ACHIEVING SECURE AND EFFICIENT DYNAMIC SEARCHABLE

SYMMETRIC ENCRYPTION OVER MEDICAL CLOUD DATA

A Project Report submitted to
Jawaharlal Nehru Technological University, Hyderabad
In partial fulfillment for the requirement for the award of B. Tech Degree in
Computer Science and Engineering

BY
Pookotukavu Sairam Shreya 16UK1A05D4
Balguri Chandrika 16UK1A05G1
Kancham Ankitha 16UK1A05E8
Gattikopula Santosh 15UK5A05C2

Under the Guidance of

Chaitanya Thuppari
Assistant Professor

Department of Computer Science and Engineering,

VAAGDEVI ENGINEERING COLLEGE
(Affiliated to Jawaharlal Nehru Technological University)
2019 - 2020
 DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING
VAAGDEVI ENGINEERING COLLEGE
Affiliated to JNTUH, Hyderabad
Bollikunta, Warangal (T.S).

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

VAAGDEVI ENGINEERING COLLEGE
Warangal

CERTIFICATE

This is to certify that the Project entitled Achieving Secure and Efficient Dynamic
Searchable Symmetric Encryption Cloud Over Medical Cloud Data is submitted by
Pookotukavu Sairam Shreya (16UK1A05D4), Balguri Chandrika (16UK1A05D7),
Kancha Ankitha (16UK1A05E8), Gattikopula Santhosh (15UK5A05C2) in partial
fulfillment of the requirements for the award of the Degree in Bachelor of Technology in
Computer Science and Engineering during the academic year 2019--2020.

Guide: HOD:
Chaitanya Thuppari Dr R Naveen Kumar

External Examiner:
 ACKNOWLEDGEMENT

I express my gratitude to my principal Dr. P. Prasad Rao, who permitted me to

carry the project work as part of the academics.
I would like to thank Dr. R. Naveen Kumar, Head of Department (CSE) for his
support and encouragement in completing my project. I would like to express my gratitude to
my Project guide Chaitanya Thuppari Assistant Professor for his support and
encouragement in completing my mini project successfully.
I would also express my sincere thanks to all the staff members of Vaagdevi
Engineering College, for their kind cooperation and timely help during my academic’s
carrier.
Finally, I wish to take this opportunity to express our deep gratitude to my family
members and all the people who have extended their cooperation in various ways during my
project work.

By
Pookotukavu Sairam Shreya 16UK1A05D4
Balguri Chandrika 16UK1A05D7

Kancham Ankitha 16UK1A05E8

Gattikopula Santhosh 15UK1A05C2

 ABSTRACT

In medical cloud computing, a patient can remotely outsource her medical data to the
cloud server. In this case, only authorized doctors are allowed to access the data since the
medical data is highly sensitive. Encrypting the data before outsourcing is a commonly used
approach, where the patient only needs to send the corresponding encryption key to the
authorized doctors. This, however, significantly limits the usability of outsourced medical
data due to the difficulty of searching over the encrypted data. In this paper, we propose two
Secure and Efficient Dynamic Searchable Symmetric Encryption (SEDSSE) schemes over
medical cloud data. Firstly, we leverage the secure k-Nearest Neighbor (kNN) and Attribute-
Based Encryption (ABE) techniques to propose a dynamic searchable symmetric encryption
scheme, which can achieve two important security features, i.e., forward privacy and
backward privacy which are very challenging in the area of dynamic searchable symmetric
encryption. Then, we propose an enhanced scheme to solve the key sharing problem which
widely exists in the kNN based searchable encryption scheme. Compared with existing
proposals, our schemes are better in terms of storage, search and updating complexity.
Extensive experiments demonstrate the efficiency of our schemes on storage overhead, index
building, trapdoor generating and query.
 CONTENTS

1- INTRODUCTION

2- PROBLEM DEFINITIONS

2.1- PREVIOUS METHODS

3- FEASIBILITY STUDY

4- DESIGN OF THE PROJECT

5- J2EE SOFTWARE ENVIRONMENT

6- IMPLEMENTATIONS

7- SYSTEM TESTING

7.1-TESTING METHODOLOGIES
7.2- USER TRAINING
7.3-MAINTENANCE

8- RESULTS

9- CONCLUSION

10- USER MANUAL

10.1- SYSTEM REQUIREMENTS
10.2-SCREENSHOTS

BIBLOGRAPHY
FIGURES:

4.1 System Architecture

4.2 Data Flow Diagram
4.3 Use Case Diagram
4.4 Class Diagram
4.5 Sequence Diagram
4.6 Flow Chart Diagram
5.1 Compiling and Interpreting Java Source Code
5.2 Apache Tomcat Server Page
10.1 Menu Page
10.2 Home Page
10.3 Patient Login Page
10.4 Patient Register With Details
10.5 Patient Details After Login
10.6 Patient Upload Details
10.7 Patient Encrypted Data
10.8 Patient Account Details
10.9 Patient Account Status
10.10 Doctor Login
10.11 Doctor Menu
10.12 Doctor Register
10.13 Doctor Profile
10.14 View and Schedule Patients
10.15 Scheduling the Patient
10.16 Scheduled Successful
10.17 Cloud Menu
10.18 Cloud Login
10.19 Adding Hospital
10.20 Overall Result of Disease
10.21 Login Failure
 1 INTRODUCTION

Health care service has been extensively studied to improve medical quality and
reduce the cost of medical services. With a large amount of medical data, a health care
system must extend its scale to provide efficient and secure services. Media cloud computing,
which treats computing as a utility, leases out the computing and storage capacities to the
public patients and doctors. It is a revolutionary computing paradigm which enables dynamic
resource allocation, self-demand services, measurement of service, transparency of resource,
etc. As such, a patient can remotely store her data on the cloud server, namely data
outsourcing, and then open her cloud data to the doctors. Note that the outsourced medical
data may contain sensitive and private information (e.g., medical case and diagnostic report).
It is often necessary to encrypt the medical data before it is uploaded to the cloud. However,
the encrypted data cannot provide good usability due to the difficulty of searching over
encrypted data. To address this issue, Searchable Symmetric Encryption (SSE) technology
has been proposed in the literature as a fundamental approach to enabling keyword search
over encrypted cloud data. The existing searchable encryption schemes can achieve fuzzy
keyword search, ranked keyword search, multi-keyword search, and so on. Recently, many k-
Nearest Neighbor (kNN) based SSE schemes have been proposed to search over encrypted
data.

However, in such schemes every search shares the same secret key among users, which
may cause disclosure of privacy. On the other hand, it is a challenging issue, especially in the
health care system, to develop a dynamic version of SSE (DSSE) in which encrypted
keyword search should be supported even if data is arbitrarily inserted into a collection
(forward privacy) or deleted from a collection (backward privacy). Stefano vetal proposed an
efficient DSSE scheme, which can achieve forward privacy, but cannot ensure backward
privacy. Some researchers use the Oblivious Random-Access Memory (ORAM) technique to
achieve the forward privacy and backward privacy in DSSE. However, these approaches
significantly increase the complexity in storage, search and updating processes. To address
the above issues, in this paper, we propose a Secure and Efficient Dynamic Searchable
Symmetric Encryption (SEDSSE) scheme over medical cloud data. This work extends and
improves our previous research [15]. Specifically, this paper addresses two new issues: the
collusion between the cloud server and search users as well as different secret key
distribution among search users. In addition, we apply the new design to the health care
system. Furthermore, the security and performance are analyzed. The original contributions
of the paper are: • Firstly, we combine the k-Nearest Neighbor (kNN) and Attribute-Based
Encryption (ABE) techniques to propose a

Secure and Efficient Dynamic Searchable Symmetric Encryption scheme, named

SEPSSE I. The proposed scheme can achieve forward privacy, backward privacy, and
collusion resistance between the cloud server and search users. • Secondly, based on the
scheme, we further propose an enhanced scheme, named SEPSSE II to solve the key sharing
problem which widely exists in the kNN based searchable encryption schemes. Compared
with the existing DSSE schemes, our proposed schemes are having less storage costs, search
and updating complexity. Extensive experiments demonstrate the efficiency of our schemes
in term of storage overhead, index building, trapdoor generating and query. The remainder of
this paper is organized as follows. Section 2 outlines the system model; security requirements
and design goals and Section 3 describes the preliminaries of the proposed schemes. The
developed schemes and updating operations are presented in Section 4 and Section 5,
respectively. An enhanced scheme is proposed in Section 6 to address the key sharing
problem. The security analysis and performance evaluation are conducted in Section 7 and
Section 8, respectively. Section 9 presents the related works and finally Section 10 concludes
the paper.
 2 PROBLEM DEFINITION

2.1-Previous Models

EXISTING SYSTEM: -
The concept of SPE was first proposed by Boneh et al. [26], which supports single
keyword search on encrypted data but the computation overhead is heavy. Curtmola et al.
[27] refined the definition of SSE later. After this work, Boneh et al. [24] proposed
conjunctive, subset, and range queries on encrypted data. Recently in static searchable
symmetric encryption, Wang et al. have developed the ranked keyword search scheme in
[8] and proposed a novel scheme supporting similarity search in [25]. However, these
schemes cannot efficiently support multi-keyword search. To overcome this problem, Sun
et al. [9] proposed a multi-keyword scheme which also considers the relevance scores of
keywords, and it can achieve efficient query by utilizing the multidimensional tree
technique.

In [10], Yu et al. proposed a multi-keyword top k retrieval scheme with fully

homomorphic encryption, which can return ranked results and achieve high security. Cao
et al. [11] proposed a multi-keyword ranked search scheme, which can return ranked
results of searching according to the number of matching keywords and its extended
versions achieve higher efficiency. As mentioned by Ren et al. [28], there still exists
many security challenges for public clouds.

Disadvantages
1- The system is not implemented Forward privacy and backward privacy.
2- The system is not implemented Attribute-based encryption.
 3 FEASIBILITY STUDY
The first and foremost strategy for development of a project starts from the thought of
designing a mail enabled platform for a small firm in which it is easy and convenient of
sending and receiving messages, there is a search engine, address book and also including
some entertaining games. When it is approved by the organization and our project guide the
first activity, i.e. preliminary investigation begins. The activity has three parts:

Request Clarification

Feasibility Study

Request Approval

REQUEST CLARIFICATION

After the approval of the request to the organization and project guide, with an
investigation being considered, the project request must be examined to determine precisely
what the system requires.

Here our project is basically meant for users within the company whose systems can
be interconnected by the Local Area Network (LAN). In today’s busy schedule man need
everything should be provided in a readymade manner. So, taking into consideration of the
vastly use of the net in day to day life, the corresponding development of the portal came into
existence.

FEASIBILITY ANALYSIS
 An important outcome of preliminary investigation is the determination that the
system request is feasible. This is possible only if it is feasible within limited resource and
time. The different feasibilities that have to be analyzed are

Operational Feasibility
Economic Feasibility
Technical Feasibility

Operational Feasibility
Operational Feasibility deals with the study of prospects of the system to be
developed. This system operationally eliminates all the tensions of the Admin and helps him
in effectively tracking the project progress. This kind of automation will surely reduce the
time and energy, which previously consumed in manual work. Based on the study, the system
is proved to be operationally feasible.

Economic Feasibility

Economic Feasibility or Cost-benefit is an assessment of the economic justification

for a computer-based project. As hardware was installed from the beginning & for lots of
purposes thus the cost on project of hardware is low. Since the system is a network based,
any number of employees connected to the LAN within that organization can use this tool
from at anytime. The Virtual Private Network is to be developed using the existing resources
of the organization. So, the project is economically feasible.

Technical Feasibility
According to Roger S. Pressman, Technical Feasibility is the assessment of the
technical resources of the organization. The organization needs IBM compatible machines
with a graphical web browser connected to the Internet and Intranet. The system is developed
for platform Independent environment. Java Server Pages, JavaScript, HTML, SQL server
and WebLogic Server are used to develop the system. The technical feasibility has been
carried out. The system is technically feasible for development and can be developed with
the existing facility.

REQUEST APPROVAL

Not all request projects are desirable or feasible. Some organization receives so many
project requests from client users that only few of them are pursued. However, those projects
that are both feasible and desirable should be put into schedule. After a project request is
approved, it cost, priority, completion time and personnel requirement is estimated and used
to determine where to add it to any project list. Truly speaking, the approval of those above
factors, development works can be launched.

SYSTEM ARCHITECTURE
1. Upload patient details in ABE
Format by selecting hospital and
doctor, Enc attached document
2.View uploaded patient details, view
treatment schedule date and time
from doctor
3.Delete files / patient details
4. Verify patient details
5. Manage Bank Account
6. View your bill and make payment
4 DESIGN
1). Add Hospitals and
department
2). View patients and authorize
3) View doctors and authorize
4).View all patient disease details
and related doctor details in ABE
Format
5). View all Patient results from
doctors
Cloud Server 6). Make bill and View total bill
for particular patients
7). View all patient treatment
schedule transactions
8. View Chart Result based on
patient disease (ie.no. of uses
caused malaria, h1n1, etc. by age
wise)

Register and Login

PATIENT
Attack Patient Details

Attacker

1. Register (select hospital and

department) and Login
2.View Profile
3.View patient details and send request Doctor
acceptance for patients with treatment
scheduled date and time.
4. Add treatment details based on disease
to corresponding patient.
5)View all scheduled patient details
 4.1 System architecture

DATA FLOW DIAGRAM

Upload patient details, Enc attached

document, View uploaded patient
details, view treatment schedule date and
time from doctor, Delete files / patient
details, Verify patient details, Manage
Bank Account, View your bill and make
payment

Patient
Add Hospitals and department, View
patients and authorize, View doctors Cloud Server
and authorize, View all patient
disease details and related doctor
details in ABE Format, View all
Patient results from doctors, Make
bill and View total bill, View all
patient treatment schedule
transactions, View Chart Result

Register and Login Attack Patient

Details

Doctor
View Profile, View patient details
and send request acceptance for
patients with treatment scheduled
date and time, Add treatment details
based on disease to corresponding
patient, View all scheduled patient
details Attacker
USE CASE DIAGRAM

Upload patient details

in ABE Format, Enc
attached document Doctor
View Profile,
View patient
Patient details
View uploaded patient
details, view treatment
schedule date and time
from doctor Add treatment
details based
on disease

Delete files / patient details,

Verify patient details
View all
scheduled
Attacker
patient details

Add Hospitals and department,

View patients and authorize,
View doctors and authorize

Attack Patient
Details

View all patient disease details,

View all Patient results from
doctors

Make bill and View total bill for

particular patients, View all
patient treatment schedule
transactions

4.3 Use Case Diagram

 CLASS DIAGRAM

Add Hospitals and department,

View patients and authorize,
Upload patient details, Enc View doctors and authorize,
attached document, View View all patient disease details
uploaded patient details, view and related doctor details in ABE
treatment schedule date and time Format, View all Patient results
from doctor, Delete files / from doctors, Make bill and
patient details, Verify patient View total bill, View all patient
details Manage Bank Account, treatment schedule transactions,
View your bill and make View Chart Result
payment Username, Password, Hospital
Name, DOB, address, email, pin name,
code, mobile Methods
Method
s
Patient Cloud Server
Members
Members Attack Patient
Details
Register, Login
Method User Name, Password, Patient Name,
s DOB, Gender, Address, Details, address
City, Country, Email,
Mobile, History, Post Attacker
Members

Method
s Doctor

Members

View Profile, View patient

details and send request
acceptance for patients with
treatment scheduled date and
time, Add treatment details
based on disease to
corresponding patient, View all
scheduled patient details

Patient name, address, DOB,

Disease

4.4 Class Diagram

 The class diagram is the main building block of object oriented modeling. It is used
both for general conceptual modeling of the systematic of the application, and for detailed
modeling translating the models into programming code. Class diagrams can also be used
for modeling. The classes in a class diagram represent both the main objects, interactions in
the application and the classes to be programmed.

In the diagram, classes are represented with boxes which contain three parts

 The upper part holds the name of the class

 The middle part contains the attributes of the class
 The bottom part gives the methods or operations the class can take or undertake

In the design of a system, a number of classes are identified and grouped together in a
class diagram which helps to determine the static relations between those objects. With
detailed modeling, the classes of the conceptual design are often split into a number of
subclasses.
SEQUENCE DIAGRAM

Patient Cloud Server Doctor Attacker

Register and Login

Register and Login

Upload patient details in Add Hospitals

ABE Format and department
View patients and
View uploaded patient authorize, doctors and
details authorize Attack Patient Details

Delete files / patient

details, Verify patient View Profile, View patient
details details

Add treatment details

Manage Bank Account based on disease

View all patient disease

details, View all Patient
View your bill and make results from doctors
payment

Make bill and View

total bill for particular
patients

View all scheduled patient

details

View all patient treatment

schedule transactions, View
Chart Result based on
patient disease

4.5 SEQUENCE DIAGRAM

 FLOW CHART DIAGRAM
View uploaded patient
details, view treatment
Patient Is schedule date and time
patient from doctor

Upload patient Delete files / patient details,

details, Enc Verify patient details
attached document Login

Verify Patient
details?

Cloud Server Manage Bank Account, View

Attacker your bill and make payment

Add Hospitals and

department Attack
Patient Doctor
Details

View patients and authorize,

View doctors and authorize
Is Doctor
registered?

View all patient disease details

and related doctor details
View patient details and
send request acceptance
for patients
Login

View all Patient results from

doctors, Make bill and View total
bill for particular patients Add treatment details
based on disease to
corresponding patient

View all patient treatment schedule View all scheduled

transactions, View Chart Result patient details
based on patient disease

4.6 FLOW CHART DIAGRAM

 5 J2EE ENVIRONMENT

Client side Over view:

With the varied topic in existence in the fields of computers, Client Server is one,
which has generated more heat than light, and also more hype than reality. This technology
has acquired a certain critical mass attention with its dedication conferences and magazines.
Major computer vendors such as IBM and DEC, have declared that Client Servers is their
main future market. A survey of DBMS magazine reveled that 76% of its readers were
actively looking at the client server solution. The growth in the client server development
tools from $200 million in 1992 to more than $1.2 billion in 1996.
Client server implementations are complex but the underlying concept is simple and
powerful. A client is an application running with local resources but able to request the
database and relate the services from separate remote server. The software mediating this
client server interaction is often referred to as MIDDLEWARE.
The typical client either a PC or a Work Station connected through a network to a
more powerful PC, Workstation, Midrange or Main Frames server usually capable of
handling request from more than one client. However, with some configuration server may
also act as client. A server may need to access other server in order to process the original
client request.
The key client server idea is that client as user is essentially insulated from the physical
location and formats of the data needs for their application. With the proper middleware, a
client input from or report can transparently access and manipulate both local database on the
client machine and remote databases on one or more servers. An added bonus is the client
server opens the door to multi-vendor database access indulging heterogeneous table joins.

Why Client Server

Client server has evolved to solve a problem that has been around since the earliest days of

computing: how best to distribute your computing, data generation and data storage resources in order to

obtain efficient, cost effective departmental an enterprise wide data processing. During mainframe era

choices were quite limited. A central machine housed both the CPU and DATA (cards, tapes, drums and
later disks). Access to these resources was initially confined to batched runs that produced departmental

reports at the appropriate intervals.

A strong central information service department ruled the corporation. The role of the

rest of the corporation limited to requesting new or more frequent reports and to provide hand

written forms from which the central data banks were created and updated. The earliest client

server solutions therefore could best be characterized as “SLAVE-MASTER”.

Time-sharing changed the picture. Remote terminal could view and even change the
central data, subject to access permissions. And, as the central data banks evolved in to
sophisticated relational database with non-programmer query languages, online users could
formulate adhoc queries and produce local reports without adding to the MIS applications
software backlog. However remote access was through dumb terminals, and the client server
remained subordinate to the Slave\Master.

Front end or User Interface Design

The entire user interface is planned to be developed in browser specific environment

with a touch of Intranet-Based Architecture for achieving the Distributed Concept. The
browser specific components are designed by using the HTML standards, and the dynamism
of the designed by concentrating on the constructs of the Java Server Pages.

Communication or Database Connectivity Tier

The Communication architecture is designed by concentrating on the Standards of

Servlets and Enterprise Java Beans. The database connectivity is established by using the
Java Data Base Connectivity. The standards of three-tier architecture are given major
concentration to keep the standards of higher cohesion and limited coupling for effectiveness
of the operations.

Compilation of code
When you compile the code, the Java compiler creates machine code (called byte code)

for a hypothetical machine called Java Virtual Machine (JVM). The JVM is supposed to

execute the byte code. The JVM is created for overcoming the issue of portability. The code
is written and compiled for one machine and interpreted on all machines. This machine is

called Java Virtual Machine.

Compiling and interpreting Java Source Code

During run-time the Java interpreter tricks the byte code file into thinking that it is running on
a Java Virtual Machine. In reality this could be a Intel Pentium Windows 95 or Sun SARC
station running Solaris or Apple Macintosh running system and all could receive code from
any computer through Internet and run the Applets.

Java Java
PC Compiler Interpreter
Source Byte code (PC)
Code
……….. Macintosh Java
Compiler (Platform Interpreter
………..
indepen (Macintosh)
dent)
………..
SPARC
Java
Compiler Interpreter
………… (Sparc)

Fig 5.1 Compiling and Interpreting Java Source Code

Simple

Java was designed to be easy for the Professional programmer to learn and to use effectively.
If you are an experienced C++ programmer, learning Java will be even easier. Because Java
inherits the C/C++ syntax and many of the object-oriented features of C++. Most of the
confusing concepts from C++ are either left out of Java or implemented in a cleaner, more
approachable manner. In Java there are a small number of clearly defined ways to accomplish
a given task.

Object-Oriented
Java was not designed to be source-code compatible with any other language. This allowed
the Java team the freedom to design with a blank slate. One outcome of this was a clean
usable, pragmatic approach to objects. The object model in Java is simple and easy to extend,
while simple types, such as integers, are kept as high-performance non-objects.

Robust

The multi-platform environment of the Web places extraordinary demands on a program,

because the program must execute reliably in a variety of systems. The ability to create robust
programs was given a high priority in the design of Java. Java is strictly typed language; it
checks your code at compile time and run time.
Java virtually eliminates the problems of memory management and deallocation, which is
completely automatic. In a well-written Java program, all run time errors can –and should –be
managed by your program.

JAVASCRIPT

JavaScript is a script-based programming language that was developed by Netscape

Communication Corporation. JavaScript was originally called Live Script and renamed as
JavaScript to indicate its relationship with Java. JavaScript supports the development of both
client and server components of Web-based applications. On the client side, it can be used to
write programs that are executed by a Web browser within the context of a Web page. On the
server side, it can be used to write Web server programs that can process information
submitted by a Web browser and then updates the browser’s display accordingly

Even though JavaScript supports both client and server Web programming, we prefer
JavaScript at Client-side programming since most of the browsers supports it. JavaScript is
almost as easy to learn as HTML, and JavaScript statements can be included in HTML
documents by enclosing the statements between a pair of scripting tags

<SCRIPTS>…</SCRIPT>.

<SCRIPT LANGUAGE = “JavaScript”>

 JavaScript statements

</SCRIPT>
Here are a few things we can do with JavaScript:
 Validate the contents of a form and make calculations.
 Add scrolling or changing messages to the Browser’s status line.
 Animate images or rotate images that change when we move the mouse over
them.
 Detect the browser in use and display different content for different browsers.
 Detect installed plug-ins and notify the user if a plug-in is required.
We can do much more with JavaScript, including creating entire application.

J A V A S C R I P T V s J A V A

JavaScript and Java are entirely different languages. A few of the most glaring
differences are:

 Java applets are generally displayed in a box within the web document;
JavaScript can affect any part of the Web document itself.
 While JavaScript is best suited to simple applications and adding interactive
features to Web pages; Java can be used for incredibly complex applications.
There are many other differences but the important thing to remember is that JavaScript and
Java are separate languages. They are both useful for different things; in fact they can be used
together to combine their advantages.

A D V A N T A G E S

 JavaScript can be used for Sever-side and Client-side scripting.

 It is more flexible than VBScript.
 JavaScript is the default scripting languages at Client-side since all the
browsers supports it.

Hyper Text Markup Language

Hypertext Markup Language (HTML), the languages of the World Wide Web
(WWW), allows users to produces Web pages that include text, graphics and pointer to other
Web pages (Hyperlinks).
 HTML is not a programming language but it is an application of ISO Standard 8879,
SGML (Standard Generalized Markup Language), but specialized to hypertext and adapted to
the Web. The idea behind Hypertext is that instead of reading text in rigid linear structure, we
can easily jump from one point to another point. We can navigate through the information
based on our interest and preference. A markup language is simply a series of elements, each
delimited with special characters that define how text or other items enclosed within the
elements should be displayed. Hyperlinks are underlined or emphasized works that load to
other documents or some portions of the same document.
HTML can be used to display any type of document on the host computer, which can
be geographically at a different location. It is a versatile language and can be used on any
platform or desktop.
HTML provides tags (special codes) to make the document look attractive. HTML
tags are not case-sensitive. Using graphics, fonts, different sizes, color, etc., can enhance the
presentation of the document. Anything that is not a tag is part of the document itself.
Basic HTML Tags:
<!-- --> Specifies comments
<A>……….</A> Creates hypertext links
<B>……….</B> Formats text as bold
<BIG>……….</BIG> Formats text in large font.
<BODY>…</BODY> Contains all tags and text in the HTML document
<CENTER>...</CENTER> Creates text
<DD>…</DD> Definition of a term
<DL>...</DL> Creates definition list
<FONT>…</FONT> Formats text with a particular font
<FORM>...</FORM> Encloses a fill-out form
<FRAME>...</FRAME> Defines a particular frame in a set of frames
<H#>…</H#> Creates headings of different levels
<HEAD>...</HEAD> Contains tags that specify information about a document
<HR>...</HR> Creates a horizontal rule
<HTML>…</HTML> Contains all other HTML tags
<META>...</META> Provides meta-information about a document
<SCRIPT>…</SCRIPT> Contains client-side or server-side script
<TABLE>…</TABLE> Creates a table
<TD>…</TD> Indicates table data in a table
<TR>…</TR> Designates a table row
<TH>…</TH> Creates a heading in a table

ADVANTAGES
 A HTML document is small and hence easy to send over the net. It is small
because it does not include formatted information.
 HTML is platform independent.
 HTML tags are not case-sensitive.

Tomcat 7.0 web server

Tomcat is an open source web server developed by Apache Group.

Apache Tomcat is the servlet container that is used in the official
Reference Implementation for the Java Servlet and Java Server Pages
technologies. The Java Servlet and Java Server Pages specifications are
developed by Sun under the Java Community Process. Web Servers like
Apache Tomcat support only web components while an application server
supports web components as well as business components (BEAs
WebLogic, is one of the popular application server).To develop a web application
with jsp/servlet install any web server like JRun, Tomcat etc. to run your application.
 Fig 5.2 Apache Tomcat Server Page

6 IMPLEMENTATIONS

Patient:

A patient outsources her documents to the cloud server to provide convenient and
reliable data access to the corresponding search doctors. To protect the data privacy, the
patient encrypts the original documents under an access policy using attribute-based
encryption. To improve the search efficiency, she also generates some keyword for each
outsourced document. The corresponding index is then generated according to the keywords
using the secret key of the secure kNN scheme. After that, the patient sends the encrypted
documents, and the corresponding indexes to the cloud server, and submits the secret key to
the search doctors.

Cloud server:
 A cloud server is an intermediary entity which stores the encrypted documents and the
corresponding indexes received from patients, and then provides data access and search
services to authorized search doctors. When a search doctor sends a trapdoor to the cloud
server, it would return a collection of matching documents based on certain operations.

Doctor:

An authorized doctor can obtain the secret key from the patient, where this key can be
used to generate trapdoors. When she needs to search the outsourced documents stored in the
cloud server, she will generate a search keyword set. Then according to the keyword set, the
doctor uses the secret key to generate a trapdoor and sends it to the cloud server. Finally, she
receives the matching document collection from the cloud server and decrypts them with the
ABE key received from the trusted authority. After getting the health information of the
patient, the doctor can also outsource medical report to the cloud server by the same way. For
simplicity, we just consider one-way communication in our schemes.

7 SYSTEM TESTING

7.1 TESTING METHODOLOGIES

The following are the Testing Methodologies.

o Unit Testing.
o Integration Testing.
o User Acceptance Testing.
o Output Testing.
o Validation Testing.

Unit Testing
 Unit testing focuses verification effort on the smallest unit of Software design that is the
module. Unit testing exercises specific paths in a module’s control structure to ensure
complete coverage and maximum error detection. This test focuses on each module
individually, ensuring that it functions properly as a unit. Hence, the naming is Unit Testing.

During this testing, each module is tested individually and the module interfaces are
verified for the consistency with design specification. All-important processing path are
tested for the expected results. All error handling paths are also tested.

Integration Testing
Integration testing addresses the issues associated with the dual problems of verification
and program construction. After the software has been integrated a set of high order tests are
conducted. The main objective in this testing process is to take unit tested modules and builds
a program structure that has been dictated by design.

The following are the types of Integration Testing:

1. Top Down Integration

This method is an incremental approach to the construction of program structure.

Modules are integrated by moving downward through the control hierarchy, beginning with
the main program module. The module subordinates to the main program module are
incorporated into the structure in either a depth first or breadth first manner. In this
method, the software is tested from main module and individual stubs are
replaced when the test proceeds downwards.

2. Bottom-up Integration
 This method begins the construction and testing with the modules at the lowest level
in the program structure. Since the modules are integrated from the bottom up, processing
required for modules subordinate to a given level is always available and the need for stubs is
eliminated. The bottom up integration strategy may be implemented with the following steps:

 The low-level modules are combined into clusters into clusters that perform a
specific Software sub-function.
 A driver (i.e.) the control program for testing is written to coordinate test case input
and output.
 The cluster is tested.
 Drivers are removed and clusters are combined moving upward in the program
structure

The bottom up approaches test each module individually and then each module is
module is integrated with a main module and tested for functionality.

User Acceptance Testing

User Acceptance of a system is the key factor for the success of any system. The
system under consideration is tested for user acceptance by constantly keeping in touch with
the prospective system users at the time of developing and making changes wherever
required. The system developed provides a friendly user interface that can easily be
understood even by a person who is new to the system.
Output Testing

After performing the validation testing, the next step is output testing of the proposed
system, since no system could be useful if it does not produce the required output in the
specified format. Asking the users about the format required by them tests the outputs
generated or displayed by the system under consideration. Hence the output format is
considered in 2 ways – one is on screen and another in printed format.
Validation Checking
Validation checks are performed on the following fields.
Text Field
The text field can contain only the number of characters lesser than or equal to its
size. The text fields are alphanumeric in some tables and alphabetic in other tables. Incorrect
entry always flashes and error message.

Numeric Field
The numeric field can contain only numbers from 0 to 9. An entry of any character
flashes an error message. The individual modules are checked for accuracy and what it has to
perform. Each module is subjected to test run along with sample data. The individually
tested modules are integrated into a single system. Testing involves executing the real data
information is used in the program the existence of any program defect is inferred from the
output. The testing should be planned so that all the requirements are individually tested.A
successful test is one that gives out the defects for the inappropriate data and produces and
output revealing the errors in the system.

Preparation of Test Data:

Taking various kinds of test data does the above testing. Preparation of test data plays
a vital role in the system testing. After preparing the test data the system under study is tested
using that test data. While testing the system by using test data errors are again uncovered
and corrected by using above testing steps and corrections are also noted for future use.

Using Live Test Data:

Live test data are those that are actually extracted from organization files. After a
system is partially constructed, programmers or analysts often ask users to key in a set of data
from their normal activities. Then, the systems person uses this data as a way to partially test
the system. In other instances, programmers or analysts extract a set of live data from the files
and have them entered themselves.

It is difficult to obtain live data in sufficient amounts to conduct extensive testing.

And, although it is realistic data that will show how the system will perform for the typical
processing requirement, assuming that the live data entered are in fact typical, such data
generally will not test all combinations or formats that can enter the system. This bias toward
typical values then does not provide a true system test and in fact ignores the cases most
likely to cause system failure.

Using Artificial Test Data:

Artificial test data are created solely for test purposes, since they can be generated to
test all combinations of formats and values. In other words, the artificial data, which can
quickly be prepared by a data generating utility program in the information systems
department, make possible the testing of all login and control paths through the program. The
most effective test programs use artificial test data generated by persons other than those who
wrote the programs. Often, an independent team of testers formulates a testing plan, using the
systems specifications. The package “Virtual Private Network” has satisfied all the
requirements specified as per software requirement specification and was accepted.

7.2 USER TRAINING

Whenever a new system is developed, user training is required to educate them about
the working of the system so that it can be put to efficient use by those for whom the system
has been primarily designed. For this purpose the normal working of the project was
demonstrated to the prospective users. Its working is easily understandable and since the
expected users are people who have good knowledge of computers, the use of this system is
very easy.

7.3 MAINTAINENCE
 This covers a wide range of activities including correcting code and design errors. To
reduce the need for maintenance in the long run, we have more accurately defined the user’s
requirements during the process of system development. Depending on the requirements, this
system has been developed to satisfy the needs to the largest possible extent. With
development in technology, it may be possible to add many more features based on the
requirements in future. The coding and designing is simple and easy to understand which will
make maintenance easier.

TESTING STRATEGY
A strategy for system testing integrates system test cases and design techniques into a
well-planned series of steps that results in the successful construction of software. The testing
strategy must co-operate test planning, test case design, test execution, and the resultant data
collection and evaluation .A strategy for software testing must accommodate low-level
tests that are necessary to verify that a small source code segment has been correctly
implemented as well as high level tests that validate major system functions against user
requirements.

Software testing is a critical element of software quality assurance and represents the
ultimate review of specification design and coding. Testing represents an interesting anomaly
for the software. Thus, a series of testing are performed for the proposed system before the
system is ready for user acceptance testing.

SYSTEM TESTING
Software once validated must be combined with other system elements (e.g.
Hardware, people, database). System testing verifies that all the elements are proper and that
overall system function performance is achieved. It also tests to find discrepancies between
the system and its original objective, current specifications and system documentation.

UNIT TESTING
In unit testing different are modules are tested against the specifications produced
during the design for the modules. Unit testing is essential for verification of the code
produced during the coding phase, and hence the goals to test the internal logic of the
modules. Using the detailed design description as a guide, important Conrail paths are tested
to uncover errors within the boundary of the modules. This testing is carried out during the
programming stage itself. In this type of testing step, each module was found to be working
satisfactorily as regards to the expected output from the module.
In Due Course, latest technology advancements will be taken into consideration. As
part of technical build-up many components of the networking system will be generic in
nature so that future projects can either use or interact with this. The future holds a lot to
offer to the development and refinement of this project.

8 RESULTS

PROPOSED SYSTEM
In the proposed system, the system proposes a Secure and Efficient Dynamic Searchable
Symmetric Encryption (SEDSSE) scheme over medical cloud data. This work extends and
improves our previous research [15]. Specifically, this paper addresses two new issues: the
collusion between the cloud server and search users as well as different secret key
distribution among search users. In addition, we apply the new design to the health care
system. Furthermore, the security and performance are analyzed. The original
contributions of the paper are:
 Firstly, the system combines the k-Nearest Neighbor (kNN) and Attribute-Based
Encryption (ABE) techniques to propose a Secure and Efficient Dynamic Searchable
Symmetric Encryption scheme, named SEPSSE I. The proposed scheme can achieve
forward privacy, backward privacy, and collusion resistance between the cloud server and
search users.
Secondly, based on the scheme, we further propose an enhanced scheme, named SEPSSE II
to solve the key sharing problem which widely exists in the kNN based searchable
encryption schemes. Compared with the existing DSSE schemes, our proposed schemes are
have less storage costs, search and updating complexity. Extensive experiments demonstrate
the efficiency of our schemes in term of storage overhead, index building, trapdoor
generating and query.
Advantages
 The system implemented very strong security scheme of Privacy protection of
documents, indexes and trapdoors.
 The system provides Collusion resistance between the cloud server and search
Users.

9 CONCLUSIONS

In this paper, we propose two dynamic searchable encryption schemes with high
security level. The first one can not only achieve collusion resistance between the cloud
server and search users, but also can achieve both forward privacy and backward privacy.
The second one further solves the key sharing problem which widely exists in the kNN based
searchable encryption scheme. Performance evaluation demonstrates that the proposed
schemes can achieve better efficiency than the existing works in terms of storage, search and
updating complexity. Extensive experiments demonstrate the efficiency of our schemes in
term of storage overhead, index building, trapdoor generating and query.
SCREENSHOTS

Fig 10.1 Menu Page

 Fig 10.2 Home Page

Fig 10.3 Patient login Page

Fig 10.4 Patient Register with details

FIG 10.5 Patient Details after login

Fig 10.6 Patient Upload Details

Fig 10.7 patient Encrypted Data

Fig 10.8 Patient Account details

Fig 10.9 Patient Account Status

Fig 10.10 Doctor Login

 Fig 10.11 Doctor Menu

Fig 10.12 Doctor Register

Fig 10.13 Doctor Profile

Fig 10.14 View and Schedule Patients

Fig 10.15 Scheduling the Patient

Fig 10.16 Schedule Successful

 Fig 10.17 Cloud Menu

Fig 10.18 Cloud Login

Fig 10.19Adding Hospital

 Fig 10.20 Overall Result of Disease

Fig 10.21 Login Failure

BIBLOGRAPHY

References for the Project Development were taken from the following
Books and Web Sites.

Oracle

PL/SQL Programming by Scott Urman

SQL complete reference by Livion

JAVA Technologies

JAVA Complete Reference

Java Script Programming by Yehuda Shiran

Mastering JAVA Security

JAVA2 Networking by Pistoria

JAVA Security by Scotl oaks

Head First EJB Sierra Bates

J2EE Professional by Shadab Siddiqui

JAVA server pages by Larne Pekowsley

JAVA Server pages by Nick Todd

HTML

HTML Black Book by Holzner

JDBC

Java Database Programming with JDBC by Patel moss.

REFERENCES

[1] M. Li, S. Yu, K. Ren, and W. Lou, “Securing personal health records in cloud computing:
Patient-centric and fine-grained data access control in multi-owner settings,” in Security and
Privacy in Communication Networks. Springer, 2010, pp. 89–106.

[2] A. M.-H. Kuo, “Opportunities and challenges of cloud computing to improve health care
services,” Journal of medical Internet research, vol. 13, no. 3, 2011.

[3] M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou, “Scalable and secure sharing of personal
health records in cloud computing using attribute-based encryption,” IEEE Transactions on
Parallel and Distributed Systems, vol. 24, no. 1, pp. 131–143, 2013.

[4] L. M. Vaquero, L. Rodero-Merino, J. Caceres, and M. Lindner, “A break in the clouds:

towards a cloud definition,” ACM SIGCOMM Computer Communication Review, vol. 39,
no. 1, pp. 50–55, 2008.

[5] H. Liang, L. X. Cai, D. Huang, X. Shen, and D. Peng, “An smdp based service model for
interdomain resource allocation in mobile cloud networks,” IEEE Transactions on Vehicular
Technology, vol. 61, no. 5, pp. 2222–2232, 2012.

[6] M. M. Mahmoud and X. Shen, “A cloud-based scheme for protecting source-location

privacy against hotspot-locating attack in wireless sensor networks,” IEEE Transactions on
Parallel and Distributed Systems, vol. 23, no. 10, pp. 1805–1818, 2012.

[7] Q. Shen, X. Liang, X. Shen, X. Lin, and H. Luo, “Exploiting geo distributed clouds for e-
health monitoring system with minimum service delay and privacy preservation,” IEEE
Journal of Biomedical and Health Informatics, vol. 18, no. 2, pp. 430–439, 2014.

[8] C. Wang, N. Cao, K. Ren, and W. Lou, “Enabling secure and efficient ranked keyword
search over outsourced cloud data,” IEEE Transactions on Parallel and Distributed Systems,
vol. 23, no. 8, pp. 1467–1479, 2012.

[9] W. Sun, B. Wang, N. Cao, M. Li, W. Lou, Y. T. Hou, and H. Li, “Verifiable privacy-
preserving multi-keyword text search in the cloud supporting similarity-based ranking,” IEEE
Transactions on Parallel and Distributed Systems, vol. 25, no. 11, pp. 3025–3035, 2014.

[10] J. Yu, P. Lu, Y. Zhu, G. Xue, and M. Li, “Towards secure multi keyword top-k retrieval
over encrypted cloud data,” IEEE Transactions on Dependable and Secure Computing, vol.
10, no. 4, pp. 239–250, 2013. [11] N. Cao, C. Wang, M. Li, K. Ren, and W. Lou, “Privacy-
preserving multi keyword ranked search over encrypted cloud data,” IEEE Transactions on
Parallel and Distributed Systems, vol. 25, no. 1, pp. 222–233, 2014.

[12] E. Stefanov, C. Papamanthou, and E. Shi, “Practical dynamic searchable encryption

with small leakage,” in Proceedings of NDSS, 2014. [13] M. T. Goodrich and M.
Mitzenmacher, “Privacy-preserving access of outsourced data via oblivious ram simulation,”
in Automata, Languages and Programming. Springer, 2011, pp. 576–587.

[14] D. Cash, A. K¨upc¸¨u, and D. Wichs, “Dynamic proofs of retrievability via oblivious
ram,” in Advances in Cryptology–EUROCRYPT. Springer, 2013, pp. 279–295.

[15] Y. Yang, H. Li, L. Wenchao, H. Yang, and W. Mi, “Secure dynamic searchable
symmetric encryption with constant document update cost,” in Proceedings of GLOBECOM.
IEEE, 2014, pp. 775–780.

[16] S. Luo, J. Hu, and Z. Chen, “Ciphertext policy attribute-based proxy re encryption,” in
Information and Communications Security. Springer, 2010, pp. 401–415.

[17] R. Brinkman, Searching in encrypted data. University of Twente, 2007. [18] Y. Ishai, E.
Kushilevitz, R. Ostrovsky, and A. Sahai, “Cryptography from anonymity,” in 47th Annual
IEEE Symposium on Foundations of Computer Science, 2006, pp. 239–248.

[19] J. Zobel and A. Moffat, “Exploring the similarity space,” in ACM SIGIR Forum, vol. 32,
no. 1, 1998, pp. 18–34.

[20] W. K. Wong, D. W.-l. Cheung, B. Kao, and N. Mamoulis, “Secure kNN computation on
encrypted databases,” in Proceedings of ACM SIGMOD International Conference on
Management of data, 2009, pp. 139–152.

[21] N. Ferguson, R. Schroeppel, and D. Whiting, “A simple algebraic representation of

rijndael,” in Selected Areas in Cryptography. Springer, 2001, pp. 103–111.

[22] S. Kamara, C. Papamanthou, and T. Roeder, “Dynamic searchable symmetric

encryption,” in Proceedings of the ACM conference on Computer and communications
security. ACM, 2012, pp. 965–976.

[23] P. Golle, J. Staddon, and B. Waters, “Secure conjunctive keyword search over
encrypted data,” in Applied Cryptography and Network Security. Springer, 2004, pp. 31–45.
[24] D. Boneh and B. Waters, “Conjunctive, subset, and range queries on encrypted data,” in
Theory of cryptography. Springer, 2007, pp. 535– 554.

[25] C. Wang, K. Ren, S. Yu, and K. M. R. Urs, “Achieving usable and privacy-assured
similarity search over outsourced cloud data,” in Proceedings of IEEE INFOCOM, 2012, pp.
451–459. [

26] D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano, “Public key encryption with
keyword search,” in Advances in Cryptology–Eurocrypt. Springer, 2004, pp. 506–522.
 [27] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric
encryption: improved definitions and efficient constructions,” in Proceedings o ACM CCS,
2006, pp. 79—88.

[28] K. Ren, C. Wang, and Q. Wang, “Security challenges for the public cloud,” IEEE
Internet Computing, vol. 16, no. 1, pp. 69–73, Jan 2012.

[29] D. X. Song, D. Wagner, and A. Perrig, “Practical techniques for searches on encrypted
data,” in IEEE Symposium on Security and Privacy, 2000, pp. 44–55.

[30] F. Hahn and F. Kerschbaum, “Searchable encryption with secure and efficient updates,”
in Proceedings of CCS. ACM, 2014, pp. 310–320.

[31] X. Yuan, X. Wang, C. Wang, A. Squicciarini, and K. Ren, “Enabling privacy-preserving

image-centric social discovery,” in Proceedings of IEEE ICDCS, 2014, pp. 198–207.