http://WWW.FINALYEARPROJECTS.NET
http://WWW.FINALYEARPROJECTS.NET

Checking delivery availability...

background-sm
Search
3

Updates found with 'bar feeding mechanism'

Page  2 1

Updates found with 'bar feeding mechanism'

JAVA /DOT NET PROJECTS ABSTRACT 2016-2017 FINE-GRAINED TWO-FACTOR ACCESS CONTROL FOR WEB-BASED CLOUD COMPUTING SERVICES ABSTRACT: In this paper, we introduce a new fine-grained two-factor authentication (2FA) access control system for web-based cloud computing services. Specifically, in our proposed 2FA access control system, an attribute-based access control mechanism is implemented with the necessity of both user secret key and a lightweight security device. As a user cannot access the system if s/he does not hold both, the mechanism can enhance the security of the system, especially in those scenarios where many users share the same computer for web-based cloud services. In addition, attribute-based control in the system also enables the cloud server to restrict the access to those users with the same set of attributes while preserving user privacy, i.e., the cloud server only knows that the user fulfills the required predicate, but has no idea on the exact identity of the user. Finally, we also carry out a simulation to demonstrate the practicability of our proposed 2FA system. EXISTING SYSTEM:1. Cloud computing is a virtual host computer system that enables enterprises to buy, lease, sell, or distribute software and other digital resources over the internet as an on-demand service. It no longer depends on a server or a number of machines that physically exist, as it is a virtual system. There are many applications of cloud computing, such as data sharing data storage big data management medical information system etc. 2. End users access cloud-based applications through a web browser, thin client or mobile app while the business software and user data are stored on servers at a remote location. The benefits of web-based cloud computing services are huge, which include the ease of accessibility, reduced costs and capital expenditures, increase operational efficiencies, scalability, flexibility and immediate time to market. Though the new paradigm of cloud computing provides great advantages, there are meanwhile also concerns about security and privacy especially for web based cloud services. As sensitive data may be stored in the cloud for sharing purpose or convenient access; and eligible users may also access the cloud system for various applications and services, user authentication has become a critical component for any cloud system. A user is required to login before using the cloud services or accessing the sensitive data stored in the cloud. 3. There are two problems for the traditional account/passwordbased system. First, the traditional account/passwordbased authentication is not privacy-preserving. However, it is well acknowledged that privacy is an essential feature that must be considered in cloud computing systems. Second, it is common to share a computer among different people. It maybe easy for hackers to install some spyware to learn the login password from the web-browser. A recently proposed access control model called attribute-based access control is a good candidate to tackle the first problem. It not only provides anonymous authentication but also further defines access control policies based on different attributes of the requester, environment, or the data object. In an attribute-based access control system1, each user has a user secret key issued by the authority. In practice, the user secret key is stored inside the personal computer. When we consider the above mentioned second problem on web-based services, it is common that computers may be shared by many users especially in some large enterprises or organizations.: PROPOSED SYSTEM:1. In this paper, we introduce a new fine-grained two-factor authentication (2FA) access control system for web-based cloud computing services. Specifically, in our proposed 2FA access control system, an attribute-based access control mechanism is implemented with the necessity of both a user secret key and a lightweight security device. 2. As a user cannot access the system if they do not hold both, the mechanism can enhance the security of the system, especially in those scenarios where many users share the same computer for web-based cloud services. In addition, attribute-based control in the system also enables the cloud server to restrict the access to those users with the same set of attributes while preserving user privacy, i.e., the cloud server only knows that the user fulfills the required predicate, but has no idea on the exact identity of the user. Finally, we also carry out a simulation to demonstrate the practicability of our proposed 2FA system.SYSTEM SPECIFICATIONHardware Requirements:• System : Pentium IV 2.4 GHz.• Hard Disk : 40 GB.• Floppy Drive : 1.44 Mb.• Monitor : 14’ Colour Monitor.• Mouse : Optical Mouse.• Ram : 512 Mb.Software Requirements:• Operating system : Windows 7 Ultimate.• Coding Language : ASP.Net with C#• Front-End : Visual Studio 2010 Professional.• Data Base : SQL Server 2008. CONCLUSION: In this paper, we have presented a new 2FA (including both user secret key and a lightweight security device) access control system for web-based cloud computing services. Based on the attribute-based access control mechanism, the proposed 2FA access control system has been identified to not only enable the cloud server to restrict the access to those users with the same set of attributes but also preserve user privacy. Detailed security analysis shows that the proposed 2FA access control system achieves the desired security requirements. Through performance evaluation, we demonstrated that the construction is “feasible”. We leave as future work to further improve the efficiency while keeping all nice features of the system.
Send Enquiry
Read More
JAVA/DOT NET PROJECTS ABSTRACT 2016-2017 PRIORITIZATION OF OVERFLOW TASKS TO IMPROVE PERFORMANCE OF MOBILE CLOUD ABSTRACT: Mobile devices may offload their applications to a virtual machine running on a cloud host. This application may fork new tasks which require virtual machines of their own on the same physical machine. Achieving satisfactory performance level in such a scenario requires flexible resource allocation mechanisms in the cloud data center. In this paper we present two such mechanisms which use prioritization:one in which forked tasks are given full priority over new lyarrived tasks, and another in which a threshold is established to control the priority so that full priority is given to the for ked tasks if their number exceeds a predefined threshold.We analyze the performance of both mechanisms using a Markovian multi server queuing system with two priority levels to model the resource allocation process, and a multi-dimensional Markov system based on a Birth-Death queuing system with finite population, to model virtual machine provisioning. Our performance results indicate that the threshold-based priority scheme not only performs better, but can also be tuned to achieve the desired performance level.SYSTEM ANALYSISEXISTING SYSTEM:o Existing work on resource allocation in mobile cloud computing, but also some relevant research results pertaining to stationary clouds. The proposed resource allocation module describes the virtual machine provisioning module and integration of the two modules.o Existing works that either reply on a linear programming formulation or on intuitively derived heuristics that offer no theoretical performance guarantees.PROPOSED SYSTEM: Proposed solutions to address the issues of computational power. Personal use is permitted, but republication/redistribution requires mobile devices by offloading computing tasks has been an approach for extending the concept of VM-based clone cloud offloading from LAN surrogates to cloud servers. Proposed a polynomial time approximation scheme (FPTAS) algorithm to solve the latency problem. The model proposed in is based on the wireless network cloud concept and a multi-objective linear optimization approach using an event-based finite state model and dynamic constraint programming method has been used to determine the appropriate transmission power, cloud offloading and optimum QoS profiles. Proposed a randomized auction mechanism based on an application of smoothed analysis and randomized reduction, for dynamic distributed cloud data centersSYSTEM SPECIFICATIONHardware Requirements: System : Pentium IV 2.4 GHz. Hard Disk : 40 GB. Floppy Drive : 1.44 Mb. Monitor : 14’ Colour Monitor. Mouse : Optical Mouse. Ram : 512 Mb.Software Requirements: Operating system : Windows 7 Ultimate. Coding Language : ASP.Net with C# Front-End : Visual Studio 2010 Professional. Data Base : SQL Server 2008.Conclusion:• We have proposed a solution for resource allocation of on demand job requests in mobile cloud computing. We have developed two priority schemes for resource allocation in a server pool based on giving different priorities to the over flow tasks including full priority of overflow tasks and the threshold-based priority of overflow tasks.Unlike most of existing works that either rely on a linear programming formulation or on intuitively derived heuristics that offer no theoretical performance guarantees
Send Enquiry
Read More
JAVA PROJECTS ABSTRACT 2016-2017 A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM ABSTRACT:Abstract :Authentication based on passwords is used largely in applications for computer security and privacy. However, human actions such as choosing bad passwords and inputting passwords in an insecure way are regarded as ”the weakest link” in the authentication chain. Rather than arbitrary alphanumeric strings, users tend to choose passwords either short or meaningful for easy memorization. With web applications and mobile apps piling up, people can access these applications anytime and anywhere with various devices. This evolution brings great convenience but also increases the probability of exposing passwords to shoulder surfing attacks. Attackers can observe directly or use external recording devices to collect users’ credentials. To overcome this problem, we proposed a novel authentication system PassMatrix, based on graphical passwords to resist shoulder surfing attacks. With a one-time valid login indicator and circulative horizontal and vertical bars covering the entire scope of pass-images, PassMatrix offers no hint for attackers to figure out or narrow down the password even they conduct multiple camera-based attacks. We also implemented a PassMatrix prototype on Android and carried out real user experiments to evaluate its memorability and usability. From the experimental result, the proposed system achieves better resistance to shoulder surfing attacks while maintaining usability. Existing Systems: In order to be more secure than the existing Android pattern password with entropy 18:57 bits against brute force attacks, users have to set two pass-images and use the graphical method to obtain the one-time login indicators. Like most of other graphical password authentication systems, PassMatrix is vulnerable to random guess attacks based on hot-spot analyzing. TEXTUAL passwords have been the most widely used authentication method for decades. Comprised of numbers and upper- and lower-case letters, textual passwords are considered strong enough to resist against brute force attacks. According to an article in Computer world, a security team at a large company ran a network password cracker and surprisingly cracked approximately 80% of the employees’ passwords within 30 seconds [3]. Textual passwords are often insecure due to the difficulty of maintaining strong ones.Proposed Systems: This evolution brings great convenience but also increases the probability of exposing passwords to shoulder surfing attacks. Attackers can observe directly or use external recording devices to collect users’ credentials. To overcome this problem, we proposed a novel authentication system PassMatrix, based on graphical passwords to resist shoulder surfing attacks. With a one-time valid login indicator and circulative horizontal and vertical bars covering the entire scope of pass-images, PassMatrix offers no hint for attackers to figure out or narrow down the password even they conduct multiple camera-based attacks. a lot of research on password authentication has been done in the literature. Among all of these proposed schemes, this paper focuses mainly on the graphical-based authentication systems. To keep this paper concise, we will give a brief review of the most related schemes that were mentioned in the previous section. The accuracy perspective focuses on the successful login rates in both sessions, including the practice logins. The usability perspective is measured by the amount of time users spent in each PassMatrix phase.Advantage:Two techniques are proposed to generate session passwords using text and colors which are resistant to shoulder surfing. The habitual movements and the preference of users that the attacker may take advantage of to figure out the potential passwords. 1) Any communication between the client device and the server is protected by SSL so that packets or information will not be eavesdropped or intercepted by attackers during transmission. 2) The server and the client devices in our authentication system are trustworthy. 3) The keyboard and the entire screen of mobile devices are difficult to protect, but a small area (around 1:5 cm2) is easy to be protected from malicious people who might shoulder surf passwords. 4) Users are able to register an account in a place that is safe from observers with bad intention or surveillance cameras that are not under proper management.SOFTWARE REQUIREMENTS: Operating System : Windows Technology : Java and J2EE Web Technologies : Html, JavaScript, CSS IDE : My Eclipse Web Server : Tomcat Network : LAN Database : My SQL Java Version : J2SDK1.5 HARDWARE REQUIREMENTS: Hardware : Pentium Speed : 1.1 GHz RAM : 1GB Hard Disk : 20 GB Floppy Drive : 1.44 MB Key Board : Standard Windows Keyboard Mouse : Two or Three Button Mouse Monitor : SVGAConclusion:With the increasing trend of web services and apps, users are able to access these applications anytime and anywhere with various devices. In order to protect users’ digital property, authentication is required every time they try to access their personal account and data. However, conducting theauthentication process in public might result in potential shoulder surfing attacks. Even a complicated password can be cracked easily through shoulder surfing. Using traditional textual passwords or PIN method, users need totype their passwords to authenticate themselves and thus these passwords can be revealed easily if someone peeks over shoulder or uses video recording devices such as cell phones.
Send Enquiry
Read More
JAVA /DOT NET PROJECTS ABSTRACT 2016-2017 IDENTITY-BASED ENCRYPTION WITH CLOUD REVOCATION AUTHORITY AND ITS APPLICATIONS. ABSTRACT: Identity-based encryption (IBE) is a public key cryptosystem and eliminates the demands of public key infrastructure (PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, Li et al. proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP). However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings, namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.Existing System: Privacy is very important especially for users who are sensitive to information leakage. In our design of Friendbook, we also considered the privacy issue and the existing system can provide two levels of privacy protection. First, Friendbook protects users’ privacy at the data level. Instead of uploading raw data to the servers, Friendbook processes raw data and classifies them into activities in real-time. The recognized activities are labeled by integers. In this way, even if the documents containing the integers are compromised, they cannot tell the physical meaning of the documents. Second, Friendbook protects users’ privacy at the life pattern level. Instead of telling the similar life styles of users, Friendbook only shows the recommendation scores of the recommended friends with the users. With the recommendation score, it is almost impossible to infer the life styles of recommended friends..PROPOSED SYSTEM: With the metric in , our recommendation mechanism for finding the most appropriate friends to a query user is described as follows. For a query user i, the server calculates the recommendation scores for all the users in the system and sorts them in the descending order according to their recommendation scores. The top p users will be returned to the query user i. The parameter p is an integer and can be defined by the querying user. The complexity of our recommendation mechanism is O(n) since it checks all users in the system, where n is the overall number of users in the system. As the number of users increases the overhead of query and recommendation increases linearly. In reality, users may have totally different life styles and it is not necessary to calculate their recommendation scores at all. Therefore, in order to speed up the query and recommendation process, we adopt the reverse index table using pair in the database.shows the difference. Illustration of the reverse index table. reverse index table, before calculating recommendation score for each user, the server first picks up all the users having overlapping life styles with the query user and sets the similarities of rest users to the query user to 0. The server then checks all the users to calculate their recommendation scores. Although the complexity is still O(n), we can observe that the reverse index table reduces the computation overhead, the advantage of which is considerable when the system is in large-scale.SYSTEM SPECIFICATIONHardware Requirements:• System : Pentium IV 2.4 GHz.• Hard Disk : 40 GB.• Floppy Drive : 1.44 Mb.• Monitor : 14’ Colour Monitor.• Mouse : Optical Mouse.• Ram : 512 Mb.Software Requirements:• Operating system : Windows 7 Ultimate.• Coding Language : ASP.Net with C#• Front-End : Visual Studio 2012 Professional.• Data Base : SQL Server 2008.Conclusion: In this article, we proposed a new revocable IBE scheme with a cloud revocation authority (CRA), in which the revocation procedure is performed by the CRA to alleviate the load of the PKG. This outsourcing computation technique with other authorities has been employed in Li et al.’s revocable IBE scheme with KU-CSP. However, their scheme requires higher computational and communicational costs than previously proposed IBE schemes. For the time key update procedure, the KU-CSP in Li et al.’s scheme must keep a secret value for each user so that it is lack of scalability. In our revocable IBE scheme with CRA, the CRA holds only a master time key to perform the time key update procedures for all the users without affecting security. As compared with Li et al.’s scheme, the performances of computation and communication are significantly improved. By experimental results and performance analysis, our scheme is well suited for mobile devices. For security analysis, we have demonstrated that our scheme is semantically secure against adaptive-ID attacks under the decisional bilinear Diffie-Hellman assumption. Finally, based on the proposed revocable IBE scheme with CRA, we constructed a CRA aided authentication scheme with period-limited privileges for managing a large number of various cloud services.
Send Enquiry
Read More
JAVA /DOT NET PROJECT ABSTRACT 2016-2017 MITIGATING CROSS-SITE SCRIPTING ATTACKS WITH A CONTENT SECURITY POLICY ABSTRACT: A content security policy (CSP) can help Web application developers and server administrators better control website content and avoid vulnerabilities to cross site scripting (XSS). In experiments with a prototype website, the authors’ CSP implementation successfully mitigated all XSS attack types in four popular browsers. Among the many attacks on Web applications, cross site scripting (XSS) is one of the most common. An XSS attack involves injecting malicious script into a trusted website that executes on a visitor’s browser without the visitor’s knowledge and thereby enables the attacker to access sensitive user data, such as session tokens and cookies stored on the browser.1 With this data, attackers can execute several malicious acts, including identity theft, key logging, phishing, user impersonation, and webcam activation. Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP is designed to be fully backward compatible; browsers that don't support it still work with servers that implement it, and vice-versa. Browsers that don't support CSP simply ignore it, functioning as usual, defaulting to the standard same-origin policy for web content. If the site doesn't offer the CSP header, browsers likewise use the standard same-origin policy.Enabling CSP is as easy as configuring your web server to return the Content-Security-Policy HTTP header. (Prior to Firefox 23, the X-Content-Security-Policy header was used). See Using Content Security Policy for details on how to configure and enable CSP.INTRODUCTION A primary goal of CSP is to mitigate and report XSS attacks. XSS attacks exploit the browser's trust of the content received from the server. Malicious scripts are executed by the victim's browser because the browser trusts the source of the content, even when it's not coming from where it seems to be coming from. CSP makes it possible for server administrators to reduce or eliminate the vectors by which XSS can occur by specifying the domains that the browser should consider to be valid sources of executable scripts. A CSP compatible browser will then only execute scripts loaded in source files received from those whitelisted domains, ignoring all other script (including inline scripts and event-handling HTML attributes).PROPOSED SYSTEM: A client-side tool that acts as a Web proxy, disallows requests that do not belong to the website and thus thwarts stored XSS attacks. Browser-enforced embedded policies (BEEPs) let the Web application developer embed a policy in the website by specifying which scripts are allowed to run.With a BEEP, the developer can put genuine source scripts in a white list and disable source scripts in certain website regions. Document Structure Integrity (DSI) is a client-server architecture that restricts the interpretation of untrusted content. DSI uses parser-level isolation to isolate inline untrusted data and separates dynamic content from static content. However, this approach requires both servers and clients to cooperatively upgrade to enable protection.System ConfigurationH/W System Configuration:Processor - Pentium –IIISpeed - 1.1 GhzRAM - 256 MB(min)Hard Disk - 20 GBFloppy Drive - 1.44 MBKey Board - Standard Windows KeyboardMouse - Two or Three Button MouseMonitor - SVGAS/W System Configuration: Operating System :Windows95/98/2000/XP  Application Server : Tomcat5.0/6.X  Front End : HTML, Java, Jsp Scripts : JavaScript. Server side Script : Java Server Pages. Database : Mysql Database Connectivity : JDBC.CONCLUSION: Although our CSP has many benefits, it is not intended as a primary defense mechanism against XSS attacks. Rather, it would best serve as a defensein- depth mitigation mechanism. A primary defense involves tailored security schemes that validate user inputs and encode user outputs.Cross site scripting has been a major threat for web applications and its users from past few years. Lot of work has been done to handle XSS attacks which include: • Client side approaches• Server side approaches• Testing based approaches• Static and dynamic analysis based approaches
Send Enquiry
Read More
CLOUD COMPUTING PROJECT ABSTRACT 2016-2017 SDN-BASED APPLICATION FRAMEWORK FOR WIRELESS SENSOR AND ACTOR NETWORKS ABSTRACT:As a promising platform for implementing various applications, a wireless sensor and actor network (WSAN) consists of many sensor and actor nodes that can cooperatively handle complex tasks. However, many issues, including nodes’ mobility, the heterogeneity of capacity, topology, and energy consumption, may bring severe challenges to efficient WSAN operation. Currently, the Software Defined Network (SDN) appears as a novel approach that is effective to manage and optimize networks in a programmable and centralized pattern. This paper studies the application framework and relevant methods for applying the SDN approach in a WSAN, with the objective of improving network’s efficiency and scalability. The details of the framework include a three-layer structure, the relevant system entities, the enhanced protocol stack, and the programmable message types for cooperative communication and task execution among WSAN nodes. Based on this framework, this paper explores the relevant challenges and mechanisms for effective system management from many aspects, including mobility, energy saving, reliability maintenance and topology construction. This paper also proposes an optimization method for scheduling decomposed tasks to relevant nodes, with an example implemented by the Genetic Algorithm. Next, this paper demonstrates the typical application scenarios, including military, industry, transportation, and environmental disaster monitoring. Moreover, an indoor application scenario and an outdoor application scenario are presented to demonstrate the application of the SDN-assisted communication handoff. Last, the future trends and technical challenges for SDN in WSAN are discussed.
Send Enquiry
Read More
JAVA /DOT NET PROJECTS ABSTRACT 2016-2017 FRIEND BOOK: A SEMANTIC-BASED FRIEND RECOMMENDATION SYSTEM FOR SOCIAL NETWORKSABSTRACT:ABSTRACT: Cloud storage allows users to store their data in a remote server to get rid of expensive local storage and management costs and then access data of interest anytime anywhere. A number of solutions have been proposed to tackle the verification of remote data integrity and retrievability in cloud storage systems. Most of existing schemes, however, do not support efficient data dynamics and/or suffer from security vulnerabilities when involving dynamic data operations. In this paper, we propose a dynamic proof of retrievability scheme supporting public auditability and communication-efficient recovery from data corruptions. To this end, we split up the data into data blocks and encode each data block individually using outer code and inner code before outsourcing so that i) an update inside any data block only affects a few codeword symbols and ii) communication-efficient data repair for a breakdown server can be achieved and communication overhead for small data corruptions within a server can be eliminated. Based on the encoded data blocks, we utilize rb23Tree to enforce the data sequence for dynamic operations, preventing the cloud service provider from manipulating data block to pass the integrity check in the dynamic scenario. We also analyze the effectiveness of the proposed construction in defending against pollution attacks during data recovery. Formal security analysis and extensive experimental evaluations are conducted, showing that the proposed scheme is practical for use in cloud storage systems.EXISTING SYSTEM: We compare our scheme with some other existing well-known PoR schemes in the whole most of existing schemes do not support both data dynamics and public auditability for encoded data. And those schemes supporting data dynamics usually only consider the data recovery in single cloud server and the multiple cloud servers or single cloud server failure scenarios are out of consideration. Our proposal takes both the multiple cloud servers and single cloud server failure into consideration and supports the encoded data dynamic operations with logarithmic. Our scheme also balances the communication cost and storage overhead according to the RTF. We can save 25% communication cost comparing with the schemes using erasure codes as outer code and 50% storage overhead comparing with the scheme adopting replication as data redundancy. Therefore, our scheme achieves more efficient data update and data recovery than most of the existing solutions.PROPOSED SYSTEM: We proposed a new dynamic proof of retrievability scheme for coded cloud storage systems. Network coding and erasure codes are adopted to encode data blocks to achieve within-server and cross-server data redundancy, tolerating data corruptions and supporting communication-efficient data recovery. By using rb23Tree and an improved version of ASBB scheme, our construction can support efficient data dynamics while defending against data replay attack and pollution attack. Security analysis and experimental evaluations demonstrated the practicality of our construction in coded cloud storage systems and secret keys are associated with access policies (over attributes). Later on, many classic ABE systems and their variants that have been proposed in the literature.SYSTEM SPECIFICATIONHardware Requirements:• System : Pentium IV 2.4 GHz.• Hard Disk : 40 GB.• Floppy Drive : 1.44 Mb.• Monitor : 14’ Colour Monitor.• Mouse : Optical Mouse.• Ram : 512 Mb.Software Requirements:• Operating system : Windows 7 Ultimate.• Coding Language : ASP.Net with C#• Front-End : Visual Studio 2010 Professional.• Data Base : SQL Server 2008.Conclusion: In this paper, we presented the design and implementation of Friend book, a semantic-based friend recommendation system for social networks. Different from the friend recommendation mechanisms relying on social graphs in existing social networking services, Friend book extracted life styles from user-centric data collected from sensors on the Smartphone and recommended potential friends to users if they share similar life styles. We implemented Friend book on the Android-based smart phones, and evaluated its performance on both small-scale experiments and large-scale simulations. The results showed that the recommendations accurately reflect the preferences of users in choosing friends. Beyond the current prototype, the future work can be four-fold. First, we would like to evaluate our system on large-scale field experiments. Second, we intend to implement the life style extraction using LDA and the iterative matrix-vector multiplication method in user impact ranking incrementally, so that Friend book would be scalable to large-scale systems. Third, the similarity threshold used for the friend-matching graph is fixed in our current prototype of Friend book. It would be interesting to explore the adaption of the threshold for each edge and see whether it can better represent the similarity relationship on the friend-matching graph. At last, we plan to incorporate more sensors on the mobile phones into the system and also utilize the information from wearable equipments to discover more interesting and meaningful life styles. Friend book can utilize more information for life discovery, which should improve the recommendation experience in the future.
Send Enquiry
Read More
JAVA/DOT NET PROJECTS ABSTRACT 2016-2017 PROVIDING USER SECURITY GUARANTEES IN PUBLIC INFRASTRUCTURE CLOUDS ABSTRACT: The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants – insulated from the minutiae of hardware maintenance – rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.SYSTEM ANALYSISEXISTING SYSTEM The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.PROPOSED SYSTEM: Presented an IaaS storage protection scheme addressing access control. The authors analyse access rights management of shared versioned encrypted data on cloud infrastructure for a restricted group and propose a scalable and flexible key management scheme. Access rights are represented as a graph, making a distinction between data encryption keys and encrypted updates on the keys and enabling flexible join/leave client operations, similar to properties presented by the protocols in this paper. Despite its advantages, the requirement for client-side encryption limits the applicability of the scheme in and introduces important functional limitations on indexing and search. In our model, all cryptographic operations are performed on trusted IaaS compute hosts, which are able to allocate more computational resources than client devices.Abundant works have been proposed under different threat models to achieve various search functionality, SYSTEM SPECIFICATIONHardware Requirements:• System : Pentium IV 2.4 GHz.• Hard Disk : 40 GB.• Floppy Drive : 1.44 Mb.• Monitor : 14’ Colour Monitor.• Mouse : Optical Mouse.• Ram : 512 Mb.Software Requirements:• Operating system : Windows 7 Ultimate.• Coding Language : ASP.Net with C#• Front-End : Visual Studio 2012 Professional.• Data Base : SQL Server 2008.CONCLUSION: From a tenant point of view, the cloud security model does not yet hold against threat models developed for the traditional model where the hosts are operated and used by the same organization. However, there is a steady progress towards strengthening the IaaS security model. In this work we presented a framework for trusted infrastructure cloud deployment, with two focus points: VM deployment on trusted compute hosts and domain-based protection of stored data. We described in detail the design, implementation and security evaluation of protocols for trusted VM launch and domain-based storage protection. The solutions are based on requirements elicited by a public healthcare authority, have been implemented in a popular open-source IaaS platform and tested on a prototype deployment of a distributed EHR system. In the security analysis, we introduced a series of attacks and proved that the protocols hold in the specified threat model. To obtain further confidence in the semantic security properties of the protocols, we have modelled and verified them with ProVerif. Finally, our performance tests have shown that the protocols introduce a insignificant performance overhead. This work has covered only a fraction of the IaaS attack landscape. Important topics for future work are strengthening the trust model in cloud network communications, data geolocation, and applying searchable encryption schemes to create secure cloud storage mechanisms.
Send Enquiry
Read More
Page 2 1