CLOUD COMPUTING SECURITY FROM SINGLE TO MULTI CLOUDS 46

Chapter 1INTRODUCTIONThe use of cloud computing has increased rapidly in many organizations small and medium companies use cloud computing services for various reasons, including because these services provide fast access to their applications and reduce their infrastructure costs.Cloud providers should address privacy and security issues as a matter of high and urgent priority. Dealing with single cloud providers is becoming less popular with customers due to potential problems such as service availability failure and the possibility that there are malicious insiders in the single cloud. In recent years, there has been a move towards multi-clouds, inter-cloud or cloud-of-clouds.This project focuses on the issues related to the data security aspect of cloud computing. As data and information will be shared with a third party, cloud computing users want to avoid an untrusted cloud provider. Protecting private and important information, such as credit card details or a patients medical records from attackers or malicious insiders is of critical importance. In addition, the potential for migration from a single cloud to a multi-cloud environment is examined and research related to security issues in single and multi-clouds in cloud computing is surveyed.

1.1 ObjectiveThe Objective of the system is to Block the attackers in cloud servers automatically using automatic protocol, computing the cloud securely, secret sharing with Byzantine failure and proving the data integrity and batch auditing by the data owners.

1.2 Organization ProfileAn impact technology is an IT solution provider for a dynamic environment where business and technology strategies converge. Their approach focuses on new ways of business combining IT innovation and adoption while also leveraging an organizations current IT assets. Their work with large global corporations and new products or services and to implement prudent business and technology strategies in todays environment.Range of Expertise Includes Software Development Services Engineering Services Systems Integration Customer Relationship Management Product Development Electronic Commerce Consulting IT Outsourcing

We apply technology with innovation and responsibility to achieve two broad objectives: Effectively address the business issues our customers face today. Generate new opportunities that will help them stay ahead in the future.

This Approach Rest On A strategy where we architect, integrate and manage technology services and solutions - we call it AIM for success. A robust offshore development methodology and reduced demand on customer resources. A focus on the use of reusable frameworks to provide cost and times benefits.

They combine the best people, processes and technology to achieve excellent results - consistency. We offer customers the advantages of:SpeedThey understand the importance of timing, of getting there before the competition. A rich portfolio of reusable, modular frameworks helps jump-start projects. Tried and tested methodology ensures that we follow a predictable, low - risk path to achieve results. Our track record is testimony to complex projects delivered within and evens before schedule.

ExpertiseOur teams combine cutting edge technology skills with rich domain expertise. Whats equally important - they share a strong customer orientation that means they actually start by listening to the customer. Theyre focused on coming up with solutions that serve customer requirements today and anticipate future needs.A Full Service PortfolioThey offer customers the advantage of being able to Architect, integrate and manage technology services. This means that they can rely on one, fully accountable source instead of trying to integrate disparate multi-vendor solutions.ServicesImpact Solutions is providing its services to companies which are in the field of production, quality control etc. with their rich expertise and experience and information technology they are in best position to provide software solutions to distinct business requirements.

Chapter 2LITERATURE SURVEYLiterature survey is the most important step in software development process. Before developing the tool it is necessary to determine the time factor, economy and company strength. Once these things are satisfied, ten next steps are to determine which operating system and language can be used for developing the tool. Once the programmers start building the tool the programmers need lot of external support. This support can be obtained from senior programmers, from book or from websites. Before building the system the above consideration are taken into account for developing the proposed system.We have to analysis the Knowledge and Data Engineering and Cloud: 2.1 Data & Knowledge Engineering (DKE)Data & Knowledge Engineering (DKE) is a journal in database systems and knowledge base systems. It is published by Elsevier. It was founded in 1985, and is held in over 250 academic libraries. The editor-in-chief is P.P. Chen (Dept. of Computer Science, Louisiana State University, USA) This particular journal publishes 12 issues a year. All articles from the Data & Knowledge Engineering journal can be viewed on indexing services like Scopus and

2.2 Knowledge engineering (KE)KE is an engineering discipline that involves integrating knowledge into computer systems in order to solve complex problems normally requiring a high level of human expertise. At present, it refers to the building, maintaining and development of knowledge-based systems. It has a great deal in common with software engineering, and is used in many computer science domains such as artificial intelligence, including databases, data mining, expert systems, decision support systems and geographic information systems. Knowledge engineering is also related to mathematical logic, as well as strongly involved in cognitive science and socio-cognitive engineering where the knowledge is produced by socio-cognitive aggregates (mainly humans) and is structured according to our understanding of how human reasoning and logic works.Various activities of KE specific for the development of a knowledge-based system: Assessment of the problem Development of a knowledge-based system shell/structure Acquisition and structuring of the related information, knowledge and specific preferences (IPK model) Implementation of the structured knowledge into knowledge bases Testing and validation of the inserted knowledge Integration and maintenance of the system Revision and evaluation of the system. Knowledge engineering principlesSince the mid-1980s, knowledge engineers have developed a number of principles, methods and tools to improve the knowledge acquisition and ordering. Some of the key principles are: There are different: Types of knowledge each requiring its own approach and technique. Types of experts and expertise, such that methods should be chosen appropriately. Ways of representing knowledge, which can aid the acquisition, validation and re-use of knowledge. Ways of using knowledge, so that the acquisition process can be guided by the project aims (goal-oriented). Structured methods increase the efficiency of the acquisition process. Knowledge Engineering is the process of eliciting Knowledge for any purpose be it Expert system or AI development 2.3 Introduction to Data Mining and CloudData mining (also known as Knowledge Discovery in Databases - KDD) has been defined as "The nontrivial extraction of implicit, previously unknown, and potentially useful information from data" It uses machine learning, statistical and visualization techniques to discover and present knowledge in a form which is easily comprehensible to humans. As data and information will be shared with a third party, cloud computing users want to avoid an untrusted cloud provider. Protecting private and important information, such as credit card details or a patients medical records from attackers or malicious insiders is of critical importance. In addition, the potential for migration from a single cloud to a multi-cloud environment is examined and research related tosecurity issues in single and multi-clouds in cloud computing are surveyed.

2.4 System Architecture

Figure 2.4.1: system Architecture2.5 Project MethodologyThe different phases of project development that have actually been put to use are as follows: Analysis Design Coding TestingAnalysis PhaseThe analysis phase denies the requirements of the system, independent of how these requirements will be accomplished. We gain thorough understanding of objectives, determine available options and determine how the new system will integrate into existing systems and workflow. This is very critical phase in development of project and will serve as the blueprint in the development of your system. The deliverable result at the end of this phase is a requirement document.Design PhaseWe transform the information obtained in the analysis phase (System specification) into a detailed technical design for a new system. This phase requires further study of needed functionality and the graphical user interface. The design has been done keeping one thing in mind i.e. it should be user friendly. The design of the project is robust and any further changes or improvements can be done easily. The output of the design phase is a design document.Coding PhaseDuring this phase, we construct and develop your system, including integration with your existing technology. The code written for development of this application follows the rules and guidelines mentioned by the company.Testing PhaseTesting is the most important phase to identify and recovery of the bugs that occurred at the time of coding phase. This phase includes both unit and acceptance testing. Since the project requirements have been defined, and the system design is underway, test objectives and strategies are identified and included in the project scope document, project plane, and project cost estimate. 2.6 Overview on toolsTechnology DescriptionJava technology is used both a programming language and a platform.2.6.1 The Java Programming Language Java is a high-level programming language that is all of the following Simple Architecture-neutralObject-orientedPortableDistributed High-performanceInterpretedmultithreadedRobust DynamicSecureJava is also unusual in that each Java program is both compiled and interpreted. With a compile you translate a Java program into an intermediate language called Java byte codes the platform-independent code instruction is passed and run on the computer.Compilation happens just once; interpretation occurs each time the program is executed. The figure illustrates how this works.

Java ProgramCompilersInterpreterMy Program

Fig 2.6.1.1 : java interpreterYou can think of Java byte codes as the machine code instructions for the Java Virtual Machine (Java VM). Every Java interpreter, whether its a Java development tool or a Web browser that can run Java applets, is an implementation of the Java VM. The Java VM can also be implemented in hardware.Java byte codes help make write once, run anywhere possible. You can compile your Java program into byte codes on my platform that has a Java compiler. The byte codes can then be run any implementation of the Java VM. For example, the same Java program can run Windows NT, Solaris, and Macintosh.

2.6.2 THE JAVA PLATFORMA platform is a hardware or software environment in which a program runs. The Java platforms differs from other platforms in that it is a software only platform that runs on the top of the other hardware based platforms.The Java platform has two components:1. The Java Virtual Machine2. The Java Application Programming Interface(API) Java Virtual Machine is the base of the Java platform and it is ported on to various hardware based platforms.The API is a large collection of readymade software components that provide many useful capabilities. It is grouped into libraries of related classes and interfaces. These libraries are known as packages.The API and JVM insulate the program from the underlying hardware. As a platform independent environment a java platform can be a bit slower than native code.

2.6.3 Java Database Connectivity (JDBCTM): Provides uniform access to a wide range of relational databases. The Java platform also has APIs for 2D and 3D graphics, accessibility, servers, collaboration, telephony, speech, animation, and more. The following figure depicts what is included in the Java 2 SDK.

Fig 2.5.3.1 : java 2 SDK 2.6.4 Eclipse IDE For JavaThe Eclipse IDE for Java Developers provides superior Java editing with validation, incremental compilation, cross-referencing, code assist, XML Editor and much more.

Fig 2.5.4.1 : Eclipse IDE (Helios)

The Eclipse JDT (Java Development Tools) provides the tool plug-ins that implements a Java IDE, supporting the development of any Java application, including Eclipse plug-ins adds a Java project nature and Java perspective to the Eclipse Workbench as well as a number of views, editors, wizards, builders and code merging and refactoring tools.2.6.5 SQL ServerA database management, or DBMS, gives the user access to their data and helps them transform the data into information. Such database management systems include dBase, paradox, IMS, SQL Server and SQL Server. These systems allow users to create, update and extract information from their database.A database is a structured collection of data. Data refers to the characteristics of people, things and events. SQL Server stores each data item in its own fields. In SQL Server, the fields relating to a particular person, thing or event are bundled together to form a single complete unit of data, called a record (it can also be referred to as raw or an occurrence). Each record is made up of a number of fields. No two fields in a record can have the same field name.During an SQL Server Database design project, the analysis of your business needs identifies all the fields or attributes of interest. If your business needs change over time, you define any additional fields or change the definition of existing fields.2.6.6 Tomcat 6.0 web server Tomcat is an open source web server developed by Apache Group. Apache Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Web Servers like Apache Tomcat support only web components while an application server supports web components as well as business components (BEAs Weblogic, is one of the popular application server).To develop a web application with jsp/servlet install any web server like JRun, Tomcat etc to run your application.

Fig: 2.5.6.1 Tomcat Webserver

Chapter 3HARDWARE AND SOFTWARE REQUIREMENTS 3.1 SOFTWARE REQUIREMENTS Operating System : Windows95/98/2000/XP Application Server : Tomcat5.0/6.X/7.0 Front End : HTML, Java, Jsp Scripts : JavaScript. Server side Script : Java Server Pages. Database Connectivity: Mysql.

3.2 HARDWARE REQUIREMENTS RAM - 4GB Processor - Pentium III & above Speed - 1.1 Ghz RAM - 256 MB(min) Hard Disk - 20 GB Floppy Drive - 1.44 MB Key Board - Standard Windows Keyboard Mouse - Two or Three Button Mouse Monitor - SVGA

Chapter 4SOFTWARE REQUIREMENT SPECIFICATIONA software requirement specification (SRS) is a comprehensive description of the intended purpose and environment forsoftwareunder development. The SRS fully describes what the software will do and how it will be expected to perform.The introduction of the SRS provides an overview of the entire SRS with purpose, scope, definitions, acronyms, abbreviations, and references. The aim of the document is to gather and analyze and give an in depth insight of the complete Employee Location Tracker by defining the problem statement in detail.4.1 SRS for Single to Multi CloudFunctional Control the file access at cloud server, Data Integrity Proof at TPA. File Privacy Management

Non- Functional Cloud servers never monitors and controls the TPA

External interface LAN , Routers

Performance Finding File Hacker Information, File Sharing efficiency fairness

Attributes File Management,tpa,cloud server,owner,Remote Users, Blocked Users,Multi Cloud

Table: 3.1 Summaries of SRS4.1.1 Functional Requirements Functional Requirement defines a function of a software system and how the system must behave when presented with specific inputs or conditions. These may include calculations, data manipulation and processing and other specific functionality. In this system following are the functional requirements:- The Owner will divide the file into N number of blocks and has to upload the each block the individual cloud servers.

The Cloud server has to authorize the valid remote users. if the Remote user is hacker then he has to block in the cloud server. The data should be integrated by the cloud server. The Third party auditor has to maintain the error localization and has to monitor the Cloud Server Activities. The Remote user has to user correct Secret key and file name. If anyone is wrong then he is detected as attacker. The Attributes are File Management, tpa, cloud server, owner, Remote user and blocked user.

4.1.2 Non Functional Requirements Non Functional requirements, as the name suggests, are those requirements that are not directly concerned with the specific functions delivered by the system. They may relate to emergent system properties such as reliability response time and store occupancy. Alternatively, they may define constraints on the system such as the capability of the Input Output devices and the data representations used in system interfaces. Many non-functional requirements relate to the system as whole rather than to individual system features. This means they are often critical than the individual functional requirements. The following non-functional requirements are worthy of attention. The key non-functional requirements are: Security: The system should allow a secured communication between Cs and TPA, User and File Owner Energy Efficiency: The Energy consumed by the Users to receive the File information from the cloud server Reliability: The system should be reliable and must not degrade the performance of the existing system and should not lead to the hanging of the system.

4.1.3 Performance The network performance can be determined by few terms such as the cloud busy time, File utilization level, efficiency, fairness and imbalance. The amount of the time the cs allocated for File transmission and reception is called cs busy time. Similarly channel is sometimes being idle during communication. The unit of time which makes delay to transmit a packet is called channel access delay time. The channel or medium utilization level can be defined as average rate of reliable packets delivered through the channel. The MAC layer utilization level can be determined by noticing whether the medium is busy or idle. The binary values are used for indicating MAC layer utilization level. 1,0 are used for indicating channel is now busy or idle respectively. The main factor deciding buffer overflow is interface queue length when the queue length is limited in the network. The main terms that are to be calculated to determine the network performance are efficiency, fairness and imbalance. The efficiency of the communication is calculated by number hops the successful packets travelled to the total number of packets placed (dropped and retransmitted also included) in the Network.

4.1.4 Problem DefinitionThe problem of the system incorporates the previous system advantages and extends to find the unauthorized user, to prevent the unauthorized data access for preserving data integrity. The proposed system monitors the user requests according the user specified parameters and it checks the parameters for the new and existing users. The system accepts existing validated user, and prompts for the new users for the parameter to match requirement specified during user creation for new users. If the new user prompts parameter matches with cloud server, it gives privileges to access the Audit protocol author wise the system automatically blocks the Audit protocol for specific user.

4.1.5 Objective The Objective of the system is to Block the attackers in cloud servers automatically using automatic protocol, computing the cloud securely, secret sharing with Byzantine failure and proving the data integrity and batch auditing by the data owners

Chapter 5SYSTEM DEFINITION5.1 UML Diagram5.1.1 Use case diagramUse case diagram mainly captures the actor who interacts with system, namely the UPAA software. An actor is a person, organization or external system that plays a role in one or more interactions with the system. A use case diagram is a graphical notation for summarizing actors and use cases. The first step in a typical development effort is to analyze the description of the system and produce a model of the systems requirements.It consists of system, actor and use case. System: The system is depicted as a rectangle. Actor: Each actor is shown as a stick man. Use Case: each use case is shown as a solid bordered oval labeled with the name of the use case. Figure 5.1.1.1: Usecase Diagram of multi cloud5.1.2 Activity DiagramThe Activity Diagram captures the dynamic behavior of the system. Activity is a particular operation of the system. Activity diagrams are not only used for visualizing dynamic nature of a system but they are also used to construct the executable system by using forward and reverse engineering techniques. The only missing thing in activity diagram is the message part.

Figure 5.1.2.1: Activity Diagram for multi cloud

5.3 Sequence diagramSequence Diagrams are used primarily to design, document and validate the architecture, interfaces and logic of the system by describing the sequence of actions that need to be performed to complete a task or scenario. UML sequence diagrams are useful design tools because they provide a dynamic view of the system behavior which can be difficult to extract from static diagrams or specifications.

Figure 5.1.3.1: Sequence Diagram for multi cloud

5.4 Class DiagramThe purpose of the class diagram is to model the static view of an application. The class diagrams are the only diagrams which can be directly mapped with object oriented languages and thus widely used at the time of construction. It is the most popular UML diagram in the coder community.

Figure 5.1.4.2: Class Diagram for multi cloud

5.2 SOFTWARE DEVELOPMENT LIFE CYCLE The six stages of the Software Development Life Cycle (SDLC) are designed to build on one another, taking the outputs from the previous stage, adding additional effort, and producing results that leverage the previous effort and are directly traceable to the previous stages. This top-down approach is intended to result in a quality product that satisfies the original intentions of the customer.

Fig 5.2.1 : SDLC Phases

5.2.1 Planning Phase Planning Phase defines what, when and how the project will be carried out. This phase expands on the high level project online and provides a specific and detailed project definition. The most critical section of the project plan is a listing of high-level product requirements, also referred to as goals. All of the software product requirements to be developed during the requirements definition stage flow from one or more of these goals.

5.2.2 Requirement Phase The requirement gathering process takes as its input the goals identified in the high-level requirements section of the project plan. Each goal will be refined into a set of one or more requirements. These requirements define the major functions of the intended application, define operational data areas and reference data areas, and define the initial data entities. Major functions include critical processes to be managed, as well as mission critical inputs, output s and reports.5.2.3 Design Phase The design stage takes as its initial input the requirements identified in the approved requirements document. For each requirement, a set of one or more design elements will be produced as a result of interviews, workshops, and/or prototype efforts. Design elements describe the desired software features in detail, and generally include functional hierarchy diagrams, screen layout diagrams, tables of business rules, business process diagrams, pseudo code, and a complete entity-relationship diagram with a full data dictionary.5.2.4 Development Phase The development stage takes as its primary input to the design elements described in the approved design document. For each design element, a set of one or more software artifacts will be produced. Software artifacts include but are not limited to menus, dialogs and data management forms, data reporting formats, and specialized procedures and functions. Appropriate test cases will be developed for each set of functionally related software artifacts, and an online help system will be developed to guide users in their interactions with the software.5.2.5 Integration and Test Phase During the integration and test stage, the software artifacts, online help, and test data are migrated from the development environment to a separate test environment. At this point, all test cases are run to verify the correctness and completeness of the software. Successful execution of the test suite confirms a robust and complete migration capability.

5.2.6 Installation and Acceptance Phase During the installation and acceptance stage, the software artifacts, online help and initial production data are loaded onto the production server. At this point, all test cases are run to verify the correctness and completeness of the software. Successful execution of the test suite is a prerequisite to acceptance of the software by the customer. After customer personnel have verified that the initial production data load is correct and the test suite has been executed with satisfactory results, the customer formally accepts the delivery of the software.The primary outputs of the installation and acceptance stage include a production application, a completed acceptance test suite, and a memorandum of customer acceptance of the software.

Conclusion The structure imposed by this SDLC is specifically designed to maximize the probability of a successful software development effort. To accomplish this, the SDLC relies on four primary concepts: Scope restriction. Progressive Enhancement Pre-defined structure Incremental PlanningThese four concepts combine to mitigate the common risks associated with software development efforts.Software engineering paradigm refers to the development strategy that encompasses the process, methods and tools applied by the software engineer or a team of engineers. These also term as process models.

Chapter 6DETAILED DESIGN Detailed design of the system is the last design activity before implementation begins. The hardest design problems must be addressed by the detailed design or the design is not complete. The detailed design is still an abstraction as compared to source code, but should be detailed enough to ensure that translation to source is a precise mapping instead of a rough interpretation. Detailed design artifacts are going to contain a large amount of details which, if included in full, would obscure the point of this page. The detailed design should represent the system design in a variety of views where each view uses a different modeling technique. By using a variety of views, different parts of the system can be made clearer by different views. Some views are better at elaborating a systems state whereas other views are better at showing how data flows within the system. Other views are better at showing how different system entities relate to each through class taxonomies for systems that are designed using an object-oriented approach. A template for detailed design would not be of much use since each detailed design is likely to be unique and quite different from other designs.

6.1 Input Design Input design encompasses internal and external program interfaces and the design of the user interfaces. Internal and external interface designs are guided by the information obtained from the analysis model. This defines user tasks and actions either an elaborative or object oriented approach. Various input forms are designed categorically according to the particular need of the user, which fulfills the every need of the user. Inaccurate input data are the most common cause of errors in data processing. Errors found at the data entry can be controlled by proper input design. The input validations are performed at field level. The following are some constraints used in input design. Specifying maximum length for each field Specifying format for the data field, which are to be entered Specifying the field sequence

6.2 Output Design The output design minimizes the intellectual distance between the software and the problem, as it exists in the real world. The design is uniform and integrated. The output generated is clear and optimized. Output design builds coherent, well-planned representation of programs that concentrate on the inter relationships of parts at the higher level and logical operations involved at the lower level. The output is the most important and direct source of information to the user and help in decision making.6.3 Code Design The purpose of code is to facilitate the identification and retrieval of items of information. A code is an ordered collection of symbols designed to provide unique identification of an entity or an attribute. Codes are built with mutually exclusive features. Codes in all cases specify objects physical or on performance characteristics. Codes can show interrelationship among different items. Codes are used for identifying, accessing and matching records. The code ensure only one value of code with a single meaning is correctly applied to give entity or attribute

6.4 Data Flow DiagramData Flow Diagram (DFD and also called as Data Flow Graph) shows the flow of data through the system. It views the system as a function that transforms the input into desired output. DFD provides a mechanism for functional modeling. DFD may be partitioned into levels that represent increasing information flow and functional details. The context level DFD represents the entire software element process. The detailed DFDs are used in the design phase.NOTATIONDESCRIPTION

BUBBLE (PROCESS). It is the agent that forms the transformation of data from one state to another. The process is shown by named circle.

RECTANGLE. It represents a source or sink and is net originator or consumer of data.

ARROW .It represents the flow of data.

DOUBLE LINES. It represents the data store

Table 6.4.1: Basic DFD Diagram Notations

The special character * is used to represent (AND relationship) the need for multiple data flows by a process. + is used t represent OR relationship between dataflow.

6.4.1 Context Diagram A Context Flow Diagram is top Level (also known as level 0) data flow Diagram. It only contains one process node (Known as process 0) that generalizes the function of the entire system in relationship to external entities. There are only three symbols used in a context diagram: A Circle to represent the system in terms of a single process. Arrows to represent data flow. A rectangle to represent any external entities affecting the system, there can be numerous external entities. A double line represents the data store.

Figure 6.4.1: DFD Diagram for multi cloud

6.5 Entity-Relationship Diagram (ER Diagram)ER Modeling is widely used for designing databases. The main focus of ER modeling is the data items in the system and the relationship between them. It aims to create a conceptual schema (also called the ER model) for the data from the users perspective.SymbolMeaning

ENTITY TYPE. It defines a collection (or set) of entities that have the same attributes. Each entity type in the database is described by its name and attributes. The entity set(table) is usually referred to using the same name as the entity type.

ATTRIBUTE. It represents the structure of the entity type. If an attribute is composite (attributes having sub attributes) then its sub attributes are shown.

RELATIONSHIP. It represents the relationship between the entity types. Relationship types may also have attributes.

LINE. (Partial Participation)It represents the participating entity types of a relationship.

KEY ATTRIBUTE. It represents the structure of the key entity type

Table 6.5.1: Basic ER Diagram Notations

6.5.1 Key terms used in ER-Diagram:

Primary Key (Key Attribute):In ER-Diagrammatic notation each key attribute has its name underlined inside the oval.Degree of relationship type:The degree of a relationship type is the number of participating entity type. A relationship type of degree two is called Binary relationship and one of degree three is called Ternary.

Cardinality Ratio:It specifies the number of relationship instances an entity can participate in. One-to-one, one-to-many, many-to-many respectively. In ER-Modeling, the main focus is given on data in the problem and relationship between data items. Through ER model, the analyst can expect to get complete knowledge of all the data that exist in the system and how the data is related.

Figure 6.5.1: ER Diagram for multi cloud

6.6 Table DesignDatabase is collection of interrelated data stored with minimum redundancy to serve many users quickly and efficiently. Database designs are designed to manage large bodies of information and also for easy and flexible retrieval of data. Every system requires not only data, but also the structure of that data. A Database Management System (DBMS) collects the structure related files so that many users can retrieve, manipulate and store data. Here we will be using mysql Server as the DBMS. Table: Expense_Summery

Table: Expense_Summery

Table: Expense_Summery

Table: Expense_Summery6.7 Algorithm usedStep1: The username and password is entered it redirect to the admin welcome page.Step 2: User can register their details in the profile before logging in.Step 3: The user can create a user id, password and confirm password.Step 4: After user can upload the new file to multi cloud and download the files From multi cloud.Step5: The owner can verify the user file.Step 6: The employee can send the messages and received the messages to another employee.Step 7: After the user how to apply the job and the number of job vacancies to be viewed.Step 8: The user can be apply the job for online and then the user will be participated in the e-test.Step 9: Finally to view the e-test results and the new employee can register the particular details.

Chapter 7IMPLEMENTATIONThe implementation is one of the most important tasks in the project. It has one key activity: deploying the new system in its target environment. Supporting actions include training end-users and preparing to turn the system over to maintenance personnel. After this phase, the system enters the Operations and Maintenance Phase for the remainder of the systems operational life. Multiple-release projects require multiple iterations of the Implementation Phase one for each release.7.1 Implementation ModulesModule Description:1. Data Integrity2. Data Intrusion3. Service Availability4. DepSKy System ModelData Integrity: One of the most important issues related to cloud security risks is data integrity. The data stored in the cloud may suffer from damage during transition operations from or to the cloud storage provider. Cachinet al. gives examples of the risk of attacks from both inside and outside the cloud provider, such as the recently attacked Red Hat Linuxs distribution servers.One of the solutions that they propose is to use a Byzantine fault-tolerant replication protocol within the cloud. Hendricks et al. State that this solution can avoid data corruption caused by some components in the cloud. However, Cachinet al.Claim that using the Byzantine fault tolerant replication protocol within the cloud is unsuitable due to the fact that the servers belonging to cloud providers use the same system installations and are physically located in the same place.

Data Intrusion: According to Garfinkel, another security risk that may occur with a cloud provider, such as the Amazon cloud service, is a hacked password or data intrusion. If someone gains access to an Amazon account password, they will be able to access all of the accounts instances and resources. Thus the stolen password allows the hacker to erase all the information inside any virtual machine instance for the stolen user account, modify it, or even disable its services. Furthermore, there is a possibility for the users email(Amazon user name) to be hacked (see for a discussion of the potential risks of email), and since Amazon allows a lost password to be reset by email, the hacker may still be able to log in to the account after receiving the new reset password.Service Availability: Another major concern in cloud services is service availability. Amazon mentions in its licensing agreement that it is possible that the service might be unavailable from time to time. The users web service may terminate for any reason at any time if any users files break the cloud storage policy. In addition, if any damage occurs to any Amazon web service and the service fails, in this case there will be no charge to the Amazon Company for this failure. Companies seeking to protect services from such failure need measures such as backups or use of multiple providers.DepSKy System Model: The DepSky system model contains three parts: readers, writers, and four cloud storage providers, where readers and writers are the clients tasks. Bessani et al. explain the difference between readers and writers for cloud storage. Readers can fail arbitrarily (for example, they can fail by crashing, they can fail from time to time and then display any behavior) whereas, writers only fail by crashing.7.2 IMPLEMENTATION PROCESS The system is developed in such a way that the existing facilities are enough for implementation. The hardware facilities are made sufficient enough to implement the newly developed. The first step in implementation is the approval from the users.

The workflow of the developed application is as follows:

Welcome Page:

Client Register:

Client Login:

File Upload:

File Stored in Multi-Cloud:

File upload to Multi Cloud:

Cloud Owner Login:

User File:

File Verify Owner :

File Verified:

Provider Login:

File verify:

File verify:

Adding Information to Client File:

While verifying the File it Shown Error:

After Verify:

Client verify File with Key:

Client Verify Server 1:

Client Verify Server 2:

Client Verify Server 3:

View Original File and Download

Chapter 8TESTING AND RESULTThe purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product. It provides a way to check the functionality of components, sub-assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of ensuring that the Software system meets its requirements and user expectations and does not fail in an unacceptable manner. There are various types of test. Each test type addresses a specific testing requirement.8.1 TESTING METHODOLOGIES The entire process can be divided into 5 phases Functional testing System Testing Unit Testing Integrated Testing Acceptance Testing

8.1.1 Functional testingFunctional tests provide a systematic demonstration that functions tested are available as specified by the business and technical requirements, system documentation, and user manuals.Functional testing is centered on the following items:Valid Input: Identified classes of valid input must be accepted.Invalid Input: Identified classes of invalid input must be rejected.Functions: Identified functions must be exercised.Output: Identified classes of application outputs must be exercised.Systems/Procedures: Interfacing systems or procedures must be invoked. Organization and preparation of functional tests is focused on requirements, key functions, or special test cases. In addition, systematic coverage pertaining to identify Business process flows; data fields, predefined processes, and successive processes must be considered for testing. Before functional testing is complete, additional tests are identified and the effective value of current tests is determined.8.1.2.System TestingSystem testing ensures that the entire integrated software system meets requirements. It tests a configuration to ensure known and predictable results. An example of system testing is the configuration oriented system integration test. System testing is based on process descriptions and flows, emphasizing pre-driven process links and integration points8.1.3 Unit TestingUnit testing is usually conducted as part of a combined code and unit test phase of the software lifecycle, although it is not uncommon for coding and unit testing to be conducted as two distinct phases.8.1.4 Integration TestingSoftware integration testing is the incremental integration testing of two or more integrated software components on a single platform to produce failures caused by interface defects. The task of the integration test is to check that components or software applications.E.g. components in a software system or one step up software applications at the company level interact without error.8.1.5 Acceptance TestingUser Acceptance Testing is a critical phase of any project and requires significant participation by the end user. It also ensures that the system meets the functional requirements.8.2 Test strategy and approachField testing will be performed manually and functional tests will be written in detail.8.3 Test objectivesAll field entries must work properly. Pages must be activated from the identified link .The entry screen, messages and responses must not be delayed.8.4 Features to be testedVerify that the entries are of the correct format no duplicate entries should be allowed. All links should take the user to the correct page.Test ResultsAll the test cases mentioned above passed successfully. No defects encountered.Sl NoScenariosExpected ResultActual ResultStatus

1User RegistrationUser Registration SuccessfulUser Registration SuccessfulSuccess

2User LoginLogin SuccessfulLogin SuccessfulSuccess

3Provider RegistrationProvider Registration SuccessfulProvider Registration SuccessfulSuccess

4Provider LoginProvider SuccessfulProvider SuccessfulSuccess

5File UploadSuccessful uploadSuccessful uploadSuccess

6File verifySuccessfulFile verifySuccessful File verifiedSuccess

7View File StatusSuccessfulSuccessfulSuccess

8Download FiledownloadSuccessfully File downloaded Success

Chapter 9CONCLUSIONIt is clear that although the use of cloud computing has rapidly increased, cloud computing security is still considered the major issue in the cloud computing environment. Customers do not want to lose their private information as a result of malicious insiders in the cloud. In addition, the loss of service availability has caused many problems for a large number of customers recently. Furthermore, data intrusion leads to many problems for the users of cloud computing. The purpose of this work is to survey the recent research on single clouds and multi-clouds to address the security risks and solutions. We have found that much research has been done to ensure the security of the single cloud and cloud storage whereas multi-clouds have received less attention in the area of security. We support the migration to multi-clouds due to its ability to decrease security risks that affect the cloud computing user.

Chapter 10FUTURE ENHANCEMENTSWhen we develop a project, we try our level best to include all the options to make it work efficiently and to meet all the client requirements. But as the time goes on technology develops and also the client requirements change. So the application must be designed in such a way that we should be always be able to make the required changes whenever necessaryFor future work, we aim to provide a framework to supply a secure cloud database that will guarantee to prevent security risks facing the cloud computing community. This framework will apply multi-clouds and the secret sharing algorithm to reduce the risk of data intrusion and the loss of service availability in the cloud and ensure data integrity.

Chapter 11BIBLIOGRAPHY

11.1 Books Referred Software Engineering,Roger.S.Pressman Mc.Graw Hill The Unified Modeling Language User Guide, Grady Booch, James Rumbaugh, Ivar Jacobson. Sotware Project Management.Walker Rayce.

11.2 Websites http://java.sun.com http://www.sourcefordgde.com http://www.networkcomputing.com/ http://www.roseindia.com/ http://www.java2s.com/ http://stackoverflow.com/

NMAMIT, NitteDepartment of MCA2014