Detecting Secrets

Deleting Secret Data With Public Verifiability
Chapter 1
INTRODUCTION
Secure data erasure requires permanently deleting digital data from a physical medium such that
the data is irrecoverable. This requirement plays a critical role in all practical data management
systems, and in satisfying several government regulations on data protection. For the past two
decades, this subject has been extensively studied by researchers in both academia and industry,
resulting in a rich body of literature.
1.1PROBLEM STATEMENT
Cloud service providers request customers to store their account information in the cloud, cloud
service providers have the access to these information. This presents a privacy issue to the
customers privacy information. Many SLAs (service-level agreement) have specified the privacy
of the sensitive information, however, it is difficult for customers to make sure the proper rules
are enforced. There is a lack of transparency in the cloud that allows the customers to monitor
their own privacy information. When a customer decide to use multiple cloud service, the
customer will have to store his/her password in multiple cloud, the more cloud service the
customer is subscript to, the more copy of the users information will be. This is a security issue
for the customers and the cloud service providers. For every cloud service, the customer needs to
exchange his/her authentication information. These redundant actions may lead to an exploit of
the authentication mechanism.
Cloud service providers use different authentication technologies for authenticating users,
this may have less impact on SaaS (Software as a service) than PaaS (Platform as a service) and
IaaS (Infrastructure as a Service), but it is present a challenge to the customers. In spite of all
authenticating mechanisms provided by the cloud service providers, the customer’s privacy is
highly lost while storing data in their place. In our project we are providing one secure
mechanism in which the cloud service providers cannot access the customer’s data without the
knowledge of the customers. But there is one drawback in this scenario once he got users key he
can view the users file anytime without the users knowledge.
Dept. of CSE, UVCE Page 1

1.2 OBJECTIVES
The objective is to build a security service between the user and the admin.
 To develop a framework that will maintain the confidentiality of the users data.
 To build a client application which would use the above framework while
uploading/downloading/deleting the data to and from cloud.
1.3 MOTIVATION
The aim is to build a security service between the user and the admin. There are similar examples
of black-box systems in security. For instance, as explained in, the Direct Recording Electronic
(DRE) e-voting machines, widely used in the US between 2000 and 2004, worked like a black
box. The system returns a tally at the end of the election, which the voters have to trust but
cannot easily verify.
The lack of verifiability had raised widespread suspicion about the integrity of the
software inside the voting machine and hence the integrity of the election, eventually forcing
several states in the US to abandon DRE machines. Today, the importance of having public
verifiability in any e-voting system has been commonly acknowledged and progress is being
made in deploying verifiable e-voting in real-world elections.
1.4 EXISTING SYSTEM

Cloud service providers request customers to store their account information in the cloud, cloud
service providers have the access to this information. This presents a privacy issue to the
customer’s privacy information. There is a lack of transparency in the cloud that allows the
customers to monitor their own privacy information.
When a customer decide to use multiple cloud service, the customer will have to store
his/her password in multiple cloud, the more cloud service the customer is subscript to, the more
copy of the users information will be. This is a security issue for the customers and the cloud
service providers.
For every cloud service, the customer needs to exchange his/her authentication
information. These redundant actions may lead to an exploit of the authentication mechanism. In

spite of all authenticating mechanisms provided by the cloud service providers, the client privacy
is highly lost while storing data in their place.
1.5 OVERVIEW OF PROPOSED SYSTEM

Cloud computing is an internet-based computing technology, where shared resources such as
software, platform, storage and information are provided to customers on demand. Current cloud
computing systems pose serious limitation to protecting users data confidentiality. Since users
sensitive data is presented in un- encrypted forms to re-mote machines owned and operated by
third party service providers, the risks of unauthorized disclosure of the users sensitive data by
service providers may be quite high. In this project we enhance the security of the cloud
systems by providing certain enhancement schemes that are not existing so far. We focus on the
one of the six side channel attack namely data remanence attack in cloud systems and presented
some novel schemes to eradicate this attack in large scale cloud servers by posing serious
restrictions for CSPs to acquire users deleted contents.
In the proposed system, providing a secure mechanism in which the cloud service
providers cannot access the client data without the knowledge of the customers. If the cloud
service providers want to access the client data, mutual authentication between the customers and
cloud service providers should be done. When the cloud service providers try to access the file
without the knowledge of their customers, immediately a mail would be sent to the customers
indicating that CSP is trying to access their data. If customers want to share their data to the CSP
they can share their key to the CSP. Now the cloud service provider can access the customers file
using this key.
 SUMMARY
Secure data erasure requires permanently deleting digital data from a physical medium
such that the data is irrecoverable. Current cloud computing systems pose serious
limitation to protecting users data confidentiality. In the proposed system, providing a
secure mechanism in which the cloud service providers cannot access the client data
without the knowledge of the customers.

Chapter 2
LITERATURE SURVERY
In this section, related works are reviewed that discuss the importance of verifiability for secure
data deletion. Several researchers have recognized the importance of verifiability in the secure
data deletion process and proposed some solutions. But none of those solutions have used any
cryptography. The present work differs from the others that is aimed to provide public
verifiability for a secure data deletion system by adopting public key cryptography.
WeihanGoh et al., [1] proposed a Trusted Platform module that provides secure
asymmetric key generation. This work describes the use of a secure key generating authority in
shamir identity based signature scheme implementation. It proposed an idea of identity-based
asymmetric cryptosystems (IBC) and together with an identity based asymmetric signature. The
proposed IBS scheme in this paper has itself proven secure against forgery under chosen
message attacks. This paper also proposed a new concept that assigning TPM as key generating
authority and list out the various benefits of implementing it.
Imad M Abbadi et al., [2] presented the work initially that identifies the challenges for
establishing the trust in the cloud and then proposes a secure framework which helps in
addressing those identified challenges. This work is actually extension of their previous work. In
their previous work they proposed a unique framework for establishing trust in the cloud
environment by extending their previous work the current paper addresses those issue it clearly
covers applications data and their integration with infrastructure management data.
H.S.U et al., [3] proposed a Secret sharing technique for protecting sensitive data, such as
cryptographic keys. It is used to distribute a Author secret value to a number of parts or shares
that have to be combined together to access the original value. These shares can then be given to
separate parties that protect them using standard means like memorize, store in a computer etc.
These shares can then be given to separate parties that protect them using standard means like
memorize. Secret sharing is used in modern cryptography to lower the risks associated with
compromised data. Sharing a secret spreads the risk of compromising the value.

Mignotte.M et al.,[4] presented a technique to share a secret we can split the secret and
spread the pieces to all participants. In some schemes, reconstructing the secret needs combining
all shares from participants, but this might not be practical since we might need the secret
reconstructed by some of the participants and not all. The reason is as follows: Imagine if a
country splits the access codes for its missiles among three officials and they found themselves
in a dire need to access the missiles, but one of the officials is not present or he simply refuses to
attack. Then, we need to have a different scheme where a subset of the participants can
reconstruct the secret. These schemes are secure and do not require all n shares.
 SUMMARY
The first work proposed an idea of identity-based asymmetric cryptosystems

(IBC) and together with an identity based asymmetric signature. The work initially
identifies the challenges for establishing the trust in the cloud and then proposes a secure
framework which helps in addressing those identified challenges. Secret sharing is used
in modern cryptography to lower the risks associated with compromised data

Chapter 3
SYSTEM DESIGN
The System Design Description is a inbuilt Report Generator report that describes the system
design.
3.1 SYSTEM STUDY
The four key considerations involved in the feasibility analysis are:
1. Feasibility Study
2. Economical Feasibility
3. Technical Feasibility
4. Social Feasibility
 FEASIBILITY STUDY
The feasibility of the project is analyzed in this phase and business proposal is put forth
with a very general plan for the project and some cost estimates. During system analysis
the feasibility study of the proposed system is to be carried out. This is to ensure that the
proposed system is not a burden to the company. For feasibility analysis, some
understanding of the major requirements for the system is essential.
 ECONOMICAL FEASIBILITY
This study is carried out to check the economic impact that the system will have on the
organization. The amount of fund that the company can pour into the research and
development of the system is limited. The expenditures must be justified. Thus the
developed system as well within the budget and this was achieved because most of the
technologies used are freely available. Only the customized products had to be purchased.
 TECHNICAL FEASIBILITY
This study is carried out to check the technical feasibility, that is, the technical
requirements of the system. Any system developed must not have a high demand on the
available technical resources. This will lead to high demands on the available technical
resources. This will lead to high demands being placed on the client. The developed

system must have a modest requirement, as only minimal or null changes are required for
implementing this system.
 SOCIAL FEASIBILITY
The aspect of study is to check the level of acceptance of the system by the user. This
includes the process of training the user to use the system efficiently. The user must not
feel threatened by the system, instead must accept it as a necessity. The level of
acceptance by the users solely depends on the methods that are employed to educate the
user about the system and to make him familiar with it. His level of confidence must be
raised so that he is also able to make some constructive criticism, which is welcomed, as
he is the final user of the system.
3.2 DATA FLOW DIAGRAM

The Data owner login to the system with his/her username password. Once the user is
authenticated, separate folder has created for the user which monitors all the activities of the
user. The user can upload the files where encryption key is required to store in cloud. The end
user login to the system with his/her username password. Once the user is authenticated, separate
folder has created for the user which monitors all the activities of the user. To download a file
the decryption key is required to retrieve from cloud. The end user login to the system with
his/her username password. Once the user is authenticated, separate folder has created for the
user which monitors all the activities of the user. As shown in Fig. 3.1: Flow chart for deleting
data, user can delete unwanted files from cloud by just clicking delete key.
When the admin wants to see user files he has to do the following steps: Admin sends a
request to the user for recovering deleted files. Once the user wants to share his file to the admin
they provide the secret key using SMTP protocol. Admin enters the key, and that key is
decrypted and checks whether the file key is matching to the decrypted key. Once the key
matches, As shown below the admin can download that file.

Fig.3.1: Flow chart for deleting data
Fig.3.2: Flow chart for downloading data

3.3 UML DIAGRAM

UML is simply anther graphical representation of a common semantic model. UML provides a
comprehensive notation for the full life cycle of object-oriented development.
 USE CASES
Use case diagrams overview the usage requirement for system. They are useful for
presentations to management and project stakeholders, but for actual development you
will find that use cases provide significantly more value because they describe the meant
of the actual requirements. It describes a sequence of action that provide something
measurable value to an action and is drawn as a horizontal ellipse.
 CLASS DIAGRAM
As shown in Fig.3.3:Class diagram representing dependencies, an illustration of the

relationships and source code dependencies among classes in the Unified Modelling
Language (UML).In this context, a class defines the methods and variables in an object,
which is a specific entity in a program or the unit of code representing that entity.
Fig.3.3: Class diagram representing dependencies
 SEQUENCE DIAGRAM
As shown in Fig.3.4: Flow of logic, the flow within the system in a visual manner,
enabling both to document and validate the logic and commonly used for both analysis

and design purpose. Sequence diagram are the most popular UML artifact for dynamic
modeling, which focuses on identifying the behaviour within your system.
Fig.3.4: Flow of Logic
 SYSTEM SPECIFICATION
The system specifications include hardware and software specifications:
 HARDWARE REQUIREMENTS:
o System: Intel Core i5, 1.80GHz.
o Hard Disk: 40 GB.
o Floppy Drive: 1.44 Mb.
o Monitor: 15 VGA Colour.
o Ram: 512 Mb.
 SOFTWARE REQUIREMENTS:
o Operating system: Windows XP/7/8/10.
o Coding Language: JAVA/J2EE
o IDE: Netbeans 7.4

o Database: MYSQL
 FUNCTIONAL REQUIREMENTS:
A functional requirement defines a function of a software-system or its component. A
function is described as a set of inputs, the behavior, and outputs. Our system requires
minimum three systems to achieve this concept.
 NON-FUNCTIONAL REQUIREMENTS:
Non-functional requirements define the overall qualities or attributes of the resulting
system and it place restrictions on the product being developed, the development process,
and specify external constraints that the product must meet.
 Req Id: NFR-01
o Req Name: Reliability
o Req Description: The system must be able to perform its required func-
tions under stated conditions for a specific period of time.
 Req Id: NFR-02
o Req Name: Performance
o Req Description: Performance requirements concern the speed of op-
eration of a system.
 Req Id: NFR-03
o Req Name:Security
o Req Description: Unauthorized access to the system and its data is not
allowed.
 Req Id: NFR-04
o Req Name: Safety
o Req Description: Ensure the integrity of the system from accidental or
malicious damage.
 Req Id: NFR-05
o Req Name: Usability
o Req Description: The ease with which a user can learn to operate, pre- pare
inputs for, and interpret outputs of system

 Req Id: NFR-06

o Req Name: Availability
o Req Description: The system should be available for service 24/7 when
requested by end-users.
 Req Id: NFR-07
o Req Name: Adaptability
o Req Description: The ability to change the system to deal with addi-
tional application domain concepts.
 Req Id: NFR-08
o Req Name: Portability
o Req Description: The ease with which a system or component can be
transferred from one environment to another.
 SUMMARY
The System Design Description is a inbuilt Report Generator report that describes the
system design. The feasibility study is carried out to make sure the project is worth doing
or not. Later the project’s various modules, Class design and UML design are built.

Chapter 4
IMPLEMENTATION OF SYSTEM/ METHODOLOGY
A module description provides detailed information about the module and its supported
components, which is accessible in different manners. The included description is available by
reading directly, by generating a short html-description, or by making an environment check for
supported components to check if all needed types and services are available in the environment
where they will be used. This environment check could take place during registration/installation
or during a separate consistency check for a component.
 Data Upload Scenario
 Data Download Scenario
 Data Delete Scenario
 Server Recovery Files
4.1 MODULES
There are four modules which are explained below:
4.1.1 DATA UPLOAD SCENARIO
 The Data owner log in to the system with his/her user name & password.
 Once the user is authenticated, separate folder has created for the user which monitors all
the activities of the user.
 The user can upload the files where encryption key is required to store in cloud.
4.1.2 DATA DOWNLOAD SCENARIO

 The end user log in to the system with his/her user name & password.

 To download a file the decryption key is required to retrieve from cloud.
4.1.3 DATA DELETE SCENARIO

 The end user log in to the system with his/her user name & password.
 A user can delete unwanted files from cloud by just clicking delete key.
4.1.4 SERVER RECOVERY FILES

When the admin wants to see user files he has to do the following steps:
 Admin sends a request to the user for recovering deleted files.
 Once the user wants to share his file to the admin they provide the secret key using
SMTP protocol.
 Admin enters the key, and that key is decrypted and checks whether the file key is
matching to the decrypted key.
 Once the key matches, the admin can download that file.
4.2 TESTING
Testing plays a major role during the development of a project. The different types of testing
which are involved are:
 UNIT TESTING
Unit testing involves the design of test cases that validate that the internal program logic
is functioning properly, and that program inputs produce valid outputs. All decision
branches and internal code flow should be validated. It is the testing of individual
software units of the application .it is done after the completion of an individual unit
before integration. This is a structural testing, that relies on knowledge of its construction
and is invasive.
Unit tests perform basic tests at component level and test a specific business
process, application, and/or system configuration. Unit tests ensure that each unique path

of a business process per- forms accurately to the documented specifications and contains
clearly defined inputs and expected results.
 INTEGRATION TESTING
Integration tests are designed to test integrated software components to determine if they
actually run as one program. Testing is event driven and is more concerned with the basic
outcome of screens or fields. Integration tests demonstrate that although the components
were individually satisfaction, as shown by successfully unit testing, the combination of
components is correct and consistent. Integration testing is specifically aimed at exposing
the problems that arise from the combination of components.
 MODULE TESTING
Module Testing is a process of testing the system, module by module. It includes the
various inputs given, outputs produced and their correctness. By testing in this method
we would be very clear of all the bugs that have occurred. All the test cases mentioned
above passed successfully. No defects encountered.
 VALIDATION TESTING
The final step involves Validation testing, which determines whether the software
function as the user expected. The end-user rather than the system developer conduct this
test most software developers as a process called Alpha and Beta were testing to uncover
that only the end user seems able to find. The compilation of the entire project is based on
the full satisfaction of the end users. In the project, validation testing is made in various
forms.
4.3TOOLS
The different tools used are explained below:
 NET BEANS 8.1
 Best Support for Latest Java Technologies: NetBeans IDE is the official IDE for
Java 8. With its editors, code analyzers, and converters, you can quickly and
smoothly upgrade your applications to use new Java 8 language constructs, such
as lambdas, functional operations, and method references. Batch analyzers and

converters are provided to search through multiple applications at the same time,
matching patterns for conversion to new Java 8 language constructs.With its
constantly im- proving Java Editor, many rich features and an extensive range of
tools, templates and samples, NetBeans IDE sets the standard for developing with
cutting edge technologies out of the box.
 Fast Smart Code Editing: An IDE is much more than a text editor. The NetBeans
Editor indents lines, matches words and brackets, and highlights source code
syntactically and semantically. It lets you easily refactor code, with a range of
handy and powerful tools, while it also provides code templates, coding tips, and
code generators. The editor supports many languages from Java, C/C++, XML
and HTML, to PHP, Groovy, Javadoc, JavaScript and JSP. Because the editor is
extensi- ble, you can plug in support for many other languages.
 Easy Efficient Project Management: Keeping a clear overview of large
applications, with thousands of folders and files, and millions of lines of code, is a
daunting task. NetBeans IDE provides different views of your data, from multiple
project windows to helpful tools for setting up your applications and managing
them efficiently, letting you drill down into your data quickly and easily, while
giving you versioning tools via Subversion, Mercurial, and Git integration out of
the box. When new developers join your project, they can understand the structure
of your application because your code is well-organized.
 SQL YOG COMMUNITY (SQL SERVER)

SQLyog provides you with powerful means to manage your MySQL databases. Runs on
all Windows version from Win XP to Win 8.x (desktop systems) as well as ”Windows
Server” systems of same generations (Windows Server 2003 and higher). The features
include:
 MySQL 5.x compatible
 Create/Drop/Alter Tables, Stored Procedures, Functions, Views, Triggers
and Events.
 HTTP and SSH Tunneling -smartly manage your MySQL server even if
the MySQL port is blocked or remote access to MySQL is disallowed.

 Protect your data with SSL encryption.

 Favourite Manager to neatly organize your favorite SQL statements.
 Very fast retrieval of data.
 Advanced GUI Query Builder. It Supports JOINs, aggregate as well as
’common’ functions, sorting (ORDER BY) and filtering (WHERE and
HAV- ING) and ALIAS.
 SQLyog Import External Data wizard - use the GUI or specify a query.
 SQL WINDOW
Here you write your SQL commands that you want to execute. There are various ways to
enter SQL in the window:
 Type SQL commands directly in the window.
 Open a saved SQL script file. The file will be opened for editing.
 Insert a template from Edit/Insert Templates option.
 Open a SQL script saved as a ’Favorite’. More about ’Favorites’ folder’s later.
 MULTIPLE QUERIES
You may enter multiple queries separated by a (;) - on the same line or each on their own
line. Each query would create a new tab for its result set in the Result Window.
 EXECUTING SQL QUERIES

You can execute queries in SQLyog in following four ways:
 Execute Current Query: To execute a particular query in a batch, just place the
cursor on the query to be executed (i.e. before the semicolon separating the query
from the next query). Select Edit Execute Query, Execute Current Query (or press
F9 or click the ’single green arrow’ icon in the icon bar). Only the current query
would be executed.
 Execute All Queries: To execute the whole batch of queries entered in the SQL
window. Select Edit, Execute Query, Execute All Queries (or press Shift+F9 or
click the ’double green arrow’ icon in the icon bar). All queries would be
executed one by one, showing result set in separate tab window.

 STOPPING A QUERY
Starting from v4.05, all the queries are executed in a different thread. Whenever you
execute a query the corresponding icon in the toolbar is replaced by a Stop icon. If you
want to stop a query from being executed, just click on the Stop button.
 DATABASE CONNECTION
The description of making a connection to the database is given here:
 Making a New Connection
After you start SQLyog, you have to enter the details of MySQL server you want to
connect to. You must connect to a MySQL server before you can perform any
activities with the software.
 New Window Using Current Settings
To open a new connection with same server profile of the current connection select
File, New Window Using Current Settings (or press Ctrl+N). It will establish another
connection with the same details without any further specification.
 Disconnecting A Connection
Select File-Disconnect (or press Ctrl+F4) to disconnect the current active connection.
To re-connect (or establish another connection), select Connect option (or press
Ctrl+M).
 Disconnecting All Connections
Select File -¿ Disconnect All, to disconnect from all current active connections.
 DEVELOPMENT TOOLS
With most programming languages, compile or interpret a program so that we can run it
on our computer. The Java programming language is unusual, in that a program is both
compiled and interpreted. With the compiler, first we translate a program into an
intermediate language called Java byte codes the platform-independent codes interpreted
by the interpreter on the Java platform. The interpreter parses and runs each Java byte

code instruction on the computer. Compilation happens just once; interpretation occurs
each time the program is executed. Every full implementation of the Java platform gives
you the following features:
 The essentials: Objects, strings, threads, numbers, input and output, data structures,
system properties, date and time, and so on.
 Applets: The set of conventions used by applets.
 Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data gram
Protocol) sockets, and IP (Internet Protocol) addresses.
 Internationalization: Help for writing programs that can be localized for users
worldwide. Programs can automatically adapt to specific locales and be displayed in the
appropriate language.
 Security: Both low level and high level, including electronic signatures, public and
private key management, access control, and certificates.
 Software components: Known as JavaBeansTM, can plug into existing component
architectures.
 Object serialization: Allows lightweight persistence and communication via Remote
Method Invocation (RMI).
 Java Database Connectivity (JDBCTM): Provides uniform access to a wide range of
relational databases.
 JAVA PROGRAMMING LANGUAGE

In the Java programming language, all source code is first written in plain text files
ending with the .java extension. Those source files are then compiled into .class files by
the javac compiler. A .class file does not contain code that is native to your processor; it
instead contains byte codes the machine language of the Java Virtual Machine (Java
VM).
The java launcher tool then runs your application with an instance of the Java
Virtual Machine. Because the Java VM is available on many different operating systems,

the same .class files are capable of running on Microsoft Windows, the Solaris Operating
System (Solaris OS), Linux, or Mac OS.
Some virtual machines, such as the Java Hotspot virtual machine, perform
additional steps at runtime to give your application a performance boost. This includes
various tasks such as finding performance bottlenecks and recompiling (to native code)
frequently used sections of code.
 JAVA PLATFORM
A platform is the hardware or software environment in which a program runs. Weve
already mentioned some of the most popular platforms like Microsoft Windows, Linux,
Solaris OS, and Mac OS.
Most platforms can be described as a combination of the operating system and
underlying hardware. The Java platform differs from most other platforms in that its a
software-only platform that runs on top of other hardware-based platforms. The Java
platform has two components: The Java Virtual Machine The Java Application
Programming Interface (API)
 JAVA VIRTUAL MACHINE
A Java virtual machine (JVM) is a virtual machine that can execute Java byte code. It is
the code execution component of the Java software platform. A Java virtual machine is a
program which executes certain other programs, namely those containing Java byte code
instructions. JVMs are most often implemented to run on an existing operating system,
but can also be implemented to run directly on hardware.
A JVM provides an environment in which Java byte code can be executed,
enabling such features as automated exception handling, which provides root-cause
debugging information for every software error (exception), independent of the source
code. A JVM is distributed along with a set of standard class libraries that implement the
Java application programming interface (API). These libraries, bundled together with the
JVM, form the Java Runtime Environment (JRE).
JVMs are available for many hardware and software platforms. The use of the
same byte code for all JVMs on all platforms allows Java to be described as a write once,
run anywhere programming language, versus write once, compile anywhere, which

describes cross-platform compiled languages. Thus, the JVM is a crucial component of

the Java platform.
 JAVA API
The API is a large collection of ready-made software components that provide many
useful capabilities. It is grouped into libraries of related classes and interfaces; these
libraries are known as packages. As a platform-independent environment, the Java
platform can be a bit slower than native code. However, advances in compiler and virtual
machine technologies are bringing performance close to that of native code without
threatening portability.
 JDBC GOALS
Few software packages are designed without goals in mind. JDBC is one that, because of
its many goals, drove the development of the API. These goals, in conjunction with early
reviewer feedback, have finalized the JDBC class library into a solid framework for
building database applications in Java. The goals that were set for JDBC are important.
They will give you some insight as to why certain classes and functionalist behave the
way they do. The eight design goals for JDBC are as follows:
 SQL Level API The designers felt that their main goal was to define a
SQL interface for Java. Although not the lowest database interface level
possible, it is at a low enough level for higher-level tools and APIs to be
created. Conversely, it is at a high enough level for application
programmers to use it confidently. Attaining this goal allows for future
tool vendors to generate JDBC code and to hide many of JDBCs
complexities from the end user.
 SQL Conformance SQL syntax varies as you move from database vendor
to database vendor. In an effort to support a wide variety of vendors,
JDBC will allow any query statement to be passed through it to the
underlying database driver. This allows the connectivity module to handle
non-standard functionality in a manner that is suitable for its users.

 JDBC must be implemental on top of common database interfaces: The

JDBC SQL API must sit on top of other common SQL level APIs. This
goal allows JDBC to use existing ODBC level drivers by the use of a
software interface. This interface would translate JDBC calls to ODBC
and vice versa.
 Provide a Java interface that is consistent with the rest of the Java system
Because of Javas acceptance in the user community thus far, the designers
feel that they should not stray from the current design of the core Java
system.
 Keep it simple, The goal probably appears in all software design goal
listings. JDBC is no exception. Sun felt that the design of JDBC should be
very simple, allowing for only one method of completing a task per
mechanism. Allowing duplicate functionality only serves to confuse the
users of the API.
 Use strong, static typing wherever possible Strong typing allows for more
error checking to be done at compile time; also, less error appear at
runtime.
 Keep the common cases simple, Because more often than not, the usual
SQL calls used by the programmer are simple SELECTs, INSERTs,
DELETEs and UPDATEs, these queries should be simple to perform with
JDBC. How- ever, more complex SQL statements should also be possible.
 SUMMARY
A module description provides detailed information about the module and its supported
components, which is accessible in different manners. The included description is
available by reading directly, by generating a short html-description, or by making an
environment check for supported components to check if all needed types and services
are available in the environment where they will be used.

Chapter 5
RESULTS AND DISCUSSIONS
5.1 USER SIDE

The user can register by giving a user name and password and using these details user can
perform the following functions:
 Data upload scenario: Input: User registers and uploads the file, file key will be generated
automatically for each file. Output: File Uploaded in cloud.
Fig.5.1: Uploading a File

 Data download scenario: Input: User downloads the file. Output: File will be
downloaded.

Fig.5.2: Downloading a File
 Data delete scenario: Input: User deletes the file. Output: File will be deleted.
Fig.5.3: Deleting a File
 File Access scenario: The user can accept the request sent by the admin and allow the
admin to access the requested file.
Fig.5.4: Accepting admin request
5.2 ADMIN SIDE

The admin can perform the following functions:
 Recovery: Admin will request to recover the deleted file.

Fig.5.5: Recovery of files

 Sharing: If admin wishes to share his file key, the following file will be downloaded
automatically.
Fig.5.6: Admin sending request to access a file to user
 SUMMARY
The users and admin can perform the above operations. Firstly the user registers and
uploads the file. The User downloads the file and deletes it if not required. Sometimes the
files may get deleted by mistake. If the user requires the deleted files back then the admin
will be able to recover the deleted file and it can be shared. If admin requires access to
any file, a request can be sent to the user. When the user accepts the request the admin
will be able to access the file.

CONCLUSIONS AND FUTURE WORK
Security is an important issue in any application. To provide the security, authentication plays
very important role. Authentication is provided through the secret sharing schemes. Cloud
service providers request customers to store their account information in the cloud, cloud service
providers have the access to this information. This presents a privacy issue to the customer’s
privacy information. When a customer decide to use multiple cloud service, the customer will
have to store his/her password in multiple cloud, the more cloud service the customer is sub-
script to, the more copy of the users information will be. This is a security issue for the
customers and the cloud service providers. Main idea is to secure the users data from the cloud
service provider
Thus implementing a secure framework by proposing a new scheme in the future work so
that without the knowledge of the user the cloud service providers cannot access the customer’s
data though it is saved in the CSP place.

REFERENCES
[1] C.Wang, Q.Wan, K.Rennd WenjingLou,”Teaching an Old Trusted Platform

Module:Repurposing a TPM for an Identity- based Signature Scheme,” in the
proceedings of the International Conference on Information Systems Security, 2010.
[2] D. Chen and H. Zhao, ”Data Security and Privacy Protection Issues in Cloud
Computing,” in proceedings of International Conference on Computer Science and
Electronics Engineering (ICCSEE), vol.1, pp.647-651, 2012.
[3] H. Takabi, J. B. D. Joshi and G. J. Ahn,”Security and Privacy Challenges in Cloud
Computing Environments,” Journal of Security and Privacy, vol.8, no.6, pp.24-31,
November/December 2010.
[4] K. Ren, C. Wang and Q. Wang, ”Security Challenges for the Public Cloud,” Journal
of Internet Computing, vol.16, no.1, pp.69-73, January/February, 2012.
[5] Z. Xiao and Y. Xiao, ”Security and Privacy in Cloud Computing,” in the
Proceedings of the International Communication. Surveys and Tutorials, vol.15,
no.2, pp.843- 859, 2013.

Detecting Secrets

Uploaded by

Copyright:

Available Formats

Detecting Secrets

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Detecting Secrets

Uploaded by

Copyright:

Available Formats

Deleting Secret Data With Public Verifiability

Dept. of CSE, UVCE Page 1

1.4 EXISTING SYSTEM

Dept. of CSE, UVCE Page 2

1.5 OVERVIEW OF PROPOSED SYSTEM

Dept. of CSE, UVCE Page 3

Dept. of CSE, UVCE Page 4

The first work proposed an idea of identity-based asymmetric cryptosystems

Dept. of CSE, UVCE Page 5

Dept. of CSE, UVCE Page 6

3.2 DATA FLOW DIAGRAM

Dept. of CSE, UVCE Page 7

Fig.3.1: Flow chart for deleting data

Fig.3.2: Flow chart for downloading data

Dept. of CSE, UVCE Page 8

3.3 UML DIAGRAM

As shown in Fig.3.3:Class diagram representing dependencies, an illustration of the

Fig.3.3: Class diagram representing dependencies

Dept. of CSE, UVCE Page 9

Fig.3.4: Flow of Logic

Dept. of CSE, UVCE Page 10

Dept. of CSE, UVCE Page 11

 Req Id: NFR-06

Dept. of CSE, UVCE Page 12

 Data Download Scenario

 Data Delete Scenario

 Server Recovery Files

4.1.2 DATA DOWNLOAD SCENARIO

Dept. of CSE, UVCE Page 13

 To download a file the decryption key is required to retrieve from cloud.

4.1.3 DATA DELETE SCENARIO

4.1.4 SERVER RECOVERY FILES

Dept. of CSE, UVCE Page 14

Dept. of CSE, UVCE Page 15

 SQL YOG COMMUNITY (SQL SERVER)

Dept. of CSE, UVCE Page 16

 Protect your data with SSL encryption.

 EXECUTING SQL QUERIES

Dept. of CSE, UVCE Page 17

Dept. of CSE, UVCE Page 18

 Applets: The set of conventions used by applets.

 JAVA PROGRAMMING LANGUAGE

Dept. of CSE, UVCE Page 19

Dept. of CSE, UVCE Page 20

describes cross-platform compiled languages. Thus, the JVM is a crucial component of

Dept. of CSE, UVCE Page 21

 JDBC must be implemental on top of common database interfaces: The

Dept. of CSE, UVCE Page 22

5.1 USER SIDE

Fig.5.1: Uploading a File

Dept. of CSE, UVCE Page 23

Fig.5.2: Downloading a File

Fig.5.3: Deleting a File

Fig.5.4: Accepting admin request

5.2 ADMIN SIDE

Dept. of CSE, UVCE Page 24

Fig.5.5: Recovery of files

Fig.5.6: Admin sending request to access a file to user