Data protection is the process of preventing important data from being tampered with, compromised, or lost. As the amount of data collected and stored continues to expand at unprecedented rates, data protection becomes increasingly important(Pandey,2018). There is also minimal tolerance for downtime, which might prevent crucial information from being accessed. As a result, ensuring that data can be restored swiftly after any corruption or loss is an important aspect of a data protection strategy. Other important aspects of data protection include preventing data compromise and guaranteeing data privacy (Singh and Kim, 2018). The main principles of data protection are to keep data safe and accessible at all times(Yassein et al., 2017)The term “data protection” is used to refer to both operational data backup and business continuity/disaster recovery. Data availability and data management are two areas where data protection solutions are evolving.
Data security refers to a set of procedures and policies for safeguarding your vital information technology (IT) infrastructure. Files, databases, accounts, and networks were all covered. Effective data security employs a set of controls, applications, and strategies that determine the value of different datasets and apply the most appropriate security restrictions(Manjunath and Rao, 2018). Data security that is effective considers the sensitivity of diverse datasets as well as regulatory compliance needs. Data security, like other cybersecurity postures such as perimeter and file security, isn’t the be-all and end-all for keeping hackers at away(Pitizzer and Affenzeller, 2017). Data security, on the other hand, is one of several important strategies for assessing risks and lowering the risk associated with data storage and handling.
In the case study presented here, data security and cryptography are thought to work together to achieve a certain set of goals(Alassaf and Gutub,2019). A cryptosystem is a structure or technique that uses a set of algorithms to transform plaintext to cipher text in order to securely encode or decode messages. Cryptosystems include methods for key creation, encryption, and decryption techniques to help keep data secure.
BACKGROUND OF CRYPTO AND DATA PROTECTION SYSTEMS
Data security is the science and study of ways for preventing unauthorized disclosure and manipulation of data in computer and communication networks. The purpose of this study is to demonstrate how to apply mathematical principles of data security to operating systems, database systems, and computer networks in order to fulfill the needs of a customer. The following image is an illustration of a cryptosystem.
Since 1975, data security has progressed at a breakneck pace. Public-key encryption, digital signatures, the Data Encryption Standard (DES), key protecting techniques, and key distribution protocols have all been interesting breakthroughs in cryptography. Experts have devised methods for ensuring that systems do not leak sensitive information or convey classified information to users with lower security clearances. Stakeholders have discovered new safeguards for data in statistics databases, as well as new ways to attack them. Scholars and experts have improved their grasp of security’s theoretical and practical constraints. Within the cyber security area, cryptography serves a multitude of purposes. It’s assumed that a tiny group of brilliant mathematicians has already perfected some extremely advanced cryptography primitives, protocols, and algorithms.
CRYPTO SYSTEMS AND DATA PROTECTION
From the time it is packaged until it is experienced by an end user, systems and methods for protecting electronic content are offered. Encryption, watermark screening, detection of invalid content processing software and hardware, and/or detection of incorrect content flows are all used to protect against content misuse(Nowakowski et al., 2017). Encryption ensures that content remains private while being transferred or stored.
Watermarking safeguards content from being used without permission. Watermark screening is accomplished by invoking a filter module to check content for the presence of a watermark before delivering it to output hardware or software. If it detects a predetermined protection mark, the filter module can block the content from being delivered to the output hardware or software. A monitoring technique that validates the software involved in processing protected electronic content detects invalid content processing software. The attempted transmission of bit patterns released from an application and/or a piece of content management software can be identified by analyzing the information transferred across system interfaces for invalid content flows.
Data protection (also known as information privacy or data privacy) is the act of determining whether and under what circumstances personal data can be processed. Personal data is any information about a recognized or identifiable natural person (the data subject). A controller is a person, company, government agency, or community that establishes the purposes and procedures for processing personal data, whereas a processor is a third-party who processes personal data on behalf of a controller(Islam et al., 2021)
The majority of viable cryptographic schemes have two components:
• A method, often known as an algorithm, is a set of rules that specifies the mathematical procedures required to encrypt or decrypt data.
• One or more cryptographic keys (a string of numbers or characters). The key is used by the algorithm to choose one relationship between plaintext and cipher text from among the many possible associations. The composition of the algorithm’s outcome is determined by the relationship chosen.
Secret key cryptography employs a standard algorithm, such as the Data Encryption Standard (DES) or the Advanced Encryption Standard (AES), which are both supported by the ICSF. Symmetric cryptography is another word for secret key cryptography. This condition must be met in order to have intelligent cryptographic communications between two parties who are using a traditional algorithm:
• The cryptographic algorithm used by both parties must be the same.
• The sending party’s cryptographic key must be available to the receiving party in order for the data to be decrypted.
Cryptography using public keys
In a public key cryptography system, each side has a pair of keys. One key is public and open to the public, while the other is private. Because the public and private keys are not identical, public key cryptography is also known as asymmetric cryptography. The sending party seeks up the public key of the receiving party and uses it to decrypt the data. The data is subsequently decrypted by the receiving party using its private key. The privacy of the private key is vital in a public key system.
Complex mathematical calculations are required for public key cryptography. As a result, these systems aren’t typically employed to decode messages or vast volumes of data. However, they are used to encrypt and decrypt symmetric keys that are sent between two systems(Abood and Guirguis 2018) Digital signatures on electronic documents are frequently generated and verified using public key cryptography methods. The sender generates the digital signature with his or her private key. The receiver then verifies the sender’s identity by using the sender’s public key. The digital signature is replacing the handwritten signature as a legal guarantee of validity on the growing information highway. Any system of nonrepudiation relies on digital signatures as the primary technique.
CIMS overview
In the context of information security, identity management refers to the rules that are used to regulate access to digital resources and other resources, as well as the policies and processes that are put in place to accomplish this. Many systems, such as e-mail, learning management systems, library databases, and grid computing applications, require the user to be authenticated before they can be used (typically with a username and password). After that is completed, an authorization process checks to see if the users who have been authenticated are permitted to access the systems in question. An enterprise identity management system (EIMS) makes use of a single digital identity to grant access to all of the resources that a user is entitled to, regardless of whether those resources are located in the cloud, on-premises, or in a combination of both environments.
A federated identity model converts the local identities of member institutions into federated identities, and the other way around as well. The use of that local identity grants access to all resources and services across the federation. Using a federated identity is not required. Organizations have access to federated identities and resources that are stored in identity federations. The federation has the authority to decide which digital identity attributes are used and which are not.
References
Abood, O.G. and Guirguis, S.K., 2018. A survey on cryptography algorithms. International Journal of Scientific and Research Publications, 8(7), pp.495-516.
Alassaf, N. and Gutub, A., 2019. Simulating light-weight-cryptography implementation for IoT healthcare data security applications. International Journal of E-Health and Medical Communications (IJEHMC), 10(4), pp.1-15.
Islam, M.A., Kobita, A.A., Hossen, M.S., Rumi, L.S., Karim, R. and Tabassum, T., 2021. Data Security System for A Bank Based on Two Different Asymmetric Algorithms Cryptography. In Evolutionary Computing and Mobile Sustainable Networks (pp. 837-844). Springer, Singapore.
Manjunath, B.E. and Rao, P.V., 2018. Balancing Trade off between Data Security and Energy Model for Wireless Sensor Network. International Journal of Electrical and Computer Engineering, 8(2), p.1048.
Nowakowski, W., Bojarczak, P. and Łukasik, Z., 2017, July. Performance analysis of data security algorithms used in the railway traffic control systems. In 2017 International Conference on Information and Digital Technologies (IDT) (pp. 281-287). IEEE.
Pandey, M. K. (2018). Implementation of DNA crypto. Research Journal of Computer and Informa, 6(3), 1-7.
Pitzer, E. and Affenzeller, M., 2017, February. Facilitating evolutionary algorithm analysis with persistent data structures. In International Conference on Computer Aided Systems Theory (pp. 416-423). Springer, Cham.
Singh, M. and Kim, S., 2018, January. Crypto trust point (cTp) for secure data sharing among intelligent vehicles. In 2018 International Conference on Electronics, Information, and Communication (ICEIC) (pp. 1-4). IEEE.
Yassein, M.B., Aljawarneh, S., Qawasmeh, E., Mardini, W. and Khamayseh, Y., 2017, August. Comprehensive study of symmetric key and asymmetric key encryption algorithms. In 2017 international conference on engineering and technology (ICET) (pp. 1-7). IEEE.
