Protect your Selfie
Concept for a web application to distribute sensitive documents, created at HackDelft 2017.
With a team of 4, we created this concept web application at HackDelft 2017. The task was to create a web application that gives users control over their sensitive data. Users should be allowed to upload files which are stored on a server, and tell the application which organizations and people have access to any particular file. We decided to use a NodeJS for quick development and use AWS to store the data.
On the server, any data for storage is first encrypted using a symmetric key and is then sent to AWS for storage. This symmetric key is then encrypted with the public key of the user and is then stored on the server itself. When the user wants to retrieve the file it can decrypted the encrypted symmetric key and decrypt the file from AWS.
If the user wants to grant an organization access to a particular file, they can encrypted the symmetric key with public key of the organization. The organization can then decrypted that value to obtain the symmetric key to decrypt the file from AWS.