In [1]:
# Install required library
!pip install cryptography

import os
import json
import csv
from datetime import datetime
from cryptography.fernet import Fernet

# ===================== 1. Key Generation =====================
key = Fernet.generate_key()
fernet = Fernet(key)

# Save the key securely (in real-world, store in secure vault)
with open("encryption_key.key", "wb") as key_file:
    key_file.write(key)

print("Encryption key generated and saved.")

# ===================== 2. Secure Data Storage =====================
def encrypt_and_store(data, filename):
    """Encrypts data (JSON) and stores it securely."""
    json_data = json.dumps(data).encode()
    encrypted = fernet.encrypt(json_data)
    with open(filename, "wb") as file:
        file.write(encrypted)
    print(f"Encrypted data stored in {filename}")

def decrypt_data(filename):
    """Decrypts stored data."""
    with open(filename, "rb") as file:
        encrypted = file.read()
    decrypted = fernet.decrypt(encrypted)
    return json.loads(decrypted)

# Sample sensitive data
user_data = {
    "user_id": 101,
    "name": "Alice",
    "email": "alice@example.com",
    "dob": "1990-05-12"
}

encrypt_and_store(user_data, "secure_data.json")
print("Decrypted Data:", decrypt_data("secure_data.json"))

# ===================== 3. Compliance Logging =====================
def log_access(user, action):
    """Logs user actions for compliance tracking."""
    with open("compliance_log.csv", "a", newline="") as log_file:
        writer = csv.writer(log_file)
        writer.writerow([datetime.now(), user, action])
    print(f"Action logged: {user} - {action}")

log_access("admin", "Accessed encrypted user data")

# ===================== 4. Access Control =====================
authorized_users = {"admin", "security_officer"}

def access_data(requesting_user):
    if requesting_user in authorized_users:
        log_access(requesting_user, "Decrypted data")
        return decrypt_data("secure_data.json")
    else:
        log_access(requesting_user, "Unauthorized access attempt")
        return "ACCESS DENIED"

print(access_data("admin"))
print(access_data("guest"))

# ===================== 5. GDPR Compliance - Right to Erasure =====================
def delete_user_data():
    if os.path.exists("secure_data.json"):
        os.remove("secure_data.json")
        log_access("admin", "Deleted user data (GDPR Right to Erasure)")
        print("User data deleted for GDPR compliance.")

# Uncomment to test deletion
# delete_user_data()


Encryption key generated and saved.
Encrypted data stored in secure_data.json
Decrypted Data: {'user_id': 101, 'name': 'Alice', 'email': 'alice@example.com', 'dob': '1990-05-12'}
Action logged: admin - Accessed encrypted user data
Action logged: admin - Decrypted data
{'user_id': 101, 'name': 'Alice', 'email': 'alice@example.com', 'dob': '1990-05-12'}
Action logged: guest - Unauthorized access attempt
ACCESS DENIED
