Cryptographic Data Splitting? What's that?

Cryptographic data splitting is a new approach to securing information. This process encrypts data and then uses random or deterministic distribution to multiple shares. this distribution can also include fault tolerant bits, key splitting, authentication, integrity, share reassembly, key restoration or decryption.

Most security schema have one or more of the following drawbacks:
  • Log-in and password access often does not provide adequate security.
  • Public-key cryptographic system reliance on the user for security.
  • Private keys stored on a hard drive that are accessible to others or through the Internet.
  • Private keys being stored on a computer system configured with an archiving or backup system that could result in copies of the private key traveling through multiple computer storage devices or other systems
  • Loss or damage to the smartcard or portable computing device in biometric cryptographic systems
  • Possibility of a malicious person stealing a mobile user's smartcard or portable computing device using it to effectively steal the mobile user's digital credentials.
  • The computing device connection to the Internet may provide access to the file where the biometric information is stored making it susceptible to compromise through user inattentiveness to security or malicious intruders.
  • Existence of a single physical location towards which to focus an attack.

Cryptographic data splitting has multiple advantages over current, widely used security approaches because:

  • Enhanced security from moving shares of the data to different locations on one or more data depositories or storage devices (different logical, physical or geographical locations
  • Shares of data can be split physically and under the control of different personnel reducing the possibility of compromising the data.
  • A rigorous combination of the steps is used to secure data providing a comprehensive process of maintaining security of sensitive data.
  • Data is encrypted with a secure key and split into one or more shares
  • Lack of a single physical location towards which to focus an attack

Because of these and other advantages, this approach seems to be a natural for cloud computing.

Commentaires

Enregistrer un commentaire

Posts les plus consultés de ce blog

Hacking Into The Indian Education System Reveals Score Tampering

Image
Debarghya Das has a fascinating story on how he managed to bypass a silly web security layer to get access to the results of 150,000 ISCE (10th grade) and 65,000 ISC (12th grade) students in India. While lack of security and total ignorance to safeguard sensitive information is an interesting topic what is more fascinating about this episode is the analysis of the results that unearthed score tampering. The school boards changed the scores of the students to give them "grace" points to bump them up to the passing level. The boards also seem to have tampered some other scores but the motive for that tampering remains unclear (at least to me). I would encourage you to read the entire analysis and the comments , but a tl;dr version is: 32, 33 and 34 were visibly absent. This chain of 3 consecutive numbers is the longest chain of absent numbers. Coincidentally, 35 happens to be the pass mark. Here's a complete list of unattained marks - 36, 37, 39, 41, 43, 45, 47, 49, 51, 53,
Lire la suite

Information Service and Cloud Dedicated Hosting

Image
Dedicated hosting service, dedicated server, or managed hosting service is a type of internet hosting the client leases an entire server not shared with anyone. It is more flexible than shared hosting, and organizations have full control over the server (s), including choice of operating system, hardware, etc. There is also another level of dedicated or managed hosting managed hosting is called complex. Apply complex managed hosting on physical servers, hybrid server and virtual servers with many companies choose hybrid (a combination of physical and virtual) hosting solution. There are many similarities between the standard and complex managed hosting, but the main difference is the level of administrative support and engineering the customer pays for all because of the growing size and complexity of infrastructure deployment . Steps presented to support most of the administration, including security, memory, storage, and support of information technology. Proactive ser
Lire la suite

DHS EAGLE & First Source Digital Guide Launched

Image
The Enterprise Acquisition Gateway for Leading Edge Solutions (EAGLE) is a multiple-award indefinite delivery/indefinite quantity (IDIQ) contract vehicle, specifically designed as the preferred source of information technology (IT) services for the majority of the Department of Homeland Security (DHS) enterprise infrastructure and initiatives. According to Soraya Correa, Director of the DHS Office of Procurement Operations (OPO), the success of EAGLE has led to plans for EAGLE II. Designed as a companion contract to EAGLE, FirstSource provides DHS with access to contractor's commercial catalogs which offer a full array of IT commodity products available in the commercial marketplace from multiple original equipment manufacturers, producers, and suppliers. It is built on the same strategy as EAGLE and lets DHS components place their own orders through a centralized ordering vehicle, accessible to senior leadership, where they can find data or information related to their IT needs. S
Lire la suite