Secure communication is when two entities are communicating and do not want a third party to listen in. For that, they need to communicate in a way not susceptible to eavesdropping or interception. Secure communication includes means by which people can share information with varying degrees of certainty that third parties cannot intercept what was said. Other than spoken face-to-face communication with no possible eavesdropper, it is probably safe to say that no communication is guaranteed secure in this sense, although practical obstacles such as legislation, resources, technical issues (interception and encryption), and the sheer volume of communication serve to limit surveillance.
3. ACKNOWLEDGEMENT
We would like to express our special thanks of gratitude to our teacher Dr. Natasha who
gave us the golden opportunity to present this wonderful presentation on the topic
(Secure Communication), which also helped us in doing a lot of Research and we came
to know about new things. We are really thankful to her.
4. SECURE COMMUNICATION?
When two entities are communicating and don’t want any third party to listen.
WHAT IS BEING DISCUSSED TILL NOW…
effective ways to communicate
Communicating
Method
Data Security
SUCCESSFUL COMMUNICATION
5. WHY DO WE NEED THIS?
We are living in an information age.
We need to keep information about every aspect of life,
so “INFORMATION IS AN ASSET”.
Thus, needed to be secured from attacks and misuse.
6. Secured Information means What?
– Confidentiality
Ensuring that information is
accessible only to those authoriz
ed to have access
– Integrity
Safeguarding the accuracy and
completeness of information and
processing methods
– Availability
Ensuring that authorized users
have access to information and
associated assets when required
10. Most commonly used method : CRYPTOGRAPHY.
It achieves security by encoding messages to make them unreadable.
Mathematical operations are applied on data to encrypt it.
KEY – used for encryption and decryption of data.
Cryptography
Symmetric (one key)
Asymmetric (two keys)
CRYPTOGRAPHY
13. DATA MASKING
Data masking is a method of creating a structurally similar but inauth
entic version of an organization's data that can be used for purposes
such as software testing and user training.
The purpose is to protect the actual data while having a functional
substitute for occasions when the real data is not required.
The main reason for applying masking to a
data field is to protect data that is classified as
personal identifiable data, personal sensitive data.
15. TYPES OF DATA MASKING
DATAMASKING
Static
On-the-fly
Dynamic
16. STATIC DATA MASKING
- Static Data Masking is done on the golden copy of the data base.
- Reduce the data set to a subset that holds the data necessary for a
particular round of testing, apply necessary code changes from source
control and push data to desired environment.
ON-THE-FLY DATA MASKING
On-the-Fly Data Masking happens in the process of transfer-
ring data from environment to environment without data
touching the disk on its way.
DYNAMIC DATA MASKING
Dynamic data masking happens at runtime, dynamically,
and on-demand so that there need not be a second data
source where to store the masked data dynamically.
17. TECHNIQUES OF DATA MASKING
Substitution Method
• It allows the masking to be
performed in such a manner
that another authentic looking
value can be substituted for
the existing value.
• 1: 1 mapping is done.
18. Shuffling Method
The shuffling method is a ve
ry common form of data obf
uscation. It is similar to the s
ubstitution method but it de
rives the substitution set fro
m the same column of data
that is being masked.
19. MASKING OUT
• Character scrambling or masking out of certain fields is also another
simplistic yet very effective method of preventing sensitive information
to be viewed.
• This is commonly applied to credit card data in production
systems.
Example : Credit Card No. XXXX XXXX XXXX 6789.
Applications
1) Used in Application and Software testing.
2) Used in various training programmes.
3) Used in Banking Facilities.
4) Used in customer service facilities like Call centres.
21. STEGANOGRAPHY
Steganography refers to the art and science of hiding secret
information in some other media.
The information to be hided is called the secret message.
The medium in which the information is hidden is called the
cover document.
The cover document containing hidden message is called the
s stego-document.
23. STEGANOGRAPHY APPROACH
There are two main approaches for Steganography.
SPATIAL DOMAIN APPROACH
The Data is hidden in the spatial domain of the cover document.
FREQUENCY DOMAIN APPROACH
Transform domain methods hide messages in non-significant areas of
the cover document.
24. APPLICATIONS
1) PRINTER STEGANOGRAPHY
Some modern printers use steganography, like HP laser printers These
printers add tiny yellow dots to each page.
2) Used by intelligence services and
many other organisations.
26. • Act of hiding a message related to a digital signal within the signal itself
• Watermarking tries to hide a message related to the actual content of the digital signal
• In steganography the digital signal has no relation to the message
INTRODUCTION
27. APPLICATIONS
1) Broadcast monitoring-
-To track when a specific video is being broadcast by a TV station.
-Important to advertising agencies
Information used to identify individual videos could be embedded in the videos
themselves using watermarking, making broadcast monitoring easier.
2) Owner identification-
-To identify the owner of a specific digital work of art(video or image)
-Important task, especially in cases related to copyright infringement.
So, instead of including copyright notices with every image or song, we could
use watermarking to embed the copyright in the image or the song itself.
28. Applications(contd.)
3) Transaction tracking-
-To record the recipient of every legal copy of a movie
-By embedding a different watermark in each copy.
If the movie is then leaked to the Internet, the movie producers could identify
which recipient of the movie was the source of the leak.
4) copy control-
-To prevent the illegal copying of songs
By embedding a watermark in them that would instruct a watermarking
compatible DVD or CD writer to not write the song or movie because it is an
illegal copy.
29. PROPERTIES
• Effectiveness - Probability that the message in a watermarked image will be correctly
detected
• Image fidelity - Watermarking is a process that alters an original image to add a
message to it
• The payload size - The size of embedded message is often important as many
systems require a relatively big payload to be embedded in a cover work.
• The false positive rate - This is the number of digital works that are identified to
have a watermark embedded when in fact they have no watermark embedded.
• Robustness - A robust watermark should be able to withstand additive Gaussian
noise, compression, printing and scanning, rotation, scaling, cropping, etc.
30. • very similar to the traditional models
of communication systems
• Watermarking - a process of
communicating a message from the
watermarking embedder to the
watermarking receiver.
• images, can be viewed as high-
dimensional vectors, called the media
space.
• For example a 512 X 512 image
would be described as a 262144
elements vector in a 262144-
dimensional space.
• useful to better visualize the
watermarking process using a
number of regions
WATERMARKING
MODELS
Communication-
based view
Geometric view
31. • The embedding region- all the possible images resulting from the
embedding of a message inside an unwatermarked image
• The detection region - images from which a watermark can be
successfully extracted
• The region of acceptable fidelity - images resulting from the
embedding of a message into an unwatermarked image(identical to
the original image)
• The embedding region for a given watermarking system lie inside the
intersection of the detection region and the region of acceptable
fidelity
GEOMETRIC MODEL
32. Communication-based Model
• Sender on one side would encode a message
using encoding key
• Then the message would be transmitted on a
communications channel, which would add
some noise to encoded message
• The resulting noisy message would be received
at the other end, which would decode it using a
decoding key, to get the original message back
• Can be further divided into two sub-categories:
• Uses side-information
• Does not use side-information at all
The term side information refers to any auxiliary
information except the input message itself, that can
be used to better encode or decode it.
33. Watermarking without
side-information
• The image is simply considered as
another form of channel noise that
distorts the message during its
transmission
• The watermark embedder encodes a
message using a watermark encoder and
a key
• This is then added to the original image
and transmitted over the communication
channel which adds some noise
• The watermark detector at the other end
receives the noisy watermarked image
and decode the original image using a
key
34. Watermarking with side-information
• The only difference is the use of the
original image
• The watermark embedder still encodes a
message using not only a key but also
the information provided by the original
image
• The resulting encoded message is then
added to the original image as in the
case of the no-side-information model
• The watermarking detector tries to get
the original message back using the
original key and a detection algorithm
37. MOBILE PHONES
Signal most vulnerable to attack when going
from tower to mobile device.
Hence, encryption method is needed there.
To avoid eavesdropping, the cipher key
is sent separately.
WHATSAPP
Few months ago, WhatsApp employed
end-to-end encryption mechanism to
ensure its users’ messages security.
38. SECURE NETWORK COMMUNICATIONS
SECURE SOCKET LAYER (SSL)
a public-key protocol for providing data security layered between TCP/IP.
used for establishing an encrypted link between a server and a client.
SSL allows sensitive information to be transmitted securely.
SSL secures millions of peoples' data on the Internet every day, especially when
transmitting some confidential information.
HOW TO SPOT A SSL-SECURED WEBSITE
They have a lock icon being displayed or green
address bar that comes with an extended validation
for SSL-secured website.
SSL-secured websites also begin with https rather
than http.
41. Majorly used techniques for data security explained.
But attackers are getting advanced with time.
Hence, this field requires constant development.
So that people can rely more on the new communication techniques
rather than conventional methods, and our PM’s dream of
“DIGITAL INDIA” can become a propitious reality.