D-FENCE: A Secure Storage Architecture with Authentication & Optimized Key Generation

Abstract

Digital forensic systems demand strong confidentiality, integrity, and controlled access to sensitive evidence stored in cloud environments. Traditional centralized storage architectures are vulnerable to unauthorized access, key compromise, and audit manipulation. This paper proposes D-FENCE, a secure storage architecture integrating multi-level authentication, optimized key generation, and advanced encryption mechanisms for digital forensic data protection. The proposed system employs an Enhanced Equilibrium Optimizer (EEO) for optimal cryptographic key generation, combined with multi-key homomorphic encryption to ensure secure data storage and computation. Authentication is strengthened using layered access control and audit-driven verification mechanisms. Experimental observations from the implemented prototype indicate improved security, controlled access, and reliable encryption performance with minimal computational overhead. The proposed architecture is suitable for secure forensic evidence storage and cloud-based investigative applications.

Introduction

The text presents D-FENCE, a secure cloud-based digital forensic storage architecture designed to protect sensitive forensic evidence by ensuring confidentiality, integrity, and availability (CIA). With the rapid growth of cloud computing and digital communication, forensic investigations generate large volumes of sensitive data, making conventional centralized storage vulnerable to unauthorized access, weak key management, and lack of tamper-proof auditing.

To address these challenges, D-FENCE integrates multi-level user authentication, optimized cryptographic key generation, encryption mechanisms, and secure storage with audit logging into a unified framework. The system uses role-based access control (RBAC) and session monitoring to restrict access, while cryptographic keys are generated using the Enhanced Equilibrium Optimizer (EEO) to improve randomness and resistance to brute-force attacks. Forensic data is protected using Multi-Key Homomorphic Encryption (MHE) and symmetric encryption, ensuring confidentiality even during data processing.

The system workflow begins with user authentication, followed by optimized key generation, encryption, secure cloud storage with audit logs, and controlled decryption for authorized users. Phase I implementation results confirm the feasibility of the architecture, showing effective access control, secure key generation, stable encryption, and reliable module integration. Performance evaluation indicates acceptable response times with minimal overhead, while security analysis demonstrates strong protection against unauthorized access and data tampering.

Identified issues—such as audit log storage overhead, access control misconfiguration, and real-time monitoring lag—are addressed through log compression, strict RBAC enforcement, and backend optimization. The user interface is designed to be simple, role-aware, and secure, supporting clear forensic workflows.

Overall, the Phase I results validate D-FENCE as a robust and scalable foundation for secure digital forensic data storage and management, with advanced features like decentralized storage and tamper-proof audit logs planned for Phase II.

Get smarter responses, upload files and images, and more.

Log in

Conclusion

This paper presented D-FENCE, a secure storage architecture aimed at improving the confidentiality, integrity, and access control of digital forensic data in cloud environments. The proposed system integrates multi-level authentication, optimized key generation using the Enhanced Equilibrium Optimizer (EEO), and secure encryption techniques to protect sensitive forensic evidence. The EEO-based key generation enhances key randomness and resistance to cryptographic attacks, while the encryption mechanism ensures secure data storage and controlled access with minimal performance overhead.The modular design of D-FENCE supports scalability and practical deployment in forensic applications requiring strong security and auditability. Authentication, role-based access control, and logging mechanisms strengthen evidence traceability and legal reliability.

References

[1] Kumar, R. Saha, C. Lal, and M. Conti, ‘‘Internet-of-Forensic (IoF): A blockchain based digital forensics framework for IoT applications,’’ Future Gener. Comput. Syst., vol. 120, pp. 13–25, Jul. 2021. [2] L. Raji and S. T. Ramya, ‘‘Secure forensic data transmission system in cloud database using fuzzy based butterfly optimization and modified ECC,’’ Trans. Emerg. Telecommun. Technol., vol. 33, no. 9, p. e4558, Sep. 2022. [3] E. A. Abdel-Ghaffar and M. Daoudi, ‘‘Personal authentication and cryptographic key generation based on electroencephalographic signals,’’ J. King Saud Univ. Comput. Inf. Sci., vol. 35, no. 5, May 2023, Art. no. 101541. [4] P. Velmurugadass, S. Dhanasekaran, S. S. Anand, and V. Vasudevan, ‘‘Enhancing blockchain security in cloud computing with IoT environment using ECIES and cryptography hash algorithm,’’ Mater. Today, Proc., vol. 37, pp. 2653–2659, 2021. [5] V. O. Nyangaresi, M. Ahmad, A. Alkhayyat, and W. Feng, ‘‘Artificial neural network and symmetric key cryptography based verification protocol for 5G enabled Internet of Things,’’ Expert Syst., vol. 39, no. 10, p. e13126, Dec. 2022. [6] S. Nasreen and A. H. Mir, ‘‘Enhancing cloud forensic investigation system in distributed cloud computingusing DK-CP-ECC algorithm and EKANFIS,’’ J. Mobile Multimedia, vol. 19, no. 3, pp. 679–706, Feb. 2023. [7] J. Du, S. H. Raza, M. Ahmad, I. Alam, S. H. Dar, and M. A. Habib, ‘‘Digital forensics as advanced ransomware pre-attack detection algorithm for endpoint data protection,’’ Secur. Commun. Netw., vol. 2022, pp. 1–16, Jul. 2022. [8] A. Razaque, M. Aloqaily, M. Almiani, Y. Jararweh, and G. Srivastava, ‘‘Efficient and reliable forensics using intelligent edge computing,’’ Future Gener. Comput. Syst., vol. 118, pp. 230–239, May 2021. [9] M. Kashif, S. Mehfuz, I. Shakeel, and S. Ahmad, ‘‘Employing an ECCbased hybrid data encryption method to improve multitenancy security in cloud computing,’’ in Proc. Int. Conf. Recent Adv. Electr., Electron. Digit. Healthcare Technol. (REEDCON), May 2023, pp. 79–83. [10] G. Shankar, L. H. Ai-Farhani, P. A. C. Angelin, P. Singh, A. Alqahtani, A. Singh, G. Kaur, and I. A. Samori, ‘‘Improved multisignature scheme for authenticity of digital document in digital forensics using edward-curve digital signature algorithm,’’ Secur. Commun. Netw., vol. 2023, pp. 1–18, Apr. 2023

Copyright

Copyright © 2026 Aarush Abraham Mathew, Abhinand S, Akhil S, Philip Sanal, Rashdan Meharuf, Ms. Pooja P Raj. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.