Questions: Develop a Secure Cloud Storage that can encrypt and decrypt the files using AES and RSA cryptography
Secure Cloud Storage Using Hybrid Cryptography is a project that enables users to securely store their sensitive files in cloud storage. However, cloud storage introduces security risks and the possibility of data leakage. Because of this, data protection is one of the most important parts of cloud storage. Hybrid cryptography gives the system a second layer of encryption to make it safer. With the ability to share files and a secret key needed to decrypt them, users’ files will be safe from people who shouldn’t be able to see them. Cloud storage works by keeping users’ sensitive documents on storage
servers and letting users get to those files whenever they want.
We will conduct a literature review on existing projects and research for data collection and project planning in order to develop this project. By doing so, we may be able to incorporate a portion of their system workflow or design into our project to make it more dependable and efficient. Therefore, the agile methodology will be implemented for this project. This includes, among other things, how we intend to approach sampling techniques, statistical analysis, and surveys. The purpose of a research methodology is to explain the rationale behind our research approach.
In summary, the data gathered and the methodology above will be implemented in this project to ensure the effectiveness of the system and the smooth running of the project.
1.2 Problem Statement
1.2.1 Unavailability of backup storage for files
Some of the major problems that people can have are insufficient space to save their files. If the user has an excessive amount of files that they need to save, their laptop may not be able to cope with the amount and they need to buy more hard drives. Then it will resort to them saving their confidential files on a laptop, pen drive, or hard disc.
All of the external hard drives and USBs only make the important files more vulnerable and prone to physical damage and also can be ruined with some unknown malware infections. Therefore, once their hard disk or flash drive has been infected, all of their files will be inaccessible and they will be unable to backup them.
1.2.2 Unauthorized user can access to important file Unauthorized access occurs when an unauthorized user gains access to a computer network, system, application software, data, or other resources. In a world rife with
online vulnerabilities, it is unquestionable that sensitive information can be leaked.
Some software has vulnerabilities, prompting some individuals to encrypt their files to prevent data loss. Consequently, data breaches can occur to anyone who fails to protect their personal data or other sensitive information.
1.2.3 Unsecure file sharing process
Numerous cloud-based services offer file-sharing capabilities. When selecting a filesharing website, it is crucial to keep security in mind, as data protection is important for any business. Inadvertently forwarding files to the wrong individuals and sending unencrypted emails are two practices that cyber security experts consider extremely dangerous.
It is also common knowledge that sensitive information should never be transmitted over public telephone lines unless the transmission has been encrypted beforehand. If a line cannot be verified as secure, it must be regarded as vulnerable to tampering. This is why we need a secure platform that enables users to securely share their sensitive and confidential files with anyone.
1.3 Project Objectives
1.3.1 To provide backup storage for the files
This project can assist users who have an insufficient amount of space on their laptop or hard drive to store their numerous confidential files. Users can safely store their files without fear of ransomware or physical damage to the hard drive. With an internet connection, the saved files can be accessed at any time, unlike their physical storage locations.
1.3.2 To provide data access only to authorized users It is important that only authorized individuals have access. The organization must collaborate with the Cloud Service Provider to ensure that access to the service is provided in a manner that safeguards the confidentiality and integrity of the data (Samani et al., 2015). Thus, this project provides a feature that allows users to encrypt
their files, which not only ensures data integrity but also allows users to decide with whom they wish to share encrypted files. Before files are uploaded to the cloud storage, this system will encrypt them using both RSA and AES algorithms. Any third party that attempts to access the file will be unable to read it without first decrypting it using a decryption key.
1.3.3 To provide secure file sharing is the process of securely or privately sharing one or more files. Generally, secure file sharing is accomplished by encrypting the file prior to sharing or during network transmission. This is accomplished using a cryptographic algorithm.
The file can be shared over a standard Internet connection or a local network. Secure file sharing shields us from external hackers and prevents the host from viewing your files. Consequently, this project will include a feature that enables users to share their uploaded encrypted files. However, in order for the recipient to receive and open the file, they will need to send a request to the file owner for access. The owner must then accept the request and send the decryption key for the recipient to decrypt the requested file if they wish to grant access.
1.4 Project Scope and Target User
1.4.1 Project Scope
The end product of this project will a cloud-based web application system. Because of that, users can access it anytime and anywhere if they have an internet connection.
The objective of this project is to provide clients with a platform for them to keep their confidential and important files and make them more secure by applying a hybrid algorithm to encrypt them. To achieve this, we will plan the development process by choosing a methodology to help us execute a more efficient and reliable system. Other than that, we will also carry out requirements-gathering sessions by doing surveys and observations. With that, we can refer to the gathered data to develop a system that can achieve all of our objectives and clients’ satisfaction.
1.4.2 Target User
The administrator role will be able to manage all of the users such as adding new users, edit users’ information, remove users, and view the list of users.
Admin can also view the users’ list of files, however, they do not have any access to make any changes to the files.
Users will be able to manage their own accounts by updating their email or password on their own. The main feature for users is that they can upload their intended files and proceed to encrypt them. The saved file in the cloud will be the encrypted file and it will need a secret key to decrypt it. Users can also share their encrypted files with others by giving the secret key for them to decrypt the files.
1.5 Project Overview
Hence, we can conclude that even though the project that will be developed is not the same as today’s existing cloud storage that most people use such as Google Drive or Microsoft OneDrive, we aim to make a more reliable and secure file cloud storage. The aim will be reached by developing more secure cloud storage with a two-layer encryption algorithm to strengthen the reliability and protection of users’ files.
Implementation of a double-stage encryption algorithm that provides high security, scalability, confidentiality, and therefore easy cloud file accessibility.
In such a case, this project will achieve its goals of providing both secure file storage and secure file sharing.
The Internet is one of the most significant inventions of the twenty-first century and has had a profound effect on our lives. Cloud Computing is now a worldwide phenomenon that the majority of internet users employ. The number of institutions, businesses, and other users who rely on the cloud’s resources and store their sensitive data in the cloud has increased dramatically over the years due to the cloud’s intuitive and alluring characteristics.
Nonetheless, these developments have resulted in the emergence of new security vulnerabilities, including security issues whose full impact is still developing. To prevent these security risks, this project will implement the hybrid algorithm in cloud storage.
In this section, we will investigate the cloud storage and algorithm types that will be used for this project. By conducting this literature review, we will investigate in better detail what the combination of algorithm encryption is and why cryptography should be used for security purposes in cloud computing.
In addition, we will investigate three existing projects and research with comparable cryptography implementations that we can use as references for this project’s development. From there, we can determine
which of them has superior features or security for this project.
2.2 Cloud Storage
Cloud storage is a new concept that emerged incrementally with cloud computing, which has two general meanings: It is the storage component of the virtualized and highly scalable cloud computing storage resource pool.
With cloud storage, users can store their files and data in a cloud server that they can reach through the internet or a private network. When users move data off-site to store it, it becomes the job of a cloud service provider to take care of it. The provider hosts, secures, manages, and maintains the servers and related equipment, and makes sure that users always have access to the data.
Instead of investing in costly private servers that consume valuable
resources such as money and space, many small businesses and individuals opt to store their files on an external server in order to increase efficiency. Ones digital data is secure, protected, and backed up as an added bonus.
If something were to happen to one of the devices, users would still be able to access their cloud-based files on another device. A cloud storage system can specialize in storing a specific type of data, such as digital photos or music files, or it can store any type of data, including photos, audio files, text documents, presentations, and spreadsheets.