Raspberry Pi-Based Encrypted Cloud

Storage Gateway
Domain: Cybersecurity

Team member 1 Team member 2

Name of the Student : Gowtham S Name of the Student : Karthik Krishna KG
Register Number : 40731029 Register Number : 40731041

Guide name: Dr. B. Sathiyaprasad, M.E., Ph.D.

July 5, 2024 Department of CSE 1

PRESENTATION OUTLINE
● Abstract
● Introduction
● Problem Statement
● Existing System
● Proposed Solution
● Literature Survey
● System Architecture
● System Working
● Modules
● Implementation
● Data Flow Diagram
● Working Principles
● Results and Conclusion
● Output Screenshots
● Future Enhancements
● References
July 5, 2024 Department of CSE 2
 ABSTRACT
 The "Raspberry Pi-Based Encrypted Cloud Storage Gateway" project aims to develop an innovative solution
that combines the power of Raspberry Pi with advanced encryption techniques to create a secure and user-
controlled gateway for cloud storage.
The gateway acts as an intermediary between users' local devices and the cloud storage service, ensuring
end-to-end data encryption before data transmission and decryption upon retrieval. By placing control over
encryption keys in the hands of users, the system enhances data security and confidentiality, mitigating risks
associated with unauthorized access to sensitive information.

July 5, 2024 Department of CSE 3

 INTRODUCTION
 In an era defined by data-driven operations and cloud-centric workflows, the security and integrity of digital assets are
paramount.

 The Raspberry Pi-Based Encrypted Cloud Storage Gateway project represents a pioneering solution to the persistent
challenges of data security and user control in cloud storage environments.

 This project introduces an innovative gateway that serves as an intermediary between local devices and cloud storage
services.

 Its core mission is to bolster data security by implementing user-controlled encryption, local data encryption, and data
integrity verification.

 By leveraging the versatility of Raspberry Pi, our gateway not only fortifies data privacy but also seamlessly integrates
with leading cloud providers.

July 5, 2024 Department of CSE 4

 PROBLEM STATEMENT
The project aims to develop a Raspberry Pi-Based Encrypted Cloud Storage Gateway to address data security
concerns and provide users with enhanced control over their data.

The gateway will empower users to generate and manage their encryption keys locally on the Raspberry Pi
device.

The project addresses the limitations of existing cloud storage services and elevates data security,
confidentiality, and integrity for users.

July 5, 2024 Department of CSE 5

 EXISISTING SYSTEM
Limited Control Over Encryption Keys: Many existing cloud storage services offer encryption options, but users often
have limited control over the encryption keys. This leaves data susceptible to potential unauthorized access or surveillance
by service providers, undermining data security and privacy.

Potential for Data Breaches: With centralized cloud storage, a single breach in the provider's infrastructure can expose
vast amounts of user data. Recent high-profile breaches have shown that even large service providers are not immune to
such incidents, putting sensitive user data at risk.

Lack of Transparent Encryption: While encryption might be offered, it's often unclear how and when encryption is
applied. This lack of transparency can lead to doubts about the effectiveness of data protection during transmission and
storage.

Data Exposure During Transit: Existing systems may not provide sufficient protection for data while in transit between
user devices and the cloud. Without local encryption, sensitive data could be vulnerable to interception during transfer.
July 5, 2024 Department of CSE 6
 PROPOSED SOLUTION
The project involves building a Encrypted Cloud Storage Gateway. Consider the following components for the
project:

 User-Controlled Encryption : Users will have the ability to generate and manage their encryption keys
locally on the Raspberry Pi. This user-controlled encryption ensures that sensitive data remains accessible only
to authorized users, reducing the risk of unauthorized access.

 Local Data Encryption:Before transmitting data to the cloud storage service, the Raspberry Pi will encrypt the data
locally. This approach ensures that data remains protected during transit, minimizing the risk of data exposure or
interception.

July 5, 2024 Department of CSE 7

 PROPOSED SOLUTION

 Data Integrity Verification: The proposed solution will implement data integrity verification mechanisms
using cryptographic hashing algorithms. Checksums will be generated before data transfer and compared
upon retrieval to detect any unauthorized modifications.

 Cloud Storage Integration:The Raspberry Pi-Based Gateway will seamlessly integrate with popular cloud
storage services, providing users with flexibility in choosing their preferred cloud provider. Integration will be
achieved through the use of cloud storage service APIs.

 Auditing and Logging: The system will maintain comprehensive logs and audit trails to record data access,
changes, and file transfers. These logs will facilitate user activity tracking, enhancing accountability and aiding in
forensic analysis.

July 5, 2024 Department of CSE 8

 PROPOSED SOLUTION

 Secure Authentication: Robust user authentication mechanisms will be implemented to ensure that only
authorized users can access and manage the encrypted cloud storage gateway. Optionally, two-factor
authentication (2FA) can be integrated to provide an extra layer of security.

 Security Measures: The project will emphasize implementing security best practices to protect the Raspberry
Pi and the encryption keys from unauthorized physical access. Remote wipe and lock functionalities may be
considered to enable users to take quick actions in case of potential security threats.

July 5, 2024 Department of CSE 9

 LITERATURE SURVEY
S.NO TITLE AUTHOR DESCRIPTION LIMITATION
1. Security Model for Ahmad Fayyaz Madni, Data storage is transitioning from physical servers to ”cloud” This cloud security model
Securing Data on Cloud Munam Ali Shah storage because cloud service providers deliver the resources focuses on data protection
through the Internet when required. Cloud computing is a through encryption, access
successful and rapidly evolving technology. With new features and control, and monitoring.
capabilities released regularly, companies can move to the cloud However, challenges
on a “pay as you go” model. The most prominent feature of pay as include resource overhead,
you go model on the cloud is that it is cost-effective, however, this key management
makes the cloud platform vulnerable to cyber attacks. This is the complexity, potential cost
reason, the safety of such information has become a concern. This increases, compliance
paper provides a security framework that secures cloud storage issues, and user experience
from unauthorized individuals by using user identification and considerations. Balancing
authorization. We have used dual encryption by using Advance these aspects is crucial for
encryption standard (AES) & Ecliptic Curve Cryptography (ECC). its successful
The double encryption makes the cloud environment resilient implementation.
against different security attacks. The experimental results show
that the proposed model has low computing costs.

July 5, 2024 Department of CSE 10

 LITERATURE SURVEY
S.NO TITLE AUTHOR DESCRIPTION LIMITATION
2. Private Cloud Storage Vijay K, Sabarish
The world is becoming increasingly data-driven. People today While private cloud
need more data to analyse and gain insights. Storing and accessing storage via Raspberry Pi
using Raspberry Pi via Abishek W R, Sabarish large amounts of data becomes difficult, so our study will use the and VNC is cost-effective
Raspberry Pi to access all data from any devices connected to the and accessible, it faces
Virtual Network V U, Sanjeev Krishnan R
system. Both direct and cloud-based channels of communication limitations in scalability
Computing between the Raspberry Pi and the device are possible. To that end, due to hardware
we're conducting this research with the hope of one day being constraints and variable
able to use VNC cloud to connect to Raspberry Pi remotely and performance tied to
use the device that's attached to the Pi from anywhere in the network conditions and
world. When it comes to keeping tabs on and managing your Raspberry Pi models.
gadgets, remote control systems are invaluable. When it comes to
remote accessing graphical displays and sharing Android
applications, VNC (Virtual Network Computing) is by far the most
popular tool. Known as a "thin client," VNC is a display protocol
that works across multiple operating systems. In this paper, we
deploy a system designed for remote desktop access via mobile
VNC.

July 5, 2024 Department of CSE 11

 LITERATURE SURVEY
S.NO TITLE AUTHOR DESCRIPTION LIMITATION
3. Raspberry PI-based Marian Petrica, This paper aimed to develop an IoT gateway that takes data from a
Raspberry Pi-based real-
time IoT gateway
Remote and Real- Gabriela Boicu, repository and transmits it to a PowerApps application. There the monitoring, while
accessible, faces
time Monitoring of an Mihaela Vasluianu, data is stored for users in tables and graphics and compared with
limitations in processing
IoT Gateway Giorgian Neculoiu information from other sources available inside the PowerApps. power and network
stability, impacting
Moreover, due to the large data storage capacity as well as the
scalability and reliability.
connection to APIs we can see at any time of the day various
meteorological information, but we can also compare them with
those of the past. In present devices can now be connected to the
internet, allowing for increased functionality and connectivity, all
of these being possible due to the Internet of Things (IoT).

July 5, 2024 Department of CSE 12

SYSTEM ARCHITECTURE

July 5, 2024 Department of CSE 13

 MODULES
 Raspberry Pi
• Raspberry Pi is a low cost and small size make it perfect for tasks like running a media center, setting up a
home server, or teaching coding and electronics to beginners. Its GPIO pins also allow for hardware
interfacing, expanding its applications even further.
• It is also known as a Portable Computer.

July 5, 2024 Department of CSE 14

 MODULES
 Data Encryption Module:
• Implementation of data encryption algorithms (e.g., AES)
• User-controlled encryption key management
• Local data encryption before upload to the cloud

July 5, 2024 Department of CSE 15

 MODULES
 Cloud Storage Integration:
• Integration with cloud storage service APIs (e.g., Dropbox, Google Drive, EC2, GCP)
• Implementation of file upload and download functionality
• Handling user authentication and access permissions

July 5, 2024 Department of CSE 16

 MODULES
 Logging and Audit Trails:
• Implementation of logs and audit trails for tracking data access and changes
• Enhancing accountability and facilitating forensic analysis

July 5, 2024 Department of CSE 17

 MODULES
 Security Measures:
• Implementation of security measures to protect the Raspberry Pi and user data
• Best practices for securing data in transit and at rest

July 5, 2024 Department of CSE 18

 MODULES
 Deployment and Backup:
• Deployment of the Raspberry Pi-Based Gateway in a real-world environment
• Setting up regular backups to prevent data loss

July 5, 2024 Department of CSE 19

 MODULES
 User Interface:
• Design and development of a user-friendly interface (if applicable)
• Integration with Raspberry Pi for user interaction

July 5, 2024 Department of CSE 20

 IMPLEMENTATION
 Setting up of Raspberry pi and booting it up with Raspbian OS

July 5, 2024 Department of CSE 21

 IMPLEMENTATION
 Installation of GnuPG and KGpg for the encryption and decryption process.
 GnuPG is for the encryption and decryption process.
 KGpg is a GUI software which is compatible with GnuPG.

July 5, 2024 Department of CSE 22

 IMPLEMENTATION

 Navigate to KGpg to proceed further.

July 5, 2024 Department of CSE 23

 IMPLEMENTATION
 Use necessary configuration to encrypt the file or message.

July 5, 2024 Department of CSE 24

DATA FLOW DIAGRAM

July 5, 2024 Department of CSE 25

 WORKING PRINCIPLE
 Data Encryption and Decryption:

• Local Encryption: When a user initiates a file upload to the cloud storage service, our gateway steps
in. The data is first encrypted locally on the user's device using robust encryption algorithms, such as
Advanced Encryption Standard (AES). This ensures that sensitive information remains confidential
even during transmission.

• Secure Transfer: The encrypted data is then securely transferred to the selected cloud storage
service. Our gateway takes care of managing this communication, maintaining the confidentiality of the
data throughout the process.

• Data Retrieval: When a user requests a file from the cloud, our gateway retrieves the encrypted file. It
decrypts the data locally on the Raspberry Pi before presenting it to the user, making it readable and
usable.
July 5, 2024 Department of CSE 26
 WORKING PRINCIPLE

 User-Controlled Encryption Keys:

• Key Management: A fundamental aspect of our system is user-controlled encryption key management.
Users have the power to generate, manage, and safeguard their encryption keys. This ensures that
only authorized individuals can access their data.

 Data Integrity Verification:

• Integrity Checks: To detect any unauthorized modifications or tampering attempts, our gateway
implements data integrity verification mechanisms. It compares stored data with its original hash value
or checksum to ensure that the data remains unchanged.

July 5, 2024 Department of CSE 27

 WORKING PRINCIPLE
 Transparent Integration:

• Seamless Interaction: Our gateway integrates transparently with cloud storage services of the user's
choice. Users can continue to interact with their cloud-stored files through familiar interfaces and
applications, experiencing no disruption to their existing workflows.

 Compatibility with Multiple Cloud Services:

• Freedom of Choice: Our system is designed to be compatible with various popular cloud storage
providers. Users can select their preferred service while maintaining robust data security.

 Auditing and Logging:

• Accountability: For accountability and security monitoring, our gateway maintains detailed logs and
audit trails. This feature tracks data access and changes, facilitating forensic analysis in case of
security incidents.
July 5, 2024 Department of CSE 28
RESULT AND CONCLUSION

 The "Raspberry Pi-Based Encrypted Cloud Storage Gateway" project successfully developed a secure and
user-controlled gateway for cloud storage, leveraging the computational capabilities of Raspberry Pi and
advanced encryption techniques. The project aimed to address data security concerns associated with traditional
cloud storage solutions by empowering users with control over their encryption keys.

 The project's user-controlled encryption approach ensured that only authorized users could access and manage their
confidential data, adding an additional layer of confidentiality to cloud storage. Local data encryption and data integrity
verification mechanisms further strengthened data security, ensuring that data remained protected throughout its lifecycle in
the cloud.

July 5, 2024 Department of CSE 29

 RESULT AND CONCLUSION
 The seamless integration with popular cloud storage services provided users with flexibility and convenience, allowing
them to select their preferred provider while still benefiting from enhanced data security.

 Through comprehensive auditing and logging capabilities, users could monitor data access and changes, promoting
accountability and aiding in forensic investigations in case of security incidents.

 The results of the project validate the feasibility and effectiveness of using Raspberry Pi as an encrypted cloud storage
gateway. The system's performance, usability, and security features enhance user trust in cloud-based file storage and
sharing solutions.

 In conclusion, the "Raspberry Pi-Based Encrypted Cloud Storage Gateway" project serves as a significant contribution to
the field of cloud storage security. The developed gateway offers a robust, versatile, and user-friendly solution for
safeguarding sensitive data in the cloud, providing users with enhanced control over their confidential information. As
cloud storage continues to play a pivotal role in modern data management, the project's outcomes have far-reaching
implications for data protection and privacy in cloud environments.

July 5, 2024 Department of CSE 30

OUTPUT SCREEN SHOTS

• This is the physical setup of our project.

July 5, 2024 Department of CSE 31

OUTPUT SCREEN SHOTS

 Login page of our project.

 Here the login in managed by MongoDB.

July 5, 2024 Department of CSE 32

OUTPUT SCREEN SHOTS

 This is the encryption dashboard.

 We can submit the files which we need to encrypted.

July 5, 2024 Department of CSE 33

OUTPUT SCREEN SHOTS

 Once the file is encrypted, we can download the encrypted file.

 We can also download the generated Public and Private key from this page.
July 5, 2024 Department of CSE 34
OUTPUT SCREEN SHOTS

 Encrypted file will be sent to the AWS S3 bucket.

July 5, 2024 Department of CSE 35

OUTPUT SCREEN SHOTS

 We will be getting a mail with both of the generated Public and Private key.

 SMTP module/protocol is used for this automated mail exchange.

July 5, 2024 Department of CSE 36
OUTPUT SCREEN SHOTS

 For decryption we have to upload the encrypted .GPG file which we got while encrypting the file.

 We have to input the Private Key to decrypt it.

 When we click on Decrypt button it hits back to the raspberry pi and decrypts the file by verifying the Private Key.

July 5, 2024 Department of CSE 37

OUTPUT SCREEN SHOTS

 For decryption we have to upload the encrypted .GPG file which we got while encrypting the file.

 We have to input the Private Key to decrypt it.

 When we click on Decrypt button it hits back to the raspberry pi and decrypts the file by verifying the Private Key.

July 5, 2024 Department of CSE 38

OUTPUT SCREEN SHOTS

 Decrypted file is then downloaded to our local system.

July 5, 2024 Department of CSE 39

 FUTURE ENHANCEMENT
 Performance Management – Optimizing overall performance of the system.
 Raspberry pi 5 – Using latest version of hardware to improve the performance.
 User Management – Handling more users with advanced servers and hardware.
 Integrating “AI” – From File Handling to Overall optimization, Integrating AI to the same will enhance
the performance rate.

July 5, 2024 Department of CSE 40

 REFERENCES
[1] S. Mishra and S. Lahoti, “An Efficient User Protected Encryption Storage Algorithm Used in Encrypted Cloud Data,” in 2023 IEEE International
Conference on Integrated Circuits and Communication Systems (ICICACS), IEEE, Feb. 2023, pp. 1–5. doi:
10.1109/ICICACS57338.2023.10099610.

[2] A. F. Madni and M. A. Shah, “Security Model for Securing Data on Cloud,” in 2022 17th International Conference on Emerging Technologies
(ICET), IEEE, Nov. 2022, pp. 206–211. doi: 10.1109/ICET56601.2022.10004669.

[3] K. Vijay, W. R. Sabarish Abishek, V. U. Sabarish, and R. Sanjeev Krishnan, “Private Cloud Storage using Raspberry PI via Virtual Network
Computing - An Analysis,” in 2023 International Conference on Computer Communication and Informatics (ICCCI), IEEE, Jan. 2023, pp. 1–7. doi:
10.1109/ICCCI56745.2023.10128489.

[4] A. Al Khateeb and A. Summaq, “Securing Data in a Cloud Environment: Access Control, Encryption, and Immutability Säkerhetshantering av
data som överförs genom molnbaserade tjänster: åtkomstkontroll, kryptering och omutlighet.”

[5] Mishra, S., & Chitkara, M. (2023, February 24). Service Level Trust Key Encryption based Cloud Security using Starvation End-Point
Encryption. 2023 IEEE International Conference on Integrated Circuits and Communication Systems (ICICACS).
https://doi.org/10.1109/icicacs57338.2023.10099816

[6] G. Uma and L. Jayasimman, “Enhanced Convergent Encryption Key Generation for Secured Data Deduplication in Cloud Storage,” J Phys
Conf Ser, vol. 1142, p. 012006, Nov. 2018, doi: 10.1088/1742-6596/1142/1/012006.

[7] W. Jin, R. Xu, T. You, Y.-G. Hong, and D. Kim, “Secure Edge Computing Management Based on Independent Microservices Providers for
Gateway-Centric IoT Networks,” IEEE Access, vol. 8, pp. 187975–187990, 2020, doi: 10.1109/ACCESS.2020.3030297.

July 5, 2024 Department of CSE 41

 REFERENCES
[8] Z. D. Eri, S. Yusoff, K. L. Ngo, S. N. H. Ishak, and N. Ahmad, “Privacy awareness on cloud storage among students at tertiary level: A case
study,” J Phys Conf Ser, vol. 1529, no. 2, p. 022043, Apr. 2020, doi: 10.1088/1742-6596/1529/2/022043.

[9] S. Prasath kumar, P. Rayavel, N. Anbarasi, B. Renukadevi, and D. Maalini, “Raspberry pi based secured cloud data,” J Phys Conf Ser, vol.
1964, no. 4, p. 042101, Jul. 2021, doi: 10.1088/1742-6596/1964/4/042101.

[10] C.-Y. Yang, C.-C. Lee, T.-H. Sun, and M.-S. Hwang, “Cryptanalysis of A Hierarchical Data Access and Key Management in Cloud
Computing,” IOP Conf Ser Mater Sci Eng, vol. 466, p. 012010, Dec. 2018, doi: 10.1088/1757-899X/466/1/012010.

[11] Ahmad Fayyaz Madni, Munam Ali Shah, “Security Model for Securing Data on Cloud”, 17th International Conference on Emerging Technologies
(ICET) ,2022

[12] Silvian–Marian Petrica; Mihaela–Gabriela Boicu; Mihaela Vasluianu; Giorgian Neculoiu, “Raspberry Pi-based Remote and Real-time
Monitoring of an IoT Gateway”, 13th International Symposium on Advanced Topics in Electrical Engineering (ATEE), 2023

[13] Saket Mishra; Mansi Chitkara, “Service Level Trust Key Encryption based Cloud Security using Starvation End-Point Encryption”, IEEE
International Conference on Integrated Circuits and Communication Systems (ICICACS), 2023

[14] Changqing Sun, Kun Guo, Zhaoxia Xu, Jianhui Ma, Dairong Hu, “Design and Development of Modbus/MQTT Gateway for Industrial IoT
Cloud Applications Using Raspberry Pi”, 2019 Chinese Automation Congress (CAC), 219

[15] Cheng-Ying Yang, Cheng-Chi Lee, Tsuei-Hung Sun, Min-Shiang Hwang “Cryptanalysis of A Hierarchical Data Access and Key Management
in Cloud Computing”, IOP Conference Series: Materials Science and Engineering, Volume 466, 2018 the 2nd annual International Conference on
Cloud Technology and Communication Engineering 17–19 August 2018, Nanjing, China

July 5, 2024 Department of CSE 42