Devabhaktuni, Nikhil (2024) Enhanced File Transfer Security in Django Web Applications with TOTP-Based Multi-Factor Authentication and Blowfish/AES Encryption on AWS Cloud. Masters thesis, Dublin, National College of Ireland.
Preview |
PDF (Master of Science)
Download (1MB) | Preview |
Preview |
PDF (Configuration Manual)
Download (746kB) | Preview |
Abstract
Securing web applications and sensitive data stored on the cloud is critical to prevent breaches. Django web frameworks lack native security capabilities making apps vulnerable which necessitates the need for multi-layered authentication systems to harden security. This research implements a multi-layered security solution to improve data protection in a Django application by combining Time-based One Time Password (TOTP) with the default Django authentication process and the use of blowfish and AES encryption algorithms for securing the file transfer to Amazon Web Services (AWS) S3 storage bucket. The inclusion of TOTP adds an additional verification layer after logging with user credentials, requiring users to enter a onetime code that expires in time from an authenticator app. Blowfish, chosen for its variable key length and AES, chosen for its larger block size are used to encrypt the files providing strong security. The encrypted files are then transferred to S3 buckets with strict access control permissions to prevent unauthorized access. The results show that this defense approach substantially boosted the Django application data security by preventing a hacker from getting access to the account with compromised credentials as TOTP provides additional authentication layer. The performance of Blowfish and AES are also evaluated in terms of execution times and compression ratios to identify the best candidate for cloud data transfers. This system with multi-factor authentication, strong encryption, and secure AWS cloud storage works seamlessly to prevent unauthorized access and protect against various threats to Django applications and data hosted on the cloud.
Item Type: | Thesis (Masters) |
---|---|
Supervisors: | Name Email Arun, Shreyas Setlur UNSPECIFIED |
Subjects: | Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science Q Science > QA Mathematics > Computer software T Technology > T Technology (General) > Information Technology > Computer software T Technology > T Technology (General) > Information Technology > Cloud computing Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security |
Divisions: | School of Computing > Master of Science in Cloud Computing |
Depositing User: | Ciara O'Brien |
Date Deposited: | 03 Jun 2025 13:26 |
Last Modified: | 03 Jun 2025 13:26 |
URI: | https://norma.ncirl.ie/id/eprint/7725 |
Actions (login required)
![]() |
View Item |