Data Security and Encryption: A Comprehensive Guide
Added on 2024-05-23
7 Pages2437 Words212 Views
|
|
|
Question 3
a.
Key Encryption
Key encryption is the methodology of protecting the useful data from attackers. In this
different techniques and algorithms are applied over the data to turn them in different
format. The actual data is which is treated as plain text is computed according to the
proposed algorithm which will result in a cipher text that will be in unreadable format. The
algorithm uses a predefined proposed key for encrypting the data. The decryption of the
cypher text will be from the same key which is the symmetric key. For example –
Plain text – “My name is Max”
After encrypting with 32-bit encryption key the encrypted text will be –
“b5c0db6cd47ab5c0db6cEnCt210a37f599cbsQK8W/
ikwIb979cb5b5c0db6cdf8c10a37f599cb5”
The plain text is converted to an encrypted text which is unreadable to other (Encryption:
An Introduction to Protecting Your Data 2018).
b.
File servers in the company deals with tons of important data and information. In respect to
deal with data security there are two methods of encrypting the data stored in file server
which are File encryption and Full Disk Encryption.
File Based Encryption – It is the technique of encrypting the specific files over the file server.
This will only ensure the data encryption of that particular file and other files will remain
unprotected and there will be security threat to other unencrypted files (Gatka 2017).
Full Disk Encryption (FDE) – Full disk encryption is better approach than File based
encryption. In this method complete disk is encrypted in order to protect the data. All the
data stored on the disk gets encrypted.
Full Disk Encryption makes the complete storage disk protected including all the files in it
but it limits to protecting the particular file from storage. File based encryption lets to do
this. Both technologies are used accordingly as per the usage requirement (Gatka 2017).
File Encryption methods – RSA, AES, DES, Blowfish, Twofish (Bradford 2017)
Full Disk Encryption products - Dell data protection, McAfee Data encryption, Microsoft
Bit locker (The top full disk encryption products on the market today 2015).
a.
Key Encryption
Key encryption is the methodology of protecting the useful data from attackers. In this
different techniques and algorithms are applied over the data to turn them in different
format. The actual data is which is treated as plain text is computed according to the
proposed algorithm which will result in a cipher text that will be in unreadable format. The
algorithm uses a predefined proposed key for encrypting the data. The decryption of the
cypher text will be from the same key which is the symmetric key. For example –
Plain text – “My name is Max”
After encrypting with 32-bit encryption key the encrypted text will be –
“b5c0db6cd47ab5c0db6cEnCt210a37f599cbsQK8W/
ikwIb979cb5b5c0db6cdf8c10a37f599cb5”
The plain text is converted to an encrypted text which is unreadable to other (Encryption:
An Introduction to Protecting Your Data 2018).
b.
File servers in the company deals with tons of important data and information. In respect to
deal with data security there are two methods of encrypting the data stored in file server
which are File encryption and Full Disk Encryption.
File Based Encryption – It is the technique of encrypting the specific files over the file server.
This will only ensure the data encryption of that particular file and other files will remain
unprotected and there will be security threat to other unencrypted files (Gatka 2017).
Full Disk Encryption (FDE) – Full disk encryption is better approach than File based
encryption. In this method complete disk is encrypted in order to protect the data. All the
data stored on the disk gets encrypted.
Full Disk Encryption makes the complete storage disk protected including all the files in it
but it limits to protecting the particular file from storage. File based encryption lets to do
this. Both technologies are used accordingly as per the usage requirement (Gatka 2017).
File Encryption methods – RSA, AES, DES, Blowfish, Twofish (Bradford 2017)
Full Disk Encryption products - Dell data protection, McAfee Data encryption, Microsoft
Bit locker (The top full disk encryption products on the market today 2015).
c.
Cloud backup is great practice for backing up the important data as a security option. But
every technology has its own challenges to deal with. Following are some of the cloud
backup ramifications which company has to deal with –
Uncontrolled Data – The thing is that when an enterprise uses the cloud service as a
backup all of its information is transferred over the cloud service provider network and
then the privacy settings of information is no longer in the hand of enterprise and there
may be a chance of unauthorized access to information.
Leakage of data – There is always the risk of leakage of data because the enterprise
depends on the security preventions for data provided by the third party cloud service
provider.
Snooping – Cloud is totally over the internet, so there is a great risk of snooping of data
because hackers and intruders vitally depends on internet for attacking a system, if the
system is in the enterprise and in the internal network then it’s hard for them to
penetrate the network. Snooping can be prevented by strong security measures taken
by cloud service providers.
Management of Key – Management of the cryptographic key is a must in cloud service.
A better approach and confidentiality must be implemented for managing the key
(Prinzlau 2016).
d.
Digital Signature
When a sender sends a data or information then a fingerprint from sender is attached that
guarantees the non-alteration of the data to the receiver. Digital signature maintains the
property of data integrity and authenticity. In digital signature the sender’s private key is
used for encryption. The process of digital signature is as following –
1. Sender generates the hash value of the actual message from a certain algorithm.
2. The generated hash values are then being encrypted with the sender’s private key.
3. The encrypted hash value is then combined with sender’s public key and digital signed
document is generated and sent to the receiver.
4. Now the receiver uses the public key to open the digital signed document.
5. Now the encrypted hash value is decrypted using the private key of sender and then the
hash is converted into actual document.
6. Now the final hash decrypted data is compared with the actual message that was
received in the digitally signed document (How do Digital Signatures Work? 2015).
By this data can be assured that it is not altered. The company persons and clients uses
email which includes digital certificates, this practice ensures that the data sent over email is
not altered in between (What is digital signature and how it works? 2018).
Cloud backup is great practice for backing up the important data as a security option. But
every technology has its own challenges to deal with. Following are some of the cloud
backup ramifications which company has to deal with –
Uncontrolled Data – The thing is that when an enterprise uses the cloud service as a
backup all of its information is transferred over the cloud service provider network and
then the privacy settings of information is no longer in the hand of enterprise and there
may be a chance of unauthorized access to information.
Leakage of data – There is always the risk of leakage of data because the enterprise
depends on the security preventions for data provided by the third party cloud service
provider.
Snooping – Cloud is totally over the internet, so there is a great risk of snooping of data
because hackers and intruders vitally depends on internet for attacking a system, if the
system is in the enterprise and in the internal network then it’s hard for them to
penetrate the network. Snooping can be prevented by strong security measures taken
by cloud service providers.
Management of Key – Management of the cryptographic key is a must in cloud service.
A better approach and confidentiality must be implemented for managing the key
(Prinzlau 2016).
d.
Digital Signature
When a sender sends a data or information then a fingerprint from sender is attached that
guarantees the non-alteration of the data to the receiver. Digital signature maintains the
property of data integrity and authenticity. In digital signature the sender’s private key is
used for encryption. The process of digital signature is as following –
1. Sender generates the hash value of the actual message from a certain algorithm.
2. The generated hash values are then being encrypted with the sender’s private key.
3. The encrypted hash value is then combined with sender’s public key and digital signed
document is generated and sent to the receiver.
4. Now the receiver uses the public key to open the digital signed document.
5. Now the encrypted hash value is decrypted using the private key of sender and then the
hash is converted into actual document.
6. Now the final hash decrypted data is compared with the actual message that was
received in the digitally signed document (How do Digital Signatures Work? 2015).
By this data can be assured that it is not altered. The company persons and clients uses
email which includes digital certificates, this practice ensures that the data sent over email is
not altered in between (What is digital signature and how it works? 2018).
e.
File servers and digital certificates both have different keys in use. Various types of keys are
there which have different types of implementation while encryption. The following are
some of the types of keys which are in practice for such types of use
Symmetric and Asymmetric keys – Symmetric keys are keys which are same in use for
encryption and decryption of data where Asymmetric keys are two different keys one for
encryption and one for decryption.
Static and Ephemeral keys – Static keys are the keys which have static or long term use
in encryption or decryption where ephemeral keys are used for single session.
Data Encryption keys – These keys can be symmetric or asymmetric key which are used
for different purpose. If Symmetric then it is used for 3DES or AES algorithm but if
Asymmetric, then used for RSA algorithm
Public Key – This type of key is used when digital certificate is in use. Usage of public
keys are not that much secured.
Private key – Private key is the key owned only by the sender and receiver for encryption
and decryption of the data.
Root key – Root key are the top most secured key in the public key hierarchy and it’s a
asymmetric key.
For file server Data encryption key, root key will be most proposed and for digital
certificates for email software use public, private and root key will be best in use. They must
be provided to authorized and genuine person (Stubbs 2018).
File servers and digital certificates both have different keys in use. Various types of keys are
there which have different types of implementation while encryption. The following are
some of the types of keys which are in practice for such types of use
Symmetric and Asymmetric keys – Symmetric keys are keys which are same in use for
encryption and decryption of data where Asymmetric keys are two different keys one for
encryption and one for decryption.
Static and Ephemeral keys – Static keys are the keys which have static or long term use
in encryption or decryption where ephemeral keys are used for single session.
Data Encryption keys – These keys can be symmetric or asymmetric key which are used
for different purpose. If Symmetric then it is used for 3DES or AES algorithm but if
Asymmetric, then used for RSA algorithm
Public Key – This type of key is used when digital certificate is in use. Usage of public
keys are not that much secured.
Private key – Private key is the key owned only by the sender and receiver for encryption
and decryption of the data.
Root key – Root key are the top most secured key in the public key hierarchy and it’s a
asymmetric key.
For file server Data encryption key, root key will be most proposed and for digital
certificates for email software use public, private and root key will be best in use. They must
be provided to authorized and genuine person (Stubbs 2018).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cloud Technology and Fundamentals | Assignmentlg...
|5
|1198
|18
Advanced Network Security: Encryption, Cloud Storage, Digital Signatures, and Trojan Horse Attackslg...
|8
|1887
|117
Encryption and Authenticationlg...
|8
|1423
|83
Encryption Algorithm Assignmentlg...
|6
|1103
|186
Risk and Security in Cloud Computing | Reportlg...
|17
|4058
|59
Data Encryption Impact on Performance in Oracle and Database Storagelg...
|49
|14654
|478