Published April 17, 2026 | Version v1
Publication Open

SECURE FILE SHARING SYSTEM ON CLOUD

Authors/Creators

Description

Cloud computing has become a widely adopted technology for storing and sharing data due to its scalability, flexibility, and cost-effectiveness [1]. However, storing sensitive information on third-party cloud servers introduces significant security risks such as unauthorized access, data breaches, and cyber-attacks [2]. Ensuring confidentiality, integrity, and secure access control remains a major challenge in cloud-based file sharing systems [3]. This research proposes a Secure File Sharing System on Cloud that focuses on protecting data through strong encryption and controlled access mechanisms. The proposed system uses advanced cryptographic techniques to secure files before uploading them to the cloud. Symmetric encryption algorithms such as AES are applied to encrypt file content [1], while asymmetric encryption like RSA is used for secure key exchange [4]. This ensures that only authorized users with valid decryption keys can access the shared files. Even if the cloud storage is compromised, encrypted data remains 12. unreadable to attackers [5]. To strengthen security further, the system incorporates multi-factor authentication and role-based access control [6]. Users are assigned specific roles, and permissions are granted based on their authorization level. Secure key management is implemented to prevent exposure of encryption keys [7]. Additionally, cryptographic hash functions such as SHA-256 are used to verify data integrity and detect any unauthorized modifications [2]. The system also enables secure file sharing through encrypted links with time-limited access, allowing users to revoke permissions when necessary. By integrating encryption, authentication, and integrity verification, the proposed solution enhances trust and security in cloud environments while maintaining system efficiency and usability.

Files

SECURE FILE SHARING SYSTEM ON CLOUD.pdf

Files (1.1 MB)

Name Size Download all
md5:d4e08c96161a858d137b83c81d3b53e0
1.1 MB Preview Download

Additional details

Dates

Submitted
2026-04-17
The rapid proliferation of cloud computing has made it the primary platform for data storage and collaboration for both individuals and enterprises [8]. The convenience, scalability, and cost-effectiveness offered by services like Amazon S3, Google Drive, and Microsoft Azure have driven this adoption [9]. However, this shift inevitably exposes users to various security threats, making the security of files shared on these platforms a paramount concern [10]. Outsourcing data to third party cloud service providers relinquishes physical control over the data, introducing severe risks [11]. The primary security threats in cloud file sharing include data confidentiality breaches, data integrity violations, unauthorized access, and availability issues [12]. Maintaining the fundamental security principles Of Confidentiality, Integrity, and Availability (CIA) is crucial for any cloud storage solution [13]. The core problem addressed by this research is the inherent lack of control over data security when using conventional cloud storage services, which often rely on the CSP for protection [14]. While CSPs offer basic security, sophisticated or highly sensitive data requires client-side protection measures that combine robust encryption with fine-grained access policies [15]. The motivation for this study is to consolidate the state-of-the-art in secure cloud file sharing and provide a foundational structure for designing a practical system that actively enforces security mechanisms like user authentication, encryption before storage, and Role-Based Access Control (RBAC) to counter unauthorized access effectively [6].

References

  • [1] NIST, "Advanced Encryption Standard (AES)," FIPS PUB 197, National Institute of Standards and Technology, Nov. 2001. [2] W. Stallings, Cryptography and Network Security: Principles and Practice, 7th ed., Pearson, 2017. [3] A. Singhal and D. Wijesekera, "Role-Based Access Control (RBAC) Models," National Institute of Standards and Technology (NIST), 2013. [4] M. Bellare and P. Rogaway, "Introduction to Modern Cryptography," 2005. [5] S. Kamara and K. Lauter, "Cryptographic Cloud Storage," Financial Cryptography and Data Security, Springer, pp. 136 149, 2010. [6] D. F. Ferraiolo and D. R. Kuhn, "Role-Based Access Control (RBAC)," 15th National Computer Security Conference, pp. 554-563, 1992. [7] K. Ren, C. Wang, and Q. Wang, "Security Challenges for the Public Cloud," IEEE Internet Computing, vol. 16, no. 1, pp. 69-73, Jan.-Feb. 2012. [8] M. Armbrust et al., "A View of Cloud Computing," Communications of the ACM, vol. 53, no. 4, pp. 50-58, Apr. 2010. [9] M. A. AlZain, E. Pardede, B. Soh, and J. A. Thom, "Cloud Computing Security: From Single to Multi-Clouds," 2012 45th Hawaii International Conference on System Sciences, pp. 5490-5499. [10] D. Chen and H. Zhao, "Data Security and Privacy Protection Issues in Cloud Computing," 2012 International Conference on Computer Science and Electronics Engineering, pp. 647-651. [11] W. Wang, Z. Li, R. Owens, and B. Bhargava, "Secure and Efficient Access to Outsourced Data," Proceedings of the 2009 ACM workshop on Cloud computing security, pp. 55-66. [12] C. Wang, S. Wang, Q. Wang, K. Ren, and W. Lou, "Privacy-Preserving Public Auditing for Secure Cloud Storage," IEEE Transactions on Computers, vol. 62, no. 2, pp. 362-375, Feb. 2013. [13] V. G. Cerf and R. E. Kahn, "A Protocol for Packet Network Intercommunication," IEEE Transactions on Communications, vol. 22, no. 5, pp. 637-648, 1974. [14] S. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing," Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1-11, Jan. 2011. [15] Z. Xiao and Y. Xiao, "Security and Privacy in Cloud Computing," IEEE Communications Surveys & Tutorials, vol. 15, no. 2, pp. 843-859, 2013. [16] S. Yu, C. Wang, K. Ren, and W. Lou, "Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing," IEEE INFOCOM, 2010, pp. 1-9. [17] R. L. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM, vol. 21, no. 2, pp. 120-126, 1978. [18] D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano, "Public Key Encryption with Keyword Search," Eurocrypt 2004, Lecture Notes in Computer Science, vol. 3027, pp. 506-522. [19] A. J. Feldman, W. P. Zeller, M. J. Freedman, and E. W. Felten, "SPORC: Group Collaboration using Untrusted Cloud Resources," OSDI, vol. 10, pp. 1-15, 2010. [20] P. Mell and T. Grance, "The NIST Definition of Cloud Computing," NIST Special Publication 800-145, 2011. [21] V. G. Cerf and R. E. Kahn, "A Protocol for Packet Network Intercommunication," IEEE Transactions on Communications, vol. 22, no. 5, pp. 637-648, 1974. [22] R. L. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM, vol. 21, no. 2, pp. 120-126, 1978. [23] S. Kamara and K. Lauter, "Cryptographic Cloud Storage," Financial Cryptography and Data Security, Springer, pp. 136 149, 2010. [24] D. Hardt, "The OAuth 2.0 Authorization Framework," IETF RFC 6749, Oct. 2012. [25] K. Ren, C. Wang, and Q. Wang, "Security Challenges for the Public Cloud," IEEE Internet Computing, vol. 16, no. 1, pp. 69-73, Jan.-Feb. 2012. [26] M. A. AlZain, E. Pardede, B. Soh, and J. A. Thom, "Cloud Computing Security: From Single to Multi-Clouds," 2012 45th Hawaii International Conference on System Sciences, pp. 5490-5499. [27] P. Mell and T. Grance, "The NIST Definition of Cloud Computing," NIST Special Publication 800-145, 2011. [28] A. J. Feldman, W. P. Zeller, M. J. Freedman, and E. W. Felten, "SPORC: Group Collaboration using Untrusted Cloud Resources," OSDI, vol. 10, pp. 1-15, 2010. [29] Z. Xiao and Y. Xiao, "Security and Privacy in loud Computing," IEEE Communications Surveys & Tutorials, vol. 15, no. 2, pp. 843-859, 2013. [30] S. Yu, C.Wang, K. Ren, and W. Lou, "Achieving Scure, Scalable, and Fine-grained Data Access Control in Cloud Computing," IEEE INFOCOM, 2010, pp. 1-9.