A. R. USIOBAIFO

This study aims to design and implement a secure file-sharing platform that addresses the privacy, integrity, and access control challenges inherent in modern digital collaboration. The study highlights how mainstream cloud-based file-sharing solutions often compromise user privacy by lacking true End-to-End Encryption (E2EE) and failing to prevent the distribution of malicious files. This project introduces a web-based system that uses client-side encryption to ensure that only the sender and intended recipient can access file contents, even excluding the server from decryption capabilities. In addition, it integrates real-time malware detection using ClamAV and enforces a granular, per-file Access Control List (ACL) model to restrict file operations. Developed using a Python-based backend and the React JavaScript frontend, the system adopts a Zero-Trust architecture and defense-in-depth design to provide a strong and easy-to-use alternative to conventional file-sharing platforms. The solution not only enhances data privacy and threat prevention but also serves as a reference implementation for secure and accountable file sharing in both personal and organizational contexts. The project concludes with a set of practical recommendations and a comprehensive security assessment, demonstrating the system’s effectiveness against common web application threats and affirming the feasibility of privacy-first development without compromising usability.