Learning Security with Mayur

In the previous blog post , we dissected the definition of cloud computing as per NIST and ISO/IEC. Before you proceed further, I urge you to read it before continuing. In this blog post, we will learn about traditional virtualisation and how cloud is an extension of it via the abstraction and orchestration mechanism. Consider this scenario : John is a security administrator and wants to implement a firewall ( primary & secondary), a mailing server and a server managing legacy applications. In the traditional IT workspace, John would require 2 separate physical boxes for implementing the firewall ( one for primary & the other one for secondary), a mailing server box and probably as many boxes as the number of applications. This would be highly cost-prohibitive. The intelligent minds gather together and hail virtualisation as the solution to reduce cost. Virtualization is a technology that lets you create useful IT services using resources that are traditionally bound to hardwar

When you download an image, where does it get stored? You select the path in your system and say then store in a folder in the D:. But if you upload a video on YOUTUBE, where does it get stored? If you own an Apple device and upload your documents to iCloud, where does it get stored? Answers to all these questions lie in just one word - The Cloud. But what exactly is the cloud? In most basic of the terms, a cloud is someone else’s computer which has insane crazy amounts of space in it. Companies like Google, Apple, Amazon, Microsoft and many more have built huge data centres around the world. These data centres are the places which have terabytes of information being stored and processed every second. The cloud hence is just the servers that are working around the clock from these data centres. But this is just a layman understanding of the cloud. We must understand what makes a cloud - A cloud. What if I have a small data centre with 10 Linux servers, Can I call that as a cloud servic

If you ask any of the companies where do they store the user’s data, most of the companies answer - It’s all in the cloud. It may be your digital identities or your food eating habits or the grocery items you order, all of them is ( not so safely, I doubt the security too) stored in THE CLOUD. But what exactly is the cloud that everyone seems to be on the top of these days? In the simplest terms, cloud computing means storing and accessing data and programs over the Internet instead of your computer's hard drive. hard drive. The cloud is just a metaphor for the Internet. If everyone’s data ( even if you did not sign up for it, believe me, your data is surely there) is stored in the cloud, shouldn’t we understand it in detail, especially the security aspect of it? Well, my aim is exactly that - To help you get to the bottom, I mean on the top of it, of this Mr Cloud.  I will cover all the 14 domains of the CCSK and overlapping domains of the CCSP going forward. This will entail the

While the future is unknown to everyone, there are a few key aspects that will become inevitable in the post COVID world. The world is changing and governments around the world are making decisions on the fly. While we would not know when the onslaught of the coronavirus will end, there are some aspects which will be learning lessons to individuals, corporations and governments around the world.  Digital is the Future No matter which industry you belong to, digital will be an inherent part of your business going forward. From the acceptance of digital payments to enabling digital infrastructure so that employees can work remotely, digital will be the key feature in the business plans of the organizations.  The post COVID world will not allow you to survive if digital does not occupy any role in your business plans. The offering from the provider companies will also increase and this will be a win-win situation for all.  Broadband Access for All If digital is the future, then the oxygen

“Trust” is what was the starting point of the discussion on PKI. The public key infrastructure is based on the premise to enable trust between unknown parties to ensure the secure transmission of information. Another element that ensures trust is the Trusted Platform Module. The previous discussion ended with questions about key management and key security. Keys are one of the PKI's most critical components; hence, keeping them secure and maintaining their history is of paramount importance. What would you do if you have to keep a piece of information ( in this case - keys) secure? Keep it under lock and key (pun intended). Whenever we face such difficult questions, intelligent minds have always come to our rescue. Trusted Platform Module (TPM) was conceived by a computer industry consortium called Trusted Computing Group (TCG), and was standardized by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) in 2009 as ISO/IEC 11

In the previous blog post, we learnt about the various pieces of the puzzle called the public key infrastructure. It’s time to learn how these pieces work after fitting together. The PKI is made up of the following different components. • Certification authority • Registration authority • Certificate repository • Certificate revocation system • Key backup and recovery system • Automatic key update • Key Management To help understand the workings of a PKI, let’s try to take a day to day example and then try to learn through it on the workings of the PKI. Let’s say that Oslo wants to get him a passport. He needs this to prove to everyone that he is Oslo when he visits another country. The passport issued by the Government will be his way to enable trust with another country’s systems and people. They may not know him, but they will trust the passport that he is carrying. Now Oslo wants to apply for the passport. So he goes to the registration authority or the passport offi

Quite often in the world of cryptography will you hear the term, PKI or Public Key Infrastructure. While people often use this term loosely without understanding ( and even appreciating) the whole gamut which this word entails, it is extremely important for a security professional to understand what PKI represents. Have you ever visited a store like that of Best Buy or Big Bazaar etc? They provide you with almost everything you can imagine. Public Key Infrastructure, henceforth referred to as PKI in the blog post, is a set of programs, procedures, algorithms, communication protocols, security policies that work together to enable secure transmission of information. PKI is an ISO authentication framework that uses public-key cryptography and the X.509 standard. PKI is not just an encryption standard or a technology, it is a complex assortment of various aspects that work together. We have learnt about confidentiality, integrity, privacy, non-repudiation and PKI offers all of t