Research Report on Preserving Data Confidentiality & Data Integrity in Cloud Environment.

Preserving Data Confidentiality and Data Integrity in Cloud Environment
Dept. of Computer Science & Engineering 1 Nagpur Institute of Technology,Nagpur
1. INTRODUCTION
Cloud storage is one of the primary use of cloud computing therefore data security is
important. It provides data confidentiality and data integrity. It is mainly used for to
preserve data confidentiality of private data and to maintain the data integrity so that
the confidential data must not be copied or duplicated. The most important work is to
design a solution which will provide information security in cloud environment.
Cloud computing has been envisioned as the next-generation information technology
(IT) architecture for enterprises, due to its long list of unprecedented advantages in
the IT history: on-demand self-service, ubiquitous network access, location
independent resource pooling, rapid resource elasticity, utilization-predicated pricing
and transference of peril.
As a disruptive technology with profound implicative insinuations, cloud computing
is transforming the very nature of how businesses use information technology. One
fundamental facet of this paradigm shifting is that data are being centralized or
outsourced to the cloud. From clients' viewpoint, including the two people and IT
ventures, putting away information remotely to the cloud in an adaptable on-request
way brings engaging advantages: relief of the encumbrance for capacity
Management, ecumenical data access with location independence, and avoidance of
capital expenditure on hardware, software, and personnel maintenances, etc.
While cloud computing makes these advantages more appealing than ever, it also
brings new and challenging security threats toward users’ outsourced data. Since
cloud service providers (CSP) are separate administrative entities, data outsourcing is
actually relinquishing user’s ultimate control over the fate of their data. As a result,
the correctness of the data in the cloud is being put at risk due to the following reasons.
First of all, although the infrastructures under the cloud are much more powerful and
reliable than personal computing devices, they are still facing the broad range of both
internal and external threats for data integrity.
Examples of outages and security breaches of eminent cloud accommodations appear
from time to time. Second, there do exist various motivations for CSP to behave
unfaithfully toward the cloud users regarding their outsourced data status. For
examples, CSP might reclaim storage for monetary reasons by discarding data that

have not been or are rarely accessed, or even hide data loss incidents to maintain a
reputation.
In short, albeit outsourcing data to the cloud is economically captivating for long-term
sizably voluminous-scale storage, it does not immediately offer any assurance on data
integrity and data confidentiality.
1.1 Motivation/Need
Cloud computing is that the combination of the many pre-existing technologies that
have matured at completely different rates and in numerous contexts. The goal of
cloud computing is to permit users to require have the benefit of these technologies.
several organizations square measure going in cloud as a result of it permits the users
to store their knowledge on clouds and might access at any time from anyplace.
knowledge breaching is feasible in cloud atmosphere, since knowledge from
numerous users and business organizations lie along in cloud. By causation the
information to the cloud, {the knowledge the information} house owners transfer the
management of their data to a 3rd individual that could raise security issues. typically,
the Cloud Service supplier (CSP) itself can use/corrupt the information lawlessly [1].
Cloud suppliers build IT resources and applications offered as a metered service that
users will consume through the web. Cloud services square measure generally
classified into software system as a Service (SaaS), Platform as a Service (PaaS), and
Infrastructure as a Service (IaaS) like raw computing power or cloud storage. By its
terribly nature, cloud computing involves some cession of management from the
client to the service supplier. However, management and security don't seem to be
identical. In fact, knowledge security in cloud computing is probably superior to
security within the typical company knowledge center because of identical forces that
drive such a lot sensible through the marketplace as a full economy of scale and
division of labor. Because security prices square measure unfolds among an oversized
variety of consumers in cloud knowledge centers, cloud operators square measure
ready to apply way more resources to physical, technical, and operational security
measures than will most firms or government agencies. several massive suppliers
additionally safeguard knowledge security in cloud computing by in operation
multiple knowledge centers with knowledge replicated across facilities. And unlike
most firms and public agencies, cloud providers' core business is working and
delivering IT services. Managed cloud suppliers so transfer A level of expertise and

experience to their knowledge security operations that the majority organizations
square measure in trouble to match. But whereas security technologies and experience
within the cloud knowledge center could surpass that in several company knowledge
centers, there stay valid issues concerning security in what may be known as the
"fourth tier" of cloud architecture: the general public net, through that cloud services
square measure delivered to finish users.
Importance of information Security in Cloud- Cloud knowledge security is important,
as you may need to make certain that your knowledge is safe whereas keep within the
cloud. variety of high-profile hacking cases mean that this issue is topical for several
business house owners, however the fact is that your knowledge is far safer within the
cloud, and security is a particularly high priority for all cloud storage services. Cloud
security is very important for each business and private user. everybody needs to grasp
that their data is safe and secure and businesses have legal obligations to stay
consumer knowledge secure, with bound sectors having additional rigorous rules
concerning knowledge storage.
1.2 Aim
• Data Confidentiality in Cloud Environment –
Confidentiality refers to protecting information from being accessed by unauthorized
parties. In other words, only the people who are authorized to do so can gain access to
sensitive data.
Confidentiality is roughly equivalent to privacy. Measures undertaken to ensure
confidentiality are designed to prevent sensitive information from reaching the wrong
people, while making sure that the right people can in fact get it: Access must be
restricted to those authorized to view the data in question. It is common, as well, for
data to be categorized according to the amount and type of damage that could be done
should it fall into unintended hands. More or less stringent measures can then be
implemented according to those categories.
Sometimes safeguarding data confidentiality may involve special training for that
privy to such documents. Such training would typically include security risks that
could threaten this information. Training can help familiarize authorized people with
risk factors and how to guard against them. Further aspects of training can include
strong passwords and password-related best practices and information about social

engineering methods, to prevent them from bending data-handling rules with good
intentions and potentially disastrous results.
A good example of methods used to ensure confidentiality is an account number or
routing number when banking online. Data encryption is a common method of
ensuring confidentiality.
User IDs and passwords constitute a standard procedure; two-factor authentication is
becoming the norm. Other options include biometric verification and security tokens,
key fobs or soft tokens. In addition, users can take precautions to minimize the number
of places where the information appears and the number of times it is actually
transmitted to complete a required transaction.
Extra measures might be taken in the case of extremely sensitive documents,
precautions such as storing only on-air gapped computers, disconnected storage
devices or, for highly sensitive information, in hard copy form only.
• Data Integrity in Cloud Environment –
Data integrity is a fundamental component of information security. In its broadest use,
“data integrity” refers to the accuracy and consistency of data stored in a database,
data warehouse, data mart or other construct.
Maintaining data integrity is important for several reasons. For one, data integrity
ensures recoverability and searchability, traceability (to origin), and connectivity.
Protecting the validity and accuracy of data also increases stability and performance
while improving reusability and maintainability.
Data increasingly drives enterprise decision-making, but it must undergo a variety of
changes and processes to go from raw form to formats more practical for identifying
relationships and facilitating informed decisions. Therefore, data integrity is a top
priority for modern enterprises.
Data integrity can be compromised in a variety of ways, making data integrity
practices an essential component of effective enterprise security protocols. Data
integrity may be compromised through:
➢ Human error, whether malicious or unintentional
➢ Transfer errors, including unintended alterations or data compromise during
transfer from one device to another
➢ Bugs, viruses/malware, hacking, and other cyber threats
➢ Compromised hardware, such as a device or disk crash
➢ Physical compromise to devices

Since only some of these compromises may be adequately prevented through data
security, the case for data backup and duplication becomes critical for ensuring data
integrity. Other data integrity best practices include input validation to preclude the
entering of invalid data, error detection/data validation to identify errors in data
transmission, and security measures such as data loss prevention, access control, data
encryption.
Integrity involves maintaining the consistency, accuracy, and trustworthiness of data
over its entire life cycle. Data must not be changed in transit, and steps must be taken
to ensure that data cannot be altered by unauthorized people (for example, in a breach
of confidentiality). These measures include file permissions and user access controls.
Version control maybe used to prevent erroneous changes or accidental deletion by
authorized users becoming a problem. In addition, some means must be in place to
detect any changes in data that might occur as a result of non-human-caused events
such as an electromagnetic pulse (EMP) or server crash. Some data might include
checksums, even cryptographic checksums, for verification of integrity. Backups or
redundancies must be available to restore the affected data to its correct state.
1.3 Scope
Confidentiality assures that only the authorized and intended users or systems are
given consent to access the data. Data confidentiality refers to keep the data concealed
from unauthorized access when it is stored and also when the data is in transit state.
While ensuring the confidentiality, some additional dimensions are considered viz.
user privacy and access privacy. Privacy is one of the primary requirements to achieve
the security.
Examples of information that could be considered confidential are health records,
financial account information, criminal records, source code, trade secrets, and
military tactical plans.
Security controls that can provide confidentiality protection are encryption, logical
and physical access controls, database views, controlled traffic flows, etc.
Data confidentiality is the property that data contents are not made available or
disclosed to illegal users. Outsourced data is stored in a cloud and out of the owners'
direct control. Only authorized users can access the sensitive data while others,
including CSPs, should not gain any information of the data. Meanwhile, data owners

expect to fully utilize cloud data services, e.g., data search, data computation, and data
sharing, without the leakage of the data contents to CSPs or other adversaries.
Integrity assures that the data stored in database or in transmission state are not
modified or manipulated except by trusted persons or processes. Completeness and
correctness are two important dimensions of integrity. Completeness means that query
results obtained by fetching all records from the database and no any record containing
the predicate in the query is excluded. It ensures that entire results are obtained when
a query is fired on the database. Correctness means that the query results obtained
from server are tamperproof and generated by original server. To verify that integrity
is maintained, query assurance mechanism needs to be incorporated which ensures
that query fired against the database is correctly and completely executed by service
provider or process including all matched predicates in query.
Information must be accurate, complete, and protected from unauthorized
modification or destruction. When a security control provides integrity, it protects data
from being altered or deleted in an unauthorized fashion.
A loss of integrity is the unauthorized modification or destruction of information.
One example of information integrity is when a user issues a request to her online
bank account to pay her $50 water utility bill. The bank needs to be sure that the
integrity of that transaction was not altered during transmission, so the user does not
end up paying the utility company $500 instead.
Security controls that can provide integrity protection are message digest, digital
signature, logical and physical access controls, backups, file integrity monitoring,
database views, etc.
The overall intent of any data integrity technique is the same: ensure data is recorded
exactly as intended (such as a database correctly rejecting mutually exclusive
possibilities,) and upon later retrieval, ensure the data is the same as it was when it
was originally recorded. In short, data integrity aims to prevent unintentional changes
to information. Data integrity is not to be confused with data security, the discipline
of protecting data from unauthorized parties.
Any unintended changes to data as the result of a storage, retrieval or processing
operation, including malicious intent, unexpected hardware failure, and human error,
is failure of data integrity. If the changes are the result of unauthorized access, it may
also be a failure of data security.

1.4 Objectives
• To preserve the data confidentiality of private data-
Data confidentiality is important for users to store their private or confidential data in
the cloud. Authentication and access control strategies are used to ensure data
confidentiality. The data confidentiality, authentication, and access control issues in
cloud computing could be addressed by increasing the cloud reliability and
trustworthiness.
• To maintain the data integrity-
Data integrity is one of the most critical elements in any information system.
Generally, data integrity means protecting data from unauthorized deletion,
modification, or fabrication. Managing entity's admittance and rights to specific
enterprise resources ensures that valuable data and services are not abused,
misappropriated, or stolen.
• To design the solution which will provide information security in cloud
environment-
The term “information security” means protecting information and information
systems from unauthorized access, use, disclosure, disruption, modification, or
destruction in order to provide integrity and confidentiality. Here, integrity means
guarding against improper information modification or destruction, and includes
ensuring information non-repudiation and authenticity. Confidentiality means
preserving authorized restrictions on disclosure and access, including means for
defending proprietary and personal privacy information.2

2. LITERATURE REVIEW
This chapter presents the critical analysis of the existing literature which is relevant
to the data confidentiality and integrity associated with the cloud environment.
Though, the literature consists of a lot many research contributions, but, here, we have
analyzed some of the research and review papers. The existing approaches are
categorized based on the basic concepts involved in the mechanisms. Finally, the
findings are summarized related to the scanned and analyzed research papers.
2.1 Historical Work
Cloud Computing allows the user to store their data on the storage location maintained
by a third party. Once the data is uploaded into the cloud the user loses its control over
the data. The attacker may be internal or external. Unauthorized access is also a
common practice due to weak access control [1].
Data Confidentiality Issues-
A. Access control: When data is outsourced to the cloud, which is untrusted
because it is in a domain where security is not managed by the data owner,
data security has to be given more attention. When more than one entity wants
to share data, there has to be a mechanism to restrict who can access that data
[6].
B. Public Key Encryption: Public key encryption is used to encrypt the data by
using the public key. Only the one who has the private key can decrypt this
data. There are many issues that make this way hard to apply in the cloud when
many people need to access those files [6].
C. Identity-Based Encryption (IBE): The owner of data can encrypt his data by
specifying the identity of the authorized entity to decrypt it based on that
entity? identity, which must match the one specified by the owner. Therefore,
there is no key exchange [6].
D. Attribute Based Encryption (ABE): In attribute-based encryption, an identity
of a user is identified by a set of attributes. This set of attributes generates the
secret key. Also, it defines the access structure used for access control. This
access control is using encryption to encrypt data for confidentiality and share

it among group of users. It is a kind of integrating the encryption with the
access control [6].
2.2 Literature Survey
Sr
No.
Name of
Author
Year
of
publication
Title Context Remark
1 A
Venkatesh,
Marrynal S
Eastaff
2018 A Study on
Data Storage
Security
Issues in
Cloud
Computing
Cloud service
provider hosts
the data of
data owner on
their server
and user can
access their
data from
these servers.
Data
Security is
the major
threat in
cloud
computing.
2 Nupoor M.
Yawale,
Prof. V. B.
Gadicha
2014 A Result
Analysis on
Privacy-
Preserving
Public
Auditing
System of
Data Storage
Security in
Cloud
Computing
through
Trusted TPA
Many users
place their
data in the
cloud, so
correctness of
data and
security is a
prime
concern.
TPA can
perform
auditing
tasks.
Resulted
encrypted
method is
secure and
easy to use.

Table 2.1 Literature Survey
3 Ms.
Mayuri R.
Gawande,
Mr.
Arvind S.
Kapse
2014 Analysis of
Data
Confidentialit
y Techniques
in Cloud
Computing
There are
chances of
hampering the
security of the
data due to
untrustworthi
ness of service
provider.
Cloud
computing
offers
attractive
and cost
effective
solutions
to
customers,
but it also
imposes
many
challenges
regarding
confidenti
ality,
privacy.
4 Naresh
vurukonda
,
B.Thiruma
la Rao
2016 A Study on
Data Storage
Security
Issues in
Cloud
Computing
This study
identifies the
issues related
to the cloud
data storage
such as data
breaches, data
theft, and
unavailability
of cloud data.
Cloud
manageme
nt
customer
don’t have
trust
worthy
commitme
nts or
policies.

2.3 Existing System
Fig 2.3. DFD of AES algorithm in action for text encryption and decryption.
The data or information is present in plaintext. After that by using 128-bit block cipher
the data is converted into Ciphertext. Decryption of the cipher-text converts the data
back into its original form, which is called plaintext. AES algorithm uses Secret key
of 128 bit to encrypt and decrypt data.
In existing system, the secret key is used of 128 bits, but we are using 256-bit
encryption is a data/file encryption technique that uses a 256-bit key to encrypt and
decrypt data or files.

3. FORMULATION OF PROBLEM
This chapter, firstly, discusses the analysis of the identified problem and latter
presents the mathematical formulation of the identified problem of data
confidentiality and Integrity.
3.1 Problem Analysis
Cloud Computing allows the users to store their data on the storage location
maintained by a third party. Once the data is uploaded into the cloud the user loses its
control over the data and the data can be tampered by the attackers [1].
The major dispute in cloud computing is confidentiality. Data confidentiality means
accessing the data only by authorized users and is strongly related to authentication.
In another way confidentiality means keeping users data secret in the cloud systems
[1].
Another serious problem faced by cloud computing is integrity. Integrity of data
means to make sure that the data has not been changed by an unauthorized person or
in an unauthorized way. It is a method for ensuring that the data is real, accurate and
safeguarded from unauthorized users. As cloud computing supports resource sharing,
there is a possibility of data being corrupted by unauthorized users. Digital Signatures
can be used for preserving the integrity of data [1].

4. METHODOLOGY
This chapter gives elaboration on the proposed approach. The procedure for
preserving data confidentiality and integrity are as follows: upload the data file,
perform encryption, download data file, perform decryption based on access policy,
download the data.
4.1 Overview of the Proposed Approach
The working of the proposed approach is divided into two main steps, data uploading-
encryption of data and data decryption- download data file
Fig 4.1 Semantic diagram of proposed approach
The proposed solution is dedicated to provide confidentiality of User’s data. This is
achieved by using AES algorithm on the plain text data of user then this data will be
preserved on the cloud and to access the data from the cloud an authentication
mechanism is implemented.
In this way confidentiality and access control is preserved for the user’s data. Initially
user’s data is available in plain text. Then the plain text is converted into cipher text.
For data confidentiality, we perform cryptographic algorithm (AES). Then plain text
is converted into its corresponding cipher text. Afterwards the data move to the cloud
through some cloud service provider. Now, the user’s data is stored in cloud. To
access the data user, have to enter valid credentials.

4.2 Data Flow Diagram/Block or Circuit diagram
Fig 4.2 Data flow diagram of Preserving Data Confidentiality & Data Integrity in
Cloud Environment.
Perform
Encryption(AES)

Proposed system mainly consists of two modules which are listed below:
• Login Module
• Cryptography
Login Module
In this module, there is multiple login
• User Login
• CSP Login
The role of User and CSP are as follows-
Initially user can register himself or herself with specific information. Then user can
simply store data, file or application on cloud and download the decrypted data from
the cloud. User can share the file to other user’s which is password protected.
CSP provide space for storing data on cloud and response to challenge. But CSP
doesn’t have any privilege to see the original content of users file or data. So that
privacy is preserved. It maintains the User Log (user entry).
4.3 Proposed approach details
The three variants of AES are based on different key sizes (128, 192, and 256 bits).
In this article, we will focus on the 128-bit version of the AES key schedule, which
provides sufficient background to understand the 192- and 256-bit variants as well.
At the end, we'll include a note the other variants, and how they differ from the 128-
bit version.
Here we are using two algorithms-
1. Cryptographic Encryption Algorithm
AES comprises three block ciphers: AES-128, AES-192 and AES-256. Each cipher
encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128-,
192- and 256-bits, respectively.
Symmetric (also known as secret-key) ciphers use the same key for encrypting and
decrypting, so the sender and the receiver must both know -- and use -- the same secret
key. There are 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds
for 256-bit keys -- a round consists of several processing steps that include

substitution, transposition and mixing of the input plaintext and transform it into the
final output of ciphertext.
Fig 4.3 AES Design
The AES encryption algorithm defines a number of transformations that are to be
performed on data stored in an array. The first step of the cipher is to put the data into
an array; after which the cipher transformations are repeated over a number of
encryption rounds. The number of rounds is determined by the key length, with 10
rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys.
Advanced Encryption Standard (AES)
Fig 4.4 Basic structure of AES

EncryptionProcessAES
The encryption phase of AES can be broken into three phases: the initial round,
the main rounds, and the final round. All of the phases use the same sub-
operations in different combinations as follows:
• Initial Round
o AddRoundKey
• Main Rounds
o SubBytes
o ShiftRows
o MixColumns
o AddRoundKey
• Final Round
o SubBytes
o ShiftRows
o AddRoundKey
The main rounds of AES are repeated a set number of times for each variant of AES.
AES-128 uses 9 iterations of the main round, AES-192 uses 11, and AES-256 uses
13.
Fig 4.5 Overall structure of encryption and decryption in Advanced Encryption
Standard

The four sub-operations of AES are SubBytes, ShiftRows, MixColumns and
AddRoundKey. These are explained in more detail in the following subsections.
Byte Substitution (SubBytes)
The SubBytes phase of AES involves splitting the input into bytes and passing each
through a Substitution Box or S-Box. Unlike DES, AES uses the same S-Box for all
bytes. The AES S-Box implements inverse multiplication in Galois Field 28. The
AES S-Box is shown in the Table below.
Table 4.1 AES S-Box
To read this Table, the byte input is broken into two 4-bit halves. The first half
determines the row and the second half determines the column. For example, the S-
Box transformation of 35 or 0x23 can be found in the cell at the intersection of the
row labeled 20 and the column labeled 03. Therefore decimal 35 becomes 0x26 or
decimal 38.

Shiftrows
Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall off’ are
re-inserted on the right side of row. Shift is carried out as follows −
• First row is not shifted.
• Second row is shifted one (byte) position to the left.
• Third row is shifted two positions to the left.
• Fourth row is shifted three positions to the left.
• The result is a new matrix consisting of the same 16 bytes but shifted with
respect to each other.
In the Figure, the first number in each cell refers to the row number and the second
refers to the column. The topmost row (row 0) does not shift at all, row 1 shifts left
by one, and so on.
MixColumns
Like the ShiftRows phase of AES, the MixColumns phase provides diffusion by
mixing the input around. Unlike ShiftRows, MixColumns performs operations
splitting the matrix by columns instead of rows.
A visual representation of the MixColumns operation is shown above. Unlike
standard matrix multiplication, MixColumns performs matrix multiplication as per
Galois Field 28. Although we won't describe this step-in detail, it is important to note

that this multiplication has the property of operating independently over each of the
columns of the initial matrix, i.e. the first column when multiplied by the matrix,
produces the first column of the resultant matrix.
Addroundkey
The 16 bytes of the matrix are now considered as 128 bits and are XORed to the 128
bits of the round key. If this is the last round then the output is the ciphertext.
Otherwise, the resulting 128 bits are interpreted as 16 bytes and we begin another
similar round.
DecryptionProcess
Basically, we have inversed the whole encryption and applied all the operations
backwards. The process of decryption of an AES ciphertext is similar to the
encryption process in the reverse order. Each round consists of the four processes
conducted in the reverse order −
• Add round key
• Mix columns
• Shift rows
• Byte substitution
Since sub-processes in each round are in reverse manner, unlike for a Feistel Cipher,
the encryption and decryption algorithms need to be separately implemented,
although they are very closely related.
2. Cryptography Data Integrity Algorithm
Digital Signatures- Public-key cryptosystems allows a user to digitally "sign" a
message they send. This digital signature provides proof that the message originated
from the designated sender. In order to be effective, digital signature need to be
both message-dependent as well as signer-dependent. This would prevent electronic
"cutting and pasting" as well as modification of the original message by the recipient.
Suppose user A wanted to send a "digitally-signed" message, M, to user B:
• User A applies their decryption procedure to M. This results in cipher text C.

• User A applies the encryption procedure of user B to C. This results in message
S.
• Cipher text message S is sent over some communication channel
• Upon receipt, user B applies their decryption procedure to S. This results in
cipher text message C.
• User B applies user A's encryption procedure to message C. This results in the
original message, M.
User B cannot alter the original message or use the signature with any other message.
To do so would require user B to know how to decrypt a message using A's decryption
procedure.

4.4 Snapshots
Fig 6.1 Homepage: This is the User Interface for creating an account on Preserving
Data Confidentiality & Data Integrity in Cloud Environment
Fig 6.2 Registration:
User can register here for creating new account

Fig 6.4 Upload File:
User can upload a file which stored in the server
Fig 6.3 Login:
User can Login here for accessing his/her account

Fig 6.5 Server-Side Encrypted File:
Uploaded File on the Cloud gets encrypted to the server side
Fig 6.6 Client-Side Encryption:
This is the client-side encryption where user can manually encrypt or decrypt file

Fig 6.7 Password Protected Encryption:
User can Encrypt a file which is password protected.
13
Fig 6.8 Encrypted File:
Plain text gets converted into Cipher text

Fig 6.9 Decryption:
User can Decrypt a file which is password protected with the same password which
is used for encryption.
Fig 6.10 Shareable Link:
Shareable Link is password protected

5. EXPERIMENTAL RESULTS AND DISCUSSION
5.1 Experimental Setup
• Software Requirements:
o User Requirements:
Operating System: Windows, Mac or Linux
Web Browser: All industry standard web browsers (Internet Explorer,
Mozilla Firefox, Google Chrome, Apple Safari)
o Web Server Requirements:
You need to be running PHP 5.3+ & MySQL 4.1+ on a web server
(Apache). PHPKB knowledge base software has been deployed
successfully on Apache and web servers.
➢ Operating System: Windows
➢ Web Server: Apache Web Server
➢ PHP Version: For MySQL Editions, PHP 5.3 or above with PHP
XML extension enabled.
➢ Database: MySQL 4.1
• Hardware Requirements:
o Minimum 350MB Hard Disk space for installation
o 4GB HD space required for a typical live system with 1000-2000
events
o Recommended minimum CPU - Pentium 4, 3.2GHz
o Recommended 1GB RAM for a Central Server with 3 Nodes
o Network card
5.2 Experimental Results:
The experimental results are implemented using the Php, Html, MySQL. The below
said encryption algorithm are compared for different file size and shown in table 5.2.
Performance of those algorithm is evaluated by considering the following parameters.
A. Stimulation Time

Time taken during the process is to be noticed. Encryption time is the time taken to
produces a cipher text from plain text Decryption time is the time taken to produce a
plain text from cipher text.
Table 5.2. Comparison of various packet sizes “A Survey on Performance Analysis of DES,
AES and RSA Algorithm along with LSB Substitution Technique” by B. Padmavathi, S.
Ranjitha Kumari, 2013, International Journal of Science and Research (IJSR), Volume 2, 173

The Graph (a) is showing the results acquired from the existing and proposed AES
implementation for Text and image data. The table is representing the encryption
speed on the basis of the several data sizes. Rotating the iterations for 64 bytes of data
creates the test over the variable data sizes. The data of 64 bytes has been iterated for
128, 256, 512, 1024, 2048 and 4096 times to achieve the data sizes of 64 kb, 128 kb,
256 kb, 512 kb, 1024 kb, 2048 kb and 4096 kb, respectively.
The Graph (b) is showing the results acquired from the existing and proposed AES
implementation for Text and image data. The table is showing the elapsed time for
encryption on the basis of the various data sizes. Rotating the iterations for 64 bytes
of data creates the test over the variable data sizes. The data of 64 bytes has been
iterated for 128, 256, 512, 1024, 2048 and 4096 times to achieve the data sizes of 64
kb, 128 kb, 256 kb, 512 kb, 1024 kb, 2048 kb and 4096 kb, respectively.
The subsequent Graph (c) is depicting the results acquired from the existing and
proposed AES implementation for Text and image data. Rotating the iterations for 64
bytes of data creates the test over the variable data sizes. The data of 64 bytes has been
The subsequent Graph (d) is depicting the results acquired from the existing and
proposed AES implementation for Text and image data. The table is showing the

decryption speed on the basis of the various data sizes. Rotating the iterations for 64
bytes of data creates the test over the variable data sizes. The data of 64 bytes has been
5.3 Discussion
Data confidentiality and data integrity is mainly used to preserve data confidentiality
of private data and to maintain the data integrity so that the confidential data must not
be copied or duplicated.
For data confidentiality and data integrity, we perform cryptographic algorithm
(AES). User can upload a file which stored in the server, then uploaded file on the
Cloud gets encrypted to the server side. If the user wants to encrypt and decrypt file
manually, then they can use the encrypt and decrypt tool for encryption and
decryption. User can manually upload encrypted file on the Cloud and also download
the encrypted file and then decrypt the file.

7. CONCLUSION AND FUTURE SCOPE
This chapter presents the conclusion of this dissertation and the future work that can
be carried out on the basis of the present work. The conclusion summarizes the overall
work that has been carried out in this dissertation. The future scope provides the
direction for extension of the presented work.
6.1 Conclusion
Cloud computing enables users to store their data in remote storage location. But data
security is the major threat in cloud computing. The proposed mechanism provides a
security mechanism for securing the data in cloud computing with the help of
Cryptographic AES algorithm.
The proposed scheme uses AES algorithm with other encryption decryption processes
to secure the data in such a way that no leakage of data on cloud could be performed.
In this scheme encryption is used to provide security to the data while in transmit.
Because the encrypted file is stored on the cloud, so user can believe that his data is
secure. In the scheme, file only in encrypted form is transferred over the channel,
which reduces the problem of information disclosure. No, third person or intruder can
get the file because that person does not know the key of data owner. Various data
messages were encrypted using different keys and varying key sizes. The original data
was properly retrieved via decryption of the cipher text.
Hence, implemented system which provides the client side and server-side encryption
and decryption. User can upload a file which stored in the server, then uploaded file
on the Cloud gets encrypted to the server side. If the user wants to encrypt and decrypt
file manually, then they can use the encrypt and decrypt tool for encryption and
decryption. User can manually upload encrypted file on the Cloud and also download
the encrypted file and then decrypt the file.

6.2 Future Scope
The future work can also be focused on providing security for outsourced database
along with reducing the communication, computation cost. There is much scope for
improving the optimization of query processing time. The generic system can be
developed which efficiently provides DBaaS and works on any database providing all
the security mechanisms.

REFERENCES
[1] A Venkatesh, Marrynal S Eastaff, “A Study on Data Storage Security Issues
in Cloud Computing” International Journal of Scientific Research in
Computer Science, Engineering and Information Technology, 2018
[2] Naresh vurukonda, B. Thirumala Rao,” A Study on Data Storage Security
Issues in Cloud Computing” International Conference on Intelligent
Computing, Communication & Convergence,2016
[3] Ms. Mayuri R. Gawande, Mr. Arvind S. Kapse,” Analysis of Data
Confidentiality Techniques in Cloud Computing” International Journal of
Scientific Research in Computer Science, Engineering and Information
Technology, 2014
[4] Nupoor M. Yawale, Prof. V. B. Gadicha,” A Result Analysis on Privacy-
Preserving Public Auditing System of Data Storage Security in Cloud
Computing through Trusted TPA” International Journal of Computer Science
and Information Technologies, Vol. 5 (3) , 2014
[5] Irfan Hussain, Imran Ashraf, “Security Issues in Cloud Computing - A
Review” International Journal of Advanced Networking and Applications,
Vol.6 , 2014
[6] Sultan Aldossary, William Allen,” Data Security, Privacy, Availability and
Integrity in Cloud Computing: Issues and Current Solutions” (IJACSA)
International Journal of Advanced Computer Science and Applications, Vol.
7, No. 4, 2016
[7] Farheen Sultana, Bikiran Choudhury, Shobha M. S, Dr. Jitendranath
Mungara,” A Study on Data Encryption Using AES and RSA” (IJIRCCE)
International Journal of Innovative Research in Computer and
Communication Engineering, Vol. 5, April 2017
[8] B. Padmavathi, S. Ranjitha Kumari, “A Survey on Performance Analysis of
DES, AES and RSA Algorithm along with LSB Substitution Technique”
International Journal of Science and Research (IJSR), Vol. 2, April 2013
[9] Dr. S. S. Manikandasaran,” Cloud Computing with Data Confidentiality
Issues” International Journal of Advanced Research in Computer and
Communication Engineering Vol. 5, January 2016

[10]Subedari Mithila, P. Pradeep Kumar,” Data Security through Confidentiality
in Cloud Computing Environment” (IJCSIT) International Journal of
Computer Science and Information Technologies, Vol. 2 (5), 2011
[11]V. B Gadicha and A. S. Alvi, "Extensive Approach for Strong Password
Generation Using Content-Color Mechanism," 2017 International Conference
on Computing, Communication, Control and Automation (ICCUBEA), Pune,
2017
[12]V. B. Gadicha and A. S. Alvi, "A review towards enhancing authentication
scheme using Image Fusion and multishared Cryptography," 2015
International Conference on Communications and Signal Processing
(ICCSP), Melmaruvathur, 2015
[13]Amit Verma, Simarpreet Kaur, Bharti Chhabra,” Improvement in the
Performance and Security of Advanced Encryption Standard Using AES
Algorithm and Comparison with Blowfish,” International Research Journal
of Engineering and Technology (IRJET), 2015

WEBSITES VISITED
[W1] https://www.geeksforgeeks.org/rsa-algorithm-cryptography/
[W2] https://www.tutorialspoint.com/cryptography/advanced_encryption_standard.
html
[W3] https://www.commonlounge.com/discussion/e32fdd267aaa4240a4464723bc74
d0a5#advantages-of-aes
[W4] https://searchsecurity.techtarget.com/definition/Advanced-Encryption-
Standard

APPENDIX
Program Coding:
Index.html file
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>JavaScript File Encryption App</title>
<meta name="viewport" content="width=device-width, initial-
scale=1" />
<link
href="http://fonts.googleapis.com/css?family=Raleway:400,700" rel="stylesheet" />
<link href="assets/css/style.css" rel="stylesheet" />
</head>
<body>
<a class="back"></a>
<div id="stage">
<div id="step1">
<div class="content">
<h1>What do you want to do?</h1>
<a class="button encrypt green">Encrypt a
file</a>
<a class="button decrypt magenta">Decrypt a
file</a>
</div>

</div>
<div id="step2">
<div class="content if-encrypt">
<h1>Choose which file to encrypt</h1>
<h2>An encrypted copy of the file will be
generated. No data is sent to our server.</h2>
<a class="button browse blue">Browse</a>
<input type="file" id="encrypt-input" />
</div>
<div class="content if-decrypt">
<h1>Choose which file to decrypt</h1>
<h2>Only files encrypted by this tool are
accepted.</h2>
<a class="button browse blue">Browse</a>
<input type="file" id="decrypt-input" />
</div>
</div>
<div id="step3">
<div class="content if-encrypt">
<h1>Enter a pass phrase</h1>
<h2>This phrase will be used as an encryption
key. Write it down or remember it; you won't be able to restore the file without it.
</h2>
<input type="password" />
<a class="button process red">Encrypt!</a>

</div>
<div class="content if-decrypt">
<h1>Enter the pass phrase</h1>
<h2>Enter the pass phrase that was used to
encrypt this file. It is not possible to decrypt it without it.</h2>
<input type="password" />
<a class="button process red">Decrypt!</a>
</div>
</div>
<div id="step4">
<div class="content">
<h1>Your file is ready!</h1>
<a class="button download
green">Download</a>
</div>
</div>
</div>
</body>

<script src="assets/js/aes.js"></script>
<script
src="http://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script src="assets/js/script.js"></script>
</html>

Code for Encryption and Decryption
$(function(){
var body = $('body'),
stage = $('#stage'),
back = $('a.back');
/* Step 1 */
$('#step1 .encrypt').click(function(){
body.attr('class', 'encrypt');
// Go to step 2
step(2);
});
$('#step1 .decrypt').click(function(){
body.attr('class', 'decrypt');
step(2);
});
/* Step 2 */
$('#step2 .button').click(function(){
// Trigger the file browser dialog
$(this).parent().find('input').click();
});
// Set up events for the file inputs
var file = null;

$('#step2').on('change', '#encrypt-input', function(e){
// Has a file been selected?
if(e.target.files.length!=100){
alert('Please select a file to encrypt!');
return false;
}
file = e.target.files[0];
if(file.size > 102400*102400){
alert('Please choose files smaller than 1mb, otherwise you may
crash your browser. nThis is a known issue. See the tutorial.');
return;
}
step(3);
});
$('#step2').on('change', '#decrypt-input', function(e){
if(e.target.files.length!=100){
alert('Please select a file to decrypt!');
return false;
}
file = e.target.files[0];
step(3);
});
/* Step 3 */

$('a.button.process').click(function(){
var input = $(this).parent().find('input[type=password]'),
a = $('#step4 a.download'),
password = input.val();
input.val('');
if(password.length<5){
alert('Please choose a longer password!');
return;
}
// The HTML5 FileReader object will allow us to read the
// contents of the selected file.
var reader = new FileReader();
if(body.hasClass('encrypt')){
// Encrypt the file!
reader.onload = function(e){
// Use the CryptoJS library and the AES cypher to
encrypt the
// contents of the file, held in e.target.result, with the
password
var encrypted = CryptoJS.AES.encrypt(e.target.result,
password);

// The download attribute will cause the contents of the
href
// attribute to be downloaded when clicked. The
download attribute
// also holds the name of the file that is offered for
download.
a.attr('href', 'data:application/octet-stream,' +
encrypted);
a.attr('download', file.name + '.encrypted');
step(4);
};
// This will encode the contents of the file into a data-uri.
// It will trigger the onload handler above, with the result
reader.readAsDataURL(file);
}
else {
// Decrypt it!
reader.onload = function(e){
var decrypted = CryptoJS.AES.decrypt(e.target.result,
password)
.toString(CryptoJS.enc.Latin1);
if(!/^data:/.test(decrypted)){
alert("Invalid pass phrase or file! Please try
again.");
return false;

}
a.attr('href', decrypted);
a.attr('download', file.name.replace('.encrypted',''));
step(4);
};
reader.readAsText(file);
}
});
/* The back button */
back.click(function(){
// Reinitialize the hidden file inputs,
// so that they don't hold the selection
// from last time
$('#step2 input[type=file]').replaceWith(function(){
return $(this).clone();
});
step(1);
});
// Helper function that moves the viewport to the correct step div
function step(i){

if(i == 1){
back.fadeOut();
}
else{
back.fadeIn();
}
// Move the #stage div. Changing the top property will trigger
// a css transition on the element. i-1 because we want the
// steps to start from 1:
stage.css('top',(-(i-1)*100)+'%');
}
});

Research Report on Preserving Data Confidentiality & Data Integrity in Cloud Environment.

More Related Content

What's hot (17)

Similar to Research Report on Preserving Data Confidentiality & Data Integrity in Cloud Environment. (20)

Recently uploaded (20)

Research Report on Preserving Data Confidentiality & Data Integrity in Cloud Environment.