Presentation is loading. Please wait.

Presentation is loading. Please wait.

حماية البيانات الإلكترونية نموذج البصمات المائية الهواري غوثي و د. جار الله الغامدي كلية علوم و هندسة الحاسب الآلي جامعة الملك فهد للبترول والمعادن شعبان.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "حماية البيانات الإلكترونية نموذج البصمات المائية الهواري غوثي و د. جار الله الغامدي كلية علوم و هندسة الحاسب الآلي جامعة الملك فهد للبترول والمعادن شعبان."— Presentation transcript:

1 حماية البيانات الإلكترونية نموذج البصمات المائية الهواري غوثي و د. جار الله الغامدي كلية علوم و هندسة الحاسب الآلي جامعة الملك فهد للبترول والمعادن شعبان 1425ه

2 E-Document Protection “Watermarking” Approach Mr. Lahouari Ghouti and Dr. Jarallah Al-Ghamdi College of Computer Science and Engineering KFUPM University September 2004

3 Outline Digital Watermarking Document Distribution Infrastructure Three Phases of Document Distribution Protocol: – Acquisition of Registration Certificates – Acquisition of Documents – Resolution of Policy Violation Conclusions

4 A Challenge Which is one is the original???

5 Another Challenge Original???

6 Introduction Enterprise document management across a large enterprise is difficult: Sensitive documents often found in photocopier rooms or public folders at file servers!!! Why? It involves both digital and non-digital forms. It covers both automated and manual procedures. It requires a truly distributed solution. It supports multimedia format. It must be flexible, allowing individual group to refine its own policies. It should protect privacy wherever applicable.

7 Secrecy Issues Consider the following WWII “press cable”: PRESIDENT’S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY.

8 Secrecy Issues PRESIDENT’S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY. PERSHING SAILS FROM NY JUNE 1

9 Proposed Solution We propose the use of “digital watermarking” to enforce enterprise document distribution policy. Document provider disseminates watermarked documents based on the registration certificate submitted by end user End User Document Provider

10 Watermarking??? Two common applications of digital watermarking: 1. Identify and claim the copyrights ownership. 2. Identify the origin of illegal distribution. Watermarks are exclusively owned by individuals.

11 Encryption Original Encrypted

12 Watermarking: Origins Digital Watermarking is originated from “Steganography” Stego. Graphos.

13 Watermarking: An Example

14

15

16 Minute alterations of letter, word, and line spacing. E.g., Change line spacing by 1/300 inch: imperceptible to the human eye, but easily detected by computers. Rumored to have been used by British government in 1980’s to catch leaks.

17 Watermarking Goals Cover DocumentSecret Document

18 Watermarking Goals

19 EDoc Server Office #1 Office #2 Office #n Copy #1 With digital watermark #1 Copy #2 With digital watermark #2 Copy #n With digital watermark #n Distribute Protected EDocs

20 Watermarking Principles

21 Authentic??? Manipulated???

22 Watermarking Principles insertiondetection

23 Watermarking Principles Original???

24 Watermarking Principles Original???

25 Watermarking Principles Audio MP3

26 Key Issues in Watermarked Document Distribution Protocol PhasesIssues Registration Certificate Acquisition - Secrecy of watermarks Watermarked Document Acquisition - End users cannot be trusted - Document providers cannot be trusted Policy Violation Resolution - End users cannot be trusted - Document providers cannot be trusted

27 Some Concerns Identify the origin of illegal distribution: –End user owning the origin is liable –End user’s watermark is analogous to a private key  Could we protect end user’s watermark in document distribution to prevent others (including the document provider) from abusing the watermark?

28 Our Solution End users need not release their watermarks Instead, end users release an encrypted version of their watermarks So, how does a document provider validate an encrypted watermark? Trusted Enterprise Registration Authority Use registration certificate to protect the integrity of encrypted watermark

29 Watermarked Document Distribution Infrastructure Obtain Once Document provider disseminates watermarked documents based on the registration certificate submitted by end user Enterprise registration authority generates registration certificate for end user End User Enterprise Registration Authority Document Provider Policy enforcer collects evidence of policy violation from document provider Policy Enforcer

30 Watermark Acquisition apply for registration certificate Registration Certificate Request generate watermark Registration Certificate Response obtain PKI certificate store certificate End User Enterprise Registration Authority activities data objects

31 Implementation Architecture Enterprise Registration Authority Request Registration Certificate Deliver Registration Certificate Encrypted watermarked document Document Registry Look up document access information and policy Check out Register document access information and policy End User Check in document with registration certificate Store and retrieve document access history Deliver permutation function and registration certificate Submit suspected document request for evidence Document Access Log Document Server of the Provider Policy Enforcer Certificate Repository Maintain directories of valid and revoked Registration Certificates

32 Registration Certificate Version (of Registration Certificate Format) Registration Certificate Serial Number Signature Algorithm Identifier (for Certificate Issuer’s Signature) Issuer Name Validity Period (Start and Expiry Dates/Times) Subject Name Roles Subject’s Public Key information (Algorithm Identifier & Public Key Value) One-Way Hash Value of Encrypted Secret Text Encrypted Image Watermark & Watermarking Algorithm Identifiers Encrypted Audio Watermark & Watermarking Algorithm Identifiers Encrypted Video Watermark & Watermarking Algorithm Identifiers Issuer’s Digital Signature Optional

33 What Else??? Study the integration of watermarking protocols and inter-organizational workflows and e-marketplace negotiations.

34 KFUPM Expertise

35 Patens filed in the area of document security. Patents filed in the area of document/imaging authentication. Ongoing work in multimedia document management/workflow/security/authentication. Published research work in International Referred journal and Conference proceedings such as IEEE/IEE/ACM.

36 Electronic Enterprise Architecture: KFUPM Experience Mr. L. Ghouti and Dr. J. Al-Ghamdi EDoc Forum Riyadh September 20-21 2004 Thank you! Feel free to contact: ghouti@ccse.kfupm.edu.sa Questions? Talk Slides Will Be Available at: http://www.ccse.kfupm.edu.sa/~ghouti/

Download ppt "حماية البيانات الإلكترونية نموذج البصمات المائية الهواري غوثي و د. جار الله الغامدي كلية علوم و هندسة الحاسب الآلي جامعة الملك فهد للبترول والمعادن شعبان."

Similar presentations

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,

 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,
Safeguarding and Charging for Information on the Internet Hector Garcia-Molina, Steven P. Ketchpel, Narayanan Shivakumar Stanford University Presented.

Safeguarding and Charging for Information on the Internet Hector Garcia-Molina, Steven P. Ketchpel, Narayanan Shivakumar Stanford University Presented.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Opening Presentation of Notary Reqs 8/5/2004 Tobias Gondrom.

Opening Presentation of Notary Reqs 8/5/2004 Tobias Gondrom.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
SMUCSE 5349/7349 Public-Key Infrastructure (PKI).

SMUCSE 5349/7349 Public-Key Infrastructure (PKI).
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
هندسة تصميم المؤسسة الإلكترونية تجربة جامعة الملك فهد للبترول والمعادن الهواري غوثي و د. جار الله الغامدي كلية علوم و هندسة الحاسب الآلي جامعة الملك فهد.

هندسة تصميم المؤسسة الإلكترونية تجربة جامعة الملك فهد للبترول والمعادن الهواري غوثي و د. جار الله الغامدي كلية علوم و هندسة الحاسب الآلي جامعة الملك فهد.

Similar presentations

Ads by Google