CHAPTER 1

INTRODUCTION

Cloud computing is widely used by individuals, organizations and governments, as it allows

users to share data (i.e., documents, images, etc.) with specified/intended recipients in a
group setting. Although cloud-related security and privacy are two topics that have been
extensively studied in the literature, there remain challenges that have yet to be fully
addressed. For example, to guard against some cloud providers (and their employees) from
accessing the data stored in these cloud servers, we can outsource highly sensitive data in
the encrypted form only. However, in practice, this limits the users’ search capabilities over
such encrypted cloud data. Hence, there have been interest in designing partial but practical
Searchable Encryption (SE) schemes Such schemes do not degrade data security and
usability, and can be potentially used in various settings such as tasks recommendation in
crowdsourcing, healthcare cloud services and group data sharing. In addition to ensuring
strong security guarantees a practical SE should also achieve features such as expressive
search and cost-effective storage.
However, one of the main limitations of the conventional SE solutions is that these schemes
do not place any restriction on access control in group-oriented applications (i.e., social
network, wireless body area network, etc.). In other words, there is a risk of unauthorized
access, thereby compromising data privacy. There have also been attempts to use
CiphertextPolicy Attribute-Based Keyword Search (CP-ABKS) to facilitate keyword-based
ciphertext retrieval while providing fine-grained access control by integrating Ciphertext-
Policy Attribute-based Encryption (CP-ABE) with SE. However, the associated encryption
and decryption overhead is relatively high1 . As encryption and decryption processes are
often executed on computationally weak devices (e.g., Internet of Things (IoT) or Industrial
IoT (IIoT) devices), CPABKS may not be the ideal cryptographic tool for lightweight
deployments . In other words, security, expressive query, access control, and efficiency are
four main features typically expected in any practical SE scheme.
Although there are many published SE schemes, designing practical SE schemes that also
1
facilitate threshold access is an understudied area. In group-oriented data sharing
applications (i.e., electronic auction, electronic voting, etc.), we may not fully trust a single
individual. Instead, we may trust a group of individuals to access our sensitive information.
One classic example is the electronic voting, where a pool of individuals are trusted to open
the final result but not allowed to leak ballots to any individual. Moreover, it is required that
these data can still be accessible if some individuals in the authorized group are
compromised or offline.
To implement threshold access in SE, we can utilize Threshold Public-Key Encryption
(TPKE) mechanism to enable at least a threshold number of authorized data users in a group
to cooperatively generate the valid trapdoor and decrypt search results. Examples of
following this approach include those described in.
However, this approach generally results in long trapdoor size when supporting multi-
keyword search, and is not capable of providing result verification in the semi-honest-but-
curious cloud computing environment or threshold traceability in the event of a dispute.
For example, the compromised or attacked cloud server may forge or tamper results due to
various incentives. Schemes such as those presented in attempted to prevent the semi-
honest-but-curious cloud server from returning incorrect search results, but these solutions
have high false-positive rates due to the use of Bloom filter. Besides, the individual
traceability in prior group signature solutions allows each group member to reveal the real
signer’s identity, but may incur excessive abuse if each group member is given this
capability in some applications. The threshold traceability can avoid such a limitation and
resolve potential disputes.
To the best of our knowledge, there is no existing solution to address all the above
limitations collectively within a single scheme, and this is the contribution we seek to make
here. In this paper, we first devise the basic Threshold Multikeyword Search (TMS) scheme
in the group-oriented data sharing framework, by using the broadcast encryption Then, we
improve the basic TMS scheme to form the enhanced TMS, supporting threshold result
verification and threshold traceability using democratic group signature. A summary of the
contributions in this paper is as follows: • Threshold multi-keyword search2 .
2
 Different from previous SE schemes supporting multi-keyword search, our proposed
schemes consider the group sharing scenario rather than the general setting in which each
authorized data user is allowed to access encrypted data. Given an authorized group, our
basic or enhanced TMS scheme allows each group member to generate a trapdoor share
based on a list of keywords by using the respective secret key. It also enables at least a
threshold number of group members to form the final trapdoor by using the Lagrange
interpolation technique, which guarantees that the ciphertexts are accessible even if some
group members are compromised or offline. In comparison to previous SE schemes, the
trapdoor size in basic or enhanced TMS does not grow with the number of queried
keywords. Thus, both proposed schemes can be deployed on resource-limited devices. •
Short record ciphertext size and low threshold decryption overhead. Compared with
previous threshold public encryption schemes, our basic and enhanced TMS schemes do not
lead to long record ciphertext size3 that is proportional to the group size. In other words, the
ciphertext size of our basic or enhanced TMS is not affected by the group size. Besides,
previous schemes allow each authorized data user to gain the decryption key, while our
basic or enhanced TMS requires that at least a threshold number of group members to
generate their decryption shares and then integrate them to recover each record decryption
key cooperatively.
Furthermore, previous schemes deliver the complete decryption task to data users, which
incurs high computation overhead on resource-limited data users. Our enhanced TMS
scheme can significantly reduce the decryption overhead by using an outsourced decryption
mechanism. • Threshold result verification. Unlike the honest-butcurious cloud server
assumption in the conventional SE schemes, we consider a semi-honest-but-curious cloud
server that honestly executes the requested search operations most of time but may return
partial false search results due to financial incentives (e.g., saving storage space and
computation resources) in our enhanced TMS scheme. In addition, previous SE schemes
just allow a third-party or a single user to check the correctness of search results. In the
group sharing scenario, one group member’s verification result cannot convince other group
members. Thus, our enhanced TMS scheme allows a threshold number of receivers to
3
guarantee the reliability of search results by attaching a homomorphic verifiable tag to each
record.
Threshold traceability. Unlike the conventional group signature schemes, our enhanced
TMS scheme does not rely on the group manager and ensures threshold traceability rather
than individual traceability. Previous individual traceability mechanisms allow any group
member to trace the signer’s identity, which will cause the excessive abuse. To solve this
problem, our enhanced TMS achieves threshold traceability. Specifically, in our enhanced
TMS scheme, each group member can sign the record on behalf of the specified group by
generating its corresponding signature as well as some auxiliary information, and this
authorized group with at least a threshold number of group members can jointly reveal the
signer’s identity in potential disputes. Besides, we show that both basic TMS and enhanced
TMS schemes are semi-adaptively secure, and can resist the ChosenKeyword Attack
(CKA). The enhanced TMS can efficiently prevent the semi-honest-but-curious cloud server
from forging valid record tags. Finally, we present a comparative summary of the
performance of our proposed schemes and two other competing schemes by utilizing a
public dataset.

4
 CHAPTER 2

SYSTEM ANALYSIS

2.1 EXISTING SYSTEM:

 In a CP-ABE, the user’s attributes used for key generation must satisfy the access
policy used for encryption in order to decrypt the ciphertext, while in a KP-ABE, the
user can only decrypt ciphertexts whose attributes satisfy the policy embedded in the
key. We can see that access control is an inherent feature of ABE, and by using some
expressive access structures, we can effectively achieve fine-grained access control.
 In addition to ensuring strong security guarantees a practical SE should also achieve
features such as expressive search and cost-effective storage. However, one of the
main limitations of the conventional SE solutions is that these schemes do not place
any restriction on access control in group-oriented applications (i.e., social network,
wireless body area network, etc.). In other words, there is a risk of unauthorized
access, thereby compromising data privacy.

DISADVANTAGES OF EXISTING SYSTEM:

 The existing ABE schemes based on AND-Gate with wildcard cannot achieve this
property.
 However, the associated encryption and decryption overhead is relatively high1 . As
encryption and decryption processes are often executed on computationally weak
devices (e.g., Internet of Things (IoT) or Industrial IoT (IIoT) devices), CPABKS
may not be the ideal cryptographic tool for lightweight deployments.

2.2 PROPOSED SYSTEM:

 To implement threshold access in SE, we can utilize Threshold Public-Key

Encryption (TPKE) mechanism to enable at least a threshold number of authorized
5
 data users in a group to cooperatively generate the valid trapdoor and decrypt search
results.
 We first devise the basic Threshold Multi keyword Search (TMS) scheme in the
group-oriented data sharing framework, by using the broadcast encryption. Then, we
improve the basic TMS scheme to form the enhanced TMS, supporting threshold
result verification and threshold traceability using democratic group signature.
 Supporting multi-keyword search, our proposed schemes consider the group sharing
scenario rather than the general setting in which each authorized data user is allowed
to access encrypted data. Given an authorized group, our basic or enhanced TMS
scheme allows each group member to generate a trapdoor share based on a list of
keywords by using the respective secret key. It also enables at least a threshold
number of group members to form the final trapdoor by using the Lagrange
interpolation technique, which guarantees that the ciphertexts are accessible even if
some group members are compromised or offline.

ADVANTAGES OF PROPOSED SYSTEM:

 The threshold traceability can avoid such a limitation and resolve potential disputes.
 Our enhanced TMS scheme allows a threshold number of receivers to guarantee the
reliability of search results by attaching a homomorphic verifiable tag to each record.

2.3 FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and business proposal is put
forth with a very general plan for the project and some cost estimates. During system
analysis the feasibility study of the proposed system is to be carried out. This is to ensure
that the proposed system is not a burden to the company. For feasibility analysis, some
understanding of the major requirements for the system is essential.

6
Three key considerations involved in the feasibility analysis are

 ECONOMICAL FEASIBILITY
 TECHNICAL FEASIBILITY
 SOCIAL FEASIBILITY

7
 CHAPTER 3

SYSTEM DESIGN

3.1 OUTPUT DESIGN:

A quality output is one, which meets the requirements of the end user and presents the
information clearly. In any system results of processing are communicated to the users and
to other system through outputs. In output design it is determined how the information is to
be displaced for immediate need and also the hard copy output. It is the most important and
direct source information to the user. Efficient and intelligent output design improves the
system’s relationship to help user decision-making.
1. Designing computer output should proceed in an organized, well thought out manner; the
right output must be developed while ensuring that each output element is designed so that
people will find the system can use easily and effectively. When analysis design computer
output, they should Identify the specific output that is needed to meet the requirements.
[Link] methods for presenting information.
[Link] document, report, or other formats that contain information produced by the
system.
The output form of an information system should accomplish one or more of the following
objectives.
 Convey information about past activities, current status or projections of the
 Future.
 Signal important events, opportunities, problems, or warnings.
 Trigger an action.

3.2 INPUT DESIGN:

The input design is the link between the information system and the user. It comprises the
8
developing specification and procedures for data preparation and those steps are necessary
to put transaction data in to a usable form for processing can be achieved by inspecting the
computer to read data from a written or printed document or it can occur by having people
keying the data directly into the system. The design of input focuses on controlling the
amount of input required, controlling the errors, avoiding delay, avoiding extra steps and
keeping the process simple. The input is designed in such a way so that it provides security
and ease of use with retaining the privacy. Input Design considered the following things:
 What data should be given as input?
 How the data should be arranged or coded?
 The dialog to guide the operating personnel in providing input.
 Methods for preparing input validations and steps to follow when error occur.

OBJECTIVES

[Link] Design is the process of converting a user-oriented description of the input into a
computer-based system. This design is important to avoid errors in the data input process
and show the correct direction to the management for getting correct information from the
computerized system.

2. It is achieved by creating user-friendly screens for the data entry to handle large volume
of data. The goal of designing input is to make data entry easier and to be free from errors.
The data entry screen is designed in such a way that all the data manipulates can be
performed. It also provides record viewing facilities.
[Link] the data is entered it will check for its validity. Data can be entered with the help of
screens. Appropriate messages are provided as when needed so that the user
will not be in maize of instant. Thus the objective of input design is to create an input
layout that is easy to follow

9
3.3 SYSTEM ARCHITECTURE:

3.4 DATA FLOW DIAGRAM:

1. The DFD is also called as bubble chart. It is a simple graphical formalism that can be
used to represent a system in terms of input data to the system, various processing
carried out on this data, and the output data is generated by this system.
2. The data flow diagram (DFD) is one of the most important modeling tools. It is used
to model the system components. These components are the system process, the data
used by the process, an external entity that interacts with the system and the
information flows in the system.
3. DFD shows how the information moves through the system and how it is modified by
a series of transformations. It is a graphical technique that depicts information flow
and the transformations that are applied as data moves from input to output.

10
4. DFD is also known as bubble chart. A DFD may be used to represent a system at any
level of abstraction. DFD may be partitioned into levels that represent increasing
information flow and functional detail.

11
 3.5 UML DIAGRAMS

UML stands for Unified Modeling Language. UML is a standardized general-purpose

modeling language in the field of object-oriented software engineering. The standard is
managed, and was created by, the Object Management Group.

The goal is for UML to become a common language for creating models of object
oriented computer software. In its current form UML is comprised of two major
components: a Meta-model and a notation. In the future, some form of method or process
may also be added to; or associated with, UML.

The Unified Modeling Language is a standard language for specifying, Visualization,

Constructing and documenting the artifacts of software system, as well as for business
modeling and other non-software systems.

The UML represents a collection of best engineering practices that have proven
successful in the modeling of large and complex systems.

The UML is a very important part of developing objects oriented software and the
software development process. The UML uses mostly graphical notations to express the
design of software projects.

GOALS:

The Primary goals in the design of the UML are as follows:

1. Provide users a ready-to-use, expressive visual modeling Language so that they can
develop and exchange meaningful models.
2. Provide extendibility and specialization mechanisms to extend the core concepts.
3. Be independent of particular programming languages and development process.
12
 4. Provide a formal basis for understanding the modeling language.
5. Encourage the growth of OO tools market.
6. Support higher level development concepts such as collaborations, frameworks,
patterns and components.
7. Integrate best practices.

USE CASE DIAGRAM:

A use case diagram in the Unified Modeling Language (UML) is a type of behavioral
diagram defined by and created from a Use-case analysis. Its purpose is to present a
graphical overview of the functionality provided by a system in terms of actors, their goals
(represented as use cases), and any dependencies between those use cases. The main
purpose of a use case diagram is to show what system functions are performed for which
actor. Roles of the actors in the system can be depicted.

13
CLASS DIAGRAM:

In software engineering, a class diagram in the Unified Modeling Language (UML) is a type
of static structure diagram that describes the structure of a system by showing the system's
classes, their attributes, operations (or methods), and the relationships among the classes. It
explains which class contains information.

14
SEQUENCE DIAGRAM:

A sequence diagram in Unified Modeling Language (UML) is a kind of interaction diagram

that shows how processes operate with one another and in what order. It is a construct of a
Message Sequence Chart. Sequence diagrams are sometimes called event diagrams, event
scenarios, and timing diagrams.

ACTIVITY DIAGRAM:
15
Activity diagrams are graphical representations of workflows of stepwise activities and
actions with support for choice, iteration and concurrency. In the Unified Modeling
Language, activity diagrams can be used to describe the business and operational step-by-
step workflows of components in a system. An activity diagram shows the overall flow of
control.

3.7 Data Dictionar

16
Field Data Type Size Constraints
Host Char(60) 60 PRI
User Char(16) 16 PRI
Password Char(41) 41
Select_priv enum (‘N’,’Y’)
insert_priv enum (‘N’,’Y’)
update_priv enum (‘N’,’Y’)
delete_priv Enum (‘N’,’Y’)
create_priv Enum (‘N’,’Y’)
drop_priv Enum (‘N’,’Y’)
reload_priv Enum (‘N’,’Y’)
shutdown_priv Enum (‘N’,’Y’)
process_priv Enum (‘N’,’Y’)
file_priv Enum (‘N’,’Y’)
grant_priv Enum (‘N’,’Y’)
reference_priv Enum (‘N’,’Y’)
index_priv Enum (‘N’,’Y’)
alter_priv Enum (‘N’,’Y’)
Show_db_priv Enum (‘N’,’Y’)
super_priv Enum (‘N’,’Y’)
Create_tmp_table_pri Enum (‘N’,’Y’)
v
Look_tables_priv Enum (‘N’,’Y’)
execute_priv Enum (‘N’,’Y’)
Repl_slave__priv Enum (‘N’,’Y’)
Create_view_priv Enum (‘N’,’Y’)
Show_view_priv Enum (‘N’,’Y’)
event_priv Enum (‘N’,’Y’)

17
Field Data type size constraints
Host Char (60) PRI
Db Char (64) PRI
User Char (16) PRI
Table_name Char (64) PRI
Column_name Char (64) PRI
Timestamp Timestamp
Column_priv Char (64)

18
 Columns_priv

Field Data type size Constraints

name char (64) PRI
ret tinyint (1)
dl char (128)
type enum (64)

Func

field Data type size Constraints

Event_time Timestamp
User_host Mediumtext
Thread_id Int (11)
Server_id Int (10)
Command_type Varchar (64)
argument mediumtext

General_log

19
 Field Data type size constraints
Help_category_id Smallint (5) PRI
Name Char (64) UNIQUE
Parent_category_i Smallint (5)
d
url char (128)

Help_category

20
 CHAPTER 4
SYSTEM REQUIREMENTS

4.1 HARDWARE REQUIREMENTS:

• System : Pentium IV /I3/I5/I7/I9.

• Hard Disk : 40 GB at least.
• Floppy Drive : 1.44 Mb optional.
• Monitor : 10/12/15 VGA Colour.
• Mouse : Three button optical Mouse (Logitech).
• Ram : 512 Mb at least.

4.2 SOFTWARE REQUIREMENTS:

 Operating System - Windows XP/7/8/10

 Coding Language - Java 1.8/J2EE(web application)
 Web Server - Apache Tomcat 8.0.2
 IDE Tool - Netbeans 8.1/8.2
 Database - Mysql 5.1.44
 Front End technologies - HTML,CSS,JAVASCRIPT,JSP
 Back End technologies - JDBC,JSP

21
 CHAPTER 5
OVERVIEW OF LANGUAGE
SOFTWARE ENVIRONMENT

Java Technology

Java technology is both a programming language and a platform.

The Java Programming Language

The Java programming language is a high-level language that can be characterized by
all of the following buzzwords:

 Simple
 Architecture neutral
 Object oriented
 Portable
 Distributed
 High performance
 Interpreted
 Multithreaded
 Robust
 Dynamic
 Secure

22
 With most programming languages, you either compile or interpret a program so that
you can run it on your computer. The Java programming language is unusual in that a
program is both compiled and interpreted. With the compiler, first you translate a program
into an intermediate language called Java byte codes —the platform-independent codes
interpreted by the interpreter on the Java platform. The interpreter parses and runs each Java
byte code instruction on the computer. Compilation happens just once; interpretation occurs
each time the program is executed. The following figure illustrates how this works.

You can think of Java byte codes as the machine code instructions for the Java
Virtual Machine (Java VM). Every Java interpreter, whether it’s a development tool or a
Web browser that can run applets, is an implementation of the Java VM. Java byte codes
help make “write once, run anywhere” possible. You can compile your program into byte
codes on any platform that has a Java compiler. The byte codes can then be run on any
implementation of the Java VM. That means that as long as a computer has a Java VM, the
same program written in the Java programming language can run on Windows 2000, a
Solaris workstation, or on an iMac.

23
The Java Platform
A platform is the hardware or software environment in which a program runs.
We’ve already mentioned some of the most popular platforms like Windows 2000,
Linux, Solaris, and MacOS. Most platforms can be described as a combination of the
operating system and hardware. The Java platform differs from most other platforms
in that it’s a software-only platform that runs on top of other hardware-based
platforms.
The Java platform has two components:
 The Java Virtual Machine (Java VM)
 The Java Application Programming Interface (Java API)
You’ve already been introduced to the Java VM. It’s the base for the Java
platform and is ported onto various hardware-based platforms.
The Java API is a large collection of ready-made software components that
provide many useful capabilities, such as graphical user interface (GUI) widgets. The
Java API is grouped into libraries of related classes and interfaces; these libraries are
known as packages. The next section, What Can Java Technology Do? Highlights
what functionality some of the packages in the Java API provide.
The following figure depicts a program that’s running on the Java platform. As the
figure shows, the Java API and the virtual machine insulate the program from the
hardware.

24
 Native code is code that after you compile it, the compiled code runs on a
specific hardware platform. As a platform-independent environment, the Java
platform can be a bit slower than native code. However, smart compilers, well-tuned
interpreters, and just-in-time byte code compilers can bring performance close to that
of native code without threatening portability.
What Can Java Technology Do?
The most common types of programs written in the Java programming language are
applets and applications. If you’ve surfed the Web, you’re probably already familiar
with applets. An applet is a program that adheres to certain conventions that allow it
to run within a Java-enabled browser.
However, the Java programming language is not just for writing cute, entertaining
applets for the Web. The general-purpose, high-level Java programming language is
also a powerful software platform. Using the generous API, you can write many types
of programs.
An application is a standalone program that runs directly on the Java platform. A
special kind of application known as a server serves and supports clients on a
network. Examples of servers are Web servers, proxy servers, mail servers, and print
servers. Another specialized program is a servlet. A servlet can almost be thought of
as an applet that runs on the server side. Java Servlets are a popular choice for
building interactive web applications, replacing the use of CGI scripts. Servlets are
similar to applets in that they are runtime extensions of applications. Instead of
working in browsers, though, servlets run within Java Web servers, configuring or
tailoring the server.

25
How does the API support all these kinds of programs? It does so with packages of
software components that provides a wide range of functionality. Every full
implementation of the Java platform gives you the following features:
 The essentials: Objects, strings, threads, numbers, input and output, data
structures, system properties, date and time, and so on.
 Applets: The set of conventions used by applets.
 Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data
gram Protocol) sockets, and IP (Internet Protocol) addresses.
 Internationalization: Help for writing programs that can be localized for users
worldwide. Programs can automatically adapt to specific locales and be
displayed in the appropriate language.
 Security: Both low level and high level, including electronic signatures, public
and private key management, access control, and certificates.
 Software components: Known as JavaBeansTM, can plug into existing
component architectures.
 Object serialization: Allows lightweight persistence and communication via
Remote Method Invocation (RMI).
 Java Database Connectivity (JDBCTM): Provides uniform access to a wide
range of relational databases.
The Java platform also has APIs for 2D and 3D graphics, accessibility, servers,
collaboration, telephony, speech, animation, and more. The following figure depicts
what is included in the Java 2 SDK.

26
How Will Java Technology Change My Life?
We can’t promise you fame, fortune, or even a job if you learn the Java
programming language. Still, it is likely to make your programs better and requires
less effort than other languages. We believe that Java technology will help you do the
following:
 Get started quickly: Although the Java programming language is a powerful
object-oriented language, it’s easy to learn, especially for programmers already
familiar with C or C++.
 Write less code: Comparisons of program metrics (class counts, method
counts, and so on) suggest that a program written in the Java programming
language can be four times smaller than the same program in C++.
 Write better code: The Java programming language encourages good coding
practices, and its garbage collection helps you avoid memory leaks. Its object
orientation, its JavaBeans component architecture, and its wide-ranging, easily
extendible API let you reuse other people’s tested code and introduce fewer
bugs.
 Develop programs more quickly: Your development time may be as much as
twice as fast versus writing the same program in C++. Why? You write fewer
lines of code and it is a simpler programming language than C++.

27
  Avoid platform dependencies with 100% Pure Java: You can keep your
program portable by avoiding the use of libraries written in other languages.
The 100% Pure JavaTM Product Certification Program has a repository of
historical process manuals, white papers, brochures, and similar materials
online.
 Write once, run anywhere: Because 100% Pure Java programs are compiled
into machine-independent byte codes, they run consistently on any Java
platform.
 Distribute software more easily: You can upgrade applets easily from a
central server. Applets take advantage of the feature of allowing new classes to
be loaded “on the fly,” without recompiling the entire program.
ODBC
Microsoft Open Database Connectivity (ODBC) is a standard programming interface
for application developers and database systems providers. Before ODBC became a de facto
standard for Windows programs to interface with database systems, programmers had to use
proprietary languages for each database they wanted to connect to. Now, ODBC has made
the choice of the database system almost irrelevant from a coding perspective, which is as it
should be. Application developers have much more important things to worry about than the
syntax that is needed to port their program from one database to another when business
needs suddenly change.
Through the ODBC Administrator in Control Panel, you can specify the particular
database that is associated with a data source that an ODBC application program is written
to use. Think of an ODBC data source as a door with a name on it. Each door will lead you
to a particular database. For example, the data source named Sales Figures might be a SQL
Server database, whereas the Accounts Payable data source could refer to an Access
database. The physical database referred to by a data source can reside anywhere on the
LAN.
The ODBC system files are not installed on your system by Windows 95. Rather,
they are installed when you setup a separate database application, such as SQL Server
28
Client or Visual Basic 4.0. When the ODBC icon is installed in Control Panel, it uses a file
called [Link]. It is also possible to administer your ODBC data sources through
a stand-alone program called [Link]. There is a 16-bit and a 32-bit version of
this program and each maintains a separate list of ODBC data sources.

From a programming perspective, the beauty of ODBC is that the application can be
written to use the same set of function calls to interface with any data source, regardless of
the database vendor. The source code of the application doesn’t change whether it talks to
Oracle or SQL Server. We only mention these two as an example. There are ODBC drivers
available for several dozen popular database systems. Even Excel spreadsheets and plain
text files can be turned into data sources. The operating system uses the Registry
information written by ODBC Administrator to determine which low-level ODBC drivers
are needed to talk to the data source (such as the interface to Oracle or SQL Server). The
loading of the ODBC drivers is transparent to the ODBC application program. In a
client/server environment, the ODBC API even handles many of the network issues for the
application programmer.
The advantages of this scheme are so numerous that you are probably thinking there
must be some catch. The only disadvantage of ODBC is that it isn’t as efficient as talking
directly to the native database interface. ODBC has had many detractors make the charge
that it is too slow. Microsoft has always claimed that the critical factor in performance is the
quality of the driver software that is used. In our humble opinion, this is true. The
availability of good ODBC drivers has improved a great deal recently. And anyway, the
criticism about performance is somewhat analogous to those who said that compilers would
never match the speed of pure assembly language. Maybe not, but the compiler (or ODBC)
gives you the opportunity to write cleaner programs, which means you finish sooner.
Meanwhile, computers get faster every year.

JDBC

29
 In an effort to set an independent database standard API for Java; Sun Microsystems
developed Java Database Connectivity, or JDBC. JDBC offers a generic SQL database
access mechanism that provides a consistent interface to a variety of RDBMSs. This
consistent interface is achieved through the use of “plug-in” database connectivity modules,
or drivers. If a database vendor wishes to have JDBC support, he or she must provide the
driver for each platform that the database and Java run on.
To gain a wider acceptance of JDBC, Sun based JDBC’s framework on ODBC. As
you discovered earlier in this chapter, ODBC has widespread support on a variety of
platforms. Basing JDBC on ODBC will allow vendors to bring JDBC drivers to market
much faster than developing a completely new connectivity solution.
JDBC was announced in March of 1996. It was released for a 90 day public review
that ended June 8, 1996. Because of user input, the final JDBC v1.0 specification was
released soon after.
The remainder of this section will cover enough information about JDBC for you to know
what it is about and how to use it effectively. This is by no means a complete overview of
JDBC. That would fill an entire book.

JDBC Goals
Few software packages are designed without goals in mind. JDBC is one that,
because of its many goals, drove the development of the API. These goals, in conjunction
with early reviewer feedback, have finalized the JDBC class library into a solid framework
for building database applications in Java.
The goals that were set for JDBC are important. They will give you some insight as to
why certain classes and functionalities behave the way they do. The eight design goals for
JDBC are as follows:

1. SQL Level API

The designers felt that their main goal was to define a SQL interface for Java.
Although not the lowest database interface level possible, it is at a low enough level for
30
higher-level tools and APIs to be created. Conversely, it is at a high enough level for
application programmers to use it confidently. Attaining this goal allows for future tool
vendors to “generate” JDBC code and to hide many of JDBC’s complexities from the
end user.
2. SQL Conformance
SQL syntax varies as you move from database vendor to database vendor. In an effort
to support a wide variety of vendors, JDBC will allow any query statement to be passed
through it to the underlying database driver. This allows the connectivity module to
handle non-standard functionality in a manner that is suitable for its users.
3. JDBC must be implemental on top of common database interfaces
The JDBC SQL API must “sit” on top of other common SQL level APIs. This
goal allows JDBC to use existing ODBC level drivers by the use of a software
interface. This interface would translate JDBC calls to ODBC and vice versa.
4. Provide a Java interface that is consistent with the rest of the Java system
Because of Java’s acceptance in the user community thus far, the designers feel that
they should not stray from the current design of the core Java system.
5. Keep it simple
This goal probably appears in all software design goal listings. JDBC is no exception.
Sun felt that the design of JDBC should be very simple, allowing for only one method of
completing a task per mechanism. Allowing duplicate functionality only serves to
confuse the users of the API.
6. Use strong, static typing wherever possible
Strong typing allows for more error checking to be done at compile time; also, less
error appear at runtime.
7. Keep the common cases simple
Because more often than not, the usual SQL calls used by the programmer are simple
SELECT’s, INSERT’s, DELETE’s and UPDATE’s, these queries should be simple to
perform with JDBC. However, more complex SQL statements should also be possible.

31
 Finally we decided to proceed the implementation using Java Networking.

And for dynamically updating the cache table we go for MS Access database.

Java ha two things: a programming language and a platform.

Java is a high-level programming language that is all of the following

Simple Architecture-neutral
Object-oriented Portable
Distributed High-performance
Interpreted multithreaded
Robust Dynamic
Secure

Java is also unusual in that each Java program is both compiled and interpreted.
With a compile you translate a Java program into an intermediate language called
Java byte codes the platform-independent code instruction is passed and run on the
computer.

Compilation happens just once; interpretation occurs each time the program is
executed. The figure illustrates how this works.

32
 Java Program Interpreter

Compilers My Program

You can think of Java byte codes as the machine code instructions for the Java
Virtual Machine (Java VM). Every Java interpreter, whether it’s a Java
development tool or a Web browser that can run Java applets, is an implementation
of the Java VM. The Java VM can also be implemented in hardware.

Java byte codes help make “write once, run anywhere” possible. You can
compile your Java program into byte codes on my platform that has a Java
compiler. The byte codes can then be run any implementation of the Java VM. For
example, the same Java program can run Windows NT, Solaris, and Macintosh.

Networking

TCP/IP stack

The TCP/IP stack is shorter than the OSI one:

33
 TCP is a connection-oriented protocol; UDP (User Datagram Protocol) is a
connectionless protocol.

IP datagram’s

The IP layer provides a connectionless and unreliable delivery system. It

considers each datagram independently of the others. Any association between
datagram must be supplied by the higher layers. The IP layer supplies a checksum
that includes its own header. The header includes the source and destination
addresses. The IP layer handles routing through an Internet. It is also responsible for
breaking up large datagram into smaller ones for transmission and reassembling
them at the other end.

UDP

UDP is also connectionless and unreliable. What it adds to IP is a checksum for

the contents of the datagram and port numbers. These are used to give a
client/server model - see later.
34
TCP

TCP supplies logic to give a reliable connection-oriented protocol above IP. It

provides a virtual circuit that two processes can use to communicate.

Internet addresses

In order to use a service, you must be able to find it. The Internet uses an address
scheme for machines so that they can be located. The address is a 32 bit integer
which gives the IP address. This encodes a network ID and more addressing. The
network ID falls into various classes according to the size of the network address.

Network address

Class A uses 8 bits for the network address with 24 bits left over for other
addressing. Class B uses 16 bit network addressing. Class C uses 24 bit network
addressing and class D uses all 32.

Subnet address

Internally, the UNIX network is divided into sub networks. Building 11 is

currently on one sub network and uses 10-bit addressing, allowing 1024 different
hosts.

Host address

8 bits are finally used for host addresses within our subnet. This places a limit of
256 machines that can be on the subnet.

Total address

35
 The 32 bit address is usually written as 4 integers separated by dots.

Port addresses

A service exists on a host, and is identified by its port. This is a 16 bit number.
To send a message to a server, you send it to the port for that service of the host that
it is running on. This is not location transparency! Certain of these ports are "well
known".

Sockets

A socket is a data structure maintained by the system to handle network

connections. A socket is created using the call socket. It returns an integer that is
like a file descriptor. In fact, under Windows, this handle can be used with Read
File and Write File functions.

#include <sys/types.h>
#include <sys/socket.h>
int socket(int family, int type, int protocol);

Here "family" will be AF_INET for IP communications, protocol will be

zero, and type will depend on whether TCP or UDP is used. Two processes
wishing to communicate over a network create a socket each. These are similar to
two ends of a pipe - but the actual pipe does not yet exist.

36
JFree Chart

JFreeChart is a free 100% Java chart library that makes it easy for developers
to display professional quality charts in their applications. JFreeChart's extensive
feature set includes:
A consistent and well-documented API, supporting a wide range of chart types;
A flexible design that is easy to extend, and targets both server-side and client-
side applications;
Support for many output types, including Swing components, image files
(including PNG and JPEG), and vector graphics file formats (including PDF, EPS
and SVG);
JFreeChart is "open source" or, more specifically, free software. It is
distributed under the terms of the GNU Lesser General Public Licence (LGPL),
which permits use in proprietary applications.

1. Map Visualizations
Charts showing values that relate to geographical areas. Some examples
include: (a) population density in each state of the United States, (b) income per
capita for each country in Europe, (c) life expectancy in each country of the world.
The tasks in this project include:
Sourcing freely redistributable vector outlines for the countries of the world,
states/provinces in particular countries (USA in particular, but also other areas);
Creating an appropriate dataset interface (plus default implementation), a
rendered, and integrating this with the existing XYPlot class in JFreeChart;
Testing, documenting, testing some more, documenting some more.

2. Time Series Chart Interactivity

Implement a new (to JFreeChart) feature for interactive time series charts --- to display a
separate control that shows a small version of ALL the time series data, with a sliding
"view" rectangle that allows you to select the subset of the time series data to display in

37
 the main chart.

3. Dashboards

There is currently a lot of interest in dashboard displays. Create a flexible dashboard

mechanism that supports a subset of JFreeChart chart types (dials, pies, thermometers,
bars, and lines/time series) that can be delivered easily via both Java Web Start and an
applet.

4. Property Editors

The property editor mechanism in JFreeChart only handles a small subset of the
properties that can be set for charts. Extend (or reimplement) this mechanism to
provide greater end-user control over the appearance of the charts.

J2ME (Java 2 Micro edition):-

Sun Microsystems defines J2ME as "a highly optimized Java run-time environment
targeting a wide range of consumer products, including pagers, cellular phones, screen-
phones, digital set-top boxes and car navigation systems." Announced in June 1999 at the
JavaOne Developer Conference, J2ME brings the cross-platform functionality of the Java
language to smaller devices, allowing mobile wireless devices to share applications. With
J2ME, Sun has adapted the Java platform for consumer products that incorporate or are
based on small computing devices.

1. General J2ME architecture

38
J2ME uses configurations and profiles to customize the Java Runtime Environment (JRE).
As a complete JRE, J2ME is comprised of a configuration, which determines the JVM used,
and a profile, which defines the application by adding domain-specific classes. The
configuration defines the basic run-time environment as a set of core classes and a specific
JVM that run on specific types of devices. We'll discuss configurations in detail in the The
profile defines the application; specifically, it adds domain-specific classes to the J2ME
configuration to define certain uses for devices. We'll cover profiles in depth in the The
following graphic depicts the relationship between the different virtual machines,
configurations, and profiles. It also draws a parallel with the J2SE API and its Java virtual
machine. While the J2SE virtual machine is generally referred to as a JVM, the J2ME
virtual machines, KVM and CVM, are subsets of JVM. Both KVM and CVM can be
thought of as a kind of Java virtual machine -- it's just that they are shrunken versions of the
J2SE JVM and are specific to J2ME.

2. Developing J2ME applications

Introduction In this section, we will go over some considerations you need to keep in mind
when developing applications for smaller devices. We'll take a look at the way the compiler
39
is invoked when using J2SE to compile J2ME applications. Finally, we'll explore packaging
and deployment and the role preverification plays in this process.

3. Design considerations for small devices

Developing applications for small devices requires you to keep certain strategies in mind
during the design phase. It is best to strategically design an application for a small device
before you begin coding. Correcting the code because you failed to consider all of the
"gotchas" before developing the application can be a painful process. Here are some design
strategies to consider:
* Keep it simple. Remove unnecessary features, possibly making those features a separate,
secondary application.
* Smaller is better. This consideration should be a "no brainer" for all developers. Smaller
applications use less memory on the device and require shorter installation times. Consider
packaging your Java applications as compressed Java Archive (jar) files.
* Minimize run-time memory use. To minimize the amount of memory used at run time,
use scalar types in place of object types. Also, do not depend on the garbage collector. You
should manage the memory efficiently yourself by setting object references to null when
you are finished with them. Another way to reduce run-time memory is to use lazy
instantiation, only allocating objects on an as-needed basis. Other ways of reducing overall
and peak memory use on small devices are to release resources quickly, reuse objects, and
avoid exceptions.

4. Configurations overview
The configuration defines the basic run-time environment as a set of core classes and a
specific JVM that run on specific types of devices. Currently, two configurations exist for
J2ME, though others may be defined in the future:
* Connected Limited Device Configuration (CLDC) is used specifically with the KVM
for 16-bit or 32-bit devices with limited amounts of memory. This is the configuration (and
40
the virtual machine) used for developing small J2ME applications. Its size limitations make
CLDC more interesting and challenging (from a development point of view) than CDC.
CLDC is also the configuration that we will use for developing our drawing tool
application. An example of a small wireless device running small applications is a Palm
hand-held computer.

* Connected Device Configuration (CDC) is used with the C virtual machine (CVM) and
is used for 32-bit architectures requiring more than 2 MB of memory. An example of such a
device is a Net TV box.

5. J2ME profiles
What is a J2ME profile?
As we mentioned earlier in this tutorial, a profile defines the type of device supported. The
Mobile Information Device Profile (MIDP), for example, defines classes for cellular
phones. It adds domain-specific classes to the J2ME configuration to define uses for similar
devices. Two profiles have been defined for J2ME and are built upon CLDC: KJava and
MIDP. Both KJava and MIDP are associated with CLDC and smaller devices. Profiles are
built on top of configurations. Because profiles are specific to the size of the device (amount
of memory) on which an application runs, certain profiles are associated with certain
configurations.
A skeleton profile upon which you can create your own profile, the Foundation Profile, is
available for CDC.
Profile 1: KJava
KJava is Sun's proprietary profile and contains the KJava API. The KJava profile is built on
top of the CLDC configuration. The KJava virtual machine, KVM, accepts the same byte
codes and class file format as the classic J2SE virtual machine. KJava contains a Sun-
specific API that runs on the Palm OS. The KJava API has a great deal in common with the
J2SE Abstract Windowing Toolkit (AWT). However, because it is not a standard J2ME
package, its main package is [Link]. We'll learn more about the KJava API later in
41
this tutorial when we develop some sample applications.
Profile 2: MIDP
MIDP is geared toward mobile devices such as cellular phones and pagers. The MIDP, like
KJava, is built upon CLDC and provides a standard run-time environment that allows new
applications and services to be deployed dynamically on end user devices. MIDP is a
common, industry-standard profile for mobile devices that is not dependent on a specific
vendor. It is a complete and supported foundation for mobile application
development. MIDP contains the following packages, the first three of which are core
CLDC packages, plus three MIDP-specific packages.
* [Link]
* [Link]
* [Link]
* [Link]
* [Link]
* [Link]
* [Link]

CHAPTER 6
IMPLEMENTATION

6.1 MODULES
 Data Owner Module
 Data User Module
 Cloud Server Module (admin)

MODULES DESCRIPTION

42
Data Owner Module
This module helps the owner to register those details and also include login details. This
module helps the owner to upload his file with encryption using CP-ABE algorithm. This
ensures the files to be protected from unauthorized user. Data owner has a collection of
documents F ={f1; f2; :::; fn} that he wants to outsource to the cloud server in encrypted
form while still keeping the capability to search on them for effective utilization. In our
scheme, the data owner firstly builds a secure searchable tree index I from document
collection F, and then generates an encrypted document collection C for F. Afterwards, the
data owner outsources the encrypted collection C and the wildcard access policy I to the
cloud server, and securely distributes the key information of trapdoor generation and
document decryption to the authorized data users. Besides, the data owner is responsible for
the update operation of his documents stored in the cloud server.

Data User Module

This module includes the user registration login details. This module is used to help the
client to search the file using the multiple wildcard(Keyword) access policy concept and get
the accurate result list based on the user query. The user is going to select the required file
and register the user details and get activation code in mail email before enter the activation
code. After user can download the Zip file and extract that file. Data users are authorized
ones to access the documents of data owner. With t wildcard query keywords, the
authorized user can generate a trapdoor TD according to search control mechanisms to fetch
k encrypted documents from cloud server. Then, the data user can decrypt the documents
with the shared secret key.

Cloud Server Module:

This module is used to help the server to encrypt the document using CP-BE Algorithm and
to convert the encrypted document to the Zip file with activation code and then activation
code send to the user for download. Cloud server stores the encrypted document collection
C and the encrypted searchable wildcard access policy I for data owner. Upon receiving the
43
trapdoor TD from the data user, the cloud server executes search over the wildcard access
policy I, and finally returns the corresponding collection of encrypted documents. Besides,
upon receiving the update information from the data owner, the server needs to update the
index I and document collection C according to the received information. The cloud server
in the proposed scheme is considered as “honest-but-curious”, which is employed by lots of
works on secure cloud data search.

6.2 SOURCE CODE

[Link]
<%--
Document : [Link]
Created on : Jul 16, 2015, [Link] AM
Author : java2
--%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Threshold Multi-keyword Search for Cloud-Based Group Data Sharing</title>
<link rel="stylesheet" href="css/[Link]" type="text/css" />
<script src="js/[Link]" type="text/javascript"></script>
</head>
<body>
<div id="main">
<div id="header">
44
<center><h1>Threshold Multi-keyword Search for Cloud-Based Group Data Sharing</h1></center>
<!-- <nav id="primary_nav_wrap" style="float: left;margin-left: -200px;">
<ul>
<li><a href="#"><img src="images/[Link]" width="40" height="40"/></a>
<ul>
<li><a href="#">Sub Menu 1</a></li>
<li><a href="#">Sub Menu 2</a></li>
<li><a href="#">Sub Menu 3</a></li>
</ul>
</li>
</ul>
</nav>-->
<div style="margin-left: 250px;height: 100px;"><br />
<a href="[Link]" class="myButton" >Home</a>
<a href="[Link]" class="myButton" >Login</a>
<a href="[Link]" class="myButton" >Registration</a>
</div><br /><br />
</div><br />
<div id="container" style="background: transparent"><br /><br /><br /><br /><br /><br />
<div class="abstract" style="background: white;border-radius: 10px"><br />
<label style="font-size: 20px;left: 10px;top: 10px;font-weight: bold;padding-left: 10px;"></label>
<p style="text-align: justify;padding-left: 10px;padding-right: 20px;padding-bottom: 20px;font-size:
20px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<img
src="images/[Link]" height="350" width="800"></p>
</div>
</div>
<div id="footer" style="color: white"><br />
<center></center>
</div>
</div>
</body>
</html>

45
2 [Link]
<%--
Document : [Link]
Created on : Jul 16, 2015, [Link] AM
Author : java2
--%>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Audit-Free Cloud Storage</title>
<link rel="stylesheet" href="css/[Link]" type="text/css" />
<script src="js/[Link]" type="text/javascript"></script>
</head>
<body>
<%
if([Link]("msg")!=null)
{%>
<script>alert('Login Successfully');</script>
<%}
%>
<div id="main">
<div id="header">
<center><h1>Threshold Multi-keyword Search for Cloud-Based Group Data Sharing</h1></center>
<!-- <nav id="primary_nav_wrap" style="float: left;margin-left: -200px;">
<ul>
<li><a href="#"><img src="images/[Link]" width="40" height="40"/></a>
<ul>
<li><a href="#">Sub Menu 1</a></li>
<li><a href="#">Sub Menu 2</a></li>

46
<li><a href="#">Sub Menu 3</a></li>
</ul>
</li>
</ul>
</nav>-->
<div style="margin-left: 30px;height: 100px;"><br />
<a href="[Link]" class="myButton" >Home</a>
<a href="[Link]" class="myButton" >File Search</a>
<a href="[Link]" class="myButton" >Download File</a>
<a href="[Link]" class="myButton" >Log Out</a>
</div><br /><br />
</div><br />
<div id="container" style="background: transparent"><br /><br /><br /><br /><br /><br />
<div class="abstract" style="background-image: url('images/[Link]');height: 300px;border-radius:
10px"><br />

</div>
</div>
<div id="footer" style="color: white"><br />
<center></center>
</div>
</div>
</body>
</html>

3 [Link]
<%--
Document : [Link]
Created on : Jul 16, 2015, [Link] AM
Author : java2
--%>

<%@page import="[Link]"%>

47
<%@page import="[Link]"%>
<%@page import="[Link]"%>
<%@page import="[Link]"%>
<%@page import="[Link]" %>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Audit-Free Cloud Storage</title>
<link rel="stylesheet" href="css/[Link]" type="text/css" />
<script src="js/[Link]" type="text/javascript"></script>
</head>
<body>
<%
if ([Link]("msg") != null) {%>
<script>alert('Registration Successfully');</script>
<%}
if ([Link]("msgg") != null) {%>
<script>alert('Registration Failed');</script>
<%}
%>
<div id="main">
<div id="header">
<center><h1>Threshold Multi-keyword Search for Cloud-Based Group Data Sharing</h1></center>
<!-- <nav id="primary_nav_wrap" style="float: left;margin-left: -200px;">
<ul>
<li><a href="#"><img src="images/[Link]" width="40" height="40"/></a>
<ul>
<li><a href="#">Sub Menu 1</a></li>
<li><a href="#">Sub Menu 2</a></li>
<li><a href="#">Sub Menu 3</a></li>
</ul>

48
</li>
</ul>
</nav>-->
<div style="margin-left: 250px;height: 100px;"><br />
<a href="[Link]" class="myButton">Home</a>
<a href="[Link]" class="myButton">Login</a>
<a href="[Link]" class="myButton">Registration</a>
</div><br /><br />
</div><br />
<div id="container" style="background: transparent"><br /><br /><br />
<div class="registration" style="background: white;border-radius: 25px;">
<center> <form name="f2" action="reg_db.jsp" method="post">
<center> <h1>Registration Form</h1></center>
<label style="margin-left: 50px;font-size: 23px">Name</label><input class="textbox" type="text"
placeholder="Enter your Name" name="name" style="margin-left: 83px;width: 250px"
required=""/><br /><br />
<label style="margin-left: 50px;font-size: 23px">Password</label><input class="textbox"
type="password" placeholder="Enter your Password" name="pass" style="margin-left: 45px;width: 250px"
required=""/><br /><br />
<label style="margin-left: 50px;font-size: 23px">Email</label><input class="textbox" type="email"
placeholder="Enter your Email" name="email" style="margin-left: 86px;width: 250px"
required=""/><br /><br />
<label style="margin-left: 50px;font-size: 23px">Date of Birth</label><input class="textbox" type="date"
name="dob" style="margin-left: 18px;width: 250px" required=""/><br /><br />
<label style="margin-left: 50px;font-size: 23px">Gender</label>
<select class="textbox" name="gen"style="margin-left: 60px;width: 250px" required="">
<option selected="">Select</option>
<option value="Male">Male</option>
<option value="Female">Female</option>
</select><br /><br />
<label style="margin-left: 50px;font-size: 23px">Role</label>
<select class="textbox" name="role"style="margin-left: 85px;width: 250px" required="">
<option selected="">Select</option>

49
<option value="Owner">Owner</option>
<option value="User">User</option>
</select><br /><br />
<label style="margin-left: 50px;font-size: 23px">Location</label><input class="textbox" type="text"
placeholder="Enter your Location" name="loc" style="margin-left: 60px;width: 250px"
required=""/><br /><br />
<input type="submit" value="Submit" class="button" style="margin-left: 110px;margin-top: -10px;width:
100px;color: black" />
<input type="reset" value="Reset" class="button" style="margin-left: 35px;margin-top: -10px;width:
100px;color: #000"/><br />
</form>
</center><br />
</div>
</div>
<div id="footer" style="color: white"><br />
<center></center>
</div>
</div>
</body>
</htm

CHAPTER 7
SYSTEM TESTING

The purpose of testing is to discover errors. Testing is the process of trying to

discover every conceivable fault or weakness in a work product. It provides a way to check
the functionality of components, sub assemblies, assemblies and/or a finished product It is
the process of exercising software with the intent of ensuring that the
Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific
testing requirement.

50
TYPES OF TESTS
Unit testing
Unit testing involves the design of test cases that validate that the internal program
logic is functioning properly, and that program inputs produce valid outputs. All decision
branches and internal code flow should be validated. It is the testing of individual software
units of the application .it is done after the completion of an individual unit before
integration. This is a structural testing, that relies on knowledge of its construction and is
invasive. Unit tests perform basic tests at component level and test a specific business
process, application, and/or system configuration. Unit tests ensure that each unique path of
a business process performs accurately to the documented specifications and contains
clearly defined inputs and expected results.

Integration testing

Integration tests are designed to test integrated software components to determine if

they actually run as one program. Testing is event driven and is more concerned with the
basic outcome of screens or fields. Integration tests demonstrate that although the
components were individually satisfaction, as shown by successfully unit testing, the
combination of components is correct and consistent. Integration testing is specifically
aimed at exposing the problems that arise from the combination of components.
Functional test

Functional tests provide systematic demonstrations that functions tested are available
as specified by the business and technical requirements, system documentation, and user
manuals.
Functional testing is centered on the following items:

51
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures: interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements, key

functions, or special test cases. In addition, systematic coverage pertaining to identify
Business process flows; data fields, predefined processes, and successive processes must be
considered for testing. Before functional testing is complete, additional tests are identified
and the effective value of current tests is determined.

System Test
System testing ensures that the entire integrated software system meets requirements. It
tests a configuration to ensure known and predictable results. An example of system testing
is the configuration oriented system integration test. System testing is based on process
descriptions and flows, emphasizing pre-driven process links and integration points.

White Box Testing

White Box Testing is a testing in which in which the software tester has knowledge of
the inner workings, structure and language of the software, or at least its purpose. It is
purpose. It is used to test areas that cannot be reached from a black box level.

Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner
workings, structure or language of the module being tested. Black box tests, as most other
kinds of tests, must be written from a definitive source document, such as specification or
requirements document, such as specification or requirements document. It is a testing in

52
which the software under test is treated, as a black box .you cannot “see” into it. The test
provides inputs and responds to outputs without considering how the software works.

Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test phase of the
software lifecycle, although it is not uncommon for coding and unit testing to be conducted
as two distinct phases.

Test strategy and approach

Field testing will be performed manually and functional tests will be written in detail.

Test objectives
 All field entries must work properly.
 Pages must be activated from the identified link.
 The entry screen, messages and responses must not be delayed.

Features to be tested
 Verify that the entries are of the correct format
 No duplicate entries should be allowed
 All links should take the user to the correct page.

Integration Testing
Software integration testing is the incremental integration testing of two or more
integrated software components on a single platform to produce failures caused by interface
defects.
The task of the integration test is to check that components or software applications,
e.g. components in a software system or – one step up – software applications at the
company level – interact without error.
53
Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires significant
participation by the end user. It also ensures that the system meets the functional
requirements.

7.1 TEST CASES

Data owner login:
S. Action Inputs Excepted Actual Test Test Test
No Output Output Browse result commen
r ts
1 Launch http:// Login Login Chrome Pass Launch
applicati page page sucessful
localhost:8084/
on
An_Efficient_an

d_Privacy-

Preserving_Biom

etric_Identificati

on_Scheme_in_
54
 Cloud_Computin

g/[Link]

2 Enter Username: Login Login Chrome pass Login

correct Niharika success success Successf
usernam Password: ul
e and niharika
poasswo
rd and
hit login
button
3 Enter Username: Login Login Chrome fail Login
incorrect Asdf failure failure fail
usernam Password:
e and niharika
correct
passwor
d and hit
login
button
4 Enter Username: Login Login Chrome fail Login
correct Niharika failure failure fail
usernam Password:
e and asdf
incorrect
passwor
d and hit
login
button
55
Data User login:
S. Action Inputs Excepted Actual Test Test Test
No Output Output Browse result comm
r ents
1 Launch http:// Login Login Chrome Pass Launc
applicati localhost:8084/ page page h
on An_Efficient_an sucess
d_Privacy- ful
Preserving_Biom
etric_Identificati
on_Scheme_in_
Cloud_Computin
g/
consumerLogin.j
sp
2 Enter Username: Login Login Chrome pass Login
correct Niharika success success Succes
usernam Password: sful
e and niharika
poasswo
rd and
56
 hit login
button
3 Enter Username: Login Login Chrome fail Login
incorrect Asdf failure failure fail
usernam Password:
e and niharika
correct
passwor
d and hit
login
button
4 Enter Username: Login Login Chrome fail Login
correct Niharika failure failure fail
usernam Password:
e and asdf
incorrect
passwor
d and hit
login
button

57
 cloud login:
[Link] Action Inputs Excepted Actual Test Test Test
Output Output Brows resul comme
er t nts
1 Launch http:// Login Login Chrom Pass Launch
applicati page page e sucessf
localhost:8084/
on ul
An_Efficient_an

d_Privacy-

Preserving_Bio

metric_Identific

ation_Scheme_i

n_Cloud_Comp

uting/

[Link]

2 Enter Username: Login Login Chrom pass Login

correct Cloud success success e Success
usernam Password: ful
e and Cloud
poasswor
d and hit
login
button
3 Enter Username: Login Login Chrom fail Login
incorrect Asdf failure failure e fail
usernam Password:
e and
58
 correct niharika
password
and hit
login
button
4 Enter Username: Login Login Chrom fail Login
correct Niharika failure failure e fail
usernam Password:
e and asdf
incorrect
password
and hit
login
button

Test Results: All the test cases mentioned above passed successfully. No
defects encountered.

CHAPTER 8
OUTPUT SCREENS

Home page:

59
Registration form:

Login page:

OWNER HOME PAGE:

60
61
USER HOME PAGE:

62
CLOUD HOME PAGE:

63
64
 CHAPTER 9
CONCLUSION

Motivated by the observation that there does not yet exist any scheme that provides
flexible access control in grouporiented data sharing setting, we design two threshold
multikeyword search schemes (namely, a basic TMS scheme and the enhanced TMS
scheme) which achieve versatile features such as threshold decryption, threshold result
verification and threshold traceability. Particularly, the enhanced TMS scheme can be
further extended to provide public result verification and dynamic operations, by
employing state-of-the-art techniques (rather than reinventing the wheel). Both basic
TMS and enhanced TMS schemes are then shown to achieve semi-adaptive security
and resist CKA. Besides, the enhanced TMS scheme is shown to guarantee record tag
unforgeability. Evaluation on a publicly available NSF dataset demonstrated that our
proposed schemes are efficient in practice. Although our proposed schemes can
achieve short record ciphertexts size, these schemes still have slightly high
computation and storage overhead when taking the record indexes (and record tags)
into consideration. Therefore, we will focus on designing a lightweight encryption
algorithm without affecting the other features, as part of our future work for this paper.

65
 REFERENCES
[1] B. Cui, Z. Liu, and L. Wang, “Key-aggregate searchable encryption
(kase) for group data sharing via cloud storage,” IEEE Transactions on
computers, vol. 65, no. 8, pp. 2374–2385, 2016.
[2] Y. Miao, J. Ma, X. Liu, X. Li, Q. Jiang, and J. Zhang, “Attributebased
keyword search over hierarchical data in cloud computing,” IEEE
Transactions on Services Computing, pp. 1–14, 2017.
[3] D. X. Song, D. Wagner, and A. Perrig, “Practical techniques for
searches on encrypted data,” in Proc. IEEE Symposium on Security and
Privacy (S&P’00). IEEE, 2000, pp. 44–55.
[4] D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano, “Public
key encryption with keyword search,” in Proc. International conference on
the theory and applications of cryptographic techniques
(EUROCRYPT’04). Springer, 2004, pp. 506–522.
[5] R. Chen, Y. Mu, G. Yang, F. Guo, and X. Wang, “Dual-server
publickey encryption with keyword search for secure cloud storage,”
IEEE transactions on information forensics and security, vol. 11, no. 4,
pp. 789–798, 2016.
[6] X. Zhang, Y. Tang, H. Wang, C. Xu, Y. Miao, and H. Cheng,
“Latticebased proxy-oriented identity-based encryption with keyword
search for cloud storage,” Information Sciences, vol. PP, pp. 1–15, 2019.
[7] R. Chen, Y. Mu, G. Yang, F. Guo, X. Huang, X. Wang, and Y. Wang,
“Server-aided public key encryption with keyword search,” IEEE
Transactions on Information Forensics and Security, vol. 11, no. 12, pp.
2833– 2842, 2016.
[8] J. Shu, K. Yang, X. Jia, X. Liu, C. Wang, and R. Deng, “Proxy-free
privacy-preserving task matching with efficient revocation in
crowdsourcing,” IEEE Transactions on Dependable and Secure
Computing, pp. 1–14, 2018.

66
[9] R. Zhang, R. Xue, and L. Liu, “Searchable encryption for healthcare
clouds: a survey,” IEEE Transactions on Services Computing, vol. 11, no.
6, pp. 978–996, 2018.
[10] J. Shen, T. Zhou, D. He, Y. Zhang, X. Sun, and Y. Xiang, “Block
designbased key agreement for group data sharing in cloud computing,”
IEEE Transactions on Dependable and Secure Computing, vol. PP, pp. 1–
15, 2017.
[11] R. Chen, Y. Mu, G. Yang, and F. Guo, “Bl-mle: block-level
messagelocked encryption for secure large file deduplication,” IEEE
Transactions on Information Forensics and Security, vol. 10, no. 12, pp.
2643–2652, 2015.
[12] Y. Zhang, C. Xu, H. Li, K. Yang, J. Zhou, and X. Lin, “Healthdep:
An efficient and secure deduplication scheme for cloud-assisted ehealth
systems,” IEEE Transactions on Industrial Informatics, vol. 14, no. 9, pp.
4101–4112, 2018.
[13] Y. Miao, X. Liu, K.-K. R. Choo, R. H. Deng, J. Li, H. Li, and J. Ma,
“Privacy-preserving attribute-based keyword search in shared multi-owner
setting,” IEEE Transactions on Dependable and Secure Computing, vol.
PP, pp. 1–15, 2019.
[14] Y. Miao, J. Ma, X. Liu, X. Li, Z. Liu, and H. Li, “Practical
attributebased multi-keyword search scheme in mobile crowdsourcing,”
IEEE Internet of Things Journal, vol. 5, no. 4, pp. 3008–3018, 2018.
[15] J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy
attributebased encryption,” in Proc. IEEE symposium on security and
privacy (S&P’07). IEEE, 2007, pp. 321–334.
[16] Z. Wan, J. Liu, and R. H. Deng, “Hasbe: A hierarchical attribute-
based solution for flexible and scalable access control in cloud
computing,” IEEE transactions on information forensics and security, vol.
7, no. 2, pp. 743–754, 2012.

67
[17] J. Lai, R. H. Deng, C. Guan, and J. Weng, “Attribute-based
encryption with verifiable outsourced decryption,” IEEE Transactions on
information forensics and security, vol. 8, no. 8, pp. 1343–1354, 2013.
[18] P. Xu, S. He, W. Wang, W. Susilo, and H. Jin, “Lightweight
searchable public-key encryption for cloud-assisted wireless sensor
networks,” IEEE Transactions on Industrial Informatics, vol. 14, no. 8, pp.
3712– 3723, 2018.
[19] K. N. Alharbi, X. Lin, and J. Shao, “A privacy-preserving data-
sharing framework for smart grid,” IEEE Internet of Things Journal, vol.
4, no. 2, pp. 555–562, 2017.
[20] J. Baek and Y. Zheng, “Identity-based threshold decryption,” in Proc.
International Workshop on Public Key Cryptography (PKC). Springer,
2004, pp. 262–276.
[21] C. Esposito, M. Ficco, A. Castiglione, F. Palmieri, and A. De Santis,
“Distributed group key management for event notification confidentiality
among sensors,” IEEE Transactions on Dependable and Secure
Computing, 2018.
[22] D. Boneh, X. Boyen, and S. Halevi, “Chosen ciphertext secure public
key threshold encryption without random oracles,” in Proc.
Cryptographers’ Track at the RSA Conference (CT-RSA’06). Springer,
2006, pp. 226–243.
[23] C. Delerablee and D. Pointcheval, “Dynamic threshold public-key
en- ´ cryption,” in Proc. International Cryptology Conference on
Advances in Cryptology (CRYPTO’08). Springer, 2008, pp. 317–334.
[24] P. Wang, H. Wang, and J. Pieprzyk, “Threshold privacy preserving
keyword searches,” in Proc. International Conference on Current Trends
in Theory and Practice of Computer Science (SOFSEM’19). Springer,
2008, pp. 646–658.

68