Scribd
Upload
11 views

Topic - : Encryption Options, Authentication and Authorization

presentation on encryption

Uploaded by

surbhikumari9955033
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
11 views

Topic - : Encryption Options, Authentication and Authorization

presentation on encryption

Uploaded by

surbhikumari9955033
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 16

TOPIC--

Encryption
options,
Authentication
and
authorization
Presented by:-
Surbhi Kumari
Nishtha Roy
Q. Id. –
22030518, 22030502
B.Tech CSE 3rd year
Sec- ‘1’
CONTENTS
• What is cloud encryption ?
• Encryption options
• Benefits and Challenges
• What is Authentication ?
• Types Of Authentication
• What is Authorization ?
What is Cloud Encryption?
 Cloud encryption is the process of transforming data from its original plain text
format to an unreadable format, such as ciphertext, before it is transferred to and
stored in the cloud.
 It is the most effective ways to uphold data privacy as well as protect Cloud data in
transit or at rest against cyber attacks.
 As with any form of data encryption, cloud encryption renders the information
indecipherable and therefore useless without the encryption keys. This applies
even if the data is lost, stolen or shared with an unauthorized user.
Types of Encryption
Cloud encryption services and protocols fall into two
main categories:-
Symmetric encryption: In this, a single key is used to encrypt
plain text and decrypt ciphertext.
Asymmetric encryption: In this, encoding and decoding are done
with linked public and private key pairs.This is like: We can lock it
(public key) without knowing the code, but only the person who
knows the code( public key) can open it again.
Encryption options
• Encrypting data in transit- Information that is
actively moving from one point to another, such as
via the internet or over a private network, is
referred to as data in transit.
Data is deemed less safe when in transit due to
the weakness
of transfer techniques.
Encryption options
• Encrypting data at rest- Data encryption for
information stored on the cloud network ensures
that even if the data is lost, stolen or mistakenly
shared, the contents are virtually useless without
the encryption key. Again, keys are only made
available to authorized users. Similar to data in
transit, encryption/decryption for data at rest is
managed by the software application.
Benefits of cloud
encryption
Security: End-to-end encryption protects sensitive information, including
client data, in transit, in use, or at rest, across any device or between
users.

Data Integrity: While hostile actors change or manipulate encrypted


data, authorized users can easily identify such behavior.

Risk reduction: Organizations may be excluded from revealing a data


breach in certain circumstances if the data is encrypted, dramatically
minimizing the danger of reputational loss and litigation or other legal
action linked to a security event..
Challenges of cloud
encryption
Time and expense: Encryption is an additional process and cost. Users
who want to encrypt their data must acquire an encryption tool and
guarantee that their current assets, such as PCs and servers, can handle
the additional encryption processing power. Because encryption takes
time, the business may face higher latency.
Data loss: Without the key, encrypted data is rendered worthless. The
data may only be recoverable if the company keeps the access key.
Key management: No cloud security technique, including encryption, is
perfect. Advanced attackers can crack an encryption key, especially if the
software lets the user select the key. This is why accessing sensitive
material should need two or more.
What is Authentication ?
 Authentication is the process of verifying the identity of a user or
service. This typically involves validating credentials like passwords,
tokens, certificates, or multi-factor authentication (MFA).
 Authentication is important because it helps organizations protect
their systems, data, networks, websites, and applications from
attacks.
 It also helps individuals keep their personal data confidential,
empowering them to conduct business, such as banking or investing,
online with less risk. When authentication processes are weak, it’s
easier for an attacker to compromise an account either by guessing
individual passwords or tricking people into handing over their
credentials
Working of Authentication ?
 For people, authentication involves setting up a username, password,
and other authentication methods, such as a facial scan, fingerprint,
or PIN. To protect identities, none of these authentication methods
are saved to the service’s database. Passwords are hashed (not
encrypted) and the hashes are saved to the database. When a user
enters a password, the entered password is also hashed, then the
hashes are compared. If the two hashes match, then access is
granted. For fingerprints and facial scans, the information is encoded,
encrypted, and saved on the device.
Types of authentication methods
 Password-based authentication
Password-based authentication is the most common form of
authentication. Many apps and services require people to create
passwords that use a combination of numbers, letters, and symbols to
reduce the risk that a bad actor will guess them.
 Certificate-based authentication
Certificate-based authentication is an encrypted method that enables
devices and people to identify themselves to other devices and systems.
 Biometric authentication
In biometric authentication, people verify their identity using biological
features.
 Token-based authentication
In token-based authentication both a device and the system generate a new
unique number called a time-based one-time PIN (TOTP) every 30 seconds. If the
numbers match, the system verifies that the user has the device.
 One-time password
One-time passwords (OTP) are codes generated for a specific sign-in event that
expire shortly after they’re issued. They are delivered via SMS messages, email, or
a hardware token.
 Voice authentication
In voice authentication, the person trying to access a service receives a phone
call, in which they’re asked to enter a code or identify themselves verbally.
What is Authorization ?
 Authorization is the process of giving someone the ability to access a
resource.
 Authorization is the process of determining what an authenticated
user or service is allowed to do. This involves checking permissions
or roles assigned to the user or service against the requested
resource.
 The type of Authentication required for Authorization may vary:
password may be required in some cases but not in others.
 In some cases , there is no authorization; any user may be use the
resource or access a file simply by asking for it
 Sometime , Authentication and Authorization are used together.
Authentication Authorization
• It determines whether the • It determines what
person is user or not. permissions does the user
have?
• It is done before the • While it is done after the
authorization process. authentication process.

• In this process, uses are • While in this process, users


verified. are validated.
THANK YOU

You might also like