ABSTRACT

With the explosive growth of data volume in the cloud computing environment, data owners are
increasingly inclined to store their data on the cloud. Although data outsourcing reduces
computation and storage costs for them, it inevitably brings new security and privacy concerns,
as the data owners lose direct control of sensitive data. Meanwhile, most of the existing ranked
keyword search schemes mainly focus on enriching search efficiency or functionality, but lack of
providing efficient access control and formal security analysis simultaneously. To address these
limitations, propose an efficient and privacy-preserving Multi-keyword Ranked Search scheme
with Fine-grained access control (MRSF). MRSF can realize highly accurate ciphertext retrieval
by combining coordinate matching with Term Frequency-Inverse Document Frequency (TF-
IDF) and improving the secure kNN method. Besides, it can effectively refine users’ search
privileges by utilizing the polynomial-based access strategy. Formal security analysis shows that
MRSF is secure in terms of confidentiality of outsourced data and the privacy of index and
tokens. Extensive experiments further show that, compared with existing schemes, MRSF
achieves higher search accuracy and more functionalities efficiently.
 CONTENTS

Chapter-1: ORGANIZATION PROFILE

1.1 INTRODUCTION

1.2 ORGANIZATION PROFILE

1.3 ORGANIZATION OF PROJECT

Chapter-2: PROBLEM DEFINITION

2.1 INTRODUCTION

2.2 EXISTING SYSTEM

2.2.1 DRAW BACKS OF EXISTING SYSTEM

2.3 PROPOSED SYSTEM

2.3.1 ADVANTAGES OF PROPOSED SYSTEM

2.4 MODULES

Chapter-3: FEASIBILITY STUDY

3.1 OPERATIONAL FEASIBILITY

3.2 TECHNICAL FEASIBILITY

3.3 ECONOMICAL FEASIBILITY

Chapter-4: SYSTEM ANALYSIS

4.1 ACTIVITY DIAGRAM

4.2 USE CASE DIAGRAM

4.3 SEQUENCE DIAGRAM

4.4 COLLABORATION DIAGRAM

4.5 DEPLOYMENT DIAGRAM

Chapter-5: SYSTEM DESIGN

5.1 CLASS DIAGRAM
5.2 DATABASE DESIGN
 Chapter-1 : ORGANIZATION PROFILE

1.1 INTRODUCTION

AS a new computing paradigm, cloud computing offers ubiquitous and on-demand

access to flexible computation and storage resources. Therefore, outsourcing local data to cloud
servers has become a common practice for enterprises and individuals. While this measure
greatly reduces hardware and maintenance expenditure, data owners actually lose direct control
over their data. This certainly has brought some security concerns, especially to owners of
highly sensitive data (i.e., electronic medical records, financial documents, etc.). With such
suspicion, individuals and enterprises may be reluctant to outsource their sensitive data to an
untrusted third-party cloud service provider. Thus, security concerns will become one of the
primary obstacles impeding the widespread deployments of cloud computing

To prevent potential data leakage, data owners usually encrypt their data before outsourcing
them to the commercial public cloud. However, conventional data encryption schemes disable
the cloud from running authorized calculations on its storage (e.g., retrieving the interested file
for a certain customer), which disables the implementation of plaintext-based information
retrieval technologies over outsourced data. A trivial solution is to download all the data and
decrypt them locally, but this may lead to a huge waste of bandwidth and computation resources.
Thus, how to achieve efficient data retrieval while ensuring data security becomes a challenging
issue..

1.2ORGANIZATION PROFILE

Navtech offers a full range of software development services to make things better for the
enterprises and companies. Navtech work with.No matter how diverse or complex the needs
are, we’ve got you covered.

Navtech teams, with years of experience in global tech solutions and product engineering, tie in
with you every step of the process. Navtech make sure that each part receives equal care and
attention, from initial concept to final development.
 1.3 ORGANIZATION CHART
CEO

Head Operations/
Head Sales Head Finance/HR
Production

Program manager Program manager

Technical project planning

Project Leader/ Business Project Operations

Module Leader manager
Analysts manager

Software Engineers Testers Domain Specialist Support

Fig 1.3 ORGANIZATION CHART

 Chapter-2: PROBLEM DEFINITION

2.1 INTRODUCTION

The Searchable Symmetric Encryption (SSE) is broadly considered as a promising way to solve
the dilemma between data utilization and confidentiality. Some inspiring SSE-based designs
include Boolean keyword search schemes in these schemes enable conjunctive keyword search
over encrypted data. However, none of these schemes are adequate to provide a ranked search.

2.2 EXISTING SYSTEM

The concept of SSE is first proposed by Song, but this scheme lacks support for
keywords relevance calculation and multi-keyword search. Another SSE based ranked search
over encrypted data is proposed. Leveraging OPSE (order-preserving symmetric encryption). In
order to conduct kNN search over encrypted dataset, Wong first proposed the asymmetric scalar
product- preserving encryption (ASPE) in, which is viewed as the original secure kNN scheme.
Since then, ASPE has been thoroughly studied in many works. However, most ranked keyword
search schemes based on ASPE are vulnerable to level-3 attack, where the adversary is able to
gain a certain amount of plain text ciphertext pairs. In a word, secure kNN computation is anSE
method with high usability but relatively low security.

Towards semantic-aware keyword search over encrypted data, many works provide a
solution. Guan proposed a multi-keyword ranked search scheme with a semantic extension
(CLRSE) that can be applied to a cross-lingual dataset. The data user is allowed to set the
language preference before launching the search. CLRSE adopts a two-cloud system model and
Paillier cryptosystem to achieve a higher security level. To better extract search intents of the
data user and proposed a scheme that enables semantic-aware keyword search over encrypted
data. They adopt the secure kNN method as the encryption algorithm.

2.2.1 DISADVANTAGES OF EXISTING SYSTEM

 The system was not implemented MRSF which leads less security on outsourced data.
 The system is less security due to lack of Term Frequency-Inverse Document Frequency
(TF-IDF) and there is no block verification.
2.3 PROPOSED SYSTEM
The proposed system designed several extensive experiments to explore the relationship between
randomness and search accuracy. Inspired by, we give an optimal security notion for MRSF as
indistinguishability under same-closeness-pattern chosen-plaintext attacks (IND-CLS-CPA),
which is a natural relaxation of the standard IND-CPA security definition. In the IND-CPA
definition, the attacker will trivially exploit of the leakage of closeness and equality (e.g. access
pattern), which is inevitable in MRSF. provide a comprehensive and detailed security analysis to
prove that MRSF is IND-CLS-CPA secure. Moreover, the security of MRSF under classic and
novel attacks in the known background model.

Specifically, the contributions of this paper can be summarized as follows:

 Higher search accuracy. In comparison with the previous ranked multi-keyword search
schemes, MRSF achieves higher search accuracy by constructing document indexes with
TF-IDF rule. Experiments using real-world dataset demonstrate that MRSF outperforms
the compared schemes in search accuracy without introducing excessive computational
overheads.
 Lightweight Fine-grained access control. Instead of employing the time-consuming
encryption and decryption operations in attributed-based schemes, MRSF provides
lightweight access control by extending the polynomial-based access strategy to
document indexes and search queries. The access control mechanism in MRSF is
integrated into the improved secure kNN algorithm while it retains the merit of the
finegrained access privileges for users.
 Higher privacy-preserving level and formal security proof. The optimal security notion of
MRSF is defined and theoretically proved as IND-CLS-CPA, i.e., the confidentiality of
indexes and search queries are both verified as IND-CLS-CPA secure. Security issues in
the Known Background Model are further analyzed to prove that MRSF is resistant to the
proposed attacks. In this way, MRSF is eventually proved to be securer than the previous
secure kNN based schemes.
2.3.1 ADVANTAGES OF PROPOSED SYSTEM

 To avoid privacy leakage from indexes and queries submitted to the cloud, the classic
secure kNN technique has been adapted to support MRSF. The changes include the
vector extensions, pseudorandom permutation function, and appended random
varieties.We designed several extensive experiments to explore the relationship between
randomness and search accuracy. Inspired by the system,
 The proposed system gives an optimal security notion for MRSF as indistinguishability
under same-closeness-pattern chosen-plaintext attacks (IND-CLS-CPA), which is a
natural relaxation of the standard IND-CPA security definition. In the IND-CPA
definition, the attacker will trivially exploit of the leakage of closeness and equality (e.g.
access pattern), which is inevitable in MRSF.

2.4 MODULES
Data Sender

In this Module it performs Following activities Such as

 Login
 Upload
 Update
 Delete
 View Files
 View Secret key request
 Logout
Data User

In this Module it performs Following activities Such as

 Login
 Search Documents
 View Files
 Request Secret key
 Download
 Logout

Cloud Server

In this Module it performs Following activities Such as

 Login
 View Data Users & Authorize
 View Owner & Authorize
 View all Owner files
 View all Search transactions
 View data Transactions
 View file rank results
 View Time Delay results
 View through put results
 Logout
 Chapter-3: FEASIBILITY STUDY

An important outcome of preliminary investigation is the determination that the system request is
feasible. This is possible only if it is feasible within limited resource and time. The different
feasibilities that have to be analyzed are

 Operational Feasibility
 Economic Feasibility
 Technical Feasibility

3.1 Operational Feasibility

Operational Feasibility deals with the study of prospects of the system to be developed.
This system operationally eliminates all the tensions of the Admin and helps him in effectively
tracking the project progress. This kind of automation will surely reduce the time and energy,
which previously consumed in manual work. Based on the study, the system is proved to be
operationally feasible.

3.2 Economic Feasibility

Economic Feasibility or Cost-benefit is an assessment of the economic justification for a

computer based project. As hardware was installed from the beginning & for lots of purposes
thus the cost on project of hardware is low. Since the system is a network based, any number of
employees connected to the LAN within that organization can use this tool from at anytime. The
Virtual Private Network is to be developed using the existing resources of the organization. So
the project is economically feasible.

3.3 Technical Feasibility

According to Roger S. Pressman, Technical Feasibility is the assessment of the technical

resources of the organization. The organization needs IBM compatible machines with a graphical
web browser connected to the Internet and Intranet. The system is developed for platform
Independent environment. Java Server Pages, JavaScript, HTML, SQL server and WebLogic
Server are used to develop the system. The technical feasibility has been carried out. The system
is technically feasible for development and can be developed with the existing facility
 Chapter-4:SYSTEM ANALYSIS

4.1 Activity Diagram

Activity diagram are graphical representations of work flows of step wise activities and
actions with support for choice, iteration and concurrency, in the unified modeling language ,
activity diagrams can be used to describe the business and operational step-by-step work flows of
components in a system. An activity diagram shows the over all flow of control.

4.1.1 Activity Diagram for Data Sender

Login

Invalid

Check
Valid

Upload

Update

Delete

View Files

View Secret key request

Log Out

Fig 4.1.1 Activity Diagram For Data Sender

4.1.2 Activity Diagram for Data User

Register & Login

Invalid

Check

Valid

Search Documents

View files

Request Secret key

Download

Log Out

Fig 4.1.2 Activity Diagram for Data User

4.1.3 Activity Diagram for Cloud Server

Login

Invalid

Check

Valid

View Time Delay Results

View Data Users & Authorize

View Owners & Authorize View Through Put Results

View all Owner Files Log out

View all Search Transactions

View Data Transactions

View File Rank Results

Fig 4.1.3 Activity Diagram for Cloud Server

 4.2 Use case Diagram

A Use case Diagram in the unified modeling language (UML) is a type of behavioral
diagram defined by and created from a use case analysis. Its proposed is to present a graphical
overview of the functionality provided by a system in terms of actors, their goals, (represented as
use case) and any dependencies. Between those use cases.

4.2.1 Use case Diagram for Data Sender

Login

Upload

Update

Delete

View Files
Data Sender

View Secret key Request

Log Out

Fig 4.2.1 Use case Diagram for Data Sender

 Register & Login
4.2.2 Use case Diagram for Data User

Search Documents

View Files

Request Secret key

Data User
Download

Log Out

Fig 4.2.2 Use Case Diagram For Data User

 4.2.3 Use case Diagram for Cloud Server Login

View Data Users & Authorize

View Owner & Authorize

View all Owner files

View all Search Transactions

View Data Transactions

Cloud Server View file Rank results

View Time Delay results

View through put results

Log Out

Fig 4.2.3 Use Case Diagram For Cloud Server

4.3 Sequence Diagram

A Sequence Diagram in unified modeling language (UML) is a kind of interaction

diagram that shows how processes operate with one another and in what it is a construct of a
messages sequence chart sequence diagram are some times called event diagram, event
scenarios, and timing diagram.
Data Sender Data User Server Cloud Server

Login
Login

Register & Login

1.Upload

2.Update

3.Delete

4.View Files

5.View Secret key Request

6.Search Documents

7.View Files

8.Request Secret key

9.Download

10.View Data Users & Authorize

11.View Owner & Authorize

12.View all Owner Files

13.View all Search Transactions

14.View Data Transactions

15.View File Rank Results

16.View Time Delay results

17.View Through put Results

F
 ig 4.3 Sequence Diagram

4.4 Collaboration Diagram

A collaboration diagram, also known as a communication diagram, is an illustration of
the relationships and interactions among software objects in the Unified Modeling Language
(UML). These diagrams can be used to portray the dynamic behavior of a particular use case and
define the role of each object.

Upload
Update
Delete
View Files
1: View Secret key request
: Data : Server : Data
Sender User
Search Documents
View Files 2:
Request Secret key
Download

: Cloud
: Data : Server Server
Sender View Data Users & Authorize
3:
View owner & Authorize
View all Owner files
View all Search Transactions
View Data Transactions
View File Rank Results
View Time Delay Results
View through put results

Fig 4.4 Collaboration Diagram

4.5 Deployment diagram

Deployment diagram represents the deployment view of a system .It is related to the
Component diagram. Because the components are deployed using the deployment diagrams. A
deployment diagram consists of nodes. Nodes are nothing but physical Hardware’s used to
deploy the Applications.

Data Sender Data User

Server

Cloud Server

Fig 4.5 Deployment diagram

 Chapter-5: SYSTEM DESIGN

INTRODUCTION

Software design sits at the technical kernel of the software engineering process and is
applied regardless of the development paradigm and area of application. Design is the first step
in the development phase for any engineered product or system. The designer’s goal is to
produce a model or representation of an entity that will later be built. Beginning, once system
requirement have been specified and analyzed, system design is the first of the three technical
activities-design, code and test that is required to build and verify software.

The importance can be started with a single word “Quality”. Design is the place where
quality is fostered in software development. Design provides us with representations of software
that can assess for quality. Design is the only way that we can accurately translate a customer’s
view into a finished software product or system. Software design serves as a foundation for all
the software engineering steps that follow. Without a strong design we risk building an unstable
system one that will be difficult to test, one whose quality cannot be assessed until the last stage.

During design, progressive refinement of data structure, program structure, and

procedural details are developed reviewed and documented. System design can be viewed from
either technical or project management perspective. From the technical point of view, design is
comprised of four activities architectural design, data structure design, interface design and
procedural design.
 5.1 CLASS DIAGRAM

Identification of analysis classes:

A class is a set of objects that share a common structure and common behavior (the same
attributes, operations, relationships, and semantics). A class is an abstraction of real world items.

There are 4 approaches for identifying classes:

1. Noun phrase approach.

2. Common class pattern approach.
3. Use case driven sequence or collaboration approach.
4. Classes , Responsibilities and Collaborators approach.
1. Noun phrase approach:

The guidelines for identifying the classes:

a. Look for nouns and noun phrases in the use cases.

b. Some classes are implicit or taken from general knowledge.
c. All classes must make sense in the application domain; Avoid computer
implementation classes defer them to the design stage.
d. Carefully choose and define the class names.
e. After identifying the classes we have to elimination the following types of classes:
f. Redundant classes.
g. Adjective classes.

1.Common class pattern approach:

The following are the patterns for finding the candidate classes:

a. Concept class
b. Events class
c. Organization class
 d. Peoples class
e. Places class
f. Tangible things and devices class
2. Use case driven approach:

We have to draw the sequence diagram or collaboration diagram. If there is need for
some classes to represent some functionality then add new classes which perform those
functionalities.

3. CRC approach:

The process consists of the following steps:

a. Identify classes responsibilities (and identify the classes)

b. Assign the responsibilities
c. Identify the collaborators.

Identification of responsibilities of each class:

The question that should be answered to identify the attributes of a class respectively are:

1. What information about an object should we keep track of?

2. What Services must a class provide?

Identification of relationships among the classes:

Three types of relationships among the objects are:

Association: How objects are associated?

Super –sub structure: How are objects organized into super classes and sub classes?

Aggregation: What is the composition of the complex classes?

Guidelines for identifying the tentative associations:

 A dependency between two or more classes may be an association. Association often

Corresponds to a verb or prepositional phrase.
  A reference from one class to another is an association. Some associations are implicit or
taken from general knowledge.

Super – sub class relationships

Super-sub class hierarchy is a relationship between classes where one class is the parent class of
another class(derived class). This is based on inheritance. This hierarchy is represented with
generalization.

Guidelines for identifying the super – sub relationship, a generalization are

1. Top-down: Look for noun phrases composed of various adjectives in a class name. avoid
excessive refinement . specialize only when the sub classes have significant behavior.
2. Bottom-Up: Look for classes with similar attributes or methods. Group them by moving
the common attributes and methods to an abstract class. You may have to alter the
definitions a bit.
3. Reusability: move the attributes and methods as high as possible in the hierarchy.
4. Multiple inheritances: Avoid excessive use of multiple inheritances. One way of getting
benefits of multiple inheritances is to inherit from the most appropriate class and add an
abject of another class as an attribute.
The class diagram is core to object-oriented design. It describes the types of objects.
In the system and the static relationships between them.
Packages
Packages allow you to break up a large number of objects into related groupings. In many
object oriented languages(such as .net), packages are used to provide scope and division to
classesand interfaces. In the UML, packages serve a similar, but broader purpose.

Packages

Classes

The core elements of the class diagram is the class. In an object oriented system, classes are used
to represent entities within the system; entities that often relate to real world objects.
 Contact Name
-address: string
-city: string
-postal code: string Attributes

Operations

The contact class above is an example of a simple class that stores location information.

Classes are divided into three sections:

Top: The name, package and stereotype are shown in the upper section of the class.

Center: The center section contains the attribute of the class.

Bottom: In the lower section are the operations that can be performed on the class.

Attributes

An Attribute is a property of a class. In the example above, We are told a contact has an
address, a city, a province, a country, and a postal code. It is generally understood that when
implementing the class, functionality is provided to set and retrieve the information stored in
attributes. The format for attributes is:

Visibility name: type = default value

The visibility is an follows:

- Private

+ public

# protected

~ package

In object oriented design, it is generally preferred to keep most attributes private.

Static: attributes that are static only exist once for all instance of the class. In the example above,
if we set city to be static, any time we used the contact class the city attribute would always have
the same value.
Final: If an attribute is declared final, its value cannot be changed. The attribute is a constant.

Operations

The operations listed in a class represent the functions or takes the can be performed on the data
in the class.

list

-Objects:object[]
+get size 0:int
+set(index: int, value: object):void

In the list class above, there is one attribute (a private array of objects) and three operations.

The format for operations is:

Visibility name(parameters) : type

The format is very similar to that of the attribute except with the removal of a default value and
the addition of parameters.

Parameters take the format:

Direction name: type=default value

The direction can be one of in, out, input, or it can be unspecified.

In visual case you can show and hide the parameter list for a class or all classes on a diagram. If
the list is hidden and an operation has parameters, three dots are shown(…) to indicate that
parameters exist, but are hidden. Sometimes operations have numerous parameters that need be
shown all the time.

Interfaces

Many object oriented programming languages do not allow for multiple inheritance. The
interface is used to solve the limitations posed by this. For example, in the earlier class diagram
client and company both generalization contact but one or the child classes many have something
in common with a third class that we do not want to duplicate in multiple classes.
Associations

Classes can also contain references to each other. The company class has two attributes that
reference the client class.

Although this is perfectly correct, it is some times more expressive to show the attributes as
associations.

1 1
Company Client
-name: string -f name: string

1 0…*

The above two associations have meaning as the attributes in old version of the contact class.

0 Zero
1 One

1..* one or more

1..2, 10..* one, two or ten and above but not three through nine

The arrows at the end of the associations represent their navigability. In the above examples, the
company references clients, but the client class dose not have any knowledge of the company.
You can set the navigation on either, neither or both ends of your associations. if there is no
navigability shown then the navigability is unspecified.

Aggregation and composition

1
Product group
1..*
product

Purchase order 1 1..*

The above example shows an aggregation association and a composition association.

The composition association is represented by the solid diamond. It is said that product group is
composed of products. This means that if a product group is destroyed, the products with in the
group are destroyed as well.
The aggregation association is represented by the hollow diamond. Purchase order is an
aggregate of products. If a purchase order is destroyed, the products still exist.

Dependencies

A dependencies exists between two elements if changes to one will affect the other. If for
example, a class calls an operation in another class, then a dependency exists between the two. If
you change the operation, than the dependent class will have to change as well. When designing
your system, the goal is to minimize dependencies.

Help system gui Data

That is not to say that numerous dependencies are okay. Even with in a package you want to
limit the dependencies, how ever between packages in particular you should be strict about the
dependencies that exist. In general, the fewer the dependencies the more scalabl e and
maintainable your system will be.
 Data User
Data Sender Name
User Name Password
Password Email
Address
Login() Pin
Upload() Phone no.
Update()
Delete() Register & Login()
View Files() Search Documents()
View Scretkey request() View Files()
Log Out() Request Secret key()
Download()
Log Out()

Cloud Server
User name
Password

Login()
View Data Users & Authorize()
View Owner & Authorize()
View all Owner files()
View all Search Transactions()
View Data Transactions()
View File Rank Results()
View Time Delay Results()
View through put results()
Log out()

Fig 5.1 Class Diagram

 5.2 Database Design

Data dictionary

Database Tables (Data Dictionary):After careful Analysis the system has identified to be
presented with the following database tables:

Objectives
Input design is the process of converting a user- oriented description of the input into
a computer-based system. This design is important to avoid errors in the data input process and
show the correct direction to the management for getting correct information from the
computerized system.

 It is achieved by creating user-friendly screens for the data entry to handle large
volumeOf data. The goal of designing input is to make data entry easier and to be free
from errors. The data entry screen is designing in such a way that all the data manipulates
can be performed. it also provides record viewing facilities.
 When the data is entered it will check for its validity. Data can be entered with the help
of screens. Appropriate messages are provided as when needed so that user will not be in
amaze of instant. Thus the objective of input design is to create an input layout that is
easy to follow.

Output Design
A quality output is one, which meets the requirements of the end user and presents the
information clearly. In any system results of processing are communicated to the users and to
other system through outputs. Designing computer output should proceed in an organized, well
thought out manner; the right output must be developed while ensuring that each output elements
is designed so that people will find the system can use easily and effectively. When analysis
design computer output, they should

 Identify the specific output that is needed to meet requirements.

 Select methods for presenting information.
 Create documents, reports, or other formats that contain information produced by the
system.
 The output from of an information system should accomplish one or more of the
following objectives.
 Convey information about past activities, current status or projections of the future.
 Single important events, opportunities, problems or warnings.
 Trigger an action.
 Confirm an action.
Data base tables
NORMALIZATION
It is a process of converting a relation to a standard form. The process is used to handle the
problems that can arise due to data redundancy i.e. repetition of data in the database, maintain
data integrity as well as handling problem that can arise due to insertion, updation, deletion
anomalies.

Decomposing is the process of splitting relations into multiple relations to eliminate

anomalies and maintain anomalies and maintain data integrity. To do this we use normal forms
or rules for structuring relation.

Insertion anomaly Inability to add data to the database due to absence of other data.

Deletion anomaly Unintended loss of data due to deletion of other data.

Update anomaly Data inconsistency resulting from data redundancy and partial update.

Normal form These are the rules for structuring relation that eliminate anomalies.

First Normal Form

A relation is said to be in first normal form if the values in the relation are atomic for
every attribute in the relation. By this we mean simply that no attribute value can be a set of
value or, as it is sometimes expressed, a repeating group.

Second Normal Form

A relation is said to be in second normal form is it is in first normal form and it should
satisfy any one of the following rules.

1) Primary key is not a composite primary key.

2) No non key attribute are present.
3) Every non key attribute is fully functionally dependent on full set of primary key.

Third Normal Form

A relation is said to be in third normal form if their exits no transitive dependencies.

Transitive Dependency If two non key attribute depend on each other as well as on the primary
key then they are said to be transitive dependent.

The above normalization principles were applied to decompose the data in multiple tables
thereby making the data to be maintained in a consistent state.