Introduction/purpose: The security of systems can be jeopardized by compromising emanations. This paper provides an overview of computer screen attacks. New technologies can be used to exfiltrate ...sensitive data from computer screens. Emission security is the prevention of electromagnetic signal attacks that are conducted or radiated. Methods: This paper examines the impact of a side-channel attack that intercepts compromised information from a computer screen. The leakage of electromagnetic data is also explained. Software-defined radios are described to explain malicious attacks on computer monitors. Results: The source of the electromagnetic signal determines the nature of the side-channel information they carry. The most well-known issue associated with revealing emissions is the possibility of intercepting visual information displayed on computer monitors. Conclusion: Visual data displayed on computer monitors could be intercepted by a software-defined radio which can digitize the desired frequency spectrum directly from an antenna, present it to a digital signal processor, and output it to an application for revealing sensitive data. A Grdović, M. et al, Screen reading: electromagnetic information leakage from the computer monitor, pp.836-855 variety of countermeasures, such as shielding, zoning, soft TEMPEST, and similar techniques, can be used to prevent data leakage.
Introduction/purpose: Nowadays, user identification systems play a very important role in modern society. Complex security requirements have led experts to explore ways in which biometric data can be ...used to identify user identities. This paper presents an overview of biometric standards and methods which can be used to identify users in biometric systems, and therefore to protect information and communication systems. Methods: This paper deals with the problem of standardization in the field of biometrics. The first part of the paper presents concrete examples of the most widely used biometric standards. The second part of the paper gives an overview of the most used biometric methods. Results: The obtained results show that the development of biometric systems and biometric sensors contributes to better protection of identity from misuse, because biometric technologies have great potential for improving the security and accuracy of system operation. Biometric systems improve the security of users and also provide much greater precision in establishing identity. Conclusion: The development of biometric standards should focus on their interconnectivity, as well as on increasing connectivity with other IT standards.
Digitalni multimedijalni sadržaj postaje zastupljeniji i sve više se razmenjuje putem računarskih mreža i javnih kanala (satelitske komunikacije, bežične mreže, internet, itd.) koji predstavljaju ...nebezbedne medijume za prenos informacija osetljive sadržine. Sve više na značaju dobijaju mehanizmi kriptološke zaštite slika i video sadržaja. Tradicionalni sistemi kriptografske obrade u sistemima za prenos ovih vrsta informacija garantuju visok stepen sigurnosti, ali i imaju svoje nedostatke - visoku cenu implementacije i znatno kašnjenje u prenosu podataka. Pomenuti nedostaci se prevazilaze primenom algoritama selektivnog šifrovanja. / Digital multimedia content is becoming widely used and increasingly exchanged over computer network and public channels (satelite, wireless networks, Internet, etc.) which is unsecured transmission media for ex changing that kind of information. Mechanisms made to encrypt image and video data are becoming more and more significant. Traditional cryptographic techniques can guarantee a high level of security but at the cost of expensive implementation and important transmission delays. These shortcomings can be exceeded using selective encryption algorithms. Introduction In traditional image and video content protection schemes, called fully layered, the whole content is first compressed. Then, the compressed bitstream is entirely encrypted using a standard cipher (DES - Data Encryption Algorithm, IDEA - International Data Encryption Algorithm, AES - Advanced Encryption Algorithm etc.). The specific characteristics of this kind of data, high-transmission rate with limited bandwidth, make standard encryption algorithms inadequate. Another limitation of traditional systems consists of altering the whole bitstream syntax which may disable some codec functionalities on the delivery site coder and decoder on the receiving site. Selective encryption is a new trend in image and video content protection. As its name says, it consists of encrypting only a subset of the data. The aim of selective encryption is to reduce the amount of data to encrypt while preserving a sufficient level of security. Theoretical foundation of selective encryption The first theoretical foundation of selective encryption was given indirectly by Claude Elwood Shannon in his work about communication theory of secrecy systems. It is well known that statistics for image and video data differ much from classical text data. Indeed, image and video data are strongly correlated and have strong spatial/temporal redundancy. Evaluation criteria for selective encryption algorithm performance evaluation We need to define a set of evaluation criteria that will help evaluating and comparing selective encryption algorithms. - Tunability - Visual degradation - Cryptographic security - Encryption ratio - Compression friendliness - Format compliance - Error tolerance Classification of selective encryption algorithms One possible classification of selective encryption algorithms is relative to when encryption is performed with respect to compression. This classification is adequate since it has intrinsic consequences on selective encryption algorithms behavior. We consider three classes of algorithms as follows: - Precompression - Incompression - Postcompression Overview of selective encryption algorithms In accordance with their precedently defined classification, selective encryption algorithms were compared, briefly described with advantages and disadvantages and their quality was assessed. Applications Selective encryption mechanisms became more and more important and can be applied in many different areas. Some potential application areas of this mechanism are: - Monitoring encrypted content - PDAs (PDA - Personal Digital Assistant), mobile phones, and other mobile terminals - Multiple encryptions - Transcodability/scalability of encrypted content Conclusion As we can see through foregoing analysis, we can notice that tunability, cryptographic security and error tolerance are the main unsatisfied criteria. Selective encryption algorithms based on static encryption parameters do not allow tunability. Tunability is a desirable property especially for content protection systems targeting different applications with different requirements in terms of security or visual degradation and different devices with different capabilities in terms of memory, computational power, or display capabilities. It is therefore appreciated to design a tunable selective encryption algorithm with dynamic encryption parameters.
Brzi razvoj digitalne multimedije, dostupnost većih propusnih opsega u komunikacionim mrežama i porast procesorske snage prouzrokovali su svakodnevno korišćenje digitalnih multimedijalnih podataka na ...različitim uređajima i u različitim sferama života. Velika količina kako ličnih tako i poslovnih multimedijalnih podataka postaje javno dostupno i mogu biti lako ukradeni, kopirani ili modifikovani.HEVC (High Efficiency Video Coding) je najnoviji standard kompresije videopodataka koji su zajedno razvile institucije ITU-T i ISO/IEC u toku 2013. godine. Ovajstandard kodovanja video podataka je razvijen kao odgovor na rastuće potrebe za većimrezolucijama video podataka, većim stepenom kompresije pokretnih slika i boljimiskorišćenjem računarskih arhitektura za paralelnu obradu podataka. Dizajn najnovijegstandarda kompresije video podataka obezbeđuje približno 30% -50% redukcije bitskogprotoka (bitske brzine) u odnosu na ekvivalentni perceptualni kvalitet koji se postižeprethodnim standardom video kompresije - H.264/AVC High Profile. Ovakvakarakteristika čini HEVC standard pogodnim za različite primene kao što su Internetstriming, komunikacione tehnologije, konverzacija u realnom vremenu koja obuhvata ivideo ćaskanje, video konferencije i telepresence sisteme komunikacije. Osimnavedenog, HEVC standard se može efikasno koristiti za skladištenje digitalnih videopodataka i za emitovanje televizijskog signala visoke definicije (engl. HD TV - Highdeffinition) preko satelitskih, kablovskih ili zemaljskih sistema prenosa. Prethodnonavedeno čini HEVC standard atraktivnim rešenjem za širok opseg mogućih primenavideo sadržaja kako i okviru različitih Internet servisa u komercijalnom sektoru tako i uvojnim komunikacionim sistemima.Navedeni standard predstavlja najefikasniji sistem kompresije video podataka kojipostoji. Međutim, ovaj standard ne obezbeđuje bezbednosne mehanizme kojima seimplementiraju kriptografski servis očuvanja tajnosti podataka. Postoji nekoliko javnodostupnih algoritama selektivnog šifrovanja za prethodni H.264/AVC standardkompresije i nekoliko novih za novi H.265/HEVC standard. Algoritmi selektivnogšifrovanja se koriste za zaštitu tajnosti video toka podataka. Mali deo video toka je kriptografski obrađen, sa minimalnim utroškom resursa (procesorska snaga, vremeobrade) i još uvek dovoljnim nivoom sigurnosti za različite oblasti primene.Selektivnim šifrovanjem video toka postižu se značajne uštede u vremenu obradepodataka. Ovakav način očuvanja procesorske snage je poželjan u komunikacionimsistemima sa ograničenim resursima (mrežne aplikacije koje rade u realnom vremenu,razmena slika i video sadržaja visokog kvaliteta i rezolucije, mobilni sistemi sauređajima koji imaju ograničenu procesorsku snagu i ograničen vek baterije).Šifrovanje malog dela video toka na predajnoj strani sprečava ili ometa slučajnipristup u okviru selektivno šifrovanog HEVC video toka na prijemnoj strani. Slučajanpristup u okviru selektivno šifrovanog HEVC video toka na prijemnoj strani,podrazumeva da algoritam selektivnog šifrovanja i HEVC dekoder mogu da pokrenuproces dešifrovanja i dekodiranja u bilo kojoj tački slučajnog pristupa video tokapodataka. To znači da su oni u mogućnosti da pristupe proizvoljnoj poziciji u okviruvideo fajla, proizvoljnoj poziciji u okviru video toka podataka, do obave operacijuspajanja video tokova ili operaciju promene kanala (promena izvora video tokapodataka) u bilo kom vremenskom trenutku. Na prijemnoj strani, algoritam selektivnogšifrovanja treba da zna koji deo sintaksnih elemenata HEVC video toka podataka trebada dešifruje i koje je početno stanje od koga počinje operaciju dešifrovanja. Drugimrečima, prijemna strana (strana dekodera) mora biti kriptografski sinhronizovana sapredajnom stranom (enkoderom). Delovi sintaksnih elemenata koji trebaju da sedešifruju definisani su primenjenim algoritmom selektivnog šifrovanja dok je inicijalnostanje od koga počinje proces dešifrovanja definisano primenjenim simetričnimkriptografskim algoritmom.
Izazov na koji treba da odgovori sifrovanje multimedijalnih podataka jeste da, na efikasan nacin, implementira bezbednost video toka podataka. Za razliku od tradicionalnih metoda koje u potpunosti ...sifruju podatke, tehnike selektivnog sifrovanja odgovaraju na izazov tako sto kriptografski obraduju samo deo video toka podataka, istovremeno pruzajuci zadovoljavajuci nivo bezbednosti. Na taj nacin se optimizuje i vreme obrade i velicina kriptografski obradenih podataka. Nezavisno od primenjene tehnike sifrovanja, ne postoje implementirani mehanizmi kriptografske sinhronizacije prilikom operacije slucajnog pristupa izabranom delu sifrovanog video toka.
PDF
