Beruflich Dokumente
Kultur Dokumente
of Techniques
Emph
asizing Encryption
ABSTRACT
In the present world, there are number of data types that can be
characterized as multimedia data types. These are typically the elements for the
building blocks of ore generalized multimedia environments, platforms, or
integrating tools. The basic types can be Text, Images, Audio, Video and Graphic
Objects. While digital storage and transmission of multimedia data has many
advantages in terms of quality, functionality and costs, it also eases the production
of digital copies in perfect quality. Where copies are unauthorized, these result in
copyright infringements and financial losses. Content protection technologies have
been developed to prevent unauthorized copying. Whether preventing unauthorized
access to digital photographs, ensuring compliance with copyright regulations, or
guaranteeing the integrity of a video teleconference, all multimedia applications
requires increased security in the presence of talented intruders. Specifically, as
more and more files are preserved on disk, the requirement to provide secure
storage has become more important.
1. INTRODUCTION
Initially, the paper sets up a set of criteria for determining a storage solution
based on confidentiality, integrity, availability, and performance. Then, using these
criteria, the paper compares the relevant characteristics of selected storage
systems. Finally, the paper Considers in detail Specific applications of storage
devices in the multimedia environment.
The extreme goal of this work is How to effectively select the best security scheme
for stored data under different environments? Due to large number of potential
solutions available, it is not easy for a prospective customer to identify the best
suitable approach for his/her multimedia requirements. This paper gives an
overview of the prominent characteristics of several systems to provide a
foundation for selecting the most appropriate solution.
For protecting Multimedia Data in Storage, Many potential schemes are developed
for ensuring information confidentiality, integrity, and availability without
substantially degrading performance. In order to choose the best security scheme,
users must have proper knowledge about of the primary security features available
in the storage security community and then be able to quantifiably compare the
systems. So, How to classify various storage schemes and to compare their
performance?
In attacking this problem, we are confronted with the following challenges that
should be addressed.
• How to properly weigh the costs and benefits associated with these security
measures?
• How to compare the methods based on confidentiality, integrity, availability
and performance?
• What are the major differences between all the methods?
• What are the Specific applications of storage devices in the multimedia
environment?
This section briefly explains about common set of criteria for evaluating a storage
security system i.e. confidentiality, integrity, availability, and performance.
Confidentiality, integrity, and availability are commonly referred to in the computer
security arena, and performance was added to ensure systems achieve an
appropriate balance between security and processing ability.
Confidentiality
Integrity
Availability
Performance
The level of security and the system performance conflict each other. In order
to provide the necessary layers of security to avoid harmful attacks, the system
performance suffers. Each additional security measure requires computationally
expensive processing that detracts from the system’s ability to perform other
operations; all security measures are overhead for the system. The most dominant
performance cost is associated with encryption due to its computationally
expensive nature.
3.1 NASD – Network Attached Secure Disks
S4 is a self-securing storage medium where the disks do not trust even the
host machine operating system. S4 treats all requests as suspect. The driving
security motivation for the system has been to negate the effects of a clever
intruder who is able to successfully penetrate the operating system and disguise
any adversarial efforts. The disks themselves in S4 require a small set of
fundamental operations for managing a file system and therefore have an
embedded instruction set for internally versioning and auditing all data and
metadata. S4 does not provide any method for authentication, but rather assumes
that the self-securing disks will be used in conjunction with a file server that uses
one of many standard authentication protocols
3.4 PLUTUS
NASD Wire Yes Aggressive Capability keys, Hash MAC Scalable 20%
to increase
by using time separate checksums to
stamps, key send data, not Many over system
authentication secure on disk users, with
issued one
time server subject to no security
DOS
provide
“recent”
version
files > 40 MB
Encrypt-on-disk 2 2 0 0 4
Encrypt-on-wire 1 1 0 0 2
Threshold scheme 1 1 2 2 6
Timestamps 0 2 0 2 4
Digital signatures 0 2 0 0 2
Checksums 0 1 0 1 2
Lazy revocation 1 0 2 2 5
Aggressive revocation 2 1 1 0 4
Self-Certifying 1 0 2 1 4
pathnames
File groups 0 0 1 1 2
Comprehensive 0 2 2 2 6
versioning
Downloaded NO NO SFS-RO
video/audio
Images NO NO SFS-RO
2. CONCLUSION
All of the systems have the same goal: to protect stored data from the
effects of a malicious adversary but, design approaches may be different. Some
systems aim to provide perfect security to data, while others try to limit the amount
of damage an intruder can cause. Some systems separate data onto multiple
storage servers to eliminate a single point of attack, and others rely on centralized
trusted servers to effectively manage cryptographic keys. Some systems store
encrypted data and others require encryption prior to transmitting messages on the
wire. All of these examples present large fundamental differences that provide
options to potential users of a storage security medium. It is very difficult to make
direct comparisons between the systems because of the varied approaches, but
potential users can select the most applicable solution to their specific problems.
The most secure solution will likely be a combination of the systems described.
REFERENCES