Table of Contents

ABSTRACT................................................................................................................................................2
CHAPTER 1 – INTRODUCTION..............................................................................................................3
1.1 Objectives....................................................................................................................................4
1.2 System Specifications..................................................................................................................4
CHAPTER 2 – LITERATURE REVIEW...................................................................................................5
2.1Existing Solution:...............................................................................................................................6
2.2 Proposed Solution:.............................................................................................................................6
CHAPTER 3 OVERALL DESCRIPTION OF THE PROPOSED SYSTEM..............................................6
3.1 Module Description...........................................................................................................................6
CHAPTER 4 – DESIGN.............................................................................................................................8
4.1UML Diagrams:..................................................................................................................................8
4.1.1Usecase Diagrams:......................................................................................................................9
4.1.2 Sequence Diagram:..................................................................................................................10
4.1.3 Collaboration Diagram:............................................................................................................12
CHAPTER 5 - OUTPUT SCREENSHOTS..............................................................................................13
CHAPTER 6 – IMPLEMENTATION DETAILS.....................................................................................14
6.1 PHP..............................................................................................................................................14
6.2 MySQL........................................................................................................................................15
6.3 ANGULAR JAVA SCRIPT........................................................................................................15
CHAPTER 7- SYSTEM STUDY..............................................................................................................17
CHAPTER 8-TECHNICAL FEASIBILITY.............................................................................................18
CHAPTER 9-SYSTEM TESTING...........................................................................................................21
CHAPTER 10– CONCLUSIONS.............................................................................................................26
CHAPTER 11- REFERENCES.................................................................................................................27
 ABSTRACT

The pervasiveness of smart phones, location based services (LBS) have

received considerable attention and become more popular and vital recently.
However, the use of LBS also poses a potential threat to user’s location privacy. In
this paper, aiming at spatial range query, a popular LBS providing information
about POIs (Points of Interest) within a given distance, we present an efficient and
privacy-preserving location based query solution, called EPLQ. Specifically, to
achieve privacy preserving spatial range query, we propose the first predicateonly
encryption scheme for inner product range, which can be used to detect whether a
position is within a given circular area in a privacy-preserving way. To reduce
query latency, wefurther design a privacy-preserving tree index structure in EPLQ.
Detailed security analysis confirms the security properties of EPLQ. In addition,
extensive experiments are conducted, and the results demonstrate that EPLQ is
very efficient in privacy preserving spatial range query over outsourced encrypted
data. In particular, for a mobile LBS user using an Android phone, around 0.9
second is needed to generate a query; and it also only requires a commodity
workstation, which plays the role of the cloud in our experiments, a few seconds to
search POIs.
CHAPTER 1 – INTRODUCTION

A few decades ago, location-based services (LBS) wereused in military

only. Today, thanks to advances in information and communication technologies,
more kinds of LBS have appeared, and they are very useful for not only
organizations but also individuals. Let’s take the spatial range query, one kind of
LBS that we will focus on in this paper, as an example. Spatial range query is a
widely used LBS, which allows a user to find POIs (Point Of Interests) within a
given distance to his/her location, i.e., the query point. As illustrated in Fig. 1, with
this kind of LBS, a user could obtain the records of all restaurants within walking
distance (say 500 meters). Then the user can go through these records to find a
desirable restaurant considering price and reviews.
While location-based services are popular and vital, mostof these services
today including spatial range query require users to submit their locations, which
raises serious concerns about the leaking and misusing of user location data. For
Example, criminals may utilize the data to track potential victims and predict their
locations. For another example, some sensitive location data of organization users
may involve trade secret or national security. Protecting the privacy of userlocation
in LBS has attracted considerable interest. However,
1.1 Objectives

Challenge on querying encrypted LBS data. The LBS provider is not

willing to disclose its valuable LBS data to the cloud. As illustrated in the LBS
provider encrypts and outsources private LBS data to the cloud, and LBS users
query the encrypted data in the cloud. As a result, querying encrypted LBS data
without privacy breach is a big challenge, and we need to protect not only the
user locations from the LBS provider and cloud, but also LBS data from the
cloud.

Challenge on security. LBS data are about POIs in real world. It is

reasonable to assume that the attacker may have some knowledge about original
LBS data. With such knowledge, known-sample attacks are possible (elaborated
later in Section II).

1.2 System Specifications

Hardware Requirements:-

 Windows Desktop

Software Requirements: -

Operating System : Windows OS

Tool : Java Eclipse

CHAPTER 2 – LITERATURE REVIEW

There are already some solutions for privacypreservingspatial range query [1]–[6].
However, as elaborated in Section VIII later, existing solutions cannot address all
above challenges. Aiming at these, in this paper, we propose an efficient solution
for privacy-preserving spatial range query named EPLQ, which allows queries
over encrypted LBS data without disclosing user locations to the cloud or LBS
provider. To protect the privacy of user location in EPLQ, we design a novel
predicate-only encryption scheme for inner product range (IPRE scheme for short),
which, to the best of our knowledge, is the first predicate/predicate-only scheme of
this kind. To improve the performance, we also design a privacy preserving index
structure named ˆ ss-tree. Specifically, the main contributions of this paper are
three folds:
First, we propose a novel predicate-only encryptionscheme for inner product
range named IPRE, which allows testing whether the inner product of two vectors
is within a given range without disclosing the vectors. In
predicate encryption, the key corresponding to a predicate, f, can decrypt a
ciphertext if and only if the attribute of the ciphertext, x, satisfies the predicate, i.e.
f(x) = 1. Predicate-only encryption is a special type of predicate encryption not
designed for encrypting/decrypting messages. Instead, it reveals that whether f(x) =
1 or not.
Predicate-only encryption schemes supporting different types of predicates [7], [8]
have been proposed for privacy-preserving query on outsourced data. To the best
our knowledge, there does not exist predicate/predicate only scheme supporting
inner product range. Though our scheme is used for privacy-preserving spatial
range queryin this paper, it may be applied in other applications as well.

2.1Existing Solution:
Exist system has no location based query.
There is no security level and chance to hacksomeone data.

2.2 Proposed Solution:

The use of LBSalso poses a potential threat to user’s location privacy. In this
paper, aiming at spatial range query, a popular LBS providing information about
POIs (Points Of Interest) within a given distance, we present an efficient and
privacy-preserving location based query solution, called EPLQ. Specifically, to
achieve privacypreserving spatial range query, we propose the first predicateonly
encryption scheme for inner product range, which can be used to detect whether a
position is within a given circular area in a privacy-preserving way. To reduce
query latency, we further design a privacy-preserving tree index structure in EPLQ.

CHAPTER 3 OVERALL DESCRIPTION OF THE PROPOSED SYSTEM

3.1 Module Description

Challenge on the resource consumption in mobile devices.Many LBS users

are mobile users, and their terminals are smart phones with very limited resources.
However, the cryptographic or privacy-enhancing techniques used to realize
privacy-preserving query usually result in high computational cost and/or storage
cost at user side.
• 3.2 System Features

In the life of the software development, problem analysis provides a base for
design and development phase. The problem is analyzed so that sufficient
 matter is provided to design a new system. Large problems are sub-divided
into smaller once to make them understandable and easy for finding solutions.
Same in this project all the task are sub-divided and categorized.

System Modules:

 ADMIN
 Register
 Login
 Upload Data

 USER
 Register
 Login
 Search Data(Decrypt data)
3.3 MODULES:

 ADMIN:
 Register and login:
Admin register their own details and enter this system.
 Upload Data:
Admin can upload their data to this system. These data are
stored todatabase through Encrypted.
 USER:
 Register and login:
User registers their details and enters this system with location
details.
 Search Data:
User enter this system and search their data like Restaurant,
Bank, Police Station and etc.,
CHAPTER 4 – DESIGN

Design is the first step in the development phase for any techniques and principles
for the purpose of defining a device, a process or system in sufficient detail to
permit its physical realization.

Once the software requirements have been analyzed and specified the software
design involves three technical activities - design, coding, implementation and
testing that are required to build and verify the software.

The design activities are of main importance in this phase, because in this activity,
decisions ultimately affecting the success of the software implementation and its
ease of maintenance are made. These decisions have the final bearing upon
reliability and maintainability of the system. Design is the only way to accurately
translate the customer’s requirements into finished software or a system.

Design is the place where quality is fostered in development. Software design is a

process through which requirements are translated into a representation of
software. Software design is conducted in two steps. Preliminary design is
concerned with the transformation of requirements into data.

4.1UML Diagrams:

UML stands for Unified Modeling Language. UML is a language for specifying,
visualizing and documenting the system. This is the step while developing any
product after analysis. The goal from this is to produce a model of the entities
involved in the project which later need to be built. The representation of the
entities that are to be used in the product being developed need to be designed.

There are various kinds of methods in software design:

  Use case Diagram
 Sequence Diagram
 Collaboration Diagram
4.1.1Usecase Diagrams:
Use case diagrams model behavior within a system and helps the developers
understand of what the user require. The stick man represents what’s called an
actor.Use case diagram can be useful for getting an overall view of the system and
clarifying who can do and more importantly what they can’t do.

Register

Login

Admin

Upload Data

register Location

<<extend>>

login

User

search data
Use case diagram consists of use cases and actors and shows the interaction
between the use case and actors.
 The purpose is to show the interactions between the use case and
actor.
 To represent the system requirements from user’s perspective.
 An actor could be the end-user of the system or an external system.
4.1.2 Sequence Diagram:

Sequence diagram and collaboration diagram are called INTERACTION

DIAGRAMS. An interaction diagram shows an interaction, consisting of set of
objects and their relationship including the messages that may be dispatched
among them.

A sequence diagram is an introduction that empathizes the time ordering of

messages. Graphically a sequence diagram is a table that shows objects arranged
along the X-axis and messages ordered in increasing time along the Y-axis.
User Admin Database

1 : Register and login()

2 : Register and login()

3 : Upload data()

4 : Encrypt data()

5 : Search data()

6 : Decrypt data()
4.1.3 Collaboration Diagram:

A collaboration diagram is a type of visual presentation that shows how various

software objects interact with each other within an overall IT architecture and how
users can benefit from this collaboration. A collaboration diagram often comes
in the form of a visual chart that resembles a flow chart.
CHAPTER 5 - OUTPUT SCREENSHOTS
CHAPTER 6 – IMPLEMENTATION DETAILS

6.1 PHP
PHP is a server-side scripting language designed primarily for web
development but also used as a general-purpose programming language. Originally
created by RasmusLerdorf in 1994,[5] the PHP reference implementation is now
produced by The PHP Development Team.[6] PHP originally stood for Personal
Home Page,[5] but it now stands for the recursive acronym PHP: Hypertext
Preprocessor.[7]

PHP code may be embedded into HTML code, or it can be used in combination

with various web template systems, web content management systems and web
frameworks. PHP code is usually processed by a PHP interpreter implemented as
a module in the web server or as a Common Gateway Interface (CGI) executable.
The web server combines the results of the interpreted and executed PHP code,
which may be any type of data, including images, with the generated web page.
PHP code may also be executed with a command-line interface (CLI) and can be
used to implement standalone graphical applications.[8]

The standard PHP interpreter, powered by the Zend Engine, is free

software released under the PHP License. PHP has been widely ported and can be
deployed on most web servers on almost every operating system and platform, free
of charge.[9]

The PHP language evolved without a written formal specification or standard until

2014, leaving the canonical PHP interpreter as a de facto standard. Since 2014
work has gone on to create a formal PHP specification.[10]
6.2 MySQL
MySQL is an open-source relational database management
system (RDBMS).[7] Its name is a combination of "My", the name of co-
founder Michael Widenius' daughter,[8] and "SQL", the abbreviation for Structured
Query Language. The MySQL development project has made its source
code available under the terms of the GNU General Public License, as well as
under a variety of proprietary agreements. MySQL was owned and sponsored by a
single for-profit firm, the Swedish company MySQL AB, now owned by Oracle
Corporation.[9] For proprietary use, several paid editions are available, and offer
additional functionality.

MySQL is a central component of the LAMP open-source web application

software stack (and other "AMP" stacks). LAMP is an acronym for
"Linux, Apache, MySQL, Perl/PHP/Python". Applications that use the MySQL
database include: TYPO3, MODx, Joomla, WordPress, phpBB, MyBB,
and Drupal. MySQL is also used in many high-profile, large-scale website.

6.3 ANGULAR JAVA SCRIPT

AngularJS (commonly referred to as "Angular" or "Angular.js") is an open-

source web application framework mainly maintained by Google and by a
community of individuals and corporations to address many of the challenges
encountered in developing single-page applications. It aims to simplify both the
development and the testing of such applications by providing a framework for
client-side model–view–controller (MVC) and model–view–viewmodel(MVVM)
architectures, along with components commonly used in rich Internet applications.

The AngularJS framework works by first reading the HTML page, which has

embedded into it additional custom tag attributes. Angular interprets those
attributes as directives to bind input or output parts of the page to a model that is
represented by standard JavaScript variables. The values of those JavaScript
variables can be manually set within the code, or retrieved from static or
dynamic JSON resources.

According to JavaScript analytics service Libscore, AngularJS is used on the

websites of Wolfram Alpha, NBC,Walgreens, Intel, Sprint, ABC News, and
approximately 8,400 other sites out of 1 million tested in July 2015.

AngularJS is the frontend part of the MEAN stack, consisting

of MongoDB database, Express.js web application server framework, Angular.js
itself, and Node.js runtime environment.
CHAPTER 7- SYSTEM STUDY

7.1 FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and business proposal is
put forth with a very general plan for the project and some cost estimates.
During system analysis the feasibility study of the proposed system is to be
carried out. This is to ensure that the proposed system is not a burden to the
company. For feasibility analysis, some understanding of the major
requirements for the system is essential.

Three key considerations involved in the feasibility analysis are

 ECONOMICAL FEASIBILITY
 TECHNICAL FEASIBILITY
 SOCIAL FEASIBILITY

ECONOMICAL FEASIBILITY

This study is carried out to check the economic impact that the system will
have on the organization. The amount of fund that the company can pour into the
research and development of the system is limited. The expenditures must be
justified. Thus the developed system as well within the budget and this was
achieved because most of the technologies used are freely available. Only the
customized products had to be purchased.
CHAPTER 8-TECHNICAL FEASIBILITY

This study is carried out to check the technical feasibility, that is, the
technical requirements of the system. Any system developed must not have a high
demand on the available technical resources. This will lead to high demands on the
available technical resources. This will lead to high demands being placed on the
client. The developed system must have a modest requirement, as only minimal or
null changes are required for implementing this system.

SOCIAL FEASIBILITY

The aspect of study is to check the level of acceptance of the system by the user.
This includes the process of training the user to use the system efficiently. The user
must not feel threatened by the system, instead must accept it as a necessity. The
level of acceptance by the users solely depends on the methods that are employed
to educate the user about the system and to make him familiar with it. His level of
confidence must be raised so that he is also able to make some constructive
criticism, which is welcomed, as he is the final user of the system.
8.1Non Functional Requirements

Non-functional requirements are the quality requirements that stipulate how

well software does what it has to do. These are Quality attributes of any system;
these can be seen at the execution of the system and they can also be the part of the
system architecture.

8.2 Accuracy:

The system will be accurate and reliable based on the design architecture. If there
is any problem in the accuracy then the system will provide alternative ways to
solve the problem.

8.3 Usability:

The proposed system will be simple and easy to use by the users. The users will
comfort in order to communicate with the system. The user will be provided with
an easy interface of the system.

8.4 Accessibility:
The system will be accessible through internet and there should be no any known
problem.

8.5Performance:
The system performance will be at its best when performing the functionality of
the system.
8.6Reliability:
The proposed system will be reliable in all circumstances and if there is any
problem that will be affectively handle in the design.

8.7Security:
The proposed system will be highly secured; every user will be required
registration and username/password to use the system. The system will do the
proper authorization and authentication of the users based on their types and their
requirements. The proposed system will be designed persistently to avoid any
misuse of the application.
CHAPTER 9-SYSTEM TESTING

The purpose of testing is to discover errors. Testing is the process of trying

to discover every conceivable fault or weakness in a work product. It provides a
way to check the functionality of components, sub-assemblies, assemblies and/or a
finished product It is the process of exercising software with the intent of ensuring
that the

Software system meets its requirements and user expectations and does not fail in
an unacceptable manner. There are various types of test. Each test type addresses a
specific testing requirement.

TYPES OF TESTS

Unit testing
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program inputs produce valid
outputs. All decision branches and internal code flow should be validated. It is the
testing of individual software units of the application .it is done after the
completion of an individual unit before integration. This is a structural testing, that
relies on knowledge of its construction and is invasive. Unit tests perform basic
tests at component level and test a specific business process, application, and/or
system configuration. Unit tests ensure that each unique path of a business process
performs accurately to the documented specifications and contains clearly defined
inputs and expected results.

Integration testing
Integration tests are designed to test integrated software components to
determine if they actually run as one program. Testing is event driven and is more
concerned with the basic outcome of screens or fields. Integration tests
demonstrate that although the components were individually satisfaction, as shown
by successfully unit testing, the combination of components is correct and
consistent. Integration testing is specifically aimed at exposing the problems that
arise from the combination of components.

Functional test
Functional tests provide systematic demonstrations that functions tested are
available as specified by the business and technical requirements, system
documentation, and user manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

 Organization and preparation of functional tests is focused on requirements, key
functions, or special test cases. In addition, systematic coverage pertaining to
identify Business process flows; data fields, predefined processes, and successive
processes must be considered for testing. Before functional testing is complete,
additional tests are identified and the effective value of current tests is determined.

System Test
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test.
System testing is based on process descriptions and flows, emphasizing pre-driven
process links and integration points.

White Box Testing

White Box Testing is a testing in which in which the software tester has
knowledge of the inner workings, structure and language of the software, or at least
its purpose. It is purpose. It is used to test areas that cannot be reached from a black
box level.

Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner
workings, structure or language of the module being tested. Black box tests, as
most other kinds of tests, must be written from a definitive source document, such
as specification or requirements document, such as specification or requirements
document. It is a testing in which the software under test is treated, as a black
box .you cannot “see” into it. The test provides inputs and responds to outputs
without considering how the software works.

9.1 Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test
phase of the software lifecycle, although it is not uncommon for coding and unit
testing to be conducted as two distinct phases.

Test strategy and approach

Field testing will be performed manually and functional tests will be written
in detail.

Test objectives
 All field entries must work properly.
 Pages must be activated from the identified link.
 The entry screen, messages and responses must not be delayed.

Features to be tested
 Verify that the entries are of the correct format
 No duplicate entries should be allowed
 All links should take the user to the correct page
9.2 Integration Testing

Software integration testing is the incremental integration testing of two or

more integrated software components on a single platform to produce failures
caused by interface defects.

The task of the integration test is to check that components or software

applications, e.g. components in a software system or – one step up – software
applications at the company level – interact without error.

Test Results: All the test cases mentioned above passed successfully. No defects
encountered.

9.3 Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires
significant participation by the end user. It also ensures that the system meets the
functional requirements.

Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
CHAPTER 10– CONCLUSIONS

We have proposed “EPLQ: Efficient Privacy-Preserving Location-basedQuery

over Outsourced Encrypted Data”, an efficient privacy preservingspatial range
query solution for smart phones, which preserves the privacy of user location, and
achieves confidentiality of LBS data. To realize EPLQ, we have designed a novel
predicate-only encryption scheme for inner product range named IPRE and a novel
privacy-preserving index tree named ˆ ss-tree. EPLQ’s efficacy has been evaluated
with theoretical analysis and experiments, and detailed analysis shows its security
against known-sample attacks and ciphertext-only attacks. Our techniques have
potential usages in other kinds of privacy-preserving queries. If the query can
be performed through comparing inner products to a given range, the proposed
IPRE and ˆ ss-tree may be applied to realize privacy-preserving query. Two
potential usages are privacy preserving similarity query and long spatial range
query. In the future, we will design solutions for these scenarios and identify more
usages.
CHAPTER 11- REFERENCES

[1] A. Gutscher, “Coordinate transformation - a solution for the privacy

problem of location based services?” in 20th International Parallel
and Distributed Processing Symposium (IPDPS 2006), Proceedings,
25-29 April 2006, Rhodes Island, Greece, 2006.[Online]. Available:
http://dx.doi.org/10.1109/IPDPS.2006.1639681

[2] W. K. Wong, D. W.-l. Cheung, B. Kao, and N. Mamoulis, “Secure knn

computation on encrypted databases,” in SIGMOD. ACM, 2009, pp.
139–152.

[3] G. Ghinita, P. Kalnis, A. Khoshgozaran, C. Shahabi, and K.-L. Tan, “Private

queries in location based services: anonymizers are not necessary,”
inSIGMOD. ACM, 2008, pp. 121–132.

[4] X. Yi, R. Paulet, E. Bertino, and V. Varadharajan, “Practical k nearest

neighbor queries with location privacy,” in ICDE. IEEE, 2014, pp.
640–651.

[5] B. Chor, E. Kushilevitz, O. Goldreich, and M. Sudan, “Private information

retrieval,” Journal of the ACM (JACM), vol. 45, no. 6, pp. 965–981,
1998.