CHAPTER ONE

1.0 Introduction

Cloud-based shared systems have transformed how organizations and individuals manage, store,
and share data. These systems offer scalable, flexible, and cost-effective solutions for data
management, allowing users to access and manipulate data anytime and anywhere. However, the
widespread adoption of cloud-based systems has brought about significant challenges, particularly
regarding data integrity. Ensuring data remains unaltered, consistent, and accurate throughout its
lifecycle is essential for maintaining trust in shared systems. A cloud-based big data sharing system
leverages the storage capabilities of a cloud service provider to enable data sharing among
authorized users. Unlike traditional solutions, where data remains within the owner's trust domain,
cloud providers store the shared data in extensive data centers that are external to this domain,
potentially raising concerns regarding data confidentiality (Han et al., 2019).

The advancement of technology has significantly transformed the way information is shared over
the internet, particularly through various channels for storing and distributing files. Cloud sharing
has emerged as a notable technological advancement, steadily capturing a larger share of the market
over the past three years. This cloud-based file-sharing method enables users to easily share files, is
straightforward to set up, and often utilizes open-source solutions. Publicized as a major evolution
in typical information technology practices, cloud file sharing offers a versatile solution for
everyone—from businesses and non-profit organizations to individual users. It provides an
improved, faster, and more efficient way to share important documents in everyday computing.
(Research Clue, 2020).

1.1 Background of the Study

Data integrity encompasses the reliability and accuracy of information throughout its lifecycle. In
cloud-based shared systems, preserving data integrity is crucial, as multiple users access, modify,
and share this data. Without strong integrity mechanisms in place, data becomes vulnerable to
threats such as unauthorized access, accidental deletion, and malicious tampering. Such
vulnerabilities can result in financial losses, reputational harm, and legal consequences.

As noted by Velmurugan et al. (2024), maintaining data security and privacy presents significant
challenges, particularly when selective data is collected and shared. A notable concern that arises is
the potential risk of data being transmitted by cloud servers to unauthorized users or individuals
who may not have any legitimate interest in the specific data or the user's preferences.
According to Bauskar (2024), concerns regarding data security have had a significant impact on the
adoption rate of cloud computing. Many individuals are apprehensive about the idea of entrusting
their most important data and programs to the hardware and processing power of others. Security
issues such as data loss, phishing, and botnets pose serious threats to an organization’s software and
data. Furthermore, the shared computing resources and multi-tenancy structure of cloud computing
have introduced new security challenges, such as the Botcloud Attack, which necessitates
innovative solutions.

Cloud environments inherently possess vulnerabilities stemming from their distributed and multi-
tenant architecture. As data moves across various nodes and networks, the risks associated with data
breaches, tampering, and loss escalate significantly. Traditional data security measures, such as
encryption and access control, often fall short in ensuring data integrity within these dynamic and
shared environments. Therefore, there is an urgent need for more advanced mechanisms to uphold
the trustworthiness of data in cloud-based systems. Security policies for data are essential,
particularly as data plays a crucial role in significant sectors such as healthcare and defense.
Accessing data from the cloud is one of the simplest methods, which is why many cloud service
providers prioritize securing that data. Cybercriminals have been exploiting vulnerabilities in the
cloud, with weak encryption methods being one of the common tactics. To address these issues, a
new approach is necessary to enhance the safety of cloud applications. (Sandhia and Raja, 2022)

1.2 Statement of the problem

Despite the advantages of cloud-based shared systems, the absence of robust mechanisms to ensure
data integrity presents a significant challenge. Instances of data corruption, tampering, and
unauthorized access are increasingly common, eroding users' confidence in cloud services. Existing
security measures—such as firewalls, encryption, and authentication protocols—often fall short in
addressing the complexities associated with data integrity in shared environments.

The lack of comprehensive audit mechanisms further complicates the issue, as there is no reliable
method to track alterations, identify unauthorized modifications, or verify the authenticity of data.
Without adequate safeguards, organizations are at heightened risk of data breaches, non-compliance
with regulations, and operational disruptions. This study aims to explore how an audit trail
approach can be utilized to enhance data integrity in cloud-based shared systems.

1.3 Aim and Objectives of the Study

Aim
The aim of this study is to design and implement a secure, cloud-based data integrity verification
system that ensures the accuracy, reliability, and protection of data while maintaining accessibility
for authorized users.

Objectives

i. To develop a system that incorporates metadata management, cryptographic hashing, and

audit logging to ensure data authenticity and reliability.
ii. To leverage cloud-based platforms for scalable, secure, and accessible file storage.
iii. To use hashing algorithms to validate the integrity of stored data and detect unauthorized
modifications.
iv. To develop an intuitive platform for file uploads, integrity verification, and log management.

1.4 Significance of the Study

The significance of this study lies in its contribution to addressing the critical issue of securing data
integrity in cloud-based shared systems, particularly within the context of Federal Polytechnic Idah.
The study’s findings and proposed solutions hold practical, academic, and societal value, benefiting
multiple stakeholders.

Enhanced Data Security for Federal Polytechnic Idah: The implementation of an audit trail
approach provides the institution with a robust mechanism for detecting unauthorized changes,
maintaining data authenticity, and ensuring accountability in its cloud-based systems.

Improved Decision-Making: By ensuring data integrity, the study supports the institution’s
management and stakeholders in making informed and reliable decisions based on accurate data.

Regulatory Compliance: The proposed solution aligns with regulatory requirements for data
protection, helping Federal Polytechnic Idah demonstrate compliance with standards such as
Nigeria Data Protection Regulation (NDPR) and other global best practices.

Advancing Research in Cloud Security: This study contributes to the academic body of
knowledge in cloud computing and cybersecurity by exploring the application of audit trails as a
tool for securing data integrity. Framework for Future Studies:

The research serves as a foundation for future investigations into enhancing data security in shared
systems, particularly in educational institutions and similar settings.

Building Trust in Cloud Technology: As institutions and organizations increasingly adopt cloud
computing, this study addresses societal concerns about the reliability and security of cloud-based
shared systems. Enhanced trust in these systems encourages wider adoption and innovation.
Protecting Stakeholders’ Interests: By ensuring the integrity of critical data such as student
records and financial transactions, the study safeguards the interests of students, staff, and other
stakeholders associated with Federal Polytechnic Idah.

Promoting Digital Transformation: The findings of this study support the broader goal of digital
transformation in educational institutions by demonstrating how advanced security measures can
enable more efficient and secure data management practices.

1.5 Scope of the Study

The study focuses on Federal Polytechnic Idah, a higher educational institution in Nigeria. The
Polytechnic's use of cloud-based systems for managing administrative, academic, and operational
data makes it an ideal setting to explore the challenges of data integrity.

1.6 Review of Related Literature

The review of related work explores existing research and solutions that address securing data
integrity in cloud-based shared systems, emphasizing the role of audit trails. This review highlights
key studies, identifies gaps, and establishes the relevance of the proposed solution for Federal
Polytechnic Idah.
1.6.1 Data Integrity in Cloud-Based Systems
Cloud computing has transformed data storage and sharing by providing scalable and accessible
solutions. However, maintaining data integrity, ensuring data remains accurate, consistent, and
trustworthy remains a significant challenge due to: Data Tampering: Unauthorized modifications
that compromise trustworthiness, Human Errors: Accidental data corruption by legitimate users
and Insider Threats: Malicious actions by users with authorized access.
According to Witanto et al. (2022), artificial intelligence has been adopted across various sectors,
including security, healthcare, finance, and national defense. However, alongside its remarkable
advancements, some individuals leverage AI for harmful purposes. Concurrently, the rapid
development of cloud computing technology has led to the emergence of cloud-based AI systems.
Unfortunately, the vulnerabilities associated with cloud computing can compromise the security of
AI services. The authors note that any compromise in the integrity of the training data directly
undermines the reliability of the AI system's outputs.
According to Hussien et al. (2023), information obtained from external sources in the cloud and the
subsequent computations may not always be dependable. This unreliability primarily stems from
insufficient regulations and ineffective information management by data owners. Despite the
introduction of various techniques aimed at securing external information, security threats in the
cloud remain a significant concern. This poses considerable challenges to the effective adoption and
utilization of cloud technology. Moreover, many existing solutions are burdened by high
computation costs, particularly during the auditing process. However, to tackle the issue of rising
auditing expenses, the research proposes a well-structured, lightweight system designed to enhance
information security through improved integrity checking.
1.6.2 Role of Audit Trails in Ensuring Data Integrity
Audit trails have emerged as a vital tool for tracking changes in cloud environments. They maintain
a log of data access, modifications, and deletions, providing a transparent record for accountability
and forensic purposes. Traditional Audit Trails: Typically record metadata about data activities,
enabling post-incident analysis but often lacking real-time detection capabilities.
With the advancement of the Internet of Things (IoT)-)-enabled Maritime Transportation Systems
(MTS), the vast amounts of data generated within these systems need to be stored reliably and cost-
effectively, while also being analyzed promptly. Cloud-based Maritime Transportation Systems
(CMTS) enable users to upload data without concerns regarding costs, capacity, or location.
However, CMTS also introduces certain security challenges, with the defense of the integrity of
outsourced data being a critical issue. This aspect is essential for ensuring the safety, reliability, and
efficiency of maritime routes (Li et al., 2022).
Wang et al. (2024) improve the auditing algorithm by refining the Rank-based Merkle Hash Tree
(RMHT) to allow for dynamic updates of stored data and by implementing a non-leaf node
sampling strategy. These enhancements significantly decrease communication overhead during both
the auditing and update phases. Such optimizations render the algorithm particularly well-suited for
the Blockchain environment, where proofs are stored on the Blockchain and associated with gas
fees.
1.6.2 Security Models in Cloud-Based Shared Systems
The CIA Triad (Confidentiality, Integrity, and Availability) underpins cloud security. Most research
has prioritized confidentiality (encryption) and availability (redundancy), often neglecting the
unique requirements of data integrity. Encryption: While critical for confidentiality, it does not
address unauthorized changes made by legitimate users. Access Control: Policies such as Role-
Based Access Control (RBAC) limit who can modify data but do not track changes after the fact.
According to Parast et al. (2022), despite the many advantages that cloud computing offers to
businesses and individuals, security concerns have consistently ranked as the foremost challenge in
the cloud environment as of 2020. While numerous factors influence security, technologies integral
to cloud computing—such as virtualization and multitenancy, along with the on-demand nature of
services—create new vulnerabilities that can be exploited by malicious actors.
1.6.3 Research Gap
Despite advancements in securing data integrity, existing studies highlight several issues:
i. Scalability Concerns: Many solutions are inadequately designed for resource-constrained
environments such as Federal Polytechnic Idah.
ii. User-Centric Design: There is a limited emphasis on creating user-friendly audit trail
interfaces suitable for non-technical stakeholders.
iii. Real-Time Monitoring: There is an insufficient focus on the detection and resolution of
data integrity violations in real time.
iv. Localized Solutions: There is a significant gap in research that addresses the unique
challenges faced by Nigerian educational institutions.
This review emphasizes the necessity for a scalable, user-friendly, and regulatory-compliant audit
trail framework that effectively tackles data integrity challenges in cloud-based shared systems. By
zooming in on Federal Polytechnic Idah, this study aims to address the identified gaps and propose
a solution that meets the specific needs of the institution.

1.7 Research Methodology

This chapter has outlined the methodology used to develop and assess the proposed data integrity
verification system. By integrating SQLite and Firebase with the robust capabilities of Python, a
hybrid approach has been crafted to ensure data integrity. The subsequent chapter will present the
results and offer an in-depth discussion of the system's performance.
1.7.1 Research Design
The research employs an experimental design to create and assess a data integrity verification
system. This system integrates a hybrid model that combines local SQLite databases with cloud-
based Firebase Storage for managing file metadata and performing integrity checks. The design
encompasses both theoretical and practical elements to effectively address the study's objectives.
i. System Architecture Development: Designing a system to upload, verify, and log file
integrity using both SQLite and Firebase.
ii. Implementation and Testing: Developing the system, conducting functional tests, and
evaluating its performance.

1.7.2 System Components

The study uses the following components:

i. SQLite Database: Used locally to store file metadata such as file names, hashes, and
timestamps. The schema includes tables for file metadata and logs.
 ii. Firebase Storage: A cloud-based platform to store files and enable remote integrity
verification.
iii. Python Programming Language: Chosen for its flexibility and compatibility with SQLite
and Firebase.
iv. Hashing Algorithm: SHA-256 is used to generate unique file hashes for integrity checks.

1.7.3 Data Collection

The data used in this study includes:

i. Files uploaded by users to test the system’s functionality.

ii. Metadata generated during file uploads, including filenames, hashes, and timestamps.

1.7.4 Tools and Technologies

 Python: Used for developing the backend logic of the system.

 Firebase SDK: Integrated for cloud-based file storage and retrieval.

 SQLite: Used for local database management.

 Pyrebase: A Python wrapper for Firebase SDK to facilitate interaction with Firebase
services.

 Hashlib Library: Utilized to generate and verify file hashes.

1.7.5 System Workflow

The workflow for the system is structured as follows:

1. File Upload: Users upload files to the system, which computes a hash for the file and stores
it in both the SQLite database and Firebase Storage.

2. Integrity Verification: When requested, the system retrieves the stored hash from the
database and compares it with the hash of the current file to determine if the file has been
tampered with.

3. Metadata Updates: If a file is modified, the system updates its hash and logs the action in
both SQLite and Firebase.

4. Log Management: All actions (e.g., uploads, updates, verifications) are logged for audit
purposes.

17.6 Validation and Testing

To ensure the reliability of the system:

i. Unit Testing: Individual components (e.g., hash generation, database storage, cloud storage)
are tested to ensure correct functionality.

ii. Integration Testing: The entire system is tested to verify the seamless interaction between
SQLite, Firebase, and the application logic.

iii. Performance Evaluation: The system’s ability to handle multiple concurrent file uploads
and integrity checks is measured.

17.7 Ethical Considerations

To ensure the ethical conduct of the study:

i. User data and files are used solely for testing and deleted after the study.

ii. The system adheres to privacy and security standards to safeguard user information.

1.7.8 Limitations

The study acknowledges the following limitations:

i. Using the Firebase free tier restricts storage and bandwidth, potentially affecting large-scale
testing.

ii. The system is implemented for demonstration purposes and may require further
optimization for deployment in production environments.

1.8 References
Rishi, N & Anu, S. (2024). A Reliable and Equitable Attribute-Based Proxy Re-encryption System
for Cloud Data Sharing. International Journal of Advanced Research in Science,
Communication and Technology. 8-15. 10.48175/IJARSCT-18402.
Indu, I., PM, R. A., & Bhaskar, V. (2017). Encrypted token based authentication with adapted
SAML technology for cloud web services. Journal of Network and Computer Applications, 99, 131-
145.
Research Clue. (2020). design and implementation of a cloud based file sharing system. Available
at: https://nairaproject.com/projects/5246-design-and-implementation-of-a-cloud-based-file-
sharing-system.html. [Accessed: 2024-11-18].
Velmurugan, S., Prakash, M., Neelakandan, S., & Radhakrishnan, A. (2024). Provably secure data
selective sharing scheme with cloud-based decentralized trust management systems.
Journal of Cloud Computing, 13(1), 86.
Bauskar, S. (2024). A Review on Database Security Challenges in Cloud Computing
Environment. International Journal of Computer Engineering & Technology. 15. 842-852.
10.5281/zenodo.13922361.
Sandhia, G. K., & Raja, S. K. (2022). Secure sharing of data in cloud using MA-CPABE with
elliptic curve cryptography. Journal of Ambient Intelligence and Humanized Computing,
13(8), 3893- 3902.
Mehrtak, M., SeyedAlinaghi, S., MohsseniPour, M., Noori, T., Karimi, A., Shamsabadi, A., ... &
Dadras, O. (2021). Security challenges and solutions using healthcare cloud computing.
Journal of medicine and life, 14(4), 448.
Han, S., Han, K., & Zhang, S. (2019). A data sharing protocol to minimize security and privacy
risks of cloud storage in big data era. IEEE Access, 7, 60290-60298.
Ganapathy, V. (2024). Audit Trail And Transparency In Cloud-Based Auditing. Edumania-An
International Multidisciplinary Journal. 02. 118-145. 10.59231/edumania/9042.
Witanto, E. N., Oktian, Y. E., & Lee, S. G. (2022). Toward data integrity architecture for cloud-
based AI systems. Symmetry, 14(2), 273.
Hussien, Z. A., Abdulmalik, H. A., Hussain, M. A., Nyangaresi, V. O., Ma, J., Abduljabbar, Z. A., &
Abduljaleel, I. Q. (2023). Lightweight integrity preserving scheme for secure data exchange
in cloud-based IoT systems. Applied Sciences, 13(2), 691.
Liu, R., Liu, J., Zhang, J., & Zhang, M. (2018). Video data integrity verification method based on
full homomorphic encryption in cloud system. International Journal of Digital Multimedia
Broadcasting, 2018(1), 7543875.
Li, X., Shang, S., Liu, S., Gu, K., Jan, M. A., Zhang, X., & Khan, F. (2022). An identity-based data
integrity auditing scheme for cloud-based maritime transportation systems. IEEE
Transactions on Intelligent Transportation Systems, 24(2), 2556-2567.
Wang, C., Sun, Y., Liu, B., Xue L. & Guan, X. (2024). "Blockchain-Based Dynamic Cloud Data
Integrity Auditing via Non-Leaf Node Sampling of Rank-Based Merkle Hash Tree," in
IEEE Transactions on Network Science and Engineering, vol. 11(5), pp. 3931-3942, doi:
10.1109/TNSE.2024.3393978.
Duggineni, S. (2023). Impact of controls on data integrity and information systems. Science and
Technology, 13(2), 29-35.
Parast, F. K., Sindhav, C., Nikam, S., Yekta, H. I., Kent, K. B., & Hakak, S. (2022). Cloud
computing security: A survey of service-based models. Computers & Security, 114, 102580.