DUAL ACCESS CONTROL FOR CLOUD-BASED DATA

STORAGE AND SHARING

ABSTRACT

Cloud-based data storage service has drawn increasing interests from both academic
and industry in the recent years due to its efficient and low cost management. Since it
provides services in an open network, it is urgent for service providers to make use of secure
data storage and sharing mechanism to ensure data confidentiality and service user privacy.
To protect sensitive data from being compromised, the most widely used method is
encryption. However, simply encrypting data (e.g., via AES) cannot fully address the
practical need of data management. Besides, an effective access control over download
request also needs to be considered so that Economic Denial of Sustainability (EDoS) attacks
cannot be launched to hinder users from enjoying service. In this paper, we consider the dual
access control, in the context of cloud-based storage, in the sense that we design a control
mechanism over both data access and download request without loss of security and
efficiency. Two dual access control systems are designed in this project, where each of them
is for a distinct designed setting. The security and experimental analysis for the systems are
also presente

CHAPTER-1
INTRODUCTION

In the recent decades, cloud-based storage service has attracted considerable attention
from both academia and industries. It may be widely used in many Internet-based commercial
applications (e.g., Apple iCould) due to its long-list benefits including access flexibility and
free of local data management. Increasing number of individuals and companies nowadays
prefer to outsource their data to remote cloud in such a way that they may reduce the cost of
upgrading their local data management facilities/devices. However, the worry of security
breach over outsourced data may be one of the main obstacles hindering Internet users from
widely using cloud-based storage service.

In many practical applications, outsourced data may need to be further shared with
others. For example, a Dropbox user Alice may share photos with her friends. Without using
data encryption, prior to sharing the photos, Alice needs to generate a sharing link and further
share the link with friends. Although guaranteeing some level of access control over
unauthorized users (e.g., those are not Alice’s friends), the sharing link may be visible within
the Dropbox administration level (e.g., administrator could reach the link). Since the cloud
(which is deployed in an open network) is not be fully trusted, it is generally recommended to
encrypt the data prior to being uploaded to the cloud to ensure data security and privacy. One
of the corresponding solutions is to directly employ an encryption technique (e.g., AES) on
the outsourced data before uploading to cloud, so that only specified cloud user (with valid
decryption key) can gain access to the data via valid decryption. To prevent shared photos
being accessed by the “insiders” of the system, a straightforward way is to designate the
group of authorized data users prior to encrypting the data.

In some cases, nonetheless, Alice may have no idea about who the photo
receivers/users are going to be. It is possible that Alice only has knowledge of attributes w.r.t.
photo receivers. In this case, traditional public key encryption (e.g., Paillier Encryption),
which requires the encryptor to know who the data receiver is in advance, cannot be
leveraged. Providing policy-based encryption mechanism over the outsourced photos is
therefore desirable, so that Alice makes use of the mechanism to define access policy over the
encrypted photos to guarantee only a group of authorized users is able to access the photos. In
a cloud-based storage service, there exists a common attack that is well-known as resource-
exhaustion attack. Since a (public) cloud may not have any control over download request
(namely, a service user may send unlimited numbers of download request to cloud server), a
malicious service user may launch the denial-of-service (DoS)/distributed denial-of-service
(DDoS) attacks to consume the resource of cloud storage service server so that the cloud
service could not be able to respond honest users’ service requests.

As a result, in the “pay-as-you-go” model, economic aspects could be disrupted due to

higher resource usage. The costs of cloud service users will rise dramatically as the attacks
scale up. This has been known as Economic Denial of Sustainability (EDoS) attack, which
targets to the cloud adopter’s economic resources. Apart from economic loss, unlimited
download itself could open a window for network attackers to observe the encrypted
download data that may lead to some potential information leakage (e.g., file size). Therefore,
an effective control over download request for outsourced (encrypted) data is also needed.

1.1 SYSTEM SPECIFICATION

1.1.1 HARDWARE CONFIGURATION

The Hardware Configuration involved in this project is

Processor : i3 and above

RAM : 2 GB and above

HDD : 500GB and Above

1.1.2SOFTWARE SPECIFICATION

Operating System : Windows XP/8/10

FRONT END : PHP

BACK END : MYSQL

IDE : WAMP SERVER

CHAPTER-2
SYSTEM STUDY AND ANALYSIS

2.1 EXISTING SYSTEM

 These tools help cloud providers construct a distributed cloud storage platform
(DCSP) for managing clients’ data. However, if such an important platform is vulnerable to
security attacks, it would bring irretrievable losses to the clients. For example, the
confidential data in an enterprise may be illegally accessed through a remote interface
provided by a multiple-cloud, or relevant data and archives may be lost or tampered with
when they are stored into an uncertain storage pool outside the enterprise. Therefore, it is
indispensable for cloud service providers (CSPs) to provide security techniques for managing
their storage services.

2.1.1 DISADVANTAGES

• Less security
• No confidentiality of data sharing.
• Low efficiency.

2.2 PROPOSED SYSTEM

In the proposed system to guarantee the confidentiality of outsourced data without

loss of policy based access control, we start with a CP-ABE system , which is seen as one of
the building blocks. We further employ an effective control over data users’ download
request on the top of the CP-ABE system. We design a new approach to avoid using the
technique of “testing” ciphertext. Specifically, we allow data user to generate a download
request. Upon receiving the download request, with help of the authority or the enclave of
Intel SGX, a cloud server is able to check if the data user is authorized to gain access to the
data. No other information is revealed to the cloud server except the knowledge of whether
the user is authorized. Based on the above mechanism, the cloud maintains the control of the
download request.

2.2.1 ADVANTAGES

• Confidentiality of outsourced data

• Anonymity of data sharing.

• Control over anonymous download request and EDoS attacks resistance

• High efficiency.

2.2.2 PROGRAMMING ENVIRONMENT

CLIENT/SERVER ENVIRONMENT:

To design and develop the application, it is essential to understand the client/server

model that plays an important role in the concern, which needs the information to be retrieved
in a fast and efficient way.

What is Client/Server?

The Client/Server computing model implies a form of processing when requests are
submitted by a client or requests the server which processes them and returns the result to the
client. The client and the server are two separate logical entities working together over a
network to accomplish the task.

Conceptually, the client server architecture can be defined as a special case of Co-
operative processing where on entire application is shared between the client and a server
system.

Features of client/server computing

 Improved access to information due to internet

 Globalization of information

 Easier maintenance of application and data

 Graphically oriented, high interactive user interface

 Increased developer productivity through ease of tools

In our project we have divided core part into two parts. Asp pages, html pages are
used as user interface (client). They gather the information from the user and process them.
Ms.Access is stored in IIS, which is used as server.

Installation requirements

When installing web development to a hard drive other than ordinary PC, one need to
have at least 65-70MB free space on a drive to precede installation, regardless of how much
space is on installation drive.
 Operating system: Windows 10

Web server : All OS Apache,Mysql,Php,Perl (XAMPP)

NETWORK SPECIFICATION

Network Card : Ethernet card

Operating system : Windows 10

Communication protocol: TCP/IP, HTTP

Connection Type : LAN

WINDOWS :

WINDOWS is a powerful multitasking operating system with high security. It is user

friendly and supports multithreading and lot of tools for developing in any application. This
OS has number of enhancements, including performance improvement, better hardware
support and closer integration with the Internet. Windows support dynamic linking. This OS
has the concept of plug and play.

WEB SERVER:

The Web server accepts the request and sends the HTML to the Client browser that
requests it. Web browser and web server communicate through a common protocol (HTTP).
The examples for web server are XAMPP(any of four different operating
systems,Apache,MySQL,Php,Perl),WAMP(Windows,Apache,MySQL,Php),MAMP(Macint
osh, Apache, MySQL, PHP).

PHP

PHP stands for Hypertext Preprocessor. PHP scripts run inside Apache server or Microsoft
IIS. PHP and Apache server are free. PHP code is very easy. PHP is the most used server side
scripting language. PHP files contain PHP scripts and HTML. PHP files have the extension
“php”, “php3”, “php4”, or “phtml”.
Using PHP
 Generate dynamic web pages. PHP can display different content to different user or
display different content at different times of the day.
 Process the contents of HTML forms. We can use a PHP to retrieve and respond to
the data entered into an HTML form.
 Can create database-driven web pages. A PHP can insert new data or retrieve existing
data from a database such a MySQL.

Working of PHP
PHP is a standard HTML file that is extended with additional features. Like a standard
HTML file, PHP contains HTML tag that can be interpreted and displayed by a web browser.
Anything we could normally place in an HTML file Java applets, Blinking text, server side
scripts .we can place in PHP. However, PHP has three important features that make it unique.

 PHP contains server side scripts.

 PHP provides several built-in objects.

HYPER TEXT MARKUP LANGUAGE (HTML)

HTML is an application of the Standard Generalized Markup Language (SGML), which was
approved as an international standard in the year 1986. SGML provides a way to encode
hyper documents so they can be interchanged.

SGML is also a Meta language for formally describing document markup system. Infact
HTML uses SGML to define a language that describes a WWW hyper document’s structure
and inter connectivity.

Following the rigors of SGML, TBL bore HTML to the world in 1990. Since then, many of
us have it to be easy to use but sometimes quite limiting. These limiting factors are being
addressed but the World Wide Web Consortium (aka W3c) at MIT. But HTML had to start
somewhere, and its success argues that it didn’t start out too badly.

MYSQL
MySQL Server is a powerful database management system and the user can create
application that requires little or no programming. It supports GUI features and an entire
programming language, Phpmyadmin which can be used to develop richer and more
developed application. There are quite a few reasons, the first being that MySQL is a feature
rich program that can handle any database related task you have. You can create places to
store your data build tools that make it easy to read and modify your database contents, and
ask questions of your data. MySQL is a relational database, a database that stores information
about related objects. In MySQL that database means a collection of tables that hold data. It
collectively stores all the other related objects such as queries, forms and reports that are used
to implement function effectively.

The MySQL database can act as a back end database for PHP as a front end, MySQL
supports the user with its powerful database management functions. A beginner can create
his/her own database very simply by some mouse clicks. Another good reason to use MySQL
as back end tool is that it is a component of the overwhelmingly popular Open source
software.

Database:

A database is simply a collection of used data just like phone book. MySQL database include
such objects as tables, queries, forms, and more.

Tables:

In MySQL tables are collection of similar data. With all tables can be organized
differently, and contain mostly different information- but they should all be in the same
database file. For instance we may have a database file called video store. Containing tables
named members, tapes, reservations and so on. These tables are stored in the same database
file because they are often used together to create reports to help to fill out on screen forms.

Relational database:

MySQL is a relational database. Relational databases tools like access can help us
manage information in three important ways.

 Reduce redundancy
 Facilitate the sharing of information
 Keep data accurate.
Fields :

Fields are places in a table where we store individual chunks of information.

Primary key and other indexed fields:

MySQL use key fields and indexing to help speed many database operations. We can
tell MySQL, which should be key fields, or MySQL can assign them automatically.
 CHAPTER-3

SYSTEM DESIGN AND DEVELOPMENT

3.1 INPUT DESIGN

Input design is the process of converting the user-oriented. Input to a computer

based format. The goal of the input design is to make the data entry easier, logical and free

error. Errors in the input data are controlled by the input design. The quality of the input

determines the quality of the system output.

The entire data entry screen is interactive in nature, so that the user can directly enter

into data according to the prompted messages. The users are also can directly enter into data

according to the prompted messages. The users are also provided with option of selecting an

appropriate input from a list of values. This will reduce the number of error, which are

otherwise likely to arise if they were to be entered by the user itself.

Input design is one of the most important phases of the system design. Input design is

the process where the input received in the system are planned and designed, so as to get

necessary information from the user, eliminating the information that is not required. The aim

of the input design is to ensure the maximum possible levels of accuracy and also ensures that

the input is accessible that understood by the user.

The input design is the part of overall system design, which requires very careful

attention. If the data going into the system is incorrect then the processing and output will

magnify the errors.

The objectives considered during input design are:

 Nature of input processing.

  Flexibility and thoroughness of validation rules.

 Handling of properties within the input documents.

 Screen design to ensure accuracy and efficiency of the input

relationship with files.

 Careful design of the input also involves attention to error handling,

controls, batching and validation procedures.

Input design features can ensure the reliability of the system and produce result from accurate

data or they can result in the production of erroneous information.

3.2 OUTPUT DESIGN

Output design is very important concept in the computerized system, without reliable

output the user may feel the entire system is unnecessary and avoids using it. The proper

output design is important in any system and facilitates effective decision-making. The output

design of this system includes various reports.

Computer output is the most important and direct source of information the user.

Efficient, intelligible output design should improve the system’s relationships with the user

and help in decision making. A major form of output is the hardcopy from the printer.

Output requirements are designed during system analysis. A good starting point for

the output design is the data flow diagram. Human factors reduce issues for design involved

addressing internal controls to ensure readability.

An application is successful only when it can provide efficient and effective reports.

Reports are actually presentable form of the data. The report generation should be useful to

the management for future reference. The reports are the main source of information for
user’s operators and management. Report generated are a permanent record of the transaction

occurred. After any valid transactions; have commenced the report of the same are

generations and: filed for future reference. Great care has been taken when designation the

report as it plays an important role in decision-marking.

3.3 DATABASE DESIGN

A well database is essential for the good performance of the system .several tables are

referenced or manipulated at various instance. The table also knows as relation; provide

information pertaining to a specified entity. Normalization of table is carried out to extent

possible, while the normalizing tables, care should be taken to make sure that the number of

tables do not exceed the optimum level, so that table maintenance. Is convenient and effective

The process of doing database design generally consists of a number of steps which

will be carried out by the database designer. Not all of these steps will be necessary in all

cases. Usually, the designer must:

 Determine the data to be stored in the database

 Determine the relationships between the different data elements

 Superimpose a logical structure upon the data on the basis of these

relationships.

Within the relational model the final step can generally be broken down into two

further steps that of determining the grouping of information within the system, generally

determining what are the basic objects about which information is being stored, and then

determining the relationships between these groups of information, or objects. This step is not

necessary with an Object database.

 In a majority of cases, the person who is doing the design of a database is a person

with expertise in the area of database design, rather than expertise in the domain from which

the data to be stored is drawn e.g. financial information, biological information etc. Therefore

the data to be stored in the database must be determined in cooperation with a person who

does have expertise in that domain, and who is aware of what data must be stored within the

system.

3.4SYSTEM DEVELOPMENT

3.4.1 DESCRIPTION OF MODULES

MODULES USED

The modules involved are:

MODULES:

TTP
 Transfer
 Files
 Alerts
CSP
 Files
Client
 Upload Files
 View Files

Modules Description

TTP (Trusted Third Party)

Here TTP has to login by using their unique user name and password. TTP is the
only authorized person to access ttp module for security purpose. So others don’t get rights to
access this module.
 Transfer
In this module ttp view the client uploaded file and transfer them into multiple-
cloud. The file will split into 3 pieces and stored in cloud. TTP is the only
authorized person to access ttp module for security purpose. So others don’t get
rights to access this module.
View
In this module ttp view the client uploaded file from multiple-cloud. TTP is the only
authorized person to access ttp module for security purpose. So others don’t get rights
to access this module.
Alerts
In this module ttp view the alerts of the security issues of client uploaded files in
cloud. That is if any of csp try to access client file the alert will send to ttp. TTP is
the only authorized person to access ttp module for security purpose. So others don’t
get rights to access this module.

CSP (Cloud Service Provider)

Here CSP has to login by using their unique user name and password. CSP is the
only authorized person to access ttp module for security purpose. So others don’t get rights to
access this module.

View
In this module csp view the client uploaded file in their cloud as encrypted format. If
csp try edit the client file the alert will send to ttp. CSP is the only authorized person
to access ttp module for security purpose. So others don’t get rights to access this
module.
Client

Here client has to login by using their unique user name and password after registration.
Client is the only authorized person to access this module for security purpose. So others
don’t get rights to access this module.

Upload
In this module client upload their files what are all they want to store in multiple-cloud.
Client is the only authorized person to access this module for security purpose. So others
don’t get rights to access this module.
View
In this module client view their uploaded file from multiple-cloud. Client is the only authorized
person to access this module for security purpose. So others don’t get rights to access this
module.

CHAPTER-4

SYSTEM TESTING AND IMPLEMENTATION

SYSTEM TESTING

Testing is a series of different tests that whose primary purpose is to fully exercise

the computer based system. Although each test has a different purpose, all work should verify

that all system element have been properly integrated and performed allocated function.

Testing is the process of checking whether the developed system works according to the

actual requirement and objectives of the system.

The philosophy behind testing is to find the errors. A good test is one that has a

high probability of finding an undiscovered error. A successful test is one that uncovers the

undiscovered error. Test cases are devised with this purpose in mind. A test case is a set of

data that the system will process as an input. However the data are created with the intent of

determining whether the system will process them correctly without any errors to produce the

required output.

Types of Testing:

 Unit testing

 Integration testing

 Validation testing

 Output testing
  User acceptance testing

Unit Testing

All modules were tested and individually as soon as they were completed and were

checked for their correct functionality.

Integration Testing

The entire project was split into small program; each of this single programs gives a

frame as an output. These programs were tested individually; at last all these programs where

combined together by creating another program where all these constructors were used. It

give a lot of problem by not functioning is an integrated manner.

The user interface testing is important since the user has to declare that the arrangements

made in frames are convenient and it is satisfied. when the frames where given for the test,

the end user gave suggestion. Based on their suggestions the frames where modified and put

into practice.

Validation Testing

At the culmination of the black box testing software is completely assembled as a

package. Interfacing errors have been uncovered and corrected and a final series of test i.e.,

Validation succeeds when the software function in a manner that can be reasonably accepted

by the customer.

Output Testing

After performing the validation testing the next step is output testing of the proposed

system. Since the system cannot be useful if it does not produce the required output. Asking

the user about the format in which the system is required tests the output displayed or

generated by the system under consideration. Here the output format is considered in two
ways. one is on screen and another one is printed format. The output format on the screen is

found to be corrected as the format was designed in the system phase according to the user

needs. And for the hardcopy the output comes according to the specifications requested by

the user.

User Acceptance System

An acceptance test as the objective of selling the user on validity and reliability of

the system. It verifies that the procedures operate to system specification and mat the

integrity of vital is maintained.

Performance Testing

This project is a application based project, and the modules are interdependent with

the other modules, so the testing cannot be done module by module. So the unit testing is not

possible in the case of this driver. So this system is checked only with their performance to

check their quality.

1IMPLEMENTATION

The purpose of System Implementation can be summarized as follows:

It making the new system available to a prepared set of users (the deployment), and

positioning on-going support and maintenance of the system within the Performing

Organization (the transition). At a finer level of detail, deploying the system consists of

executing all steps necessary to educate the Consumers on the use of the new system, placing

the newly developed system into production, confirming that all data required at the start of

operations is available and accurate, and validating that business functions that interact with

the system are functioning properly. Transitioning the system support responsibilities

involves changing from a system development to a system support and maintenance mode of
operation, with ownership of the new system moving from the Project Team to the

Performing Organization.

List of System implementation is the important stage of project when the theoretical design is

tuned into practical system. The main stages in the implementation are as follows:

 Planning

 Training

 System testing and

 Changeover Planning

Planning is the first task in the system implementation. Planning means deciding on

the method and the time scale to be adopted. At the time of implementation of any system

people from different departments and system analysis involve. They are confirmed to

practical problem of controlling various activities of people outside their own data processing

departments. The line managers controlled through an implementation coordinating

committee. The committee considers ideas, problems and complaints of user department, it

must also consider;

 The implication of system environment

 Self selection and allocation form implementation tasks

 Consultation with unions and resources available

 Standby facilities and channels of communication

The following roles are involved in carrying out the processes of this phase. Detailed

descriptions of these roles can be found in the Introductions to Sections I and III.

_ Project Manager

_ Project Sponsor
 _ Business Analyst

_ Data/Process Modeler

_ Technical Lead/Architect

_ Application Developers

_ Software Quality Assurance (SQA) Lead

_ Technical Services (HW/SW, LAN/WAN, TelCom)

_ Information Security Officer (ISO)

_ Technical Support (Help Desk, Documentation, Trainers)

_ Customer Decision-Maker

_ Customer Representative

_ Consumer

The purpose of Prepare for System Implementation is to take all possible steps to

ensure that the upcoming system deployment and transition occurs smoothly, efficiently, and

flawlessly. In the implementation of any new system, it is necessary to ensure that the

Consumer community is best positioned to utilize the system once deployment efforts have

been validated. Therefore, all necessary training activities must be scheduled and

coordinated. As this training is often the first exposure to the system for many individuals, it

should be conducted as professionally and competently as possible. A positive training

experience is a great first step towards Customer acceptance of the system.

During System Implementation it is essential that everyone involved be absolutely

synchronized with the deployment plan and with each other. Often the performance of
deployment efforts impacts many of the Performing Organization’s normal business

operations. Examples of these impacts include:

_ Consumers may experience a period of time in which the systems that they depend on to

perform their jobs are temporarily unavailable to them. They may be asked to maintain

detailed manual records or logs of business functions that they perform to be entered into the

new system once it is operational.

_ Technical Services personnel may be required to assume significant implementation

responsibilities while at the same time having to continue current levels of service on other

critical business systems.

_ Technical Support personnel may experience unusually high volumes of support

requests due to the possible disruption of day-to-day processing.

Because of these and other impacts, the communication of planned deployment

activities to all parties involved in the project is critical. A smooth deployment requires

strong leadership, planning, and communications. By this point in the project lifecycle, the

team will have spent countless hours devising and refining the steps to be followed. During

this preparation process the Project Manager must verify that all conditions that must be met

prior to initiating deployment activities have been met, and that the final ‘green light’ is on

for the team to proceed. The final process within the System Development Lifecycle is to

transition ownership of the system support responsibilities to the Performing Organization. In

order for there to be an efficient and effective transition, the Project Manager should make

sure that all involved parties are aware of the transition plan, the timing of the various

transition activities, and their role in its execution.

Due to the number of project participants in this phase of the SDLC, many of the

necessary conditions and activities may be beyond the direct control of the Project Manager.
Consequently, all Project Team members with roles in the implementation efforts must

understand the plan, acknowledge their responsibilities, recognize the extent to which other

implementation efforts are dependent upon them, and confirm their commitment.

CHAPTER 5

CONCLUSION
We addressed an interesting and long-lasting problem in cloud-based data sharing,
and presented two dual access control systems. The proposed systems are resistant to
DDoS/EDoS attacks. We state that the technique used to achieve the feature of control on
download request is “transplantable” to other CP-ABE constructions. Our experimental
results show that the proposed systems do not impose any significant computational and
communication overhead (compared to its underlying CP-ABE building block). In our
enhanced system, we employ the fact that the secret information loaded into the enclave
cannot be extracted. However, recent work shows that enclave may leak some amounts of its
secret(s) to a malicious host through the memory access patterns or other related side-channel
attacks. The model of transparent enclave execution is hence introduced in. Constructing a
dual access control system for cloud data sharing from transparent enclave is an interesting
problem. In our future work, we will consider the corresponding solution to the problem.

.
APPENDIX

DATA FLOW DIAGRAM

SOURCE CODE
<html>

<head><title>DUAL ACCESS CONTROL FOR CLOUD-BASED DATA STORAGE AND

SHARING

</title>

</head>

<meta http-equiv="content-type" content="text/html;charset=utf-8" />

<link href="css/style.css" rel="stylesheet" type="text/css" />

<body>

<div id="main">

<div id="header">

<div id="logo">

<a href=""> <span class="logo_span">DUAL ACCESS CONTROL FOR CLOUD-

BASED DATA STORAGE AND SHARING

</span></a>
 </div>

</div>

<div id="border">

<div id="buttons">

<a href="index.php" class="but" title="">Home</a><div class="but_div"></div>

<a href="about.php" class="but" title="">About&nbsp;us</a><div

class="but_div"></div>

<a href="ttp/index.php" class="but" title="">TTP</a>

<div class="but_div"></div>

<a href="csp/index.php" class="but" title="">CSP</a>

<div class="but_div"></div>

<a href="user/index.php" class="but" title="">Client</a>

<div class="but_div"></div>

</div>

<table border="0" cellpadding="0" cellspacing="0">

<tr>

<td colspan="3" align="center"><img src="images/banner.png"></td>

</tr>

<tr>

<td colspan="3">&nbsp;</td>

</tr>

<tr>
<td width="75" style="border-right:1px solid #636363;">&nbsp;</td>

<td width="850" style="">

<h3 align="center"></h3>

<p style="padding-left:15px;padding-right:15px;text-align:justify"></p></td>

<td width="73" style="border-left:1px solid #636363;" align="center">&nbsp;</td>

</tr>

<tr>

<td colspan="3" style="border-bottom:1px solid #636363;">&nbsp;</td>

</tr>

<tr>

<td colspan="3" >&nbsp;</td>

</tr>

<tr>

<td colspan="3" align="center">&nbsp;</td>

</tr>

<tr>

<td colspan="3" >&nbsp;</td>

</tr>

</table>

</div>

<div id="footer">

<p>Copyright @ 2021. All Rights Reserved</p>

 </div>

</div>

</body>

</html>

<?php

session_start();

include_once "../db/db.php";

?>

<html>

<head><title>DUAL ACCESS CONTROL FOR CLOUD-BASED DATA STORAGE AND

SHARING

</title>

</head>

<meta http-equiv="content-type" content="text/html;charset=utf-8" />

<link href="../css/style.css" rel="stylesheet" type="text/css" />

<body>

<div id="main">

<div id="header">

<div id="logo">

<a href=""> <span class="logo_span">DUAL ACCESS CONTROL FOR CLOUD-

BASED DATA STORAGE AND SHARING

</span></a>

</div>
<span class="user"><?php echo $_SESSION['admin_name'];?>&nbsp;logged in...</span>

</div>

<div id="border">

<div id="buttons">

<a href="trans.php" class="but" title="">Transfer</a><div class="but_div"></div>

<a href="view.php" class="but" title="">Files</a><div class="but_div"></div>

<a href="alert.php" class="but" title="">Alerts</a>

<div class="but_div"></div>

<a href="../logout.php" class="but" title="">Logout</a>

<div class="but_div"></div>

</div>

<table border="0" cellpadding="0" cellspacing="0" >

<tr>

<td colspan="3" align="center"><img src="../images/banner.png"></td>

</tr>

<tr>

<td colspan="3">&nbsp;</td>

</tr>

<tr>

<td colspan="3" align="center"><strong>TRANSFER CLIENT FILES </strong></td>

</tr>

<tr></tr>
<tr>

<td width="50" style="border-right:1px solid #636363;">&nbsp;</td>

<td width="900" style="" align="center">

<form id="form1" name="form1" method="post" action="" enctype="multipart/form-data"

onSubmit="return valid()">

<table width="95%" bgcolor="#d4e6fe"><br>

<?php

$sl=0;

$s="select * from file

inner join user on user.st_user=file.file_user

where file_id='".$_REQUEST['file_id']."'";

$fr=mysql_query($s);

$f=mysql_fetch_object($fr);

$contents = file_get_contents($f->file_file);

$len=strlen($contents);

$count=$len/3;

$file1 = file_get_contents($f->file_file,NULL,NULL,0,$count);
$file2 = file_get_contents($f->file_file,NULL,NULL,$count,$count);

$file3 = file_get_contents($f->file_file,NULL,NULL,$count*2);

?>

<tr>

<td height="36" align="center">Client&nbsp;:&nbsp;<strong><?php echo $f-

>st_name; ?></strong> </td>

<td height="36" align="center">File&nbsp;:&nbsp;<strong><?php echo $f->file_name; ?

></strong></td>

<td height="36" align="center">Date&nbsp;:&nbsp;<strong><?php echo $f->file_date; ?

></strong></td>

</tr>

<tr>

<td align="center">

<input type="hidden" name="file_id" value="<?php echo $f->file_id; ?>">

<input type="hidden" name="client_name" value="<?php echo $f->st_user; ?>">

<input type="hidden" name="file_file" value="<?php echo $f->file_file; ?>">

</td>

<td align="center">File Total Size&nbsp;:&nbsp;<strong><?php echo $size =filesize($f-

>file_file); echo' Bytes'; ?></strong></td>

<td align="center">&nbsp;</td>

</tr>

<tr>

<td width="25%" height="36" align="center"><u>File&nbsp;1</u>&nbsp;:<br>

<br>
 Size&nbsp;:&nbsp;<strong><?php echo round($size/3,2);echo ' Bytes';
?></strong></td>

<td width="48%" align="center"><textarea name="file1"

style="height:100px;width:350px" readonly="readonly"><?php echo $file1;
?></textarea></td>

<td width="27%" align="center"><strong>Upload To Cloud 1 </strong></td>

</tr>

<tr>

<td height="36" align="center"><u>File&nbsp;2</u>&nbsp;:<br>

<br>

Size&nbsp;:&nbsp;<strong><?php echo round($size/3,2);echo ' Bytes'; ?></strong></td>

<td align="center"><textarea name="file2" style="height:100px;width:350px"

readonly="readonly"><?php echo $file2; ?></textarea></td>

<td align="center"><strong>Upload To Cloud 2 </strong></td>

</tr>

<tr>

<td height="36" align="center"><u>File&nbsp;3</u>&nbsp;:<br>

<br>

Size&nbsp;:&nbsp;<strong><?php echo round($size/3,2);echo ' Bytes'; ?></strong></td>

<td align="center"><textarea name="file3" style="height:100px;width:350px"

readonly="readonly"><?php echo $file3; ?></textarea></td>

<td align="center"><strong>Upload To Cloud 3 </strong></td>

</tr>

<tr>

<td colspan="3" align="center">&nbsp;</td>

 </tr>

<tr>

<td height="36" colspan="3" align="center"><input type="submit" name="submit"

value="Upload" class="submit"></td>

</tr>

<tr>

<td colspan="3" align="center">&nbsp;</td>

</tr>

</table>

</form></td>

<td width="48" style="border-left:1px solid #636363;" align="center">&nbsp;</td>

</tr>

<tr>

<td colspan="3" style="border-bottom:1px solid #636363;">&nbsp;</td>

</tr>

<tr>

<td colspan="3" >&nbsp;</td>

</tr>

<tr>

<td colspan="3" align="center">&nbsp;</td>

</tr>

<tr>

<td colspan="3" >&nbsp;</td>

</tr>

</table>

</div>

<div id="footer">

<p>Copyright @ 2021. All Rights Reserved</p>

</div>

</div>

</body>

</html>

<?php

if(isset($_REQUEST['submit']))

$s1="select * from cloud1 order by cloud1_id desc";

$f1=mysql_query($s1);

$c1=mysql_fetch_object($f1);

if($c1 < 1)

$path1= "../cloud1/C1-1.txt";

fopen($path1,'a+');

}else

$count1=$c1->cloud1_id + 1;

$path1= "../cloud1/C1-".$count1.".txt";

}
$fopen1 = fopen($path1,'a+');

fwrite($fopen1,$_REQUEST['file1']);

$insert1="INSERT INTO `cloud1` ( `cloud1_name` ,

`cloud1_file` ,

`cloud1_user` ,

`cloud1_date` )

VALUES ('".$_REQUEST['file_id']."',

'".$path1."',

'".$_REQUEST['client_name']."',

'".date('d/m/Y')."')";

mysql_query($insert1);

$s2="select * from cloud1 order by cloud2_id desc";

$f2=mysql_query($s2);

$c2=mysql_fetch_object($f2);

if($c2 < 1)

$path2= "../cloud2/C2-1.txt";

}else

$count2=$c2->cloud2_id + 1;
$path2= "../cloud2/C2-".$count2.".txt";

$fopen2 = fopen($path2,'a+');

fwrite($fopen2,$_REQUEST['file2']);

$insert2="INSERT INTO `cloud2` (`cloud2_name` ,

`cloud2_file` ,

`cloud2_user` ,

`cloud2_date` )

VALUES ('".$_REQUEST['file_id']."',

'".$path2."',

'".$_REQUEST['client_name']."',

'".date('d/m/Y')."')";

mysql_query($insert2);

$s3="select * from cloud3 order by cloud3_id desc";

$f3=mysql_query($s3);

$c3=mysql_fetch_object($f3);

if($c3 < 1)

$path3= "../cloud3/C3-1.txt";

}else

{
$count3=$c3->cloud3_id + 1;

$path2= "../cloud3/C3-".$count3.".txt";

$fopen3 = fopen($path3,'a+');

fwrite($fopen3,$_REQUEST['file3']);

$insert3="INSERT INTO `cloud3` (`cloud3_name` ,

`cloud3_file` ,

`cloud3_user` ,

`cloud3_date` )

VALUES ('".$_REQUEST['file_id']."',

'".$path3."',

'".$_REQUEST['client_name']."',

'".date('d/m/Y')."')";

mysql_query($insert3);

$myFile=$_REQUEST['file_file'];

unlink($myFile);

mysql_query("UPDATE `file` SET file_status='Uploaded' WHERE `file_id` ='".

$_REQUEST['file_id']."'");

echo "<script type='text/javascript'> alert('Uploaded Successfully');</script>";

echo "<meta http-equiv='refresh' content='0;url=trans.php'>";

}
?>

SCREEN SHOT
BIBLIOGRAPHY

PHP/MYSQL MYSQL REFERENCE SITES

http://www.w3schools.com

http://www.tuxradar.com/practicalphp

http://phpbuddy.com/index.php

http://www.daniweb.com

http://www.pscode.com

http://dev.mysql.com
http://www.mysqltutorial.org/

www.hotscripts.com

www.freesoft.in

PHP/MYSQL REFERENCE BOOKS

1. Beginning PHP 5.3 - Matt Doyle Publication, first Edition, (October 26, 2009).

2. Expert PHP and MySQL - Andrew Curioso, Ronald Bradford, Patrick

Galbraith Publication, Fourth Edition,2010

3. Beginning Php and Mysql –W.Jason Gilmore Publication, Fourth Edition,2010

4. PHP and MySQL 24-Hour Trainer - Andrea Tarr Publication, Second

Edition,2011

5. Web Database Applications with PHP & MySQL, - Hugh E. Williams (Author),

David Lane Publication, Second Edition,2009

references
[1] J. Aikat, A. Akella, J. S. Chase, A. Juels, M. Reiter, T. Ristenpart, V. Sekar, and M. Swift,
“Rethinking security in the era of cloud computing,” IEEE Security & Privacy, vol. 15, no. 3,
2017.

[2] K. Ren, C. Wang, and Q. Wang, “Security challenges for the public cloud,” IEEE
Internet Computing, vol. 16, no. 1, pp. 69–73, 2012.

[3] T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, “Hey, you, get off of my cloud:
exploring information leakage in third-party compute clouds,” in ACM CCS. ACM, 2009.

[4] Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart, “Cross-tenant sidechannel attacks in

PaaS clouds,” in ACM CCS, 2014.

[5] Z. Xu, H. Wang, and Z. Wu, “A measurement study on co-residence threat inside the
cloud.” in USENIX Security Symposium, 2015.
[6] OpenStack, “Nova network security group changes are not applied to running instances,”
2015, available at: https://security.openstack.org/ossa/ OSSA-2015-021.html, last accessed
on: February 14, 2018.

[7] “Neutron security groups bypass through invalid CIDR,” 2015, available at:
https://security.openstack.org/ossa/OSSA-2014-014.html, last accessed on: February 14,
2018.

[8] Deloitte, “Cybersecurity and the role of internal audit,” 2019, available at:
https://www2.deloitte.com/us/en/pages/risk/articles/ cybersecurity-internal-audit-role.html.

[9] KPMG, “Internal audit risk & compliance services,” 2019, available at:
https://home.kpmg/xx/en/home/services/advisory/risk-consulting/ internal-audit-risk.html.

[10] T. Madi, S. Majumdar, Y. Wang, Y. Jarraya, M. Pourzandi, and L. Wang, “Auditing

security compliance of the virtualized infrastructure in the cloud: Application to OpenStack,”
in ACM CODASPY, 2016.