Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security of Electronic Records 29th Meeting of the ICA / SIO Geneva -13 May 2003 Milovan Misic.

Published byDarcy Stewart Modified over 8 years ago

Similar presentations

Presentation on theme: "Security of Electronic Records 29th Meeting of the ICA / SIO Geneva -13 May 2003 Milovan Misic."— Presentation transcript:

1

2 Security of Electronic Records 29th Meeting of the ICA / SIO Geneva -13 May 2003 Milovan Misic

3 Agenda Security - Issues and Definitions - Security vs. Confidentiality vs. QA Business case Examples - Security Tools / Software Questions and Answers Milovan Misic © 2003

4 Butler group 2002 Enterprise Content Management 4.6 SECURITY “Security is an aspect of any system that should be high on the agenda of an Records manager, particularly where information will be shared among employees. There are wider issues to consider than with old departmental systems, such as ensuring that content is only made available to users that are entitled to view it, and making sure that content is not intercepted during transmission outside the boundaries of the organisation. Another form of security is the protection of copyrighted material on the Internet through digital watermarks, but this technology is not yet widespread in ECM solutions, although it is sometimes a requirement of organisations.” Milovan Misic © 2003

5 Issues and Definitions Milovan Misic © 2003

6 Issues and Definitions Milovan Misic © 2003

7 WIPO Inf. Security Definitions Authentication Verification of the identity of a person, a process or a thing; or the verification of the integrity of a transmitted message. Availability The assurance that information and resources are accessible by authorized users as needed. Confidentiality The protection of information from unauthorized access regardless of where it resides or how it is stored. Digital Certificate An identity tool issued by a Certificate Authority and used to bind a user’s identification properties, such as permissions, access controls, etc. Milovan Misic © 2003

8 Business case Preserve WEB pages Provide QA during the migration Preserve the Archives holdings Milovan Misic © 2003

9 Business case - Migration HTML to XHTML Milovan Misic © 2003

10 Types of Hash Algorithms Milovan Misic © 2003

11 SELECTION OF HASHING ALGORITHMS will allow it to be used in the U.S. Courts.The National Software Reference Library (NSRL) Reference Data Set (RDS) is built on file signature generation technology that is used primarily in cryptography. The selection of the specific file signature generation routines is based on customer requirements and the necessity to provide a level of confidence in the reference data that will allow it to be used in the U.S. Courts. Milovan Misic © 2003

12 Hash Algorithm Hashing is an extremely good way to verify the integrity of a sequence of data bits (e.g., to make sure the contents of the sequence haven’t been changed inadvertently). The sequence might make up a character string, a file, a directory, or a message representing data (binary 1s or 0s) stored in a computer system. The word “hash” means to “chop into small pieces”. A hashing algorithm is a mathematical function (or a series of functions) taking as input the aforementioned sequence of bits and generating as output a code (value) produced from the data bits and possibly including both code and data bits. Two files with exactly the same bit patterns should hash to the same code using the same hashing algorithm. If a hash for a file stays the same, there is only an extremely small probability that the file has been changed. Milovan Misic © 2003

13 SHA 1 ANDNIST, along with the National Security Agency (NSA), designed the Secure Hash Algorithm Revision 1 (SHA-1) for use with the Digital Signature Standard (DSS) AND to ensure the authenticity of the Digital Signature Algorithm (DSA). Milovan Misic © 2003

14 SHA 1 Then five 32-bit variables (in contrast to the four for MD5) are initialized as follows (in hexadecimal): A=0x67452301, B=0xefcdab89, C=0x98badcfe, D=0x10325476, and E=0xc3d2e1f0. Milovan Misic © 2003

15 Security Software Digital Notary File Check Veracity Tripwire — MD 5 and SHA 1 — CRC 32 — SHA 1 Milovan Misic © 2003

16 This presentation and information contained in this presentation are protected by United States copyright law and international treaty provisions, and are confidential and proprietary to Surety, Inc. Digital Notary System Technical Overview Surety, Inc. TM

17 Your Company The Digital Notary TM Service Technology Overview A unique digital fingerprint is created for each file or record and sent to Surety — your data never leaves your building. Digital data is submitted directly to Surety, or routed through an optional onsite Notary Server. The Notary Server processes a large number of notary requests. A Notary Record for each transaction is sent back to you. Notary Server Original File Digital Fingerprint Only Digital Fingerprint Sent to Surety (Optional) Notary Server Surety

18 The Digital Notary TM Service One-Way Hash Values The probability of two different data records generating the same hash value is 1 in 10. 87 Xrh2k3jiso43n3d hfaQ7kilj45rS45 N34jd5lks9fh48t jVvbvb4h4tr89pf fGFr4ir478y4fre A759m3Y6Ts9zc22 You would have a better chance of guessing the location of a single atom in the universe. sfsafiso43n3dhf aQ7kilj45rS45N3 4jd5lks9fh48tjV vbvb4h4tr89pffG Fr4ir478y4freA7 59m3Y6Ts9zcAA33 o43n3dhfaQ7kilj 45rS45N34jd5lks 9fh48tjVvbvb4h4 tr89pffGFr4ir47 8y4freA759m3Y6T s9zcAA33sfsafis o43n3dhfaQ7kilj 45rS45N34jd5lks 9pffGFr4ir478y4 freA759m3Y6Ts9z cAA33sfsafis9fh 48tjVvbvb4h4tr8 N4C14VDR15WXuvaa 6qb+pEnlgtaI8KbM Xh0uHC/PEdzK8wf/ N9OfYqpoJyh5mkvR vaybfzz2PMnWgaWV 1QjxpdC8dj1H9NdH

19 The Digital Notary TM Service File Validation Good Morning! It is a lovely day in the neighborhood. Original File Good Morning! It is a lonely day in the neighborhood. Altered File Xrh2k3jiso43n3d hfaQ7kilj45rS45 N34jd5lks9fh48t Hash Value: N5vbvb4h4tr89pf fGFr4ir478y4fre A759m3Y6Ts9zc22 Hash Value: The hash value changes radically with only a small change in the original digital content. *Actual hash values shortened for illustrative purposes

20 The Digital Notary TM Service Root Hash Value Creation One root hash value (RHV) is generated to represent all records for that moment in time. In the following example we will use one second intervals for processing. Customers Surety.com Time 18:32:41 Root Hash Value (RHV) for 18:32:45 18:32:42 18:32:4318:32:4418:32:45

21 The Digital Notary TM Service Digital Notary Record The Record also contains a cryptographically secure, unique serial number for the file — the “SureID” number. If you refer to a Surety- certified file by its SureID number, you can be absolutely certain that it is the only file in the universe you can be referring to. SureID number

22 The Digital Notary TM Service Validation Hash ValuesTime and Date Hash values Time and date

23 Example 1 Milovan Misic © 2003

24 Example 2 03/24/1999 11:14:54 A----- 345,698 022688B6 Ben Franklin.bmp 03/24/1999 11:14:54 A----- 345,698 022688F6 Ben FranklinMODIFIED.bmp Milovan Misic © 2003

25 THANK YOU Questions Answers Milovan Misic milovan.misic@wipo.int milovan@compuserve.com Milovan Misic © 2003

Download ppt "Security of Electronic Records 29th Meeting of the ICA / SIO Geneva -13 May 2003 Milovan Misic."

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.

Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Similar presentations

Ads by Google