In recent years, the rapid growth of digital storage has increased the demand for reliable and practical file protection mechanisms. Individuals and organizations frequently store sensitive information such as personal documents, images, academic records, and confidential files on local systems, where they remain vulnerable to unauthorized access, accidental modification, and data misuse. Although several security solutions are available, many require advanced technical expertise or depend heavily on cloud-based services, which may introduce additional privacy concerns. To address these challenges, this paper proposes a Lightweight Privacy-Preserving File Protection Framework for Secure Data Storage. The proposed system is designed to provide a simple, efficient, and locally operated security solution that ensures data confidentiality without adding unnecessary system complexity. The framework integrates user authentication and password-based symmetric encryption to securely encrypt and decrypt files and images. All operations are executed within the local environment, eliminating reliance on third-party servers and enhancing user privacy. Furthermore, the system maintains a local encryption activity log to record file protection operations, thereby improving transparency and user awareness. The overall framework achieves a balanced integration of confidentiality, controlled access, usability, and computational efficiency. The proposed solution offers a practical and user-friendly approach to secure local file storage and establishes a foundation for future enhancements such as advanced access control and secure file-sharing capabilities.

This paper introduced a lightweight privacy-preserving file protection framework aimed at securing data in a local environment without relying on cloud services. The proposed system combines user authentication, password-based symmetric encryption, secure file transformation, and activity logging within a simple and modular structure. The implementation and testing confirm that the framework performs reliably under normal operating conditions. The authentication mechanism ensures that only authorized users can access encryption and decryption features. The encryption process protects files by converting them into secure encrypted formats using a password-derived key, while the decryption process restores the original file only when the correct password is provided. The inclusion of a local activity history log further improves transparency by recording operations without exposing sensitive file content. Overall, the results demonstrate that the framework provides a practical and efficient approach to secure local file protection. Its lightweight design makes it suitable for users who require privacy-focused data storage without complex infrastructure. In the future, the framework can be enhanced by integrating multi-factor authentication and role-based access control to further strengthen security. Performance improvements for handling larger files and the addition of secure backup features may also expand its applicability in real-world environments.

[1] W. Stallings, Cryptography and Network Security: Principles and Practice, 7th ed., Pearson Education, 2017. [2] B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd ed., Wiley, 1996. [3] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996. [4] R. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd ed., Wiley, 2008. [5] C. Paar and J. Pelzl, Understanding Cryptography: A Textbook for Students and Practitioners, Springer, 2010. [6] M. Bishop, Computer Security: Art and Science, Addison-Wesley, 2018. [7] National Institute of Standards and Technology (NIST), “Recommendation for Key Management – Part 1: General,” NIST Special Publication 800-57, 2016. [8] W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644–654, 1976. [9] A. Shamir, “Identity-Based Cryptosystems and Signature Schemes,” Advances in Cryptology, Lecture Notes in Computer Science, vol. 196, Springer, 1985. [10] D. Boneh and X. Boyen, “Short Signatures Without Random Oracles,” Advances in Cryptology – EUROCRYPT, Springer, 2004.