A PROJECT REPORT

ON

A SECURE MULTI KEYWORD RANKED SEARCH SCHEME THAT

SUPPORTS DYNAMIC UPDATE OPERATIONS IN CLOUD

Thesis Submitted in partial fulfillment of the Requirements for the Award of the
Degree Of

MASTER OF TECHNOLOGY
IN
COMPUTER SCIENCE AND ENGINEERING

Submitted by
GADE MARY SINDHURI REDDY
Reg.No: 13NF1D5805

UNDER THE ESTEEMED GUIDANCE OF

Mr. K. SRIDHAR, M.Tech
Assistant Professor

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

UNIVERSAL COLLEGE OF ENGINEERING & TECHNOLOGY
(Approved by A.I.C.T.E., Affiliated to J.N.T.U. K, Kakinada)
DOKIPARRU(V) , MEDIKONDURU(M), GUNTUR-522438, AP.
(2013-2015)

 UNIVERSAL COLLEGE OF ENGINEERING & TECHNOLOGY
(Approved by A.I.C.T.E., Affiliated to J.N.T.U.K, Kakinada)
DOKIPARRU(V) , MEDIKONDURU(M), GUNTUR-522438, AP.
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

CERTIFICATE
This is to certify that the thesis entitled “A SECURE MULTI KEYWORD
RANKED SEARCH SCHEME THAT SUPPORTS DYNAMIC UPDATE
OPERATIONS IN CLOUD ” is being carried by GADE MARY SINDHURI
REDDY, bearing Reg.No. 13NF1D5805, in partial fulfillment of the requirements for
the award of the degree of Master of Technology in Computer Science & Engineering,
in the department of Computer Science & Engineering, UNIVERSAL COLLEGE OF
ENGINEERING & TECHNOLOGY, GUNTUR, AP. to the JNTUK is a bonafide
work carried out by her under my guidance and supervision. The Results embodied in
this thesis have not been submitted to any other University or Institute for the award
of any degree.


Project Guide Head Of the Department

Mr. SRIDHAR KODALI, M.Tech Mr. R. PITCHAIAH, M.Tech
Assistant Professor Associate Professor

EXTERNAL EXAMINER


i!
 ACKNOWLEDGEMENT

I feel immense pleasure to express my sincere thanks and profound sense of

gratitude to all those people who played a valuable role for the successful completion
of my project by their invaluable suggestions and advices.
I am very much thankful to our Secretary & Correspondent Rev. Fr. Dr.
GOVINDA RAYANNA M.A, Ph.D (Roam) garu, for his encouragements and
motivations to complete my project.
I am thankful to our Principal Dr. M. UMADEVI M.Tech, Ph.D. Garu, for
permitting and encouraging me in doing this project.
I am deeply intended to Mr. R.PITCHAIAH M.Tech garu, Head of the
Department, whose motivation and constant encouragement has led to pursue a
project in the field of software development.
I am very much obliged and thankful to my internal guide Mr. K.SRIDHAR
for providing this opportunity and constant encouragement given by him during the
course. I am grateful to his valuable guidance and suggestions during my project
work.
My Parents have put myself ahead of themselves. Because of their hard work
and dedication, I have had opportunities beyond my wildest dreams. My heartfelt
thanks to them for giving me all I ever needed to be successful student and individual.
Finally I express my thanks to all my other professors, classmates, friends,
and my family members who helped me for the completion of my project and without
infinite love and patience this would never have been possible.

GADE MARY SINDHURI REDDY

Reg.No. 13NF1D5805

!ii
 DECLARATION

I hereby declare that the project report entitled “A SECURE MULTI

KEYWORD RANKED SEARCH SCHEME THAT SUPPORTS DYNAMIC
UPDATE OPERATIONS IN CLOUD” is submitted to JNTUK in partial fulfillment
of the requirements for the award of degree of M.Tech is a bonafide work carried out
by me.

The matter embodied in this project is a genuine work done by me and has not
been submitted earlier to this or any other university for the award of any degree.

GADE MARY SINDHURI REDDY

Reg. No. : 13NF1D5805

i! ii
 A SECURE MULTI KEYWORD
RANKED SEARCH SCHEME THAT
SUPPORTS DYNAMIC UPDATE
OPERATIONS IN CLOUD 

 A SECURE MULTI KEYWORD RANKED SEARCH SCHEME
THAT SUPPORTS DYNAMIC UPDATE OPERATIONS IN CLOUD

Abstract:

Due to the increasing popularity of cloud computing, more and more data
owners are motivated to outsource their data to cloud servers for great convenience
and reduced cost in data management. However, sensitive data should be encrypted
before outsourcing for privacy requirements, which obsoletes data utilisation like
keyword-based document retrieval. In this paper, we present a secure multi-keyword
ranked search scheme over encrypted cloud data, which simultaneously supports
dynamic update operations like deletion and insertion of documents. Specifically, the
vector space model and the widely-used TF_IDF model are combined in the index
construction and query generation.
We construct a special tree-based index structure and propose a “Greedy
Depth-first Search” algorithm to provide efficient multi-keyword ranked search. The
secure KNN algorithm is utilised to encrypt the index and query vectors, and
meanwhile ensure accurate relevance score calculation between encrypted index and
query vectors. In order to resist statistical attacks, phantom terms are added to the
index vector for blinding search results. Due to the use of our special tree-based index
structure, the proposed scheme can achieve sub-linear search time and deal with the
deletion and insertion of documents flexibly. Extensive experiments are conducted to
demonstrate the efficiency of the proposed scheme.

!iv
 Table of Contents
Abstract………………………………………………………………………….. iv

LIST OF FIGURES ...............................................................................................vii

1. INTRODUCTION .............................................................................................. 1

1.1 Introduction to Cloud Computing .................................................1

1.2 Service Models ..............................................................................................3

2. LITERATURE SURVEY .................................................................................. 5
3. SYSTEM REQUIREMENTS ........................................................................... 9
3.1 System Requirements .....................................................................................9
3.2 Software Environment ....................................................................................9
3.3 Database Tables ..............................................................................................25
4. SYSTEM ANALYSIS .........................................................................................27
4.1 Existing System ..............................................................................................27
4.2 Disadvantages Of Existing System ................................................................27
4.3 Proposed System ............................................................................................27
4.4 Advantages Of Proposed System ...................................................................28
5. SYSTEM STUDY ...............................................................................................29
5.1 Feasibility Study .............................................................................................29
5.1.1 Economical Feasibility .........................................................................29
5.1.2 Technical Feasibility .............................................................................29
5.1.3 Social Feasibility ..................................................................................30
6. SYSTEM DESIGN .............................................................................................31
6.1 System Architecture .......................................................................................31
6.2 Data Search Algorithm ...................................................................................34
6.3 TF-IDF Algorithm ..........................................................................................34

v!
 6.4 Data Flow Diagram ........................................................................................35
6.5 UML Diagrams ...............................................................................................37
6.5.1 Use Case Diagram ................................................................................38
6.5.2 Class Diagram ......................................................................................41
6.5.3 Sequence Diagram ................................................................................41
6.5.4 Collaboration Diagram .........................................................................45
6.6 Input Design ...................................................................................................49
6.7 Output Design ................................................................................................50
7. SYSTEM IMPLEMENTATION .......................................................................52
7.1 Sample Code ...................................................................................................52
8. SYSTEM TESTING ...........................................................................................72
8.1 Introduction ....................................................................................................72
8.2 Types of Tests .................................................................................................72
8.2.1 Unit Testing ..........................................................................................74
8.2.2 Integration Testing ................................................................................75
8.2.3 Acceptance Testing ...............................................................................75
8.3 Test Cases .......................................................................................................75
9. RESULTS ............................................................................................................77
9.1 ScreenShots ....................................................................................................77
10. CONCLUSION AND FUTURE WORK ........................................................90
11. BIBLIOGRAPHY ............................................................................................91

!vi
 LIST OF FIGURES

Page
Name Of Figure No
Fig 1.1 Structure of Cloud Computing 2
Fig 1.2 Structure of Service Models 3
Fig 3.1 Java Interpreter & Compiler Working 10

Fig 3.2 Java Platform 11

Fig 3.3 Program Running on Java Platform 11

Fig 3.4 Software Development Kit Of Java 13

Fig 3.5 Compiler & Interpreter Work in Java 18
Fig 3.6 Tomcat 6.0 Web Server 24

Fig 3.7 User Request Table 25

Fig 3.8 User Registration Table 25

Fig 3.9 Owner Table 25

Fig 3.10 Data Table 26

Fig 3.11 Metadata Table 26
Fig 6.1 System Architecture 32
Fig 6.2 Data Flow Diagram 36

Fig 6.3 Use Case Diagram 38

Fig 6.4 Data User Use Case Diagram 39

Fig 6.5 Administrator Use Case Diagram 39

Fig 6.6 Trapdoor Use Case Diagram 40

Fig 6.7 Class Diagram 41

Fig 6.8 Data Owner Sequence Diagram 42

Fig 6.9 Data User Sequence Diagram 43
Fig 6.10 Admin Sequence Diagram 44
Fig 6.11 Trapdoor Sequence Diagram 45

v! ii
Fig 6.12 Data Owner Collaboration Diagram 46

Fig 6.13 Data User Collaboration Diagram 47

Fig 6.14 Admin Collaboration Diagram 48

Fig 6.15 Trapdoor Collaboration Diagram 49
Fig 9.1 Home Page 77

Fig 9.2 Admin Login Page 78

Fig 9.3 Data Owner Registration Page 78

Fig 9.4 User Registration Page 79

Fig 9.5 User Acceptance Page 80

Fig 9.6 File Upload Page 81

Fig 9.7 Trapdoor Login Page 82
Fig 9.8 Trapdoor SK Request 83
Fig 9.9 List Of Files 84

Fig 9.10 File Update 85

Fig 9.11 User Login Page 86

Fig 9.12 File Search Page 87

Fig 9.13 Downloading a File 88

Fig 9.14 Trapdoor Key Request 89

!viii
 CHAPTER 1
INTRODUCTION
 1. INTRODUCTION
1.1. Introduction to Cloud Computing
The cloud computing facilitates many straight benefits to clients as on demand
service, location independence, elasticity, network based model, resource pooling and
so on. The cloud storage provisioning is one of the important services of cloud
computing. The cloud storage facilitates massive amount of data storage which
magnetise small and medium scale organisations to utilise remote storage for efficient
and economic storage management. It is a model of data storage where the data is
stored in logical pool, the physical storage spans multiple servers and the physical
environment is actually owned and managed by a hosting entity. The tasks like
keeping the data available and accessible, and the physical environment protected and
running is done by cloud storage providers.

The cloud provides server based applications and all data services to the user,
with output displayed on the client device. Memory allocated to the client system's
web browser is used to make the application data appear on the client system display,
but all computations and changes are recorded by the server, and final results
including files created or altered are permanently stored on the cloud servers.
Performance of the cloud application is dependent upon the network access, speed
and reliability as well as the processing speed of the client device. While Cloud
Computing makes these advantages more appealing than ever, it also brings new and
challenging security threats towards user’s outsourced data. Since cloud service
providers (CSP) are separate administrative entities, data outsourcing is actually
relinquishing user’s ultimate control over the fate of their data. As a result, the
correctness of the data in the cloud is being put at risk due to the following reasons.
First of all, although the infrastructures under the cloud are much more powerful and
reliable than personal computing devices, they are still facing the broad range of both
internal and external threats for data integrity.

Second, for the benefits of their own, there do exist various motivations for
cloud service providers to behave unfaithfully towards the cloud users regarding the

Universal College Of Engineering & Technology !1

 status of their outsourced data. These problems impede the successful deployment of
the cloud architecture.

Fig 1.1: Structure of cloud computing

In cloud computing, remote data integrity checking is an important security

problem. The client’s massive data is outside his control. The malicious cloud server
may corrupt the client’s data in order to gain more benefits. Many researchers
proposed the corresponding system model and security model. The verifier only
maintains small metadata to perform the integrity checking. PDP is an interesting
remote data integrity checking model. In 2012, Wang proposed the security model and
concrete scheme of proxy PDP in public clouds. At the same time, Zhu proposed the
cooperative PDP in the multi-cloud storage. Many remote data integrity checking
models and protocols have been proposed are as follows PDP.

The verifier can check the remote data integrity and retrieve the remote data at
any time. On some cases, the client may delegate the remote data integrity checking
task to the third party. One of benefits of cloud storage is to enable universal data
access within dependent geographical locations. This implies that the end devices may
be mobile and limited in computation and storage. Efficient integrity checking
protocols are more suitable for cloud clients equipped with mobile end devices .The
verifier can check remote data integrity with a high probability. Based on the RSA,

Universal College Of Engineering & Technology !2

 they designed two provably secure PDP schemes. After that, proposed dynamic PDP
model and concrete scheme although it does not support insert operation. In order to
support the insert operation, in 2009, Erway proposed a full-dynamic PDP scheme
based on the authenticated flip table. The similar work has also been done PDP allows
a verifier to verify the remote data integrity without retrieving or downloading the
whole data. It is a probabilistic proof of possession by sampling random set of blocks
from the server, which drastically reduces I/O costs.

1.2 Service Models:

Cloud Computing comprises three different service models, namely

Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-
Service (SaaS). The three service models or layer are completed by an end user layer
that encapsulates the end user perspective on cloud services. The model is shown in
figure below. If a cloud user accesses services on the infrastructure layer, for instance,
she can run her own applications on the resources of a cloud infrastructure and remain
responsible for the support, maintenance, and security of these applications herself. If
she accesses a service on the application layer, these tasks are normally taken care of
by the cloud service provider.

Fig:1.2 Structure of service models

Universal College Of Engineering & Technology !3

 Benefits of cloud computing:

1. Achieve economies of scale – increase volume output or productivity with fewer

people. Your cost per unit, project or product plummets.

2. Reduce spending on technology infrastructure. Maintain easy access to your

information with minimal upfront spending. Pay as you go (weekly, quarterly or
yearly), based on demand.

3. Globalize your workforce on the cheap. People worldwide can access the cloud,
provided they have an Internet connection.

4. Streamline processes. Get more work done in less time with less people.

5. Reduce capital costs. There’s no need to spend big money on hardware, software
or licensing fees.

6. Improve accessibility. You have access anytime, anywhere, making your life so
much easier!

7. Monitor projects more effectively. Stay within budget and ahead of completion
cycle times.

8. Less personnel training is needed. It takes fewer people to do more work on a

cloud, with a minimal learning curve on hardware and software issues.

9. Minimize licensing new software. Stretch and grow without the need to buy
expensive software licenses or programs.

10. Improve flexibility. You can change direction without serious “people” or
“financial” issues at stake.

Advantages:

1. Price: Pay for only the resources used.

2. Security: Cloud instances are isolated in the network from other instances for
improved security.
3. Performance: Instances can be added instantly for improved performance.
Clients have access to the total resources of the Cloud’s core hardware.
4. Scalability: Auto-deploy cloud instances when needed.

Universal College Of Engineering & Technology !4

 5. Uptime: Uses multiple servers for maximum redundancies. In case of server
failure, instances can be automatically created on another server.
6. Control: Able to login from any location. Server snapshot and a software library
lets you deploy custom instances.
7. Traffic: Deals with spike in traffic with quick deployment of additional instances
to handle the load

Universal College Of Engineering & Technology !5

 CHAPTER 2
LITERATURE SURVEY
 2. LITERATURE SURVEY

2.1 Security challenges for the public cloud

AUTHORS: K. Ren, C.Wang, Q.Wang et al.,

Cloud computing represents today's most exciting computing paradigm shift in

information technology. However, security and privacy are perceived as primary
obstacles to its wide adoption. Here, the authors outline several critical security
challenges and motivate further investigation of security solutions for a trustworthy
public cloud environment.

2.2 A fully homomorphic encryption scheme

AUTHORS: C. Gentry
We propose the first fully homomorphic encryption scheme, solving an old
open problem. Such a scheme allows one to compute arbitrary functions over
encrypted data without the decryption key—i.e., given encryptions E(m1), ..., E( mt)
of m1, ..., m t, one can efficiently compute a compact ciphertext that encrypts
f(m1, ..., m t) for any efficiently computable function f.
Fully homomorphic encryption has numerous applications. For example, it
enables encrypted search engine queries—i.e., a search engine can give you a succinct
encrypted answer to your (boolean) query without even knowing what your query
was. It also enables searching on encrypted data; you can store your encrypted data on
a remote server, and later have the server retrieve only files that (when decrypted)
satisfy some boolean constraint, even though the server cannot decrypt the files on its
own. More broadly, it improves the efficiency of secure multiparty computation.
In our solution, we begin by designing a somewhat homomorphic
"boostrappable" encryption scheme that works when the function f is the scheme's
own decryption function. We then show how, through recursive self-embedding, boot
strappable encryption gives fully homomorphic encryption.

Universal College Of Engineering & Technology !6

 2.3 Public key encryption with keyword search
AUTHORS: D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano

We study the problem of searching on data that is encrypted using a public key
system. Consider user Bob who sends email to user Alice encrypted under Alice's
public key. An email gateway wants to test whether the email contains the keyword
"urgent" so that it could route the email accordingly. Alice, on the other hand does not
wish to give the gateway the ability to decrypt all her messages. We define and
construct a mechanism that enables Alice to provide a key to the gateway that enables
the gateway to test whether the word "urgent" is a keyword in the email without
learning anything else about the email. We refer to this mechanism as Public Key
Encryption with keyword Search. As another example, consider a mail server that
stores various messages publicly encrypted for Alice by others. Using our mechanism
Alice can send the mail server a key that will enable the server to identify all
messages containing some specific keyword, but learn nothing else. We define the
concept of public key encryption with keyword search and give several constructions.

2.4 Practical techniques for searches on encrypted data

AUTHORS: D. X. Song, D. Wagner, and A. Perrig
It is desirable to store data on data storage servers such as mail servers and file
servers in encrypted form to reduce security and privacy risks. But this usually
implies that one has to sacrifice functionality for security. For example, if a client
wishes to retrieve only documents containing certain words, it was not previously
known how to let the data storage server perform the search and answer the query,
without loss of data confidentiality. We describe our cryptographic schemes for the
problem of searching on encrypted data and provide proofs of security for the
resulting crypto systems. Our techniques have a number of crucial advantages. They
are provably secure: they provide provable secrecy for encryption, in the sense that
the untrusted server cannot learn anything about the plaintext when only given the
ciphertext; they provide query isolation for searches, meaning that the untrusted
server cannot learn anything more about the plaintext than the search result; they

Universal College Of Engineering & Technology !7

 provide controlled searching, so that the untrusted server cannot search for an
arbitrary word without the user's authorization; they also support hidden queries, so
that the user may ask the untrusted server to search for a secret word without
revealing the word to the server. The algorithms presented are simple, fast (for a
document of length n, the encryption and search algorithms only need O(n) stream
cipher and block cipher operations), and introduce almost no space and
communication overhead, and hence are practical to use today .

2.5 Privacy preserving keyword searches on remote encrypted data

AUTHORS: Y.-C. Chang and M. Mitzenmacher

We consider the following problem: a user U wants to store his files in an

encrypted form on a remote file server S. Later the user U wants to efficiently retrieve
some of the encrypted files containing (or indexed by) specific keywords, keeping the
keywords themselves secret and not jeopardizing the security of the remotely stored
files. For example, a user may want to store old e-mail messages encrypted on a
server managed by Yahoo or another large vendor, and later retrieve certain messages
while travelling with a mobile device.
In this paper, we offer solutions for this problem under well-defined security
requirements. Our schemes are efficient in the sense that no public-key cryptosystem
is involved. Indeed, our approach is independent of the encryption method chosen for
the remote files. They are also incremental, in that U can submit new files which are
secure against previous queries but still searchable against future queries.

Universal College Of Engineering & Technology !8

 CHAPTER 3
SYSTEM REQUIREMENTS


 3. SYSTEM REQUIREMENTS

3.1 System Requirements

Hardware Requirements:

◦ System : Pentium IV 3.5GHz.

◦ Hard Disk : 20 GB.
◦ Monitor : 14’ Colour Monitor.
◦ Mouse : Optical Mouse.
◦ RAM : 1 GB.

Software Requirements:

◦ Operating System : Windows 7/8/10

◦ Front End : HTML,JAVA,JSP
◦ Data Base : MYSQL
◦ Scripts : Java Script
◦ Web Server : Apache Tomcat
◦ Server Side Script : Java Server Pages

3.2 Software Environment

Java Technology
Java technology is both a programming language and a platform.
The Java Programming Language

The Java programming language is a high-level language that can be characterized by

all of the following buzzwords:
• Simple
• Architecture neutral


Universal College Of Engineering & Technology !9

 • Object oriented
• Portable
• Distributed
• High performance
• Interpreted
• Multithreaded
• Robust
• Dynamic
• Secure

With most programming languages, you either compile or interpret a program so that
you can run it on your computer. The Java programming language is unusual in that a
program is both compiled and interpreted. With the compiler, first you translate a
program into an intermediate language called Java byte codes —the platform-
independent codes interpreted by the interpreter on the Java platform. The interpreter
parses and runs each Java byte code instruction on the computer. Compilation
happens just once; interpretation occurs each time the program is executed. The
following figure illustrates how this works.

Fig 3.1 Java Interpreter & Compiler Working

You can think of Java byte codes as the machine code instructions for the Java
Virtual Machine (Java VM). Every Java interpreter, whether it’s a development tool
or a Web browser that can run applets, is an implementation of the Java VM. Java
byte codes help make “write once, run anywhere” possible. You can compile your
program into byte codes on any platform that has a Java compiler. The byte codes can
then be run on any implementation of the Java VM. That means that as long as a
computer has a Java VM, the same program written in the Java programming
language can run on Windows 2000, a Solaris workstation, or on an iMac.


Universal College Of Engineering & Technology !10

 Fig 3.2 Java Platform

The Java Platform

A platform is the hardware or software environment in which a program runs. We’ve
already mentioned some of the most popular platforms like Windows 2000, Linux,
Solaris, and MacOS. Most platforms can be described as a combination of the
operating system and hardware. The Java platform differs from most other platforms
in that it’s a software-only platform that runs on top of other hardware-based
platforms.
The Java platform has two components:
The Java Virtual Machine (Java VM)
The Java Application Programming Interface (Java API)
You’ve already been introduced to the Java VM. It’s the base for the Java platform
and is ported onto various hardware-based platforms.

The Java API is a large collection of ready-made software components that provide
many useful capabilities, such as graphical user interface (GUI) widgets. The Java
API is grouped into libraries of related classes and interfaces; these libraries are
known as packages. The next section, What Can Java Technology Do? Highlights
what functionality some of the packages in the Java API provide.
The following figure depicts a program that’s running on the Java platform.

Fig 3.3 Program Running on Java Platform


Universal College Of Engineering & Technology 1! 1

 As the figure shows, the Java API and the virtual machine insulate the
program from the hardware. Native code is code that after you compile it, the
compiled code runs on a specific hardware platform. As a platform-independent
environment, the Java platform can be a bit slower than native code. However, smart
compilers, well-tuned interpreters, and just-in-time byte code compilers can bring
performance close to that of native code without threatening portability.
What Can Java Technology Do?

The most common types of programs written in the Java programming language are
applets and applications. If you’ve surfed the Web, you’re probably already familiar
with applets. An applet is a program that adheres to certain conventions that allow it
to run within a Java-enabled browser.

However, the Java programming language is not just for writing cute, entertaining
applets for the Web. The general-purpose, high-level Java programming language is
also a powerful software platform. Using the generous API, you can write many types
of programs.

An application is a standalone program that runs directly on the Java platform. A

special kind of application known as a server serves and supports clients on a
network. Examples of servers are Web servers, proxy servers, mail servers, and print
servers. Another specialized program is a servlet. A servlet can almost be thought of
as an applet that runs on the server side. Java Servlets are a popular choice for
building interactive web applications, replacing the use of CGI scripts. Servlets are
similar to applets in that they are runtime extensions of applications. Instead of
working in browsers, though, servlets run within Java Web servers, configuring or
tailoring the server.

How does the API support all these kinds of programs? It does so with packages of
software components that provides a wide range of functionality. Every full
implementation of the Java platform gives you the following features:

The essentials: Objects, strings, threads, numbers, input and output, data structures,
system properties, date and time, and so on. Applets: The set of conventions used by
applets.

Universal College Of Engineering & Technology !12

 Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data gram
Protocol) sockets, and IP (Internet Protocol) addresses.
Internationalization: Help for writing programs that can be localized for users
worldwide. Programs can automatically adapt to specific locales and be displayed in
the appropriate language

Security: Both low level and high level, including electronic signatures, public and
private key management, access control, and certificates.
Software components: Known as JavaBeans TM, can plug into existing component
architectures.

Object serialization: Allows lightweight persistence and communication via Remote

Method Invocation (RMI).

Java Database Connectivity (JDBCTM): Provides uniform access to a wide range

of relational databases.

The Java platform also has APIs for 2D and 3D graphics, accessibility, servers,
collaboration, telephony, speech, animation, and more. The following figure depicts
what is included in the Java 2 SDK.

Fig 3.4 Software Development Kit of JAVA

How Will Java Technology Change My Life?

We can’t promise you fame, fortune, or even a job if you learn the Java programming
language. Still, it is likely to make your programs better and requires less effort than
other languages. We believe that Java technology will help you do the following:

Get started quickly: Although the Java programming language is a powerful object-
oriented language, it’s easy to learn, especially for programmers already familiar with

Universal College Of Engineering & Technology !13

 C or C++.
Write better code: The Java programming language encourages good coding
practices, and its garbage collection helps you avoid memory leaks. Its object
orientation, its JavaBeans component architecture, and its wide-ranging, easily
extendible API let you reuse other people’s tested code and introduce fewer bugs.

Develop programs more quickly: Your development time may be as much as twice
as fast versus writing the same program in C++. Why? You write fewer lines of code
and it is a simpler programming language than C++.

Avoid platform dependencies with 100% Pure Java: You can keep your program
portable by avoiding the use of libraries written in other languages. The 100% Pure
JavaTM Product Certification Program has a repository of historical process manuals,
white papers, brochures, and similar materials online.

Write once, run anywhere: Because 100% Pure Java programs are compiled into
machine-independent byte codes, they run consistently on any Java platform.
Distribute software more easily: You can upgrade applets easily from a central
server. Applets take advantage of the feature of allowing new classes to be loaded “on
the fly,” without recompiling the entire program.

ODBC
Microsoft Open Database Connectivity (ODBC) is a standard programming interface
for application developers and database systems providers. Before ODBC became a
de facto standard for Windows programs to interface with database systems,
programmers had to use proprietary languages for each database they wanted to
connect to. Now, ODBC has made the choice of the database system almost irrelevant
from a coding perspective, which is as it should be. Application developers have
much more important things to worry about than the syntax that is needed to port
their program from one database to another when business needs suddenly change.

Through the ODBC Administrator in Control Panel, you can specify the particular
database that is associated with a data source that an ODBC application program is
written to use. Think of an ODBC data source as a door with a name on it. Each door
will lead you to a particular database. For example, the data source named Sales

Universal College Of Engineering & Technology !14

 Figures might be a SQL Server database, whereas the Accounts Payable data source
could refer to an Access database. The physical database referred to by a data source
can reside anywhere on the LAN.

The ODBC system files are not installed on your system by Windows 95. Rather, they
are installed when you setup a separate database application, such as SQL Server
Client or Visual Basic 4.0. When the ODBC icon is installed in Control Panel, it uses
a file called ODBCINST.DLL. It is also possible to administer your ODBC data
sources through a stand-alone program called ODBCADM.EXE. There is a 16-bit and
a 32-bit version of this program and each maintains a separate list of ODBC data
sources.

From a programming perspective, the beauty of ODBC is that the application can be
written to use the same set of function calls to interface with any data source,
regardless of the database vendor. The source code of the application doesn’t change
whether it talks to Oracle or SQL Server. We only mention these two as an example.
There are ODBC drivers available for several dozen popular database systems. Even
Excel spreadsheets and plain text files can be turned into data sources. The operating
system uses the Registry information written by ODBC Administrator to determine
which low-level ODBC drivers are needed to talk to the data source (such as the
interface to Oracle or SQL Server). The loading of the ODBC drivers is transparent to
the ODBC application program. In a client/server environment, the ODBC API even
handles many of the network issues for the application programmer.
The advantages of this scheme are so numerous that you are probably thinking there must
be some catch. The only disadvantage of ODBC is that it isn’t as efficient as talking
directly to the native database interface. ODBC has had many detractors make the charge
that it is too slow. Microsoft has always claimed that the critical factor in performance is
the quality of the driver software that is used. In our humble opinion, this is true. The
availability of good ODBC drivers has improved a great deal recently. And anyway, the
criticism about performance is somewhat analogous to those who said that compilers
would never match the speed of pure assembly language. Maybe not, but the compiler (or
ODBC) gives you the opportunity to write cleaner programs, which means you finish
sooner. Meanwhile, computers get faster every year.

Universal College Of Engineering & Technology !15

 JDBC
In an effort to set an independent database standard API for Java; Sun Microsystems
developed Java Database Connectivity, or JDBC. JDBC offers a generic SQL
database access mechanism that provides a consistent interface to a variety of
RDBMSs. This consistent interface is achieved through the use of “plug-in” database
connectivity modules, or drivers. If a database vendor wishes to have JDBC support,
he or she must provide the driver for each platform that the database and Java run on.
To gain a wider acceptance of JDBC, Sun based JDBC’s framework on ODBC. As
you discovered earlier in this chapter, ODBC has widespread support on a variety of
platforms. Basing JDBC on ODBC will allow vendors to bring JDBC drivers to
market much faster than developing a completely new connectivity solution.

JDBC was announced in March of 1996. It was released for a 90 day public review
that ended June 8, 1996. Because of user input, the final JDBC v1.0 specification was
released soon after.

The remainder of this section will cover enough information about JDBC for you to
know what it is about and how to use it effectively. This is by no means a complete
overview of JDBC. That would fill an entire book.
JDBC Goals

Few software packages are designed without goals in mind. JDBC is one that,
because of its many goals, drove the development of the API. These goals, in
conjunction with early reviewer feedback, have finalized the JDBC class library into
a solid framework for building database applications in Java.

The goals that were set for JDBC are important. They will give you some insight as to
why certain classes and functionalities behave the way they do. The eight design
goals for JDBC are as follows:
1. SQL Level API

The designers felt that their main goal was to define a SQL interface for Java.
Although not the lowest database interface level possible, it is at a low enough
level for higher-level tools and APIs to be created. Conversely, it is at a high
enough level for application programmers to use it confidently. Attaining this goal

Universal College Of Engineering & Technology !16

 allows for future tool vendors to “generate” JDBC code and to hide many of
JDBC’s complexities from the end user.
2. SQL Conformance

SQL syntax varies as you move from database vendor to database vendor. In an
effort to support a wide variety of vendors, JDBC will allow any query statement
to be passed through it to the underlying database driver. This allows the
connectivity module to handle non-standard functionality in a manner that is
suitable for its users.
3. JDBC must be implemental on top of common database interfaces
The JDBC SQL API must “sit” on top of other common SQL level APIs. This
goal allows JDBC to use existing ODBC level drivers by the use of a software
interface. This interface would translate JDBC calls to ODBC and vice versa.
4. Provide a Java interface that is consistent with the rest of the Java system
Because of Java’s acceptance in the user community thus far, the designers feel
that they should not stray from the current design of the core Java system.

5. Keep it simple

This goal probably appears in all software design goal listings. JDBC is no
exception. Sun felt that the design of JDBC should be very simple, allowing for
only one method of completing a task per mechanism. Allowing duplicate
functionality only serves to confuse the users of the API.
6. Use strong, static typing wherever possible

Strong typing allows for more error checking to be done at compile time; also,
less error appear at runtime.
7. Keep the common cases simple

Because more often than not, the usual SQL calls used by the programmer are
simple SELECT’s, INSERT’s, DELETE’s and UPDATE’s, these queries should be simple
to perform with JDBC. However, more complex SQL statements should also be
possible.

Java ha two things: a programming language and a platform.

Java is a high-level programming language that is all of the following

Universal College Of Engineering & Technology !17

 a. Simple
b. Object Oriented
c. Distributed
d. Interpreted
e. Multi Threaded
f. Robust
g. Secure
h. Portable
i. Dynamic

Java is also unusual in that each Java program is both compiled and
interpreted. With a compile you translate a Java program into an intermediate
language called Java byte codes the platform-independent code instruction is passed
and run on the computer.

Compilation happens just once; interpretation occurs each time the program is
executed. The figure illustrates how this works.

Java Interpreter

Compilers My Program

Fig 3.5 Compiler & Interpreter work in Java

Universal College Of Engineering & Technology !18

 You can think of Java byte codes as the machine code instructions for the Java Virtual
Machine (Java VM). Every Java interpreter, whether it’s a Java development tool or a
Web browser that can run Java applets, is an implementation of the Java VM. The
Java VM can also be implemented in hardware.
Java byte codes help make “write once, run anywhere” possible. You can compile
your Java program into byte codes on my platform that has a Java compiler. The byte
codes can then be run any implementation of the Java VM. For example, the same
Java program can run Windows NT, Solaris, and Macintosh.

HYPER TEXT MARKUP LANGUAGE

HTML stands for "Hypertext Markup Language". HTML is a SGML
(Standard Generalized Markup Language) application widely used to create web
pages. It is basically a formatting language and not a programming language.HTML
is a language that is easy to write, easy to understand and highly portable. HTML is
not a compiled language and is directly interpreted by a browser.HTML is the set of
instructions. Each instruction is called as an element or Markup. It is used to structure
and format documents for presentation on the web. HTML enhances ASCII files with
markup tags that permit the display of a variety of fonts, images, and highlighting
options. It also designates structural elements such as headers, lists, and paragraphs,
and provides hypertext links to other documents on the Internet.
In plain English, for those of us who are not programming wizards, it is the
language our web browser understands, so that it can display what the author of the
page wanted us to see... and we can do some really neat stuff with it.

Interactive HTML:
HTML Tag:-
The first and last tags in a document should always be the HTML tags. These
are the tags that tell a Web browser where the HTML in your document begins and
ends. The absolute most basic of all possible Web documents is:
<Html >
</Html>

Universal College Of Engineering & Technology !19

 That's it. If we were to load such a page into a Web browser, it wouldn't do
anything except give us a blank screen, but it is technically a valid Web page.
HEAD Tag:-
The HEAD tags contain all of the document's header information. When I say
"header," I don't mean what appears at the top of the browser window, but things like
the document title and so on.
BODY Tag:-
BODY comes after the HEAD structure. Between the BODY tags, all of the
stuff that gets displayed in the browser window is found. All of the text, the graphics,
and links, and so on these things occur between the BODY tags.
FORMS Tag: -
Forms provide a unique feature to HTML. Forms allow you to collect data
from the end user and return that data to an executable code. The <FORM> element is
used to start a form. The <FORM> element specifies what program to run when the
form is submitted and how the data is to be transferred.
ATTRIBUTES Tag:-
ACTION-The ACTION attribute specifies what program or HTML file is to be called
when the submit button is pressed. The ACTION is specified as a URL.
METHOD-The METHOD attribute specifies the protocol to be used when the client
sends data to the server. There are two methods. GET (the default) or POST. Using
GET method data is attached to the URL mentioned in ACTION attribute. The data
that can be sent here is limited here. Where as in POST the data is posted through
environment variables and unlimited amounts of data can be sent.
NAME- the NAME attribute specifies the name of the form with which the elements
of the form can be referred to later.
The <INPUT> Element:-
The <INPUT> tag provides some type of data entry in the form depending on
the value of its type attribute.

Universal College Of Engineering & Technology !20

 JAVA SCRIPT
Java Script is Netscape’s cross–platform, object-based scripting language for
client server application. JavaScript is mainly used as a client side scripting language.
This means that JavaScript code is written into an HTML page. When a user requests
an HTML page with JavaScript in it, the script is sent to the browser and it's up to the
browser to do something with it. JavaScript can be used in other contexts than a Web
browser. Netscape created server-side JavaScript as a CGI-language that can do
roughly the same as Perl or ASP.
Fortunately most browsers can handle JavaScript nowadays, but of
course some browsers do not support some bits of script.

Types of Java Script:

a. Navigator Java Script also called client-side Java Script.
b. Live Wire Java Script also called server-side Java Script.
Using Java Script, dynamic HTML pages can be created that process
user input and maintain persistent data using special objects, files and relational
databases. Browser interprets JavaScript statements embedded in an HTML page.
Netscape Navigator 2.0 and Internet Explorer 3.0 versions and later recognize Java
Script. Through JavaScript Live Connect functionally, application can access Java and
CORBA distributed-object applications. Navigator 3.0 and later versions supports
Live Connect.
Features of JavaScript (JS):
a. Browser interprets JavaScript.
b. JavaScript is object based and uses built-in, extensible objects and have no
classes or inheritance
c. JavaScript is loosely typed language
d. In JavaScript object reference are checked at runtime
e. JavaScript is designed to supplement the capabilities of HTML with script
that are capable of responding to web pages events. JSP has access to
some extent of aspects of the web browser window.
f. JavaScript control browser and content but cannot draw graphics or

Universal College Of Engineering & Technology !21

 perform networking.
Client side JavaScript features:
Client–side JavaScript has expressly been developed for use in a web browser
in conjunction with HTML pages. This has certain consequences for security.
o JavaScript cannot read files from or write them to the file system on the
computer. This would be a clear security hazard
o JavaScript cannot execute any other programs. This would also be
unacceptable.
o JavaScript cannot establish any connection to whatever computer, except
to download a new HTML page or to send mail. This, too, would create
unacceptable hazards.

The Client-Side JavaScript also has the following features:

o Controls Document’s appearance and content
o Control the browser
o Interact with the HTML forms
o Interact with the user
o Read and write client state with cookies

Server- Side JavaScript Features:

a. Embedded in HTML page
b. Executed at the server
c. Pre-complied for faster response
d. Access to Server-side objects
e. Encapsulation of the request

JAVA SERVER PAGES

Introduction:
Jsp technology enables you to mix regular static html with
dynamically generated content from servlets. Separating the static html from the
dynamic content provides a number of benefits over servlets alone.

Universal College Of Engineering & Technology !22

 Why use JSP:
Jsp is easy to learn and allows developers to quickly produce wed sites
and application in an open and standard way. Jsp is based on java, an object-oriented
language. Jsp offers a robust platform for web development.
Main reasons to Jsp:
a. Multi platform
b. Component reuse by using java beans and Ejb
c. Advantages if java
We can take one Jsp file and move it to another platform, web server or Jsp servlet
engine.
JSP compared to ASP:
Jsp and Asp are fairly similar in the functionality that they provide. Jsp may
have slightly higher learning curve. Both allow embedded code in an html page,
session variables Platform i.e., NT, JSP can operate on any platform that conforms to
the J2EE specification. Jsp allow component reuse by using JavaBeans and Ejbs. Asp
provides the use of Com/activeX controls.

Universal College Of Engineering & Technology !23

 Tomcat 6.0 web server
Tomcat is an open source web server developed by Apache Group.
Apache Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies. The Java
Servlet and JavaServer Pages specifications are developed by Sun under the Java
Community Process. Web Servers like Apache Tomcat support only web components
while an application server supports web components as well as business components
(BEAs Weblogic, is one of the popular application server).To develop a web
application with jsp/servlet install any web server like JRun, Tomcat etc to run your
application.

Fig 3.6 Tomcat 6.0 Web server

Universal College Of Engineering & Technology !24

 3.3 Database Tables

1. User Request Table

Fig 3.7 User Request Table

2. User Registration Table

Fig 3.8 User Registration Table

3. Owner Table

Fig 3.9 Owner Table

Universal College Of Engineering & Technology !25

 4. Data Table

Fig 3.10 Data Table

5. Metadata Table

Fig 3.11 Metadata Table

Universal College Of Engineering & Technology !26

 CHAPTER 4
SYSTEM ANALYSIS
 4. SYSTEM ANALYSIS

4.1 EXISTING SYSTEM

• A general approach to protect the data confidentiality is to encrypt the data

before outsourcing.

• Searchable encryption schemes enable the client to store the encrypted

data to the cloud and execute keyword search over cipher text domain. So far,
abundant works have been proposed under different threat models to achieve
various search functionality, such as single keyword search, similarity search, multi-
keyword Boolean search, ranked search, multi-keyword ranked search, etc. Among
them, multi-keyword ranked search achieves more and more attention for its
practical applicability. Recently, some dynamic schemes have been proposed to
support inserting and deleting operations on document collection. These are
significant works as it is highly possible that the data owners need to update their
data on the cloud server.

4.2 DISADVANTAGES OF EXISTING SYSTEM

• Huge cost in terms of data usability. For example, the existing techniques on
keyword-based information retrieval, which are widely used on the plaintext data,
cannot be directly applied on the encrypted data. Downloading all the data from the
cloud and decrypt locally is obviously impractical.

• Existing System methods not practical due to their high computational

overhead for both the cloud sever and user.

4.3 PROPOSED SYSTEM

• This paper proposes a secure tree-based search scheme over the encrypted
cloud data, which supports multi-keyword ranked search and dynamic operation on
the document collection. Specifically, the vector space model and the widely-used
“term frequency (TF) × inverse document frequency (IDF)” model are combined in
the index construction and query generation to provide multi-keyword ranked

Universal College Of Engineering & Technology !27

 search. In order to obtain high search efficiency, we construct a tree-based index
structure and propose a “Greedy Depth-first Search” algorithm based on this index
tree.

• The secure KNN algorithm is utilized to encrypt the index and query vectors,
and meanwhile ensure accurate relevance score calculation between encrypted
index and query vectors.

• To resist different attacks in different threat models, we construct two secure

search schemes: the basic dynamic multi-keyword ranked search (BDMRS)
scheme in the known cipher text model, and the enhanced dynamic multi-
keyword ranked search (EDMRS) scheme in the known background model.

4.4 ADVANTAGES OF PROPOSED SYSTEM

• Due to the special structure of our tree-based index, the proposed search
scheme can flexibly achieve sub-linear search time and deal with the deletion
and insertion of documents.
• We design a searchable encryption scheme that supports both the accurate
multi-keyword ranked search and flexible dynamic operation on document
collection.
• Due to the special structure of our tree-based index, the search complexity of
the proposed scheme is fundamentally kept to logarithmic. And in practice,
the proposed scheme can achieve higher search efficiency by executing our
“Greedy Depth-first Search” algorithm. Moreover, parallel search can be
flexibly performed to further reduce the time cost of search process.

Universal College Of Engineering & Technology !28

 CHAPTER 5
SYSTEM STUDY
 5. SYSTEM STUDY

5.1 FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and business proposal
is put forth with a very general plan for the project and some cost estimates. During
system analysis the feasibility study of the proposed system is to be carried out. This
is to ensure that the proposed system is not a burden to the company. For feasibility
analysis, some understanding of the major requirements for the system is essential.

Three key considerations involved in the feasibility analysis are

♦ECONOMICAL FEASIBILITY
♦TECHNICAL FEASIBILITY
♦SOCIAL FEASIBILITY

5.1.1 ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the system will
have on the organization. The amount of fund that the company can pour into the
research and development of the system is limited. The expenditures must be
justified. Thus the developed system as well within the budget and this was achieved
because most of the technologies used are freely available. Only the customized
products had to be purchased.

5.1.2 TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility, that is, the technical
requirements of the system. Any system developed must not have a high demand on
the available technical resources. This will lead to high demands on the available
technical resources. This will lead to high demands being placed on the client. The
developed system must have a modest requirement, as only minimal or null changes
are required for implementing this system.

Universal College Of Engineering & Technology !29

 5.1.3 SOCIAL FEASIBILITY
The aspect of study is to check the level of acceptance of the system by the user. This
includes the process of training the user to use the system efficiently. The user must
not feel threatened by the system, instead must accept it as a necessity. The level of
acceptance by the users solely depends on the methods that are employed to educate
the user about the system and to make him familiar with it. His level of confidence
must be raised so that he is also able to make some constructive criticism, which is
welcomed, as he is the final user of the system.

Universal College Of Engineering & Technology !30

 CHAPTER 6
SYSTEM DESIGN
 6. SYSTEM DESIGN
6.1 SYSTEM ARCHITECTURE

Data owner outsource the encrypted documents to the cloud server. In our
scheme, the data owner initially creates a secure searchable tree index I from
document collection F, and then generates an encrypted document collection C for F.
Then data owner outsource the encrypted document collection C and tree index I to
the cloud server and provides the key information of trapdoor generation and
document decryption details to authorized data users. Data owner generates update
information and send that to the server.

Data users are those who have authorization to access the documents of data
owner. Let t be the query keywords, the authorized user can generate a trapdoor TD
according to search mechanisms to fetch k encrypted documents from cloud server.
Data user can decrypt the documents with shared secret key.

Cloud server stores the encrypted document collection C and the encrypted
searchable tree index I for data owner. After receiving the trapdoor TD from the data
user, the cloud server searches the index tree I, and finally returns the corresponding
collection of top-k ranked encrypted documents. If the data owner updates the
document collection, according to the update information from the data owner, the
server needs to update the index I and document collection C.

The cloud server in the proposed scheme is considered as “honest-but-

curious”, which is employed in most of the works on cloud. Two threat models are
adopted in this scheme.

i. Known cipher text model:-In this model, the cloud server only knows the
encrypted document collection C, the searchable index tree I, and the search
trapdoor TD submitted by the authorized user. That is to say, the cloud server
can execute cipher text-only attack (COA) in this model.
ii. Known background model:-The model is equipped with more knowledge such
as term frequency statistics.

Universal College Of Engineering & Technology !31

 !

Fig:6.1 System Architecture

The architecture consists of the following modules

a. Data Owner

b. Trapdoor

c. Data User

d. Admin

6.1.1 Data Owner:

This module helps the owner to register his details and also helps the owner to
upload his file with encryption. This ensures the files to be protected from
unauthorized user. Data owner has a collection of documents F ={f1; f2; :::; fn} that
he wants to outsource to the cloud server in encrypted form while still keeping the
capability to search on them for effective utilization. In our scheme, the data owner
firstly builds a secure searchable tree index I from document collection F, and then
generates an encrypted document collection C for F. Afterwards, the data owner

Universal College Of Engineering & Technology !32

 outsources the encrypted collection C and the secure index I to the cloud server, and
securely distributes the key information of trapdoor generation and document
decryption to the authorized data users. Besides, the data owner is responsible for the
update operation of his documents stored in the cloud server. While updating, the data
owner generates the update information locally and sends it to the server.Taking a
security parameter ℓ as input, the data owner outputs a symmetric key as SK .As a
kind of statistical information, document frequency (i.e., the number of documents
containing the keyword) is sufficient to identify the keyword with high probability.

6.1.2 Trapdoor

Trapdoor mainly design search schemes which allow multi-keyword query

and provide result similarity ranking for effective data retrieval, instead of returning
undifferentiated results. It helps to meet searching requirements for both Owner and
User.

6.1.3 Data User

This module includes the user registration login details. This module is used to
help the client to search the file using the multiple key words concept and get the
accurate result list based on the user query. The user is going to select the required file
and register the user details and get activation code in mail email before enter the
activation code. After user can download the Zip file and extract that file. Data users
are authorized ones to access the documents of data owner. With t query keywords,
the authorized user can generate a trapdoor TD according to search control
mechanisms to fetch k encrypted documents from cloud server. Then, the data user
can decrypt the documents with the shared secret key.

6.1.4 Admin

Admin is the main authority of this application. He maintains all users means
data users and data owners information. He creates the data owner profiles and he
accepts or rejects the user registration details.

Universal College Of Engineering & Technology !33

 6.2 DATA SEARCH ALGORITHM

Input: Search Keywords k;

Output: Result r;

Initialization:

Let ResultSet rs;

Let Collection c;

Keyword k;

c = k.split()

for each item (ci: c)

Datasearch (data, ci)

if match data = ~ value

return the data's location and data of data

end if

end for

end procedure

6.3 TF-IDF ALGORITHM

Input: Data d.

Output: result r.

Let data d,

Collection c;

c=getWords(d); //Using Split("\\s+")

Term Frequency tf;

α= Number of times term t appears in a document;

β= Total number of terms in the document;

tf=( α) / (β);.

Universal College Of Engineering & Technology !34

 Inverse Document Frequency idf;

£=Total number of documents;

¥= Number of documents with term t in it;

IDF(t) = log_e(£/¥);.

End;

6.4 DATA FLOW DIAGRAM:

• The DFD is also called as bubble chart. It is a simple graphical
formalism that can be used to represent a system in terms of input data to the
system, various processing carried out on this data, and the output data is
generated by this system.

• The data flow diagram (DFD) is one of the most important modelling
tools. It is used to model the system components. These components are the
system process, the data used by the process, an external entity that interacts
with the system and the information flows in the system.

• DFD shows how the information moves through the system and how it
is modified by a series of transformations. It is a graphical technique that
depicts information flow and the transformations that are applied as data
moves from input to output.

• DFD is also known as bubble chart. A DFD may be used to represent a

system at any level of abstraction. DFD may be partitioned into levels that
represent increasing information flow and functional detail.

Universal College Of Engineering & Technology !35

 Fig:6.2 Data Flow Diagram

Universal College Of Engineering & Technology !36

 6.5 UML Diagrams
UML stands for Unified Modeling Language. UML is a standardized

general- purpose modeling language in the field of object-oriented software

engineering. The standard is managed, and was created by, the Object Management
Group.

The goal is for UML to become a common language for creating

models of object oriented computer software. In its current form UML is
comprised of two major components: a Meta-model and a notation. In the future,
some form of method or process may also be added to; or associated with, UML.

The Unified Modeling Language is a standard language for specifying,

Visualization, Constructing and documenting the artifacts of software system, as
well as for business modeling and other non-software systems.

The UML represents a collection of best engineering practices that

have proven successful in the modeling of large and complex systems. The UML is
a very important part of developing objects oriented software and the software
development process. The UML uses mostly graphical notations to express the
design of software projects.

GOALS:
The Primary goals in the design of the UML are as follows:
1. Provide extendibility and specialization mechanisms to extend the core concepts.
2. Provide Users a ready to use, expressive visual modelling Language so that they
can develop and exchange meaningful models.
3. Be independent of particular programming languages and development process.
4. Provide a formal basis for understanding the modeling language.
5. Encourage the growth of OO tools market.
6. Support higher level development concepts such as collaborations, frameworks,
patterns and components.
7. Integrate best practices.

Universal College Of Engineering & Technology !37

 6.5.1 Use Case Diagram
A use case diagram in the Unified Modeling Language (UML) is a type of
behavioral diagram defined by and created from a Use-case analysis. Its purpose is to
present a graphical overview of the functionality provided by a system in terms of
actors, their goals (represented as use cases), and any dependencies between those use
cases. The main purpose of a use case diagram is to show what system functions are
performed for which actor. Roles of the actors in the system can be depicted.

!
Fig:6.3 Owner Use Case Diagram

Universal College Of Engineering & Technology !38

 !
Fig:6.4 Data User Use Case Diagram

!
Fig:6.5 Administrator Use Case Diagram

Universal College Of Engineering & Technology !39

 !

Fig:6.6 Trapdoor Use case Diagram

Universal College Of Engineering & Technology !40

 6.5.2 Class Diagram
In software engineering, a class diagram in the Unified Modelling Language (UML)
is a type of static structure diagram that describes the structure of a system by
showing the system's classes, their attributes, operations (or methods), and the
relationships among the classes. It explains which class contains information.

Fig:6.7 Class Diagram

6.5.3 Sequence Diagram

A sequence diagram in Unified Modelling Language (UML) is a kind of interaction

diagram that shows how processes operate with one another and in what order. It is a
construct of a Message Sequence Chart. Sequence diagrams are sometimes called
event diagrams, event scenarios, and timing diagrams.

Universal College Of Engineering & Technology !41

 !

Fig:6.8 Data Owner Sequence Diagram

Universal College Of Engineering & Technology !42

 !

Fig:6.9 Data User Sequence Diagram

Universal College Of Engineering & Technology !43

 !

Fig:6.10 Admin Sequence Diagram

Universal College Of Engineering & Technology !44

 !

Fig:6.11 Trapdoor Sequence Diagram

6.5.4 Collaboration Diagram

A collaboration diagram, also called a communication diagram or interaction

diagram, is an illustration of the relationships and interactions among software objects
in the Unified Modelling Language(UML). The concept is more than a decade old
although it has been refined as modelling paradigms have evolved.

Universal College Of Engineering & Technology !45

 !

Fig:6.12 Data Owner Collaboration Diagram

Universal College Of Engineering & Technology !46

 !

Fig:6.13 Data User Collaboration Diagram

Universal College Of Engineering & Technology !47

 !

Fig:6.14 Admin Collaboration Diagram

Universal College Of Engineering & Technology !48

 !

Fig:6.15 Trapdoor Collaboration Diagram

6.6 INPUT DESIGN

The input design is the link between the information system and the user. It
comprises the developing specification and procedures for data preparation and those
steps are necessary to put transaction data in to a usable form for processing can be
achieved by inspecting the computer to read data from a written or printed document
or it can occur by having people keying the data directly into the system. The design
of input focuses on controlling the amount of input required, controlling the errors,
avoiding delay, avoiding extra steps and keeping the process simple. The input is
designed in such a way so that it provides security and ease of use with retaining the
privacy. Input Design considered the following things:

Universal College Of Engineering & Technology !49

 ➢ What data should be given as input?
➢ How the data should be arranged or coded?
➢ The dialog to guide the operating personnel in providing input.
➢ Methods for preparing input validations and steps to follow when error occur.

6.6.1 OBJECTIVES

1.Input Design is the process of converting a user-oriented description of the

input into a computer-based system. This design is important to avoid errors in the
data input process and show the correct direction to the management for getting
correct information from the computerized system.

2. It is achieved by creating user-friendly screens for the data entry to handle

large volume of data. The goal of designing input is to make data entry easier and to
be free from errors. The data entry screen is designed in such a way that all the data
manipulates can be performed. It also provides record viewing facilities.

3. When the data is entered it will check for its validity. Data can be entered
with the help of screens. Appropriate messages are provided as when needed so that
the user will not be in maize of instant. Thus the objective of input design is to create
an input layout that is easy to follow

6.7 OUTPUT DESIGN

A quality output is one, which meets the requirements of the end user and
presents the information clearly. In any system results of processing are
communicated to the users and to other system through outputs. In output design it is
determined how the information is to be displaced for immediate need and also the
hard copy output. It is the most important and direct source information to the user.
Efficient and intelligent output design improves the system’s relationship to help user
decision-making.

Universal College Of Engineering & Technology !50

 1. Designing computer output should proceed in an organized, well thought
out manner; the right output must be developed while ensuring that each output
element is designed so that people will find the system can use easily and effectively.
When analysis design computer output, they should Identify the specific output that is
needed to meet the requirements.

2. Select methods for presenting information.

3. Create document, report, or other formats that contain information produced

by the system. The output form of an information system should accomplish one or
more of the following objectives.

❖ Convey information about past activities, current status or projections of the

Future.
❖ Signal important events, opportunities, problems, or warnings.
❖ Trigger an action.
❖ Confirm an action.

Universal College Of Engineering & Technology !51

 CHAPTER 7
SYSTEM IMPLEMENTATION
 7. SYSTEM IMPLEMENTATION

7.1 SAMPLE CODE

Admin.jsp

<%@ include file="header.jsp"%>

<div class="about-content">
<div class="container">
<div class="error-404 text-center">

<h1>Admin Page</h1>

<form method="post" action="alogin.jsp">

<table align=right cellspacing=20 ><tr><td>
<tr><td><h3>Login..
<tr><td><input type="text" name="uid" required size="30"
placeholder="Username">
<tr><td><input type="password" name="pwd" required size="30"
placeholder="Password">

<tr><td align="left"> <input type="submit" value="Login" /

></div><td>

</tr>
</table>

<table align=right cellspacing=20 ><tr><td><td>

<%
String m=request.getParameter("m");
if(m!=null && m.equalsIgnoreCase("fail"))
{
out.println("<font
color='red'><blink><h3>&nbsp;&nbsp;&nbsp;Login Fail !! </blink></font></h3>");
}
%>
</table>

</form>

<br><br><br><br><br><br><br><br><br><br><br><br><br>

Universal College Of Engineering & Technology !52

 </div></div></div>

<%@ include file="footer.jsp"%>

Alogin.jsp

<%
String pass=null,uid=null;

String a = request.getParameter("uid");
String b= request.getParameter("pwd");
String name=null,u=null,test2=null;

try
{
if(a.equals("admin")&&b.equals("admin"))
{
response.sendRedirect("admin_home.jsp");
}

else
{
response.sendRedirect("admin.jsp?m=fail");
}

}
catch(Exception e1)
{
out.println(e1);
}

%>

aowner.jsp

<%@ include file="aheader.jsp"%>

<%
String id=request.getParameter("id");
if(id!=null )
{
out.println("<h3><font
color='red'><blink>Registration Success !</h2> <br></font>");

Universal College Of Engineering & Technology !53

 %>
<center>
<h1>Add Data Owner</h1>
<form method="post" action="owneradd.jsp">

<table cellspacing="10">
<tr>
<td><font size="+1" color=#ff0066><strong>Full Name</strong>*</
font><br>
<input type="text" name="name" id = "name" style="width: 250px;"
required></td>
<td><font size="+1" color=#ff0066><strong>Email</
strong>*</font><br>
<input type="text" name="email" id = "lname" style="width: 250px;"
required></td>
</tr>
</TABLE>
<table cellspacing="10">
<tr>
<td><font size="+1" color=#ff0066><strong>Street</strong>*</font><br>
<input type="text" name="street" id = "name" style="width: 250px;"
required></td>
<td><font size="+1" color=#ff0066><strong>City</strong>*</
font><br>
<input type="text" name="city" id = "lname" style="width: 250px;"
required></td>
</tr>
</TABLE> <table cellspacing="10">
</TABLE>
<table cellspacing="10">
<tr>
<td><font size="+1" color=#ff0066><strong>Postal Code</
strong>*</font><br>
<input type="text" name="zip" id = "name" style="width: 135px;"
required></td>
<td><font size="+1" color=#ff0066><strong>Contact No</strong>*</
font><br>
<input type="text" name="ph" id = "name" style="width: 250px;"
required></td>
<td><font size="+1" color=#ff0066><strong>Gender</strong>*</font><br>
<select name="gen">
<option value="Male" selected>Male
<option value="Female">Female
</select>

</tr>

Universal College Of Engineering & Technology !54

 </TABLE>
<table cellspacing="10">
<tr>
<td><font size="+1" color=#ff0066><strong>Userid</strong>*</font><br>
<input type="text" name="uid" id = "name" style="width: 250px;"
required></td>
<td><font size="+1" color=#ff0066><strong>Password</
strong>*</font><br>
<input type="password" name="pwd" id = "lname" style="width: 250px;"
required></td>
</tr>
</TABLE>
<table cellspacing="10" >
<tr>
<td align="left">
<input class="submit" type="submit" value="Register" /><td>

<td>
</tr>
</table>

<br>

</form>

<%@ include file="footer2.jsp"%>

Index.jsp
<%
String m=request.getParameter("id");
if(m!=null && m.equalsIgnoreCase("exp"))
{
out.println("<script type=text/javascript>alert('Sorry, your session expired, login
again '); </script>");
}
%>
<%@ include file="header.jsp"%>
<div class="content">
<div class="container">
<div class="about-section-bottom">

Universal College Of Engineering & Technology !55

 <div class="col-md-6 what-we-do">
<h4>System Architecture</h4>
<img src="images/crop.jpg" alt="" /></a>
<p>The architecture of ranked search over
encrypted cloud data.<br>
The system model in this paper involves three
different
entities: data owner, data user and cloud server, as
illustrated in Fig
</p>

</div>
<div class="col-md-6 feature-accord">

<ul class="topic_grid">
<li class="list1"><h4
class="m_3">Design goals</span></h3></li>
</ul>
<div class="menu_vertical">
<section class="accordation_menu">
<div>
<input id="label-1"
name="lida" type="radio" checked/>
<label for="label-1"
id="item1"><i class="ferme"> </i><span class="m_5">Dynamic: </span><i
class="icon-plus-sign i-right1"></i><i class="icon-minus-sign i-right2"></i></label>
<div class="content1"
id="a1">
<ul
class="news_list">

Universal College Of Engineering & Technology !56

 <li
class="date_desc">

<p>The proposed scheme is designed to provide

not only multi-keyword query and accurate result
ranking, but also dynamic update on document collections.</p>
</li>
<div
class="clearfix"> </div>
</ul>
</div>
</div>
<div>
<input id="label-2"
name="lida" type="radio"/>
<label for="label-2"
id="item2"><i class="icon-leaf" id="i2"></i>Search Efficiency:<i class="icon-plus-
sign i-right1"></i><i class="icon-minus-sign i-right2"></i></label>
<div class="content1"
id="a2">
<ul
class="news_list">
<li
class="date_desc">

<p> The scheme aims to achieve sublinear

search efficiency by exploring a special tree-based
index and an efficient search algorithm.</p>
</li>
<div
class="clearfix"> </div>

Universal College Of Engineering & Technology !57

 </ul>
</div>
</div>
<div>
<input id="label-3"
name="lida" type="radio"/>
<label for="label-3"
id="item3"><i class="icon-trophy" id="i3"></i>Privacy-preserving: <i class="icon-
plus-sign i-right1"></i><i class="icon-minus-sign i-right2"></i></label>
<div class="content1"
id="a3">
<ul
class="news_list">
<li
class="date_desc">

<p> The scheme is designed to prevent

the cloud server from learning additional information
about the document collection, the index tree,
and the query.</p>
</li>
<div
class="clearfix"> </div>
</ul>
</div>
</div>
<div>
<input id="label-4"
name="lida" type="radio"/>
<label for="label-4"
id="item4"><i class="icon-trophy" id="i4"></i>Index Confidentiality and Query

Universal College Of Engineering & Technology !58

 Confidentiality: <i class="icon-plus-sign i-right1"></i><i class="icon-minus-sign i-
right2"></i></label>
<div class="content1"
id="a4">
<ul
class="news_list">
<li
class="date_desc">

<p>The
underlying plaintext information, including keywords
in the index and query, TF values of keywords
stored in the index, and IDF values of query
keywords, should be protected from cloud server;</p>
</li>
<div
class="clearfix"> </div>
</ul>
</div>
</div>
<div>

<div
class="clearfix"> </div>
</ul>
</div>
</div>
</section>
</div>
</div>
<div class="clearfix"></div>

Universal College Of Engineering & Technology !59

 </div>
<div class="clearfix"></div>
</div>
</div>
<!----->
<!----->

<%@ include file="footer.jsp"%>

delete.jsp
<%@ page import="java.sql.*" import="databaseconnection.*"
import="javax.swing.JOptionPane"%>
<%
String sno=request.getParameter("id");
ResultSet rs=null;
String all="allowed";
try
{
Connection con = databasecon.getconnection();
Statement st = con.createStatement();

String qry="delete from data where index_id='"+sno+"' ";

System.out.println("qry="+qry);

int d =st.executeUpdate(qry);
qry="delete from meta_data where index_id='"+sno+"' ";
d =st.executeUpdate(qry);
if(d>0)
{
response.sendRedirect("viewdata.jsp?msg1=deleted");

Universal College Of Engineering & Technology !60

 }}catch(Exception e){}
%>

Des1.jsp
<%@ page import="java.sql.*" import="databaseconnection.*"
import="javax.swing.JOptionPane"%>
<%
String pass=null,uid=null;
String id = request.getParameter("id");
try
{

Connection con1 = databasecon.getconnection();

Statement st1 = con1.createStatement();

String sss1 = "update register set des='reject' where id='"+id+"' ";

st1.executeUpdate(sss1);

response.sendRedirect("newuser.jsp");

con1=null;
}
catch(Exception e1)
{
out.println(e1);
}

%>

Download1.jsp

Universal College Of Engineering & Technology !61

 <%@ page import="java.sql.*,databaseconnection.*"%>
<%
String fid =(String)session.getAttribute("fid");

String user =(String)session.getAttribute("user");

String fn =(String)session.getAttribute("fn");
Connection con1=databasecon.getconnection();
Statement st1 = con1.createStatement();
try{
st1.executeUpdate("insert into request(fid, file, user)
values('"+fid+"','"+fn+"','"+user+"')");
}
catch(Exception e){}
%>
<%@ includefile="uheader.jsp"%>

<script type="text/javascript">

alert('Request Sent to Trapdoor');

</script>
<%@page import="com.oreilly.servlet.*,java.sql.*,databaseconnection.*" %>
<br><br>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<%
//System.out.println(fid);
Blob file1= null;
String data1=null,data2=null,data3=null;
Connection con = null;

Universal College Of Engineering & Technology !62

 PreparedStatement ps = null,ps1 = null,ps2 = null;
ResultSet rs = null,rs1 = null,rs2 = null;
try
{
con=databasecon.getconnection();
ps = con.prepareStatement("select AES_DECRYPT(file_name,'key'), file from
data where index_id ='"+fid+"'");
rs = ps.executeQuery();
while(rs.next())
{
fn=rs.getString(1);
// session.setAttribute("own",own);
file1=rs.getBlob(2);
}
session.setAttribute("resumeBlob1",file1);
byte[] bdata = file1.getBytes(1, (int)file1.length());
data1 = new String(bdata);
}
catch(Exception e)
{
System.out.println("Exception :"+e);
}
%>
<h1>File Download</h1>
<br/>
</p>
<form name="s" action="download2.jsp" method="post" >
<table cellpadding="" cellspacing="20">
<tr>
<td align=left ><h3><font size="" color="#5fc99c"><b>File Name</font></
h2></strong></font></td>

Universal College Of Engineering & Technology !63

 <td align=left > <strong><font color="#FF3333"><h3><%=fn%></h3></
font></strong></em></td>
</tr>
<tr>
<td align=left><h3><font size="" color="#5fc99c"><b>File Data</h2></td>
<td align=left><textarea name="b1" cols="30" rows="4"
class="b"><%=data1%></textarea></td>
</tr>
<tr>
<td align=left><h3><font size="" color="#5fc99c"><b>File Decrtpt SK
Key</h2></td>
<td align=left><textarea name="sk" cols="30" rows="4" class="b" autofocus
minlength=20></textarea></td>
</tr>

<td align=left align="center">

<div class="form_settings">
<input class="submit" type="submit" value="Download" /></div>
</td>
</tr>
</table>
</form>
<%@ includefile="footer2.jsp"%>

Download2.jsp

<%@page import="com.oreilly.servlet.*,java.sql.*,databaseconnection.*" %>

<%
String sk=request.getParameter("sk");
sk=sk.trim();
String fid =(String)session.getAttribute("fid");

Universal College Of Engineering & Technology !64

 String user =(String)session.getAttribute("user");
String fn =(String)session.getAttribute("fn");

Connection con=databasecon.getconnection();
Statement st=con.createStatement();
Statement st2=con.createStatement();
String sql="select * from data where Index_id='"+fid+"' && s_k ='"+sk+"' ";
System.out.println(sql);
ResultSet rs=st.executeQuery(sql);
if(rs.next())
{
response.sendRedirect("download3.jsp");
}else
{response.sendRedirect("u_home.jsp?id=wrongkey");
}

%>

Download3.jsp

<%@ page import="java.sql.*" import="java.io.*" import="databaseconnection.*"

import="javax.swing.JOptionPane"%>
<body>
<%
String fid =(String)session.getAttribute("fid");
String fname=null;
Blob file1 =null;
try{

Connection con=databasecon.getconnection();

Universal College Of Engineering & Technology !65

 PreparedStatement ps =con.prepareStatement("select
AES_DECRYPT(file_name,'key'), AES_DECRYPT(file,'key') from data where
index_id ='"+fid+"'");
ResultSet rs = ps.executeQuery();
while(rs.next())
{
file1=rs.getBlob(2);
fname=rs.getString(1);
}

// out.println(b);
if(file1 != null)
{
String filename =fname;
byte[] ba = file1.getBytes(1, (int)file1.length());
response.setContentType("application/notepad");
response.setHeader("Content-Disposition","attachment;
filename=\""+filename+"\"");
OutputStream os = response.getOutputStream();
os.write(ba);
os.close();
ba = null;
session.removeAttribute("file");
response.sendRedirect("u_home.jsp");
}
}
catch(Exception e)
{
out.println("Exception :"+e);

Universal College Of Engineering & Technology !66

 }
%>
</body>
</html>

File_download.jsp
<%@ page import="java.sql.*" import="java.io.*" import="databaseconnection.*"
import="javax.swing.JOptionPane"%>
<%@ include file="oheader.jsp"%>

<body>
<%
String fid=request.getParameter("id");
String fname=null;
Blob file1 =null;
try{
Connection con=databasecon.getconnection();
PreparedStatement ps =con.prepareStatement("select
AES_DECRYPT(file_name,'key'), AES_DECRYPT(file,'key') from data where
index_id ='"+fid+"'");
ResultSet rs = ps.executeQuery();
while(rs.next())
{
file1=rs.getBlob(2);
fname=rs.getString(1);
}
// out.println(b);
if(file1 != null)
{
String filename =fname;
byte[] ba = file1.getBytes(1, (int)file1.length());

Universal College Of Engineering & Technology !67

 response.setContentType("application/notepad");
response.setHeader("Content-Disposition","attachment;
filename=\""+filename+"\"");
OutputStream os = response.getOutputStream();
os.write(ba);
os.close();
ba = null;
session.removeAttribute("file");
}
}
catch(Exception e)
{
out.println("Exception :"+e);
}

%>
</body>
</html>

Upload.jsp
<%@ include file="oheader.jsp"%>
<%
String m=request.getParameter("id");
if(m!=null && m.equalsIgnoreCase("succ"))
{
out.println("<font
color='red'><blink><h3><p><br><br>&nbsp;&nbsp;&nbsp;File Uploaded
Successfully !! </blink></font></h3>");
}

Universal College Of Engineering & Technology !68

 if(request.getParameter("msg")!=null)

out.println("<script>alert('File Already Existed......!')</script>");

}
%>

<center><br><br><br>
<h2>Select File for uploading</h2><br><br><br>
<form name="f2" action="fileinsert1.jsp" ENCTYPE="multipart/form-data"
method="post" onsubmit="return reg()" required>
<table>
<tr> <td><input type="file" name="file" required>

<tr> <td> <div class="form_settings"><input class="submit"

type="submit" value="Upload" /></div> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</tr>
</table>
</form>
<br><br>

<br><br><br><br>
<%@ include file="footer.jsp"%>
Upload2.jsp

<%@ page import="java.sql.*,databaseconnection.*"%>

<%@ include file="oheader.jsp"%>
<HEAD>

Universal College Of Engineering & Technology !69

 <script type="text/javascript">
<!--//
function f1Submit() {
alert('Request Sent to Trapdoor');
document.f1.action="upload3.jsp"
document.f1.submit();
}
function f2Submit() {
document.f2.action="upload4.jsp"
document.f2.submit();
alert('Data Storing.');
}
</script>
</HEAD>
<center><br><br>
<table cellspacing=10>
<%int c=(Integer)session.getAttribute("c");%>
<%String owner=(String)session.getAttribute("owner");%>
<%String file=(String)session.getAttribute("file");%>
<%Connection con=databasecon.getconnection();
Statement st1 = con.createStatement();
st1.executeUpdate("delete from temp");
st1.executeUpdate("insert into temp(fid, owner, file)
values('"+c+"','"+owner+"','"+file+"')");
%>
<form name="f1" method="post">

<tr><td><h2>File Id</h2><td><h2><font size="" color="#7bbac1"><%=c%></h4>

<tr><td><h2>Uploaded by<td><h2><font size="" color="#7bbac1"><%=owner%>
<tr><td><h2>File Name<td><h2><font size="" color="#7bbac1"><%=file%>

Universal College Of Engineering & Technology !70

 <tr><td><h2>Key Words<td><textarea name="keys" rows="2" cols="30"></
textarea><td>
<tr><td><td><input type="submit" name="submit" Value=" Generate by Trapdoors
" onclick="f1Submit()" />
</form>
<form name="f2" method="post">
<tr><td> <!-- <input type="submit" name="submit" Value=" Store File "
onclick="f2Submit()" /> -->
</form>
</table>
<br><br>
<br><br><br><br>
<%@ include file="footer.jsp"%>

Universal College Of Engineering & Technology !71

 CHAPTER 8
SYSTEM TESTING
 8. SYSTEM TESTING

8.1 INTRODUCTION
The purpose of testing is to discover errors. Testing is the process of trying to
discover every conceivable fault or weakness in a work product. It provides a way to
check the functionality of components, sub assemblies, assemblies and/or a finished
product It is the process of exercising software with the intent of ensuring that the
Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a
specific testing requirement.

8.2 TYPES OF TESTS

Unit testing
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program inputs produce valid outputs.
All decision branches and internal code flow should be validated. It is the testing of
individual software units of the application .it is done after the completion of an
individual unit before integration. This is a structural testing, that relies on knowledge
of its construction and is invasive. Unit tests perform basic tests at component level
and test a specific business process, application, and/or system configuration. Unit
tests ensure that each unique path of a business process performs accurately to the
documented specifications and contains clearly defined inputs and expected results.

Integration testing
Integration tests are designed to test integrated software components to
determine if they actually run as one program. Testing is event driven and is more
concerned with the basic outcome of screens or fields. Integration tests demonstrate
that although the components were individually satisfaction, as shown by successfully
unit testing, the combination of components is correct and consistent. Integration

Universal College Of Engineering & Technology !72

 testing is specifically aimed at exposing the problems that arise from the combination
of components.

Functional test
Functional tests provide systematic demonstrations that functions tested
are available as specified by the business and technical requirements, system
documentation, and user manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures : interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements,

key functions, or special test cases. In addition, systematic coverage pertaining to
identify Business process flows; data fields, predefined processes, and successive
processes must be considered for testing. Before functional testing is complete,
additional tests are identified and the effective value of current tests is determined.

System Test
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test.
System testing is based on process descriptions and flows, emphasizing pre-driven
process links and integration points.
White Box Testing
White Box Testing is a testing in which in which the software tester has
knowledge of the inner workings, structure and language of the software, or at least

Universal College Of Engineering & Technology !73

 its purpose. It is purpose. It is used to test areas that cannot be reached from a black
box level.

Black Box Testing

Black Box Testing is testing the software without any knowledge of the
inner workings, structure or language of the module being tested. Black box tests, as
most other kinds of tests, must be written from a definitive source document, such as
specification or requirements document, such as specification or requirements
document. It is a testing in which the software under test is treated, as a black
box .you cannot “see” into it. The test provides inputs and responds to outputs without
considering how the software works.

8.2.1 Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test
phase of the software lifecycle, although it is not uncommon for coding and unit
testing to be conducted as two distinct phases.

Test strategy and approach

Field testing will be performed manually and functional tests will be written in detail.

Test objectives

• All field entries must work properly.

• Pages must be activated from the identified link.
• The entry screen, messages and responses must not be delayed.

Features to be tested

• Verify that the entries are of the correct format

• No duplicate entries should be allowed
• All links should take the user to the correct page.

Universal College Of Engineering & Technology !74

 8.2.2 Integration Testing
Software integration testing is the incremental integration testing of two or
more integrated software components on a single platform to produce failures caused
by interface defects.
The task of the integration test is to check that components or software
applications, e.g. components in a software system or – one step up – software
applications at the company level – interact without error.

Test Results: All the test cases mentioned above passed successfully. No defects
encountered.

8.2.3 Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires
significant participation by the end user. It also ensures that the system meets the
functional requirements.

Test Results: All the test cases mentioned above passed successfully. No defects
encountered.

8.3 Test Cases

S. no Test case Title Description E x p e c t e d Result

Outcome
1 Successful User The login to the Login should Passed
Verification system should be be successful
tried with the login and the user
assigned by the should enter in
a d m i n a n d t h e to the system
correct password

Universal College Of Engineering & Technology !75

 2 Unsuccessful User L o g i n t o t h e Login should Passed
Verification due to s y s t e m w i t h a f a i l w i t h a n
wrong password wrong password error ‘Invalid
Password’

3 Unsuccessful User L o g i n t o t h e Login should Passed

Verification due to s y s t e m w i t h a f a i l w i t h a n
invalid login id invalid login id error ‘Invalid
user id’

Universal College Of Engineering & Technology !76

CHAPTER 9
RESULTS
 9. RESULTS

9.1 Screen Shots

HOME PAGE: This is the Start Page or Home Page

Fig: 9.1 Home Page

ADMIN LOGIN: This is the Admin Login Page where admin enters his
credentials and is logged into his page.

Universal College Of Engineering & Technology !77

 !

Fig: 9.2 Admin Login Page

Data Owner Registration: In this page the Admin registers the Data Owner by
providing all the required details.

Fig: 9.3 Data Owner Registration Page

Universal College Of Engineering & Technology !78

 USER REGISTRATION: Here, The User gets signed up by providing the
required details.

Fig: 9.4 User Registration Page

Universal College Of Engineering & Technology !79

 USER ACCEPTANCE : After the User is signed up, Admin has the rights to
accept or reject his request.

Fig: 9.5 User Acceptance Page

FILE UPLOAD: Data Owner can upload a file and then a request is generated to
the trapdoor to generate a key. Once the Trapdoor generates SK, the file is uploaded.

Universal College Of Engineering & Technology !80

 !

Fig: 9.6: File Upload Page

Universal College Of Engineering & Technology !81

 TRAPDOOR LOGIN: In this Page, The trapdoor enters his credentials and
logins into his page.

!
Fig:9.7 :Trapdoor Login Page

Universal College Of Engineering & Technology !82

 SYMMETRIC KEY REQUEST FOR TRAPDOOR: Here, the trapdoor
generated Symmetric Key based on the occurrence of keywords.

!
Fig: 9.8 : Trapdoor SK Request

Universal College Of Engineering & Technology !83

 LIST OF FILES: Data Owner can view the list of files he uploaded and can
dynamically update or delete the files

Fig: 9.9 List of Files

Universal College Of Engineering & Technology !84

 FILE UPDATE: The Data Owner can update the files uploaded by him
dynamically.

Fig:9.10 File Update

Universal College Of Engineering & Technology !85

 USER LOGIN: In this Page, User can login with his credentials and opens his
home page

Fig : 9.11 User Login Page

Universal College Of Engineering & Technology !86

 FILE SEARCH: User can search for files by giving one or multiple keywords and
the relevant files will be displayed.

Fig: 9.12 File Search Page

Universal College Of Engineering & Technology !87

 FILE DOWNLOAD: The User sends the request for downloading a file to
trapdoor and with the key sent by trapdoor, user can download the file.

Fig: 9.13 Downloading a File

Universal College Of Engineering & Technology !88

 KEY REQUEST: Based on the request received from user to download a file,
Trapdoor sends the key to user.

Fig: 9.14 Trapdoor Key Request

Universal College Of Engineering & Technology !89

 CHAPTER 10
CONCLUSION & FUTURE WORK
 10. CONCLUSION AND FUTURE WORK

In this paper, a secure, efficient and dynamic search scheme is proposed,

which supports not only the accurate multi-keyword ranked search but also the
dynamic deletion and insertion of documents. We construct a special keyword
balanced binary tree as the index, and propose a “Greedy Depth-first Search”
algorithm to obtain better efficiency than linear search. In addition, the parallel search
process can be carried out to further reduce the time cost. The security of the scheme
is protected against two threat models by using the secure kNN algorithm.
Experimental results demonstrate the efficiency of our proposed scheme. There are
still many challenge problems in symmetric SE schemes. In the proposed scheme, the
data owner is responsible for generating updating information and sending them to
the cloud server. Thus, the data owner needs to store the unencrypted index tree and
the information that are necessary to recalculate the IDF values. Such an active data
owner may not be very suitable for the cloud computing model. It could be a
meaningful but difficult future work to design a dynamic searchable encryption
scheme whose updating operation can be completed by cloud server only, meanwhile
reserving the ability to support multi-keyword ranked search. In addition, as the most
of works about searchable encryption, our scheme mainly considers the challenge
from the cloud server. Actually, there are many secure challenges in a multi-user
scheme. Firstly, all the users usually keep the same secure key for trapdoor generation
in a symmetric SE scheme. In this case, the revocation of the user is big challenge. If
it is needed to revoke a user in this scheme, we need to rebuild the index and
distribute the new secure keys to all the authorized users. Secondly, symmetric SE
schemes usually assume that all the data users are trustworthy. It is not practical and a
dishonest data user will lead to many secure problems. For example, a dishonest data
user may search the documents and distribute the decrypted documents to the
unauthorized ones. Even more, a dishonest data user may distribute his/her secure
keys to the unauthorized ones. In the future works, we will try to improve the SE
scheme to handle these challenge problems.


Universal College Of Engineering & Technology !90

 CHAPTER 11
BIBILIOGRAPHY
 11.BIBLIOGRAPHY

[1] K. Ren, C.Wang, Q.Wang et al., “Security challenges for the public cloud,” IEEE
Internet Computing, vol. 16, no. 1, pp. 69–73, 2012.

[2] S. Kamara and K. Lauter, “Cryptographic cloud storage,” in Financial

Cryptography and Data Security. Springer, 2010, pp. 136–149.

[3] C. Gentry, “A fully homomorphic encryption scheme,” Ph.D. dissertation, Stanford

University, 2009.

[4] O. Goldreich and R. Ostrovsky, “Software protection and simulation on oblivious

rams,” Journal of the ACM (JACM), vol. 43, no. 3, pp. 431–473, 1996.

[5] D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano, “Public key encryption

with keyword search,” in Advances in Cryptology-Eurocrypt 2004. Springer, 2004, pp.
506–522.

[6] D. Boneh, E. Kushilevitz, R. Ostrovsky, and W. E. Skeith III, “Public key

encryption that allows pir queries,” in Advances in Cryptology-CRYPTO 2007.
Springer, 2007, pp. 50–67.

[7] D. X. Song, D. Wagner, and A. Perrig, “Practical techniques for searches on

encrypted data,” in Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE
Symposium on. IEEE, 2000, pp. 44–55.

[8] E.-J. Goh et al., “Secure indexes.” IACR Cryptology ePrint Archive, vol. 2003, p.
216, 2003.

Universal College Of Engineering & Technology !91

 [9] Y.-C. Chang and M. Mitzenmacher, “Privacy preserving keyword searches on
remote encrypted data,” in Proceedings of the Third international conference on
Applied Cryptography and Network Security. Springer-Verlag, 2005, pp. 442–455.

[10] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric

encryption: improved definitions and efficient constructions,” in Proceedings of the
13th ACM conference on Computer and communications security. ACM, 2006, pp.
79–88.

[11] J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou, “Fuzzy keyword search
over encrypted data in cloud computing,” in INFOCOM, 2010 Proceedings IEEE.
IEEE, 2010, pp. 1–5.

[12] M. Kuzu, M. S. Islam, and M. Kantarcioglu, “Efficient similarity search over

encrypted data,” in Data Engineering (ICDE), 2012 IEEE 28th International
Conference on. IEEE, 2012, pp. 1156–1167.

[13] C. Wang, K. Ren, S. Yu, and K. M. R. Urs, “Achieving usable and privacy-
assured similarity search over outsourced cloud data,” in INFOCOM, 2012
Proceedings IEEE. IEEE, 2012, pp. 451–459.

[14] B. Wang, S. Yu, W. Lou, and Y. T. Hou, “Privacy-preserving multikeyword fuzzy

search over encrypted data in the cloud,” in IEEE INFOCOM, 2014.

[15] P. Golle, J. Staddon, and B. Waters, “Secure conjunctive keyword search over
encrypted data,” in Applied Cryptography and Network Security. Springer, 2004, pp.
31–45.

[16] Y. H. Hwang and P. J. Lee, “Public key encryption with conjunctive keyword
search and its extension to a multi-user system,” in Proceedings of the First

Universal College Of Engineering & Technology !92

 international conference on Pairing-Based Cryptography. Springer-Verlag, 2007, pp.
2–22.

[17] L. Ballard, S. Kamara, and F. Monrose, “Achieving efficient conjunctive keyword

searches over encrypted data,” in Proceedings of the 7th international conference on
Information and Communications Security. Springer-Verlag, 2005, pp. 414–426.

[18] D. Boneh and B. Waters, “Conjunctive, subset, and range queries on encrypted
data,” in Proceedings of the 4th conference on Theory of cryptography. Springer-
Verlag, 2007, pp. 535–554.

[19] B. Zhang and F. Zhang, “An efficient public key encryption with conjunctive-
subset keywords search,” Journal of Network and Computer Applications, vol. 34, no.
1, pp. 262–267, 2011.

[20] J. Katz, A. Sahai, and B. Waters, “Predicate encryption supporting disjunctions,

polynomial equations, and inner products,” in Advances in Cryptology–EUROCRYPT
2008. Springer, 2008, pp. 146–162.

[21] E. Shen, E. Shi, and B. Waters, “Predicate privacy in encryption systems,” in

Proceedings of the 6th Theory of Cryptography Conference on Theory of
Cryptography. Springer-Verlag, 2009, pp. 457–473.

[22] A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters, “Fully secure

functional encryption: attribute-based encryption and (hierarchical) inner product
encryption,” in Proceedings of the 29th Annual international conference on Theory
and Applications of Cryptographic Techniques. Springer-Verlag, 2010, pp. 62–91.

[23] A. Swaminathan, Y. Mao, G.-M. Su, H. Gou, A. L. Varna, S. He, M.Wu, and D.W.
Oard, “Confidentiality-preserving rank-ordered search,” in Proceedings of the 2007
ACM workshop on Storage security and survivability. ACM, 2007, pp. 7–12.

Universal College Of Engineering & Technology !93

 [24] S. Zerr, D. Olmedilla, W. Nejdl, and W. Siberski, “Zerber+ r: Topk retrieval from
a confidential index,” in Proceedings of the 12th International Conference on
Extending Database Technology: Advances in Database Technology. ACM, 2009, pp.
439–449.

[25] C. Wang, N. Cao, K. Ren, and W. Lou, “Enabling secure and efficient ranked
keyword search over outsourced cloud data,” Parallel and Distributed Systems, IEEE
Transactions on, vol. 23, no. 8, pp. 1467–1479, 2012.

[26] N. Cao, C. Wang, M. Li, K. Ren, and W. Lou, “Privacy-preserving multi-keyword

ranked search over encrypted cloud data,” in IEEE INFOCOM, April 2011, pp. 829–
837.

Universal College Of Engineering & Technology !94

 ISSN 2321-8665
Vol.05,Issue.06,
WWW.IJITECH.ORG June-2017,
Pages:1053-1056

A Secure Multi keyword Ranked Search Scheme that Supports Dynamic

update Operations in Cloud
GADE MARY SINDHURI REDDY1, SRIDHAR KODALI2
1
PG Scholar, Dept of CSE, Universal College of Engineering and Technology, Guntur, AP, India.
2
Assistant Professor, Dept of CSE, Universal College of Engineering and Technology, Guntur, AP, India.

Abstract: Because of the expanding fame of distributed servers brings protection concerns. The cloud specialist co-
computing, an ever increasing number of information ops (CSPs) that keep the information for clients may get to
proprietors are persuaded to outsource their information to clients' delicate data without approval. A general way to deal
cloud servers for awesome accommodation and lessened cost with secure the information secrecy is to scramble the
in information administration. Be that as it may, touchy information before outsourcing. Be that as it may, this will
information ought to be encoded before outsourcing for bring about a tremendous cost regarding information ease of
security necessities, which obsoletes information, use like use. For instance, the current systems on catchphrase based
watchword based record recovery. In this paper, we show a data recovery, which are broadly utilized on the plaintext
protected multi-watchword positioned seek conspire over information, can't be straightforwardly connected on the
scrambled cloud information, which at the same time scrambled information.
underpins dynamic refresh operations like erase and addition
of records. In particular, the vector space show and the Downloading every one of the information from the cloud
broadly utilized TF_IDF model are joined in the record and unscramble locally is clearly unfeasible. Keeping in mind
development and inquiry era. We build an extraordinary tree- the end goal to address the above issue, scientists have
based file structure and propose an "Avaricious Depth-first planned some general purpose arrangements with completely
Search" calculation to give effective multi-watchword homomorphic encryption or unmindful RAMs. Be that as it
positioned seek. The safe KNN calculation is used to may, these techniques are not down to earth because of their
scramble the file and inquiry vectors, and in the interim high computational overhead for both the cloud separate and
guarantee exact importance score computation between client. Despite what might be expected, more useful
encoded list and question vectors. With a specific end goal to extraordinary reason arrangements, for example, searchable
oppose factual assaults, apparition terms are added to the file encryption (SE) plans have made particular commitments
vector for binding query items. Because of the utilization of regarding productivity, usefulness and security. Searchable
our unique tree-based list structure, the proposed plan can encryption plans empower the customer to store the
accomplish sub-straight inquiry time and manage the erasure scrambled information to the cloud and execute catchphrase
and addition of archives adaptable. Broad examinations are seek over ciphertext area. Up until now, bottomless works
directed to exhibit the productivity of the proposed plot. have been proposed under various danger models to
accomplish different inquiry usefulness, for example, single
Keywords:Secure Multi-Keyword, Ranked Search, Cloud, watchword hunt, comparability look, multi-catchphrase
Encryption. boolean pursuit, positioned seek, multi-catchphrase positioned
I. INTRODUCTION look, and so forth. Among them, multikeyword positioned
Distributed computing has been considered as another look accomplishes increasingly consideration for its
model of big business IT framework, which can arrange commonsense relevance. As of late, some dynamic plans have
tremendous asset of processing, stockpiling and applications, been proposed to bolster embeddings and erasing operations
and empower clients to appreciate pervasive, advantageous on archive accumulation. These are critical fills in as it is very
and on demand organize access to a mutual pool of conceivable that the information proprietors need to refresh
configurable figuring assets with extraordinary productivity their information on the cloud server. Be that as it may, few
and negligible financial overhead. Pulled in by these engaging of the dynamic plans bolster effective multikeyword
components, both people and ventures are spurred to positioned seeks.
outsource their information to the cloud, rather than obtaining II. RELATED WORK
programming and equipment to deal with the information The encoded information to the cloud and execute watchword
them. Regardless of the different focal points of cloud seek over ciphertext area. Because of various cryptography
administrations, outsourcing delicate data, (for example, Primitives, searchable encryption plans can be developed
messages, individual wellbeing records, organization back utilizing open key based cryptography or then again
information, government reports, and so on.) to remote symmetric key based cryptography. Melody et al. proposed

Copyright @ 2017 IJIT. All rights reserved.

 GADE MARY SINDHURI REDDY, SRIDHAR KODALI
the primary symmetric searchable encryption (SSE) plot, and keys to encode their archives and catchphrases while
the hunt time of their plan is direct to the measure of the approved information clients can question without knowing
information accumulation. Goh proposed formal security keys of these distinctive information proprietors. The creators
definitions for SSE and outlined a plan in view of Bloom proposed an "Added substance Order Preserving Function" to
channel. The pursuit time of Goh's plan is O (n), where n is recover the most pertinent indexed lists. Notwithstanding,
the cardinality of the report accumulation. Curtmola et al. these works don't bolster dynamic operations.
proposed two plans (SSE-1 and SSE-2) which accomplish the
ideal hunt time. Their SSE-1 plan is secure against picked III. PROBLEM STATEMENT
watchword assaults (CKA1) and SSE-2 is secure against A. Existing Model
versatile chosen keyword assaults (CKA2). These early works A general way to deal with secure the information privacy
are single watchword Boolean inquiry plans, which are is to encode the information before outsourcing. Searchable
extremely straightforward as far as usefulness. A short time encryption plans empower the customer to store the
later, bounteous works have been proposed under various scrambled information to the cloud and execute catchphrase
danger models to accomplish different inquiry usefulness, for look over ciphertext space. Up until this point, rich works
example, single watchword pursuit, closeness, multi- have been proposed under various risk models to accomplish
catchphrase boolean hunt, positioned seek, and multi- different inquiry usefulness, for example, single catchphrase
catchphrase positioned look and so forth. pursuit, closeness seek, multi-watchword boolean hunt,
positioned look, multi-catchphrase positioned look, and so
Multi-watchword boolean pursuit permits the clients to forth. Among them, multi-catchphrase positioned seek
include numerous question catchphrases to ask for reasonable accomplishes increasingly consideration for its handy
reports. Among these works, conjunctive catchphrase seek pertinence. As of late, some dynamic plans have been
conspires just give back the records that contain the majority proposed to bolster embeddings and erasing operations on
of the inquiry watchwords. Disjunctive watchword look plans archive gathering. These are huge acts as it is profoundly
give back the greater part of the archives that contain a subset conceivable that the information proprietors need to refresh
of the inquiry catchphrases. Predicate look plans are proposed their information on the cloud server.
to bolster both conjunctive and disjunctive hunt. All this  Drawbacks: Huge cost as far as information eases of
multikeyword seeks plans recover list items in light of the use. For instance, the existing systems on watchword
presence of catchphrases, which can't give adequate outcome based data recovery, which are broadly utilized on the
positioning usefulness. Positioned inquiry can empower fast plaintext information, can't be straightforwardly
hunt of the most important information. Sending back just the connected on the encoded information. Downloading
top-k most significant records can successfully diminish every one of the information from the cloud and decode
organizes movement. Some early works have understood the locally is clearly illogical. Existing System techniques
positioned look utilizing request safeguarding methods, yet not functional due to their high computational overhead
they are composed just for single watchword inquiry. Cao et for both the cloud disjoins and client.
al. understood the primary security safeguarding multi-
catchphrase positioned look plot, in which archives and B. Proposed Model
questions are spoken to as vectors of word reference measure. This paper proposes a protected tree-based inquiry scheme
With the "facilitate coordinating", the reports are positioned over the scrambled cloud information, which bolsters
by the quantity of coordinated question catchphrases. In any multikeyword positioned pursuit and element operation on the
case, Cao et al's. plan does not consider the significance of the record accumulation. In particular, the vector space display
diverse catchphrases, and along these lines is not sufficiently and the broadly utilized "term recurrence (TF) × converse
exact. archive recurrence (IDF)" model are joined in the record
development and inquiry era to give multikeyword positioned
Furthermore, the pursuit productivity of the plan is direct seeks. So as to acquire high hunt proficiency, we build a tree-
with the cardinality of report accumulation. Sun et al. based file structure and propose an "Insatiable Depth-first
displayed a protected multi-catchphrase seek plot that Search" calculation in view of this file tree. The safe kNN
backings comparability based positioning. The creators calculation is used to encode the file and question vectors, and
developed a searchable file tree in light of vector space in the interim guarantee precise importance score count
display and embraced cosine measure together with TF×IDF between scrambled record and inquiry vectors. To oppose
to give positioning outcomes. Sun et al's. inquiry calculation distinctive assaults in various danger models, we develop two
accomplishes superior to anything direct hunt proficiency yet secure inquiry plots: the fundamental element multi-
brings about accuracy misfortune. O¨ rencik et al. proposed a watchword positioned seek (BDMRS) conspire in the known
safe multikeyword seek technique which used nearby touchy ciphertext display, and the improved element multikeyword
hash (LSH) capacities to bunch the comparable reports. The positioned look (EDMRS) conspire in the known foundation
LSH calculation is reasonable for comparative pursuit demonstrate. Points of interest Due to the uncommon
however can't give correct positioning. In, Zhang et al. structure of our tree-based file, the proposed look plan can
proposed a plan to manage secure multi-watchword adaptable accomplish sub-straight hunt time and manage the
positioned look in a multi-proprietor show. In this plan, erasure and inclusion of records. We outline a searchable
distinctive information proprietors utilize diverse mystery encryption plot that backings both the exact multi-catchphrase
International Journal of Innovative Technologies
Volume.05, Issue No.06, June-2017, Pages: 1053-1056
 A Secure Multi keyword Ranked Search Scheme that Supports Dynamic update Operations in Cloud
positioned look and adaptable element operation on report collection C for F. A short time later, the information
accumulation. Because of the unique structure of our tree- proprietor outsources the encoded accumulation C and the
based file, the pursuit many-sided quality of the proposed protected record I to the cloud server, and safely conveys the
plan is on a very basic level kept to logarithmic. Furthermore, key data of trapdoor era (counting catchphrase IDF values)
by and by, the proposed plan can accomplish higher inquiry and report unscrambling to the approved information clients.
proficiency by executing our "Ravenous Depth-first Search" Additionally, the information proprietor is in charge of the
calculation. In addition, parallel inquiry can be adaptable refresh operation of his reports put away in the cloud server.
performed to additionally decrease the time cost of pursuit While refreshing, the information proprietor creates the
process. refresh data locally and sends it to the server. Information
IV. PROBLEM FORMULATION clients are approved ones to get to the archives of information
A. Notations and Preliminaries proprietor. With t question catchphrases, the approved client
The framework demonstrates in this paper includes three can produce a trapdoor TD as per inquiry control instruments
unique substances: information proprietor, information client to get k encoded records from cloud server. At that point, the
and cloud server, as illustrated in Fig. 1. information client can decode the reports with the common
mystery key. Cloud server stores the scrambled archive
gathering C and the encoded searchable tree file me for data
owner. After accepting the trapdoor TD from the information
client, the cloud server executes seek over the list tree I, lastly
gives back the comparing accumulation of top-k positioned
encoded records. In addition, after getting the refresh data
from the information proprietor, the server needs to refresh
the file I and archive accumulation C as indicated by the got
data.
V. OUTLINE GOALS
To empower secure, productive, exact and dynamic multi
information under the above models, our framework has the
accompanying Dynamic: The proposed plan is intended to
give not just multi-watchword question and precise outcome
positioning, additionally dynamic refresh on report
accumulations.
Look Efficiency: The plan means to accomplish sub linear
seek proficiency by investigating an extraordinary tree-based
list and a productive pursuit calculation.

A. Privacy-saving:
The plan is intended to keep the cloud server from taking
in extra data about the report accumulation, the file tree, and
the inquiry. The particular protection necessities are
Information proprietor has a gathering of reports F = {f1; condensed as takes after,
f2; :::; fn} that he needs to outsource to the cloud server in
scrambled frame while as yet keeping the capacity to scan on B. List Confidentiality and Query Confidentiality:
them for successful use. The fundamental plaintext data, incorporating watchwords
in the record and inquiry, TF estimations of catchphrases put
away in the file, and IDF estimations of question watchwords,
ought to be shielded from cloud server;

C. Trapdoor Unlink ability:

The cloud server ought not to have the capacity to decide
if two encoded questions (trapdoors) are produced from a
similar inquiry ask for;

D. Catchphrase Privacy:
The cloud server couldn't distinguish the particular
watchword in inquiry, list or record accumulation by
investigating the measurable data like term recurrence. Take
note of that our proposed plan is not intended to secure get to
In our plan, the information proprietor right off the bat design, i.e., the grouping of returned records.
fabricates a protected searchable tree file I from report
accumulation F, and after that produces a scrambled do
International Journal of Innovative Technologies
Volume.05, Issue No.06, June-2017, Pages: 1053-1056
 GADE MARY SINDHURI REDDY, SRIDHAR KODALI
VI. CONCLUSION [4] M. Kuzu, M. S. Islam, and M. Kantarcioglu, “Efficient
In this paper, a protected, productive and dynamic inquiry similarity search over encrypted data,” in Data Engineering
plan is proposed, which underpins the precise multi- (ICDE), 2012 IEEE 28th International Conference on. IEEE,
catchphrase positioned seek as well as the dynamic 2012, pp. 1156– 1167.
cancellation and addition of archives. We build an uncommon [5] K. Ren, C. Wang, Q. Wang et al., “Security challenges for
watchword adjusted parallel tree as the list, and propose an the public cloud,” IEEE Internet Computing, vol. 16, no. 1,
"Eager Depth-first Search" calculation to get preferable pp. 69–73, 2012.
proficiency over straight pursuit. What's more, the parallel [6] S. Kamara and K. Lauter, “Cryptographic cloud storage,”
inquiry process can be completed to additionally lessen the in Financial Cryptography and Data Security. Springer, 2010,
time cost. The security of the plan is ensured against two pp. 136–149.
danger models by utilizing the protected kNN calculation. [7] C. Gentry, “A fully homomorphic encryption scheme,”
Exploratory outcomes exhibit the proficiency of our proposed Ph.D. dissertation, Stanford University, 2009.
conspires. There are as yet many test issues in symmetric SE [8] O. Goldreich and R. Ostrovsky, “Software protection and
plans. In the proposed conspire; the information proprietor is simulation on oblivious rams,” Journal of the ACM (JACM),
in charge of creating refreshing data and sending them to the vol. 43, no. 3, pp. 431–473, 1996.
cloud server. In this way, the information proprietor needs to [9] D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G.
store the decoded list tree and the data that are important to Persiano, “Public key encryption with keyword search,” in
recalculate the IDF values. Such a dynamic information Advances in Cryptology Eurocrypt 2004. Springer, 2004, pp.
proprietor may not be extremely reasonable for the distributed 506–522.
computing model. It could be an important however [10] D. Boneh, E. Kushilevitz, R. Ostrovsky, and W. E.
troublesome future work to outline an element searchable Skeith III, “Public key encryption that allows pir queries,” in
encryption plot whose refreshing operation can be finished by Advances in Cryptology-CRYPTO 2007. Springer, 2007, pp.
cloud server just, in the mean time holding the capacity to 50–67.
bolster multi-watchword positioned look. Moreover, as the [11] D. X. Song, D. Wagner, and A. Perrig, “Practical
majority of works about searchable encryption, our plan techniques for searches on encrypted data,” in Security and
basically considers the test from the cloud server. Really, Privacy, 2000. S&P 2000 Proceedings. 2000 IEEE
there are many secure difficulties in a multiuser conspire. Symposium on. IEEE, 2000, pp. 44– 55.
Right off the bat, every one of the clients as a rule keeps the [12] E.-J. Goh et al., “Secure indexes.” IACR Cryptology
same secure key for trapdoor era in a symmetric SE plot. For ePrint Archive, vol. 2003, p. 216, 2003.
this situation, the renouncement of the client is enormous test. [13] A. Swaminathan, Y. Mao, G.-M. Su, H. Gou, A. L.
On the off chance that it is expected to deny a client in this Varna, S. He, M. Wu, and D. W. Oard, “Confidentiality-
plan, we have to reconstruct the record and circulate the new preserving rank-ordered search,” in Proc. ACM Workshop
secure keys to all the approved clients. Also, symmetric SE Storage Security Survivability, 2007, pp. 7–12.
conspires for the most part expect that every one of the [14] S. Zerr, D. Olmedilla, W. Nejdl, and W. Siberski,
information clients is reliable. It is not reasonable and an “Zerber+ r: Top-kretrieval from a confidential index,” in
untrustworthy information client will prompt many secure Proc. 12th Int. Conf. Extending Database Technol.: Adv.
issues. For instance, an untrustworthy information client may Database Technol., 2009, pp. 439–449.
look the archives and disseminate the unscrambled records to [15] C. Wang, N. Cao, K. Ren, and W. Lou, “Enabling secure
the unapproved ones. Much more, an unscrupulous and efficient ranked keyword search over outsourced cloud
information client may disseminate his/her safe keys to the data,” IEEE Trans.
unapproved ones. Later on works, we will attempt to enhance
the SE plan to deal with these test issues. Authors Profile:
Gade Mary Sindhuri Reddy is currently pursuing her
VII. REFERENCES M.Tech (CSE) in Computer Science and Engineering
[1] Y.-C. Chang and M. Mitzenmacher, “Privacy preserving Department,Universal College of engineering and technology,
keyword searches on remote encrypted data,” in Proceedings Guntur, A.P. She received her B.Tech in Electronics and
of the Third international conference on Applied Computers EngineeringDepartment from Koneru Lakshmaiah
Cryptography and Network Security. Springer-Verlag, 2005, College of Engineering, Guntur.
pp. 442–455.
[2] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, Sridhar Kodali is currently working as an Assistant
“Searchable symmetric encryption: improved definitions and Professor in Computer Science and Engineering Department,
efficient constructions,” in Proceedings of the 13th ACM Universal College of Engineering and Technology, Guntur,
conference on Computer and communications security. ACM, AP.
2006, pp. 79–88.
[3] J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou,
“Fuzzy keyword search over encrypted data in cloud
computing,” in INFOCOM, 2010 Proceedings IEEE. IEEE,
2010, pp. 1–5.

International Journal of Innovative Technologies

Volume.05, Issue No.06, June-2017, Pages: 1053-1056