Cloud based content rating system

ABSTRACT
An important problem in public clouds is how to selectively share documents
based on fine-grained attribute based access control policies. An approach is to
encrypt documents satisfying different policies with different keys using a public
key crytosystem such as attribute based encryption (ABE), and/or proxy reencryption (PRE). However, such an approach has some weaknesses: it cannot
efficiently handle adding/revoking users or identity attributes, and policy changes;
it requires to keep multiple encrypted copies of the same documents; it incurs high
computational cost. A direct application of a symmetric key cryptosystem, where
users are grouped based on the policies they satisfy and assigning unique keys for
each group, also has similar weaknesses. Without utilizing public key cryptography
and by allowing users to dynamically derive the symmetric keys at the time of
decryption, one can address the above weaknesses. Based on this idea, a new key
management scheme called broadcast group key management (BGKM) is
proposed and then give a secure construction of a BGKM scheme called ACVBGKM. The idea is to give some secrets to users based on the identity attributes
they have and later allow them to derive actual symmetric keys based on their
secrets and some public information. A key advantage of the BGKM scheme is that
adding users/revoking users or updating access control policies can be performed
efficiently by updating only some public information.

EXISTING SYSTEM
Group Key Management (GKM)
This approach encodes secrets given to users at registration phase in a special
polynomial of order at least n in such a way that users can derive the secret key
from this polynomial.
Disadvantages
In GKM the security of the scheme weakens as n increases.
Attribute Based Encryption (ABE)
ABE is another approach for implementing encryption-based access control to
documents. Under such an approach, users are able to decrypt subdocuments if
they satisfy certain policies.
Disadvantages
Whenever the group dynamic changes, the re-keying operation requires to
update the private keys given to existing members in order to provide
backward/forward secrecy.
Requires establishing private communication channels with each group
member which is not desirable in a large group setting.
Whenever the group membership policy changes, new private keys must be
re-issued to members of the group.
In applications involving stateless members where it is not possible to
update the initially given private keys and the only way to revoke a member

is to exclude it from the public information, an ABE based approach does

not work.
Selective Dissemination
Encryption of different subdocuments with different keys, which are provided to
users at the registration phase, and broadcasting the encrypted subdocuments to all
users.
Selective multicast of different subdocuments to different user groups, where all
sub-documents are encrypted with one symmetric encryption key.
Disadvantages
It assumes that the users are honest and do not try to access the
subdocuments to which they do not have access authorization.
Therefore, these approaches provide neither backward nor forward key
secrecy.
Secure Data Outsourcing
With the increasing utilization of cloud computing services, there has been a real
need to access control the encrypted documents stored in an un-trusted third party.
There has been some recent research efforts to construct privacy preserving access
control systems by combining oblivious transfer and anonymous credentials.
Disadvantages
Each transfer protocol allows one to access only one record from the
database.

 Size of the encrypted database is not constant with respect to the original
database size.
Redundant encryption of the same record is required to support acps
involving disjunctions.

PROPOSED SYSTEM
Without utilizing public key cryptography and by allowing users to dynamically
derive the symmetric keys at the time of decryption, one can address the group key
management issues. Based on this idea, a new GKM scheme called broadcast
GKM(BGKM) and then give a secure construction of BGKM scheme and formally
prove its security.
The idea is to give secrets to users based on the identity attributes they have and
later allow them to derive actual symmetric keys based on their secrets and some
public information.
Develop an attribute-based access control mechanism whereby a user is able to
decrypt the contents if and only if its identity attributes satisfy the content
providers policies, whereas the content provider and the cloud learn nothing about
users identity attributes.

Advantages
A key advantage of the BGKM scheme is that adding users/revoking users
or updating access control policies can be performed efficiently and only
requires updating the public information.
Maximum trust
Key indistinguishability
Key independence
Forward secrecy

 Backward secrecy and

Minimal computational, space and communication cost.

System Specification
System Requirements:

Hardware Requirements
System

: Pentium IV 2.4 GHz.

Hard Disk

: 40 GB.

Floppy Drive
Monitor

: 15 VGA Colour.

Mouse
Ram

: 1.44 Mb.

: Logitech.
: 512 Mb.

Software Requirements
Operating system : - Windows XP.
Coding Language : ASP.Net with C#.
Data Base

: SQL Server 2005

MODULE
Construction of Cloud Data Storage
Data upload
Data Retrieval

Construction of Cloud Data Storage

In Admin Module the admin can login to give his username and password. Then
the server setup method can be opened. In server setup process the admin first set
the remote servers Ip-address for send that Ip-address to the receiver. Then the
server can skip the process to activate or De-activate the process. For activating the
process the storage server can display the Ip-address. For De-activating the process
the storage server cannot display the Ip-address. These details can be viewed by
clicking the key server. The activated Ip-addresses are stored in available storage
server. By clicking the available storage server button we can view the currently
available Ip-addresses.

Data upload
In Upload Module the new folder can be create for storing the files. In folder
creation process the cloud system may ask one question for that user. The user
should answer the question and must remember that answer for further usage. Then
enter the folder name for create the folder for that user. In file upload process the
user has to choose one file from browsing the system and enter the upload option.
Now, the server from the cloud can give the encrypted form of the uploading file.

Data Retrieval Module

In Download module contains the following details. There are username and file
name. First, the server process can be run which means the server can be connected
with its particular client. Now, the client has to download the file to download the
file key. In file key downloading process the fields are username, filename,
question, answer and the code. Now clicking the download option the client can
view the encrypted key. Then using that key the client can view the file and use
that file appropriately.

SYSTEM ARCHITECTURE

CLOUD ADMIN

Yes

View New Files

Allow New Files

Maintain All Files Details

End Process

User

Check

No

unauthorized user

USER

Yes

Upload Files

Update Files

Download Files

End Process

User Case Diagram

Check

No

unauthorized user

Class Diagram

Activity Diagram

SEQUENCE DIAGRAM

COMPANY PROFILE

I. The Company
LEGENDS

INFOTECH

Systems

Limited

is

mature

software

development house inculcated with the following basic characteristics:

agility,

reliability,

and

capability.

LEGENDS

INFOTECH

possesses

substantial experience in large development projects and product

development adding to nearly 3500 person years of experience. LEGENDS
INFOTECH uses a global delivery model that takes advantage of the state
of art and cost effective development facility in Chennai, India

History
A team of technocrats started LEGENDS INFOTECH, in 2002 in
Chennai, India providing reliable IT solutions in the Indian subcontinent.
Today, LEGENDS INFOTECH has the agility, size and momentum
necessary for further growth - built on the sound foundation laid in terms
of marketing, technical, financial, and quality process.

Operating Locations
Internationally, LEGENDS INFOTECH is present in USA and India. In
USA, LEGENDS INFOTECH operates from Atlanta and Chicago, which acts
as LEGENDS INFOTECHs marketing arm for US operations with same
business focus as LEGENDS INFOTECH.

Software
LEGENDS INFOTECH is equipped with skills and software in the
following environments, mostly in the development center in India:

Skills
Operating Systems

Various UNIX flavors, Linux, AIX, WIN-NT, MVS,

Windows 95,98,2000

RT Linux

ITRON, WinCE, VxWorks

Databases

Oracle, Oracle 8i, Oracle Financial, Sybase, MySQL,SQL

Server, DB2, MS Access, SQL Anywhere

Programming Languages C, C ++, COBOL, PL/1, C#, Java,PHP, AS400 RPG, .Net
Tools
Front-end

Developer 2000, Power Builder, VC++, VB, Designer

2000

Frameworks

Dot Net, JSP STRUTS

Web Based

Active X, Java, VJ++, JDK, Visual Caf, Visual Studio 97,

Cold fusion, Cold fusion Studio, ASP, JSP, EJB, J2EE,
XML, Visual Interdev, Forte, CGI, HTML, DHTML,
Dream Weaver, PHP, SGML

Data Modeling

E-R Win, S-Designer, MS Vision

Object Modeling

Rational Rose, UML

Testing & CM

SQA Robot, Visual Test, Visual Source Safe, Clear Case

Business Intelligence

Business Objects

Web Servers

Apache, Netscape, IIS

Application Servers

BEA Web logic, WebSphere, Site Server / Commerce

Server, BroadVision, Biztalk Server, Share Point Server

II. LEGENDS INFOTECHs Business Units

LEGENDS INFOTECH Systems Limited has formed new BUSINESS
UNITS (BUs) in the company. While IT SERVICES help us sustain our
business, the new Business Units will help us to achieve growth. It is a
very significant change in our strategy and we are confident that this will
help in accelerating growth.
LEGENDS INFOTECH's Business Units will be responsible for the
business plan from the current year and will also work on future
strategies and plans.

This means the responsibility will call for

significant interactions with external world including clients, prospects

and other entities as well as take care of the operations of their
respective Business Units.
LEGENDS INFOTECH Systems Limited has spun off new Business
Units, IT Services, Business Intelligence, Business Process Management
& Engineering Services that helps in accelerating companys business
growth.

a. IT Services
b. Web Application
c. Business Process Management

Website: www.legendsinfotech.com