SlideShare une entreprise Scribd logo

Data-in-Motion, Data-At-Rest and GPG

Télécharger en tant que PPTX, PDF
Ankit Mehta
Ankit Mehta

This presentation covers an open source technology (GPG) used to send and receive E-mails securely and also basics of the underlying concepts which this technology uses - Data in Motion and Data at Rest

Internet
1  sur  27
Data-in-Motion and Data-at-Rest ANKIT P. MEHTA
Main Topics  Data-in-Motion  Data-at-Rest  GnuPG
Data-in-Motion INTRODUCTION TO DATA-IN-MOTION ADVANTAGES OF DATA-IN-MOTION ATTACKS ON DATA-IN-MOTION PREVENTION OF DATA-IN-MOTION
Introduction to Data-in-Motion  Data in motion is data that is being transmitted over a network  Data as it is in transit  Data that is exiting the network via email, web, or other Internet protocols  Data being manipulated by an application  The collection process for data in motion is similar to that of data at rest; however, the difference lies in the analytics. In this case, the analytics occur in real-time as the event happens.
Introduction to Data-in-Motion  What can be called Data-in-Motion ? o Sending an e-mail o Backing up your laptop data to a central server o Uploading or downloading files to file-hosting sites o When connecting/logging into your on-line e-mail account--such as gmail--at Starbucks; etc.
Advantages of Data-In-Motion  Data in Motion represents a compelling opportunity for organizations in a variety of industries that rely on extracting value from data before it is stored, including: o Retail o Healthcare o Manufacturing o Energy production o Service provider market sectors o Internet of Things
Attacks on Data-in-Motion  The biggest threats to data in motion are interception and alteration  Vulnerable to attackers because the attacker does not have to be near the computer in which the data is being stored rather they only have to be somewhere along the path
Preventive Measures for those Attacks  Encrypting the network session ensures a higher security level for data in motion  Encryption tunnels can protect data along the path of communications  Virtual Private Networks (VPN)  Secure Shell (SSH)  Advanced Encryption Standard (AES)  Use mechanisms such as Secure Socket Layer (SSL) to encrypt messages  Use Gnu Privacy Guard (GnuPG) for encrypting messages
Data-at-Rest INTRODUCTION TO DATA-AT-REST ATTACKS ON DATA-AT-REST VARIOUS PREVENTIVE MECHANISMS
Introduction to Data-at-Rest  Refers to data that has been collected from various sources and is then analysed after the event occurs  Data stored in persistent storage  Definition:  All data in storage or that which resides in temporary memory. Data at rest is not limited to archived data, data which is not accessed or changed frequently, files stored on hard drives, USB thumb drives, files stored on backup tape and disks, and also files stored off-site or on a storage area network (SAN).
Attacks on Data-at-Rest  Because of its nature Data at Rest is of increasing concern to businesses, government agencies and other institutions.  Mobile devices are often subject to specific security protocols to protect Data at Rest from unauthorised access when lost or stolen.  There is an increasing recognition that database management systems and file servers should also be considered as at risk.  The longer data is left unused in storage, the more likely it might be retrieved by unauthorized individuals outside the network.
Various Prevention Mechanisms  The encryption of data at rest should only include strong encryption methods such as AES, RSA, and SHA-256  Cryptography can be implemented on the database housing the data and on the physical storage the databases are stored.  Data encryption keys should be updated on a regular basis.  Encryption keys should be stored separately from the data.  Periodic auditing of sensitive data should be part of policy and should occur on scheduled occurrences.  Only store the minimum amount of sensitive data as possible.
Gnu Privacy Guard INTRODUCTION TO GPG FEATURES OF GPG GPG ALGORITHMS CONCEPT OF KEY RINGS GPG KEY EXCHANGE AND USAGE GPG CERTIFICATES WORKING (HANDS-ON)
Introduction to GPG  GPG stands for “Gnu Privacy Guard”  Free implementation of Open PGP  GnuPG allows to encrypt and sign our data and communication  It features a versatile key management system as well as access modules for all kinds of public key directories.  Source Code is available  Free of cost
Features of GPG  Does not use any patented algorithms  Full OpenPGP implementation  Supports Key and signature expiration dates  Available in multiple languages  Online Help System  Supports algorithms such as DSA, RSA, AES, 3DES, Blowfish, Twofish, MD5, SHA-1, TIGER and CAST5
GPG Algorithms Algorithm Type Description Asymmetric Key RSA , DSS Message Digest MD5, SHA-1, RIPE-MD Encryption IDEA, DES-3, AES
Concept of Key Rings  GPG specifies a ring of public-private keys.  A user may want to change his public-private key pair or may want to use a different key pair for different recipients or group of recipients.  Every GPG user needs to have two sets of keys rings:  A ring for his own public-private key pairs  A ring for the public keys of other users
GPG Key Exchange and Usage  Sender’s side:  Sender creates a message digest of the original message and encrypts it using his private key from one of the key in the “Key Ring”.  Sender creates a one-time symmetric key.  Sender uses the public key (by looking in the public Key Ring) of the intended recipient to encrypt the one-time symmetric key created. Usually RSA algorithm is used for this.  Sender encrypts the Digital Signature with the one-time symmetric key.  Sender sends the encrypted original message and digital signature to the receiver.
GPG Key Exchange and Usage  Receiver’s side:  Receiver uses his private key to obtain the one-time symmetric key created by the sender.  Receiver uses the one-time key to decrypt the message.  Receiver computes a message digest of the original message.(say MD1)  Receiver uses the one-time key to obtain original digital signature.  Receiver uses the sender’s public key from the Key Ring to decrypt the digital signature and gets back the original message digest.(say MD2)  Receiver compares message digest MD1 and MD2. If they match, receiver is sure about the message integrity and authentication of the message sender.
GPG Certificates  GPG can use certificates issued by Certification Authority or can use its own certificate system.  In GPG, there is no CA.  This creates a situation where a user can have certificates issued by different users.  “Introducer” acts as a CA in GPG.  Concept of:  Introducer Trust  Certificate Trust  Key Legitimacy  Web of Trust
Setup Screenshots
Thank You ANY QUESTIONS?

Recommandé

Database ,11 Concurrency Control
Database ,11 Concurrency ControlDatabase ,11 Concurrency Control
Database ,11 Concurrency ControlAli Usman
 
Parallel Database
Parallel DatabaseParallel Database
Parallel DatabaseVESIT/University of Mumbai
 
Transport layer security (tls)
Transport layer security (tls)Transport layer security (tls)
Transport layer security (tls)Kalpesh Kalekar
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Chapter 12
Chapter 12Chapter 12
Chapter 12Ali Broumandnia
 
Temporal database
Temporal databaseTemporal database
Temporal databaseDistrict Administration
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
CS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSCS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSKathirvel Ayyaswamy
 

Recommandé

Database ,11 Concurrency Control
Database ,11 Concurrency ControlDatabase ,11 Concurrency Control
Database ,11 Concurrency ControlAli Usman
 
Parallel Database
Parallel DatabaseParallel Database
Parallel DatabaseVESIT/University of Mumbai
 
Transport layer security (tls)
Transport layer security (tls)Transport layer security (tls)
Transport layer security (tls)Kalpesh Kalekar
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Chapter 12
Chapter 12Chapter 12
Chapter 12Ali Broumandnia
 
Temporal database
Temporal databaseTemporal database
Temporal databaseDistrict Administration
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
CS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSCS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSKathirvel Ayyaswamy
 
Distributed database
Distributed databaseDistributed database
Distributed databaseReachLocal Services India
 
IP Security
IP SecurityIP Security
IP SecurityAmbo University
 
Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
File structures
File structuresFile structures
File structuresShyam Kumar
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Mobile dbms
Mobile dbmsMobile dbms
Mobile dbmsTech_MX
 
Distributed datababase Transaction and concurrency control
Distributed datababase Transaction and concurrency controlDistributed datababase Transaction and concurrency control
Distributed datababase Transaction and concurrency controlbalamurugan.k Kalibalamurugan
 
Steganography presentation
Steganography presentationSteganography presentation
Steganography presentationAshwin Prasad
 
What Does Interoperability Mean for the IoT?
What Does Interoperability Mean for the IoT?What Does Interoperability Mean for the IoT?
What Does Interoperability Mean for the IoT?Real-Time Innovations (RTI)
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
CS9222 Advanced Operating System
CS9222 Advanced Operating SystemCS9222 Advanced Operating System
CS9222 Advanced Operating SystemKathirvel Ayyaswamy
 
Database security issues
Database security issuesDatabase security issues
Database security issuesn|u - The Open Security Community
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql databasegourav kottawar
 
Security problems in TCP/IP
Security problems in TCP/IPSecurity problems in TCP/IP
Security problems in TCP/IPSukh Sandhu
 
Lecture 4 mobile database system
Lecture 4 mobile database systemLecture 4 mobile database system
Lecture 4 mobile database systemsalbiahhamzah
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)Export Promotion Bureau
 
Types of Load distributing algorithm in Distributed System
Types of Load distributing algorithm in Distributed SystemTypes of Load distributing algorithm in Distributed System
Types of Load distributing algorithm in Distributed SystemDHIVYADEVAKI
 
Ch07
Ch07Ch07
Ch07Joe Christensen
 
Steganography ppt
Steganography pptSteganography ppt
Steganography pptVikas Sharma
 
Email Security : PGP & SMIME
Email Security : PGP & SMIMEEmail Security : PGP & SMIME
Email Security : PGP & SMIMERohit Soni
 
Protecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementProtecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementStuart Marsh
 
Securing data at rest with encryption
Securing data at rest with encryptionSecuring data at rest with encryption
Securing data at rest with encryptionRuban Deventhiran
 

Contenu connexe

Tendances

Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Mobile dbms
Mobile dbmsMobile dbms
Mobile dbmsTech_MX
 
Distributed datababase Transaction and concurrency control
Distributed datababase Transaction and concurrency controlDistributed datababase Transaction and concurrency control
Distributed datababase Transaction and concurrency controlbalamurugan.k Kalibalamurugan
 
Steganography presentation
Steganography presentationSteganography presentation
Steganography presentationAshwin Prasad
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
CS9222 Advanced Operating System
CS9222 Advanced Operating SystemCS9222 Advanced Operating System
CS9222 Advanced Operating SystemKathirvel Ayyaswamy
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql databasegourav kottawar
 
Security problems in TCP/IP
Security problems in TCP/IPSecurity problems in TCP/IP
Security problems in TCP/IPSukh Sandhu
 
Lecture 4 mobile database system
Lecture 4 mobile database systemLecture 4 mobile database system
Lecture 4 mobile database systemsalbiahhamzah
 
Types of Load distributing algorithm in Distributed System
Types of Load distributing algorithm in Distributed SystemTypes of Load distributing algorithm in Distributed System
Types of Load distributing algorithm in Distributed SystemDHIVYADEVAKI
 
Email Security : PGP & SMIME
Email Security : PGP & SMIMEEmail Security : PGP & SMIME
Email Security : PGP & SMIMERohit Soni
 

Tendances (20)

Distributed database
Distributed databaseDistributed database
Distributed database
 
IP Security
IP SecurityIP Security
IP Security
 
Firewalls
FirewallsFirewalls
Firewalls
 
File structures
File structuresFile structures
File structures
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
 
Mobile dbms
Mobile dbmsMobile dbms
Mobile dbms
 
Distributed datababase Transaction and concurrency control
Distributed datababase Transaction and concurrency controlDistributed datababase Transaction and concurrency control
Distributed datababase Transaction and concurrency control
 
Steganography presentation
Steganography presentationSteganography presentation
Steganography presentation
 
What Does Interoperability Mean for the IoT?
What Does Interoperability Mean for the IoT?What Does Interoperability Mean for the IoT?
What Does Interoperability Mean for the IoT?
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
CS9222 Advanced Operating System
CS9222 Advanced Operating SystemCS9222 Advanced Operating System
CS9222 Advanced Operating System
 
Database security issues
Database security issuesDatabase security issues
Database security issues
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql database
 
Security problems in TCP/IP
Security problems in TCP/IPSecurity problems in TCP/IP
Security problems in TCP/IP
 
Lecture 4 mobile database system
Lecture 4 mobile database systemLecture 4 mobile database system
Lecture 4 mobile database system
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)
 
Types of Load distributing algorithm in Distributed System
Types of Load distributing algorithm in Distributed SystemTypes of Load distributing algorithm in Distributed System
Types of Load distributing algorithm in Distributed System
 
Ch07
Ch07Ch07
Ch07
 
Steganography ppt
Steganography pptSteganography ppt
Steganography ppt
 
Email Security : PGP & SMIME
Email Security : PGP & SMIMEEmail Security : PGP & SMIME
Email Security : PGP & SMIME
 

Similaire à Data-in-Motion, Data-At-Rest and GPG

Protecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementProtecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementStuart Marsh
 
Securing data at rest with encryption
Securing data at rest with encryptionSecuring data at rest with encryption
Securing data at rest with encryptionRuban Deventhiran
 
Atm Security System Using Steganography Nss ptt by (rohit malav)
Atm Security System Using Steganography Nss ptt by (rohit malav)Atm Security System Using Steganography Nss ptt by (rohit malav)
Atm Security System Using Steganography Nss ptt by (rohit malav)Rohit malav
 
IRJET- Enhanced Cloud Data Security using Combined Encryption and Steganography
IRJET- Enhanced Cloud Data Security using Combined Encryption and SteganographyIRJET- Enhanced Cloud Data Security using Combined Encryption and Steganography
IRJET- Enhanced Cloud Data Security using Combined Encryption and SteganographyIRJET Journal
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptxTranVu383073
 
Access control in decentralized online social networks applying a policy hidi...
Access control in decentralized online social networks applying a policy hidi...Access control in decentralized online social networks applying a policy hidi...
Access control in decentralized online social networks applying a policy hidi...IGEEKS TECHNOLOGIES
 
IRJET- Secure Sharing of Personal Data on Cloud using Key Aggregation and...
IRJET- Secure Sharing of Personal Data on Cloud using Key Aggregation and...IRJET- Secure Sharing of Personal Data on Cloud using Key Aggregation and...
IRJET- Secure Sharing of Personal Data on Cloud using Key Aggregation and...IRJET Journal
 
E-commerce- Security & Encryption
E-commerce- Security & EncryptionE-commerce- Security & Encryption
E-commerce- Security & EncryptionBiroja
 
A NUMERICAL METHOD BASED ENCRYPTION ALGORITHM WITH STEGANOGRAPHY
A NUMERICAL METHOD BASED ENCRYPTION ALGORITHM WITH STEGANOGRAPHYA NUMERICAL METHOD BASED ENCRYPTION ALGORITHM WITH STEGANOGRAPHY
A NUMERICAL METHOD BASED ENCRYPTION ALGORITHM WITH STEGANOGRAPHYcscpconf
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowBrijesh Vishwakarma
 
cryptography-Final.pptx
cryptography-Final.pptxcryptography-Final.pptx
cryptography-Final.pptxkarthikvcyber
 
ITOX PGP CommandLine slide_share march 2010
ITOX PGP CommandLine slide_share march 2010ITOX PGP CommandLine slide_share march 2010
ITOX PGP CommandLine slide_share march 2010James Cheng
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyeSAT Publishing House
 

Similaire à Data-in-Motion, Data-At-Rest and GPG (20)

Protecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementProtecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key Management
 
Securing data at rest with encryption
Securing data at rest with encryptionSecuring data at rest with encryption
Securing data at rest with encryption
 
Atm Security System Using Steganography Nss ptt by (rohit malav)
Atm Security System Using Steganography Nss ptt by (rohit malav)Atm Security System Using Steganography Nss ptt by (rohit malav)
Atm Security System Using Steganography Nss ptt by (rohit malav)
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
IRJET- Enhanced Cloud Data Security using Combined Encryption and Steganography
IRJET- Enhanced Cloud Data Security using Combined Encryption and SteganographyIRJET- Enhanced Cloud Data Security using Combined Encryption and Steganography
IRJET- Enhanced Cloud Data Security using Combined Encryption and Steganography
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvan
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptx
 
Access control in decentralized online social networks applying a policy hidi...
Access control in decentralized online social networks applying a policy hidi...Access control in decentralized online social networks applying a policy hidi...
Access control in decentralized online social networks applying a policy hidi...
 
IRJET- Secure Sharing of Personal Data on Cloud using Key Aggregation and...
IRJET- Secure Sharing of Personal Data on Cloud using Key Aggregation and...IRJET- Secure Sharing of Personal Data on Cloud using Key Aggregation and...
IRJET- Secure Sharing of Personal Data on Cloud using Key Aggregation and...
 
Encryption Primer por Cathy Nolan
Encryption Primer por Cathy NolanEncryption Primer por Cathy Nolan
Encryption Primer por Cathy Nolan
 
E-commerce- Security & Encryption
E-commerce- Security & EncryptionE-commerce- Security & Encryption
E-commerce- Security & Encryption
 
V5 i7 0169
V5 i7 0169V5 i7 0169
V5 i7 0169
 
A NUMERICAL METHOD BASED ENCRYPTION ALGORITHM WITH STEGANOGRAPHY
A NUMERICAL METHOD BASED ENCRYPTION ALGORITHM WITH STEGANOGRAPHYA NUMERICAL METHOD BASED ENCRYPTION ALGORITHM WITH STEGANOGRAPHY
A NUMERICAL METHOD BASED ENCRYPTION ALGORITHM WITH STEGANOGRAPHY
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU Lucknow
 
Cn ppt
Cn pptCn ppt
Cn ppt
 
Security technology
Security technologySecurity technology
Security technology
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastech
 
cryptography-Final.pptx
cryptography-Final.pptxcryptography-Final.pptx
cryptography-Final.pptx
 
ITOX PGP CommandLine slide_share march 2010
ITOX PGP CommandLine slide_share march 2010ITOX PGP CommandLine slide_share march 2010
ITOX PGP CommandLine slide_share march 2010
 
Comparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a surveyComparative study of private and public key cryptography algorithms a survey
Comparative study of private and public key cryptography algorithms a survey
 

Dernier

『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationMarko4394
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 

Dernier (17)

『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentation
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 

Data-in-Motion, Data-At-Rest and GPG

  • 2. Main Topics  Data-in-Motion  Data-at-Rest  GnuPG
  • 3. Data-in-Motion INTRODUCTION TO DATA-IN-MOTION ADVANTAGES OF DATA-IN-MOTION ATTACKS ON DATA-IN-MOTION PREVENTION OF DATA-IN-MOTION
  • 4. Introduction to Data-in-Motion  Data in motion is data that is being transmitted over a network  Data as it is in transit  Data that is exiting the network via email, web, or other Internet protocols  Data being manipulated by an application  The collection process for data in motion is similar to that of data at rest; however, the difference lies in the analytics. In this case, the analytics occur in real-time as the event happens.
  • 5. Introduction to Data-in-Motion  What can be called Data-in-Motion ? o Sending an e-mail o Backing up your laptop data to a central server o Uploading or downloading files to file-hosting sites o When connecting/logging into your on-line e-mail account--such as gmail--at Starbucks; etc.
  • 6. Advantages of Data-In-Motion  Data in Motion represents a compelling opportunity for organizations in a variety of industries that rely on extracting value from data before it is stored, including: o Retail o Healthcare o Manufacturing o Energy production o Service provider market sectors o Internet of Things
  • 7. Attacks on Data-in-Motion  The biggest threats to data in motion are interception and alteration  Vulnerable to attackers because the attacker does not have to be near the computer in which the data is being stored rather they only have to be somewhere along the path
  • 8. Preventive Measures for those Attacks  Encrypting the network session ensures a higher security level for data in motion  Encryption tunnels can protect data along the path of communications  Virtual Private Networks (VPN)  Secure Shell (SSH)  Advanced Encryption Standard (AES)  Use mechanisms such as Secure Socket Layer (SSL) to encrypt messages  Use Gnu Privacy Guard (GnuPG) for encrypting messages
  • 9. Data-at-Rest INTRODUCTION TO DATA-AT-REST ATTACKS ON DATA-AT-REST VARIOUS PREVENTIVE MECHANISMS
  • 10. Introduction to Data-at-Rest  Refers to data that has been collected from various sources and is then analysed after the event occurs  Data stored in persistent storage  Definition:  All data in storage or that which resides in temporary memory. Data at rest is not limited to archived data, data which is not accessed or changed frequently, files stored on hard drives, USB thumb drives, files stored on backup tape and disks, and also files stored off-site or on a storage area network (SAN).
  • 11. Attacks on Data-at-Rest  Because of its nature Data at Rest is of increasing concern to businesses, government agencies and other institutions.  Mobile devices are often subject to specific security protocols to protect Data at Rest from unauthorised access when lost or stolen.  There is an increasing recognition that database management systems and file servers should also be considered as at risk.  The longer data is left unused in storage, the more likely it might be retrieved by unauthorized individuals outside the network.
  • 12. Various Prevention Mechanisms  The encryption of data at rest should only include strong encryption methods such as AES, RSA, and SHA-256  Cryptography can be implemented on the database housing the data and on the physical storage the databases are stored.  Data encryption keys should be updated on a regular basis.  Encryption keys should be stored separately from the data.  Periodic auditing of sensitive data should be part of policy and should occur on scheduled occurrences.  Only store the minimum amount of sensitive data as possible.
  • 13. Gnu Privacy Guard INTRODUCTION TO GPG FEATURES OF GPG GPG ALGORITHMS CONCEPT OF KEY RINGS GPG KEY EXCHANGE AND USAGE GPG CERTIFICATES WORKING (HANDS-ON)
  • 14. Introduction to GPG  GPG stands for “Gnu Privacy Guard”  Free implementation of Open PGP  GnuPG allows to encrypt and sign our data and communication  It features a versatile key management system as well as access modules for all kinds of public key directories.  Source Code is available  Free of cost
  • 15. Features of GPG  Does not use any patented algorithms  Full OpenPGP implementation  Supports Key and signature expiration dates  Available in multiple languages  Online Help System  Supports algorithms such as DSA, RSA, AES, 3DES, Blowfish, Twofish, MD5, SHA-1, TIGER and CAST5
  • 16. GPG Algorithms Algorithm Type Description Asymmetric Key RSA , DSS Message Digest MD5, SHA-1, RIPE-MD Encryption IDEA, DES-3, AES
  • 17. Concept of Key Rings  GPG specifies a ring of public-private keys.  A user may want to change his public-private key pair or may want to use a different key pair for different recipients or group of recipients.  Every GPG user needs to have two sets of keys rings:  A ring for his own public-private key pairs  A ring for the public keys of other users
  • 18. GPG Key Exchange and Usage  Sender’s side:  Sender creates a message digest of the original message and encrypts it using his private key from one of the key in the “Key Ring”.  Sender creates a one-time symmetric key.  Sender uses the public key (by looking in the public Key Ring) of the intended recipient to encrypt the one-time symmetric key created. Usually RSA algorithm is used for this.  Sender encrypts the Digital Signature with the one-time symmetric key.  Sender sends the encrypted original message and digital signature to the receiver.
  • 19. GPG Key Exchange and Usage  Receiver’s side:  Receiver uses his private key to obtain the one-time symmetric key created by the sender.  Receiver uses the one-time key to decrypt the message.  Receiver computes a message digest of the original message.(say MD1)  Receiver uses the one-time key to obtain original digital signature.  Receiver uses the sender’s public key from the Key Ring to decrypt the digital signature and gets back the original message digest.(say MD2)  Receiver compares message digest MD1 and MD2. If they match, receiver is sure about the message integrity and authentication of the message sender.
  • 20. GPG Certificates  GPG can use certificates issued by Certification Authority or can use its own certificate system.  In GPG, there is no CA.  This creates a situation where a user can have certificates issued by different users.  “Introducer” acts as a CA in GPG.  Concept of:  Introducer Trust  Certificate Trust  Key Legitimacy  Web of Trust
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.