Posts

The Curious Case of Firewalls

Image
If you are hearing about the term firewall for the first time, and consider it as a wall on fire, you are at the right place. Because that is the overall idea behind this!!! Firewall is one of the most used terms in the field of information security. A lot of people think that deploying this wall of fire will solve all of their problems. Is that so? What is it that a firewall does? Does it come in all shapes and forms? What is actually a firewall? Can I use a virtual firewall?  And many more… All your queries will be solved in this multi-part series on the firewalls. A firewall is used to restrict access to one network from another network. You can think of it as a fence which you implement to keep those pestering pedestrians at bay. The firewall can also help you segregate one network within the overall network from another network. It’s like a door which helps to separate various rooms. For example, if the security administrator wants to make sure employees cannot access

Crime Prevention through Environmental Design (CPTED) Approach

Image
Security design and access control are more than bars on windows, a security guard booth, a camera, or a wall. Crime prevention involves the systematic integration of design, technology, and operation for the protection of three critical assets-people, information, and property. Protection of these assets is a concern and should be considered throughout the design and construction process. The most efficient, least expensive way to provide security is during the design process. Designers who are called on to address security and crime concerns must be able to determine security requirements, must know security technology, and must understand the architectural implications of security needs. Consider the following picture of an office campus below. What do you observe? Note down what all do you think represents this campus. Here are some important points worth mentioning : Well-Paved footpaths. Proper guidance of people entering and leaving by giving them a design

Building Blocks of a Blockchain - Part 2

Image
I strongly suggest that you read the first part before reading this part as I can assure you that the old man still has a long story to tell. Blockchain involves a lot of technical terms which we are going to learn about in the second part. Thinking of running away, don’t, as we are going to understand each and every term and the complete functioning of blockchain through real-life analogies. So grab yourself something to eat and start reading… What the old man suggested in the story was an example of DISTRIBUTED LEDGER TECHNOLOGY (DLT) ? A distributed ledger is a type of database that is shared, replicated, and synchronized among the members of a DECENTRALIZED network. The distributed ledger records the transactions, such as the exchange of assets or data, among the participants in the network. Taking cues from the story, the book of promises which the brothers maintained is the ledger book. A ledger book is a record of transactions which is maintained to

Understanding Blockchain – Part 1

Image
In the first part, instead of bombarding you with technical jargons, I will tell you a story. This story will form the basis of understanding the technical jargons which will get introduced in Part 2 of this series. There once lived an old man who had 10 sons. They all lived together. The old man was a clever man. He made each son choose a different profession so that they all could help out each other. One farmed while the other one hunted, the third one made pottery while the fourth one became a milkman. Hence, all decisions were taken by him. The family lived in this manner for quite some time. However, all the produce was brought to the old man for distribution among the brothers. You can say the old man was a  central authority. The old man thought that since he has to die one day, he must think of a solution that the brothers can apply to distribute the various items they produced. He knew that the centralized authority which he has commanded over the years will no

Digital Signature

Image
We learned about the basics of cryptography in the first post. We then learned about the types of cryptography – symmetric and asymmetric (private and public key cryptography). Then we mixed both of them to get the hybrid aspect . As if this was not enough, intelligent minds mixed hashing into cryptography to produce digital signatures. It’s time to learn about this new potion – Digital Signature. Before we delve into detail, we must understand what is hashing. Hashing is a method to ensure that the integrity of the message has not been compromised with. A one-way hash function is used for creating a hash that takes a variable-length string (a message) and produces a fixed-length value called a hash value. This hash value will only change if a change has occurred in the message. If there is no change, then the hash value will not change if you apply the one-way hash function 1 time or a 1000 times. Let’s take an example to understand this.  Message: This blog really helps m

Hybrid Cryptography

Image
We just love to mix things up. Well, yeah and why not? When we get the best of both the worlds, we can mix anything up. Even when it is so complex in itself like cryptography . In the last article, we learned about symmetric and asymmetric cryptography . It’s time to mix them both and explain you the hybrid concept. We need to go back and recapitulate some points before we can move forward and appreciate the hybrid concept. In the symmetric cryptography, we understood that it is quite fast, however, the challenge was sharing the key between a large number of people. Everyone is required to keep the shared key as secret, and, if this gets compromised, the distribution of the key needs to be repeated again.  What if we could find a way to quickly transfer this key amongst multiple people without the dangers of compromising it? Asymmetric key offers secure key distribution but uses a lot of resources when multiple people are involved. It’s also quite slow and mathematically intensiv

Symmetric and Asymmetric Cryptography

Image
Having learned about cryptography in the previous article, it is now time to learn about the types of cryptography. You are right, nothing is complete till we understand its types and subtypes and so on. Remember, your best friends, Alice and Bob!!! They are going to help us understand the types of cryptography. Before we go into the details, we ought to recapitulate a few terms.  1. Plain text – Data in a readable or understandable format. 2.  Ciphertext – Random and unreadable text  3. Encryption – Process of converting plain text into cipher text. 4. Key – Sequence of random bits 5. Algorithm – Rules by which encryption and decryption will take place. It is really important to clearly understand these terms, else, the journey ahead will be difficult. So lets us begin. Cryptography algorithms are either symmetric algorithms, which use symmetric keys (also called secret keys), or asymmetric algorithms, which use asymmetric keys (also called public an

Understanding Cryptography

Image
“ $%^*^* Nh%&gfg  K97@#”. Well, I’m 100% sure that you did not understand what I meant to say through these words. This is what cryptography is all about. Nah, don’t think that if you are unable to read what was written, it becomes an implementation of cryptography. When you convert plain text (readable text) into something that cannot be read (deciphered) often called ciphertext, it is known as cryptography. Why would you want to convert something which is readable into gibberish? From time immemorial, human beings have kept secrets to protect themselves and their countries. For this very reason, information must be protected and this assurance can be further provided by encrypting the data, ie. the process of converting plain text into cipher text. Remember, the three pillars of information security – CIA. Cryptography helps implement the confidentiality principle. The formal definition is as follows: Cryptography is a method of storing and transmitting data

Understanding NAT – Network Address Translation

Image
If you would like to send a letter to me, what would be the most important aspect for you to send it across? My address. If you would have observed, we usually write the address in a certain format – building number, followed by area, city, state and then the pin code. Why do we do that? To avoid confusion. In a similar fashion, computers when they need to talk to each other, need to use the addresses. The Internet uses the IP addressing scheme, through which each computer on the Internet is assigned an IP address and that can be used for communication. Now think, how would you communicate if these addresses go missing? Read on to find out. A long time ago, when the Internet came into existence, the concept of IP addresses came to life. This was called the IPv4 addressing scheme. This scheme involved the addresses being recorded as say, for example, 10.22.10.150. So every computer on the Internet got one such address. Over time, with the population explosion, the number of com

Asynchronous & Synchronous Communication

Image
Try to read the sentence written after this statement - “ youwillpasscisspexamifyoustudyhard ”. Clearly, you need to focus on the letters and your mind will try to discern the different words for you. Similarly, if I speak to you without pausing, it would again be difficult for you to discern and understand what I am communicating. So irrespective of the way we communicate – verbal or written, we need to follow certain grammatical rules so that the other party is able to clearly discern and understand what is being said. These grammatical rules for the written language include punctuation symbols such as comma, semicolon, spaces etc. while for verbal communication we use various aspects such as pausing, hand gestures, tones.  In a similar manner, technological communication protocols also have their own grammar and synchronization rules when it comes to the transmission of data. We have two kinds of transmission ways – Synchronous & Asynchronous. Both of them utilize