EXPLOITING THE CLOUD FOR SECURE

OUTSOURCING MECHANISM

A PROJECT REPORT

Submitted by

PADMAPRIYA.M (21310104066)
RAJALAKSHMI.R (21310104078)
SABITHA.P (21310104088)

in partial fulfillment for the award of the degree

of
BACHELOR OF ENGINEERING
IN
COMPUTER SCIENCE AND ENGINEERING

SKR ENGINEERING COLLEGE, CHENNAI

(NBA Accredited & ISO 9001:2000 Certified Institution)

ANNA UNIVERSITY: CHENNAI 600 025

APRIL 2014

i
 ANNA UNIVERSITY: CHENNAI 600 025

BONAFIDE CERTIFICATE

Certified that this project report “EXPLOITING THE CLOUD FOR SECURE

OUTSOURCING MECHANISM” is the bonafide work of

“PADMAPRIYA.M(21310104066), RAJALAKSHMI.R(21310104078), SABITHA.P

(21310104088)” who carried out the project work under my supervision.

SIGNATURE SIGNATURE

Ms.T.KUJANI, M.E,(Ph.D) Mrs. C. KRISHNAVENI, M.Tech

ASSO.PROFESSOR ASST.PROFESSOR

HEAD OF THE DEPARTMENT SUPERVISOR

Computer Science and Engineering, Computer Science and Engineering,
SKR Engineering College, SKR Engineering College,
Poonamalee, Poonamalee,
Chennai - 600123. Chennai - 600123.

Submitted for the Viva-voce Examination held on ………………………... at

SKR ENGINEERING COLLEGE , CHENNAI.

INTERNAL EXAMINER EXTERNAL EXAMINER

ii
 ACKNOWLEDGEMENT

We place in record our profound respect, sincere and heartfelt gratitude to

our Chairman Shri.K.Ramadoss for having provided us an opportunity and all
facilities to pursue our studies in this institution.

We wish to place on this record our heartfelt thanks to our Principal

Dr.M.Senthil Kumar for providing us a better opportunity towards the
completion of our project.

We express our immense thanks to our Dean Dr.R.Suguna, for providing

convenient environment to complete this project.

We would like to express our sincere thanks to our HOD, Department of

Computer Science and Engineering Ms.T.Kujani for her kind inspiration and
encouragement.
At the outset we are very thankful to the effort of our project guide
Mr.N.Sathish Kumar, for his valuable guidance and unwavering support in the
development of this project.

We express our profound thanks to all other staff members for their
continuous encouragement and motivation given to us for this work and for their
great support in successfully completing this project.

We thank all our family and friends for inspiring us to do this project.

iii
 ABSTRACT

Cloud computing provide services on the basis of pay-per use technique ,where
you can obtain the networked storage space and computer resources. In cloud
computing model, the customers plug into the cloud to access IT resources which are
priced and provided on demand services. Cloud computing economically enables
customers with limited computational resources to outsource large-scale computations
to the cloud. Users can store their data in the cloud and there is a lot of personal
information and potentially secure data that people store on their computers, and this
information is now being transferred to the cloud. Here we must ensure the security
of user’s data, which is stored by using secure outsourcing mechanism in cloud. To
enhance the speed we are introducing a temporary memory called cache or buffered
memory. Cloud Computing is a subscription based service. At the completion of the
contract with the cloud, the utilized services can be carried over to the new contract, so
that cost efficiency can be achieved.

iv
 TABLE OF CONTENTS

CHAPTER TITLE PAGE NO

ABSTRACT iv
LIST OF FIGURES vii
LIST OF ABBREVIATIONS viii
1 INTRODUCTION 1
2 LITERATURE REVIEW 9
3 PROJECT DESCRIPTION
3.1 Existing System 12
3.2 Proposed System 13
3.3 Specification
3.3.1 Hardware Specification 14
3.3.2 Software Specification 14
4 MODULE DESCRIPTION
4.1 Design Phase
4.1.1 Data Flow Diagram 15
4.1.2 UML Diagrams 17
4.1.3 Entity Relationship Diagram
4.2 General Architecture 23
4.3 Modules 24
4.4 Module Description 24
4.4.1. Module 1
4.4.2. Module 2
4.4.3. Module 3

5 IMPLEMENTATION

v
 5.1 Input & Output 28
5.2 Limitations 29
6 RESULTS AND DISCUSSIONS
6.1 Efficiency of the proposed system 30
6.2 Advantages of the proposed system 30
6.3 Comparison of Existing and 30
proposed System
7 CONCLUSION AND FUTURE ENHANCEMENTS
7.1 Conclusion 31
7.2 Future Enhancements 31
APPENDICES 41
REFERENCES 45

vi
 CHAPTER 1
INTRODUCTION
Cloud computing represents a keyword in the industrial and academic world
today. Its success is due to its win-win model specialized providers offer their
resources through standardized mechanisms, while stakeholders exploit and pay
for the resources they need wherever they are. Some of the main features of the
available cloud computing solutions are elasticity and scalability. Providers have a
large number of resources, where a potentially unlimited number of stakeholders
may ask for their usage based on their actual needs. The stakeholder’s needs may
often be characterized by significant fluctuations due to the model of payment,
which is based on the pay-per-use paradigm. This has an important implication
providers make an initial investment in expensive infrastructure and resources to
sustain this model.
Focusing on the engineering and scientific computing problems,
investigates secure outsourcing for widely applicable large-scale systems. The
execution time of a computer program depends not only on the number of
operations it must execute, but on the location of the data in the memory hierarchy,
solving such large-scale problems on customer’s weak computing devices can be
practically impossible, due to the inevitably involved huge IO cost.
You can be billed for resources as you use them. This pay-as-you-go model
means usage is metered and you pay only for what you consume. Cloud customers
can provision cloud services without going through a lengthy process. You request
an amount of computing, storage, software, process, or more from the service
provider. After you use these resources, they can be automatically deprovisioned.

Cloud provide many services the major types of services are:

vii
Software as a Service (SaaS):
Following this model, the cloud service provider makes both the software and the
cloud infrastructure to run it available to the client, while it retains complete
control over the underlying physical settings of the cloud (i.e., the operating
system, network, storage, etc.) and the individual application capabilities. Thin
client interfaces such as web browsers are often used to allow access to these
applications.

Platform as a Service (PaaS):

Similar to the previous model, PaaS aims at giving the client the ability to run
software on the cloud infrastructure. However, in this case the consumer can
deploy his own applications or create personalized ones by using tools supported
by the cloud provider. Control over the physical settings remains restricted to the
cloud provider but the clients of this model are able to fully manage the deployed
applications.

Infrastructure as a Service (IaaS):

viii
The consumers of this model can provision computing resources including storage,
processing, and networks, which can usually be used to host any arbitrary
operating system and applications. Mostof the well established cloud
services (such as Amazon EC2) adopt this model and charge their users according
to the amount of utilized resources

ix
 CHAPTER 3
PROJECT DESCRIPTION

EXISTING SYSTEM

The main enabling technology for cloud computing is virtualization. Virtualization

generalizes the physical infrastructure, which is the most rigid component, and
makes it available as a soft component that is easy to use and manage. Cloud
providers claim that computing costs reduce. A public-cloud delivery model
converts CAPEX to OPEX model.
Security can improve due to centralization of data, increased security-focused
resources, etc., but concerns can persist about loss of control over certain sensitive
data, and the lack of security for stored kernels. However, the complexity of
security is greatly increased when data is distributed over a wider area or over a
greater number of devices, as well as in multi-tenant systems shared by unrelated
users.

DISADVANTAGE
 Applying ordinary encryption techniques to the sensitive information before

outsourcing could be one way to combat the security concern it also makes
the task of computation over encrypted data in general a very difficult
problem

 The cloud are not transparent enough to customers, no guarantee is provided

on the quality of the computed results from the cloud possible

software/hardware malfunctions and/or outsider attacks might also affect the

x
 quality of the computed results. Thus, we argue that the cloud is intrinsically
not secure from the viewpoint of customers.

 The execution time of a computer program depends not only on the number

of operations it must execute, but on the location of the data in the memory
hierarchy, solving such large-scale problems on customer’s weak computing
devices can be practically impossible, due to the inevitably involved huge IO
cost.

xi
PROPOSED SYSTEM

In existing approaches and the computational practicality motivates us to

design secure mechanism of outsourcing. We propose a very efficient cheating
detection mechanism, which fulfills input/output privacy, cheating resilience, and
efficiency. An organization that owns and runs its IT operations will apply
organizational and administrative controls, specifying who can perform data-
related operations such as creation, access, disclosure, transport, and destruction of
data. The cloud computing security based on fully Homomorphic encryption, is a
new concept of security which enables providing results of calculations on
encrypted data without knowing the raw data on which the calculation was carried
out, with respect of the data confidentiality.
To enhance the speed we are introducing a temporary memory called cache or
buffered memory. Our mechanism brings computational savings as it only incurs
O(n) local computation burden for the customer while solving large scale systems
usually demands more than O(n2) computation cost in terms of both time and
memory requirements. Cloud Computing is a subscription based service. We
enhance the cost efficiency , at the completion of the contract with the cloud , the
unutilized services can be carried over to the new contract , so that cost efficiency
can be achieved.

ADVANTAGES

 Once the data is to accessed , the user has to give request for that data to the
admin . The admin has to verify the request and key for that data is given to
the user , admin must know the user who is accessing the data through which
cheating detection can be achieved.

xii
 First time the data will be downloaded directly from the server , from the
second time it will be downloaded from the catch-speed access.

xiii
3.3 SPECIFICATION

3.3.1 HARDWARE SPECIFICATION

 PIV 2.8 GHz Processor and Above

 RAM 512MB and Above

 HDD 40 GB Hard Disk Space and Above

3.3.2 SOFTWARE SPECIFICATION

 WINDOWS OS (XP / 2000 / 200 Server / 2003 Server/8)

 IDE- NETBEANS 7.3

 MYSQL 5.1

 Application Server : Tomcat 7.0/6.X

 Front End : HTML, Java, Jsp

CHAPTER 4

xiv
 MODULE DESCRIPTION

4.1. DESIGN PHASE

Design Phase deals with the various UML [Unified Modeling language] diagrams
for the implementation of project. Software design is a process through which the
requirements are translated into representation of the software. Design is the place
where quality is rendered in software engineering. Design is the means to
accurately translate customer requirements into finished product.

4.1.1. DATA FLOW DIAGRAMS

 A data flow diagram is graphical tool used to describe and analyze

movement of data through a system. These are the central tool and the basis
from which the other components are developed. The transformation of data
from input to output, through processed, may be described logically and
independently of physical components associated with the system. These
are known as the logical data flow diagrams.
 The physical data flow diagrams show the actual implements and movement
of data between people, departments and workstations. A full description of
a system actually consists of a set of data flow diagrams.

DFD DIAGRAMS

Level1:
xv
Level 2:

xvi
xvii
Level 3:

xviii
4.1.2 UML DIAGRAMS

 USECASE

The use case diagrams describe system functionality as a set of tasks that
the system must carry out and actors who interact with the system to
complete the tasks. Each use case on the diagram represents a single task
that the system needs to carry out.

login

download

upload

delete

data owner large scale

data user

allocate memory

renewal

logout

xix
  CLASS DIAGRAM

A class diagram gives an overview of a system by showing its classes and

the relationships among them. Class diagrams are static , they display what
interacts but not what happens when they interacts.

SEQUENCE DIAGRAM

A sequence diagram is Unified Modeling Language (UML) is a kind of interaction

diagram that shows how processes operate with one another and in what order. It is
a construct of a message sequence chart. There are two dimension.
1.vertical dimension-represent time.
2.horizontal dimension-represent different objects.

xx
Data user Server Admin

1.login

2.login verified

3. login

4.login verified

5. upload file

6.key request

7.verify and allow access

8.Download file

9.Download file

10.upload file

11.Renewal request

12.Renew

13.Logout

14.Logout

xxi
COLLABORATION DIAGRAM

A collaboration diagram, also called a communication diagram or interaction

diagram. A sophisticated modeling tool can easily convert a collaboration diagram
into a sequence diagram and the vice versa. A collaboration diagram resembles a
flowchart that portrays the roles. Functionality and behavior of individual objects
as well as the overall operation of the system in real time.

2:
9:
Server Admin

1:
5:
14:

4: 6:
8: 11:

3: 7:
10: 12:
13:

Data
user

E-R Diagram
The relation upon the system is structure through a conceptual ER-Diagram, which
not only specifics the existential entities but also the standard relations through
which the system exists and the cardinalities that are necessary for the system state
to continue.

The entity Relationship Diagram (ERD) depicts the relationship between the data
objects. The ERD is the notation that is used to conduct the date modeling activity

xxii
the attributes of each data object noted is the ERD can be described resign a data
object descriptions.

The set of primary components that are identified by the ERD are

o Data object

o Relationships

o Attributes

o Various types of indicators.

The primary purpose of the ERD is to represent data objects and their
relationships.

xxiii
 4.2 GENERAL ARCHITECTURE

In the cloud , the data information that is to be stored in the cloud server is
uploaded by the data owner in the encrypted format . The cloud user , who is need
of those confidential data has to request the admin for the data . Once the admin
verifies the request , the cloud user can download the requested data using the key
given to them.

xxiv
4.3 MODULES
 Homomorphic Encryption
 Cheating Detection
 speed access
4.4 MODULE DESCRIPTION

4.4.1 HOMOMORPHIC ENCRYPTION

We propose a solution to the old open problem of constructing a fully
homomorphic en-cryption scheme. This notion, originally called a privacy
homomorphism.
Homomorphic encryption is a form of encryption which allows specific types of
computations to be carried out on ciphertext and generate an encrypted result
which, when decrypted, matches the result of operations performed on the
plaintext. A cryptosystem which supports both addition and multiplication is
known as fully homomorphic encryption (FHE) and is far more powerful.

An efficient semantically-secure encryption scheme with additive homomorphic

property.Given two integers x1 and x2, we have Enc(x1 + x2) = Enc(x1)*Enc(x2),
and also Enc(x1*x2) =Enc(x1)x2 .
To add and multiply ciphertexts, we simply use the ring operations `+' and `x'
FHE has the following property (in its simplest form) .Ciphertexts ci decrypt to
plaintexts mi , i.e., Decrypt(ci) =mi, where them i's and ci's are elements of some
ring (with two operations, addition and multiplication). In FHE one has
Decrypt(c1+c2) =m1+m2 ; Decrypt(c1.c2) =m1.m2
Using this encryption technique the sensitive data are uploaded in the cloud and
downloaded and viewed only using the key.

xxv
CHEATING DETECTION

The data owner upload the files in the cloud server, that will be stored in the
encrypted format which is done by FHE. For accessing those data , cloud user has
to request the admin for that particular data once the admin verified the request key
has been generated. Here we use atomatic key generation technique. This
algorithm generates the key automatically from the message itself and are not
required to be defined by the user.
Once the encryption is done, the key is to be transferred to the receiver‟s end so
that it could be used for decryption. Therefore it is transferred to the receiver‟s end
while being added with the message in the encrypted form. Another role is played
by random number generator to enhance security.
KeyGen(1k) → {K}.This is a randomized key generation algorithm which takes a
system security parameter k, and returns a secret key K that is used later by
customer .
SPEED ACCESS
The data files are uploaded in the cloud server, the uploaded data file will be
downloaded directly from the server after that the same file can be downloaded
from the catch memory.

xxvi
COMPARISON OF EXISTING AND PROPOSED SYSTEM
In the existion system the cloud uses some ordinary data encryption techniques for
data security. The operational details inside the cloud are not transparent. Secure
outsourcing computations is expensive.No standards or model is defined for secure
outsourcing.
In the proposed system the sensitive data have to be encrypted using Fully
homomorphic encryption before outsourcing.Provide dynamic key every time,
when a user logged in for cloud service. Provides more secure environment for
cloud service provider and clients.This task secure cloud services from malicious
or unwanted access.

CONCLUSION
thus
FUTURE IMPROVEMENT
Recently, a general result of secure computation outsourcing has been shown
viable in theory , which is based on Yao’s garbled circuits and Gentry’s fully
homomorphic encryption (FHE) scheme . However, applying this general
mechanism to our daily computations would be far
from practical, due to the extremely high complexity of FHE operation and the
pessimistic circuit sizes that can hardly be handled in practice. Instead of
outsourcing general functions, in the security community, Atallah et al. explore a
list of customized solutions for securely outsourcing specific computations. In
,they give the first investigation of secure outsourcing of numerical and scientific
xxvii
computation, including LE. Though a set of problem dependent disguising
techniques are proposed, they explicitly allow private information leakage.
Besides, the important case of result verification is not considered. In ,Atallah and
Bejanmin give a protocol design for secure matrix multiplication outsourcing. The
design is built upon the assumption of two no colluding servers and thus vulnerable
to colluding attacks. Later on in, Atallah and Frikken give an improved protocol
for secure outsourcing matrix multiplications based on secret sharing, which
outperforms their previous work in terms of single server assumption and
computation efficiency. But the drawback is that due to secret sharing technique,
all scalar operations in original matrix multiplication are expanded to polynomials,
introducing significant communication overhead. Considering the case of the result
verification, the communication overhead must be further doubled, due to the
introducing of additional recomputed “random noise” matrices. In short, these
solutions, although elegant, are still not efficient enough for immediate practical
uses on large scale problems, which we aim to address for the secure LE
outsourcing in this paper. Wang et al. give the first study of secure outsourcing of
linear programming in cloud computing. Their solution is based on problem
transformation,
and has the advantage of bringing customer savings without introducing substantial
overhead on cloud. However, those techniques involve cubic-time computational
burden matrix-matrix operations, which may not be handled by the weak customer
in our assumption. Very recently, Blanton et al. explored secure outsourcing all
pair distance calculations of large-scale biometric data. Their focus is on result
verification, which leverages certain structures of the distance computations and
the framework of adding fake items and random sampling.

xxviii