compilers

My Program

You can think of Java byte codes as the machine code instructions for the Java Virtual Machine (Java VM). Every Java interpreter, whether it’s a Java development tool or a Web browser that can run Java applets, is an implementation of the Java VM. The Java VM can also be implemented in hardware.

Java byte codes help make “write once, run anywhere” possible. You can compile your Java program into byte codes on my platform that has a Java compiler. The byte codes can then be run any implementation of the Java VM. For example, the same Java program can run Windows NT, Solaris, and Macintosh. SYSTEM TESTING

The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product. It provides a way to check the functionality of components, sub assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of ensuring that the Software system meets its requirements and user expectations and does not fail in an unacceptable manner. There are various types of test. Each test type addresses a specific testing requirement.

TYPES OF TESTS

Unit testing Unit testing involves the design of test cases that validate that the internal program logic is functioning properly, and that program inputs produce valid outputs. All decision branches and internal code flow should be validated. It is the testing of individual software units of the application .it is done after the completion of an individual unit before integration. This is a structural testing, that relies on knowledge of its construction and is invasive. Unit tests perform basic tests at component level and test a specific business process, application, and/or system configuration. Unit tests ensure that each unique path of a business process performs accurately to the documented specifications and contains clearly defined inputs and expected results.

Integration testing

Integration tests are designed to test integrated software components to determine if they actually run as one program. Testing is event driven and is more concerned with the basic outcome of screens or fields. Integration tests demonstrate that although the components were individually satisfaction, as shown by successfully unit testing, the combination of components is correct and consistent. Integration testing is specifically aimed at exposing the problems that arise from the combination of components.

Functional test

Functional tests provide systematic demonstrations that functions tested are available as specified by the business and technical requirements, system documentation, and user manuals. Functional testing is centered on the following items: Valid Input

: identified classes of valid input must be accepted.

Invalid Input

: identified classes of invalid input must be rejected.

Functions

: identified functions must be exercised.

Output

: identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements, key functions, or special test cases. In addition, systematic coverage pertaining to identify Business process flows; data fields, predefined processes, and successive processes must be considered for testing. Before functional testing is complete, additional tests are identified and the effective value of current tests is determined.

System Test System testing ensures that the entire integrated software system meets requirements. It tests a configuration to ensure known and predictable results. An example of system testing is the configuration oriented system integration test. System testing is based on process descriptions and flows, emphasizing pre-driven process links and integration points.

White Box Testing White Box Testing is a testing in which in which the software tester has knowledge of the inner workings, structure and language of the software, or at least its purpose. It is purpose. It is used to test areas that cannot be reached from a black box level.

Black Box Testing Black Box Testing is testing the software without any knowledge of the inner workings, structure or language of the module being tested. Black box tests, as

most other kinds of tests, must be written from a definitive source document, such as specification or requirements document, such as specification or requirements document. It is a testing in which the software under test is treated, as a black box .you cannot “see” into it. The test provides inputs and responds to outputs without considering how the software works.

6.1 Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test phase of the software lifecycle, although it is not uncommon for coding and unit testing to be conducted as two distinct phases.

Test strategy and approach Field testing will be performed manually and functional tests will be written in detail.

Test objectives  All field entries must work properly.  Pages must be activated from the identified link.  The entry screen, messages and responses must not be delayed.

Features to be tested  Verify that the entries are of the correct format  No duplicate entries should be allowed

 All links should take the user to the correct page.

6.2 Integration Testing

Software integration testing is the incremental integration testing of two or more integrated software components on a single platform to produce failures caused by interface defects. The task of the integration test is to check that components or software applications, e.g. components in a software system or – one step up – software applications at the company level – interact without error.

Test Results: All the test cases mentioned above passed successfully. No defects encountered.

6.3 Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires significant participation by the end user. It also ensures that the system meets the functional requirements.

Test Results: All the test cases mentioned above passed successfully. No defects encountered.

TEST CASES

Module name: Cloud S. No

1.

2.

Test Case

Input

Check cloud

Cloud

login

username and

functionality

password

Store files

Expected

Actual

Output

Output

Login must be successful

Login success

Files from

Must be

Successfully

user

stored

stores

Input

Expected

Actual

Pass/Fail

Pass

Pass

Module name: Owner S. No

Test Case

Pass/Fail

Output 1.

2.

3.

Check owner

Details of

registration

owner

Check owner

Owner

login

username and

functionality

password

Upload files

Registration must be successful Login must be successful

Details

Must be

regarding

uploaded

files

successfully

Output Registration success

Login success

Upload success

Pass

Pass

Pass

Module name: User S. No

1.

2.

3.

Test Case

Input

Check User

Details of

registration

User

Check user

User

login

username and

functionality

password

Download

Secret key for

files

file download

Expected

Actual

Output

Output

Registration must be successful Login must be successful Must be downloaded successfully

SCREEN SHOTS:

Registration success

Login success

Download success

Pass/Fail

Pass

Pass

Pass

Home Page

Data Owner Login

Data Owner Registration

OTP verification.

Received OTP.

OTP Verification.

Data Owner Home.

File Upload

File Upload Success

My Files

Uploaded in DriveHQ with encrypted format.

Data User Home

Search Module (with search word encryption)

Query Result

User Request Approval in Data Owner Module

After approved the Status will be Changed

Decryption Key

In Data User- Requested Files

Enters Decryption Key

Decrypted Content

Cloud Login

CONCLUSION In this paper, we presented a phrase search scheme based on Bloom filter that is significantly faster than existing approaches, requiring only a single round of communication and Bloom filter verifications. The solution addresses the high

computational cost noted in by reformulating phrase search as n-gram verification rather than a location search or a sequential chain verification. Our schemes consider only the existence of a phrase, omitting any information of its location. Our schemes do not require sequential verification, is parallelizable and has a practical storage requirement. Our approach is also the first to effectively allow phrase search to run independently without first performing a conjunctive keyword search to identify candidate documents. The technique of constructing a Bloom filter index enables fast verification of Bloom filters in the same manner as indexing. According to our experiment, it also achieves a lower storage cost than all existing solutions except where a higher computational cost was exchanged in favor of lower storage. While exhibiting similar communication cost to leading existing solutions, the proposed solution can also be adjusted to achieve maximum speed or high speed with a reasonable storage cost depending on the application. An approach is also described to adapt the scheme to defend against inclusionrelation attacks. Various issues on security and efficiency, such as the effect of long phrases and precision rate, were also discussed to support our design choices

REFERENCES [1] D. Boneh, G. D. Crescenzo, R. Ostrovsky, and G. Persiano, “Public key encryption with keyword search,” in In proceedings of Eurocrypt, 2004, pp. 506– 522. [2] B. Waters, D. Balfanz, G. Durfee, and D. K. Smetters, “Building an encrypted and searchable audit log,” in Network and Distributed System Security Symposium, 2004.

[3] M. Ding, F. Gao, Z. Jin, and H. Zhang, “An efficient public key encryption with conjunctive keyword search scheme based on pairings,” in IEEE International Conference onNetwork Infrastructure and Digital Content, 2012, pp. 526–530. [4] F. Kerschbaum, “Secure conjunctive keyword searches for unstructured text,” in International Conference on Network and System Security, 2011, pp. 285–289. [5] C. Hu and P. Liu, “Public key encryption with ranked multikeyword search,” in International Conference on Intelligent Networking and Collaborative Systems, 2013, pp. 109–113. [6] Z. Fu, X. Sun, N. Linge, and L. Zhou, “Achieving effective cloud search services: multi-keyword ranked search over encrypted cloud data supporting synonym query,” IEEE Transactions on Consumer Electronics, vol. 60, pp. 164– 172, 2014. [7] C. L. A. Clarke, G. V. Cormack, and E. A. Tudhope, “Relevance ranking for one to three term queries,” Information Processing and Management: an International Journal, vol. 36, no. 2, pp. 291–311, Jan. 2000. [8] H. Tuo and M. Wenping, “An effective fuzzy keyword search scheme in cloud computing,” in International Conference on Intelligent Networking and Collaborative Systems, 2013, pp. 786–789. [9] M. Zheng and H. Zhou, “An efficient attack on a fuzzy keyword search scheme over encrypted data,” in International Conference on High Performance

Computing and Communications and Embedded and Ubiquitous Computing, 2013, pp. 1647–1651. [10] S. Zittrower and C. C. Zou, “Encrypted phrase searching in the cloud,” in IEEE Global Communications Conference, 2012, pp. 764– 770. [11] Y. Tang, D. Gu, N. Ding, and H. Lu, “Phrase search over encrypted data with symmetric encryption scheme,” in International Conference on Distributed Computing Systems Workshops, 2012, pp. 471–480. [12] H. Poon and A. Miri, “An efficient conjunctive keyword and phrase search scheme for encrypted cloud storage systems,” in IEEE International Conference on Cloud Computing, 2015.

[13]“A low storage phrase search scheme based on bloom filters for encrypted cloud services,” to appear in IEEE International Conference on Cyber Security and Cloud Computing, 2015. [14] H. S. Rhee, I. R. Jeong, J. W. Byun, and D. H. Lee, “Difference set attacks on conjunctive keyword search schemes,” in Proceedings of the Third VLDB International Conference on Secure Data Management, 2006, pp. 64–74. [15] K. Cai, C. Hong, M. Zhang, D. Feng, and Z. Lv, “A secure conjunctive keywords search over encrypted cloud data against inclusion-relation attack,” in IEEE International Conference on Cloud Computing Technology and Science, 2013, pp. 339–346.

[16] Y. Yang, H. Lu, and J. Weng, “Multi-user private keyword search for cloud computing,” in IEEE Third International Conference on Cloud Computing Technology and Science, 2011, pp. 264–271. [17] C. Wang, N. Cao, J. Li, K. Ren, and W. Lou, “Secure ranked keyword search over encrypted cloud data,” in International Conference on Distributed Computing Systems, 2010, pp. 253–262.

[18] M. T. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia, “Practical oblivious storage,” in Proceedings of the Second ACM Conference on Data and Application Security and Privacy, 2012, pp. 13–24. [19] B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan, “Private information retrieval,” in Proceedings of the 36th Annual Symposium on Foundations of Computer Science, 1995, pp. 41–50. [20] S. Ruj, M. Stojmenovic, and A. Nayak, “Privacy preserving access control with authentication for securing data in clouds,” in Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, 2012, pp. 556–563. [21] D. X. Song, D. Wagner, and A. Perrig, “Practical techniques for searches on encrypted data,” in Proceedings of the 2000 IEEE Symposium on Security and Privacy, 2000, pp. 44–55. [22] E.-J. Goh, “Secure indexes,” Cryptology ePrint Archive, Report 2003/216, 2003.

[23] C. Liu, L. Zhu, L. Li, and Y. Tan, “Fuzzy keyword search on encrypted cloud storage data with small index,” in 2011 IEEE International Conference on Cloud Computing and Intelligence Systems, 2011, pp. 269–273.

[24] P. F. Brown, P. V. deSouza, R. L. Mercer, V. J. D. Pietra, and J. C. Lai, “Class-based n-gram models of natural language,” Computational Linguistics, vol. 18, no. 4, pp. 467–479, 1992.

[25] D. Jurafsky and J. H. Martin, Speech and Language Processing: An Introduction to Natural Language Processing, Speech Recognition, and Computational Linguistics. Prentice Hall, 2009. [26] “Project Gutenberg,” https://www.gutenberg.org/wiki/Main Page, accessed: 2014.

[27] E. L. Bird, Steven and E. Klein, Natural Language Processing with Python. O’Reilly Media Inc, 2009.