Download - SBMS (Security Based Messaging System)
WELCOME
AARKEN TECHNOLOGIES
SBMS Security based Messaging SYSTEM
Some Rude Statistics & Facts
80% of Internet email is spam
60% of business users get at least 1 phishing email every day
Malware hits the average enterprise once every three minutes,3 April 2013http://www.infosecurity-magazine.com/view/31600/malware-hits-the-average-enterprise-once-every-three-minutes/
Leaked Wal-Mart Email Drags Down Retail Stocks,12 Feb 2013. http://www.cnbc.com/id/100464743
BIGGEST DDoS ATTACK IN HISTORY hammers Spamhaus, 27 March 2013.http://www.theregister.co.uk/2013/03/27/spamhaus_ddos_megaflood/
Chinese ‘hack’ DRDO computers,14 March 2013,
http://newindianexpress.com/nation/article1500336.ece
Where is Secure Messaging Needed ? Policing in Trouble torn, Criminal gang affected,
Terrorist afflicted areas.
Battlefield / Counter Insurgency situations.
MNC with globally distributed networks/ offices which need data protection for security of human resources and technology and economic/commercial interests.
Operability in low bandwidth situations with minimal latency. Operability across different OS platforms like Linux (Ubuntu,
Fedora, SUSE ,RHEL etc.), Windows. Operability with audio, video, graphics and texts. Compatibility with iOS, various versions of Android (Jelly Bean &
Ice Cream Sandwich) etc. Speed of the application acting in tandem with hardware. Complete security at points of origin, transit and reception,
including transaction only amongst cleared and designated entities. Assured delivery. Safety against message hacking.
SBMS conforms to the highest existing email security standards,
maintains interoperability and has scalable security flexibility.
Essential Qualities of a Secure Messaging System
The Aarktech SBMSIPR held jointly with
KBCRF
SBMS Overview - I
Defence SecurityDefence services rely deeply on secrecy, authenticity
& non repudiation of real time information exchange : Intelligence inputs and sharing Operational directions / compliance Annual appraisals Defence security scheme documents War games Defence acquisition, projects and plans Locational / Positional inputs
Field Management System
SBMS Overview - II
Internal SecurityInternal Security is severely handicapped by
Non-secure emails: Intelligence inputs / transactions Operational planning, direction & execution VIP security Commissioning of new projects and plans Annual appraisals Leakage of other sensitive government
documents in electronic transit
PCR Vans Concentration of Extremists
Air Support - Chopper
Satellite Transmission
Internal Security - A
Armed Police Vehicle
Sniper Team
Ops Centre
Internal Security - B
PCR Vans Isolation team Mobile Interceptor
Under Attack
Boat Landing Dock
Armed Police Vehicle
Chopper
Commandos
Ops Centre
VIP SECURITY - A
OPS Centre
- - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - -
- - - - - - - - - -
VIP Security - B
Outer Ring
Inner RingClose Quarter Security
Sky SentriesSky Sentries
VIP
Sky Sentries Sky Sentries
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SBMS Overview - III
MNCs & Critical Business Units
Potential damage to organizations posed by
insecure email:
Management and operational discussions Sensitive hiring/firing decisions Sales and other financial data Critical contract negotiations & proposals M&A discussions Proprietary innovations and trade secrets
MNCs & Critical Business Units Contd. A Global Oil Company Environment
AN OIL CONGLOMERATE, with a global footprint, would include the following (among other) components:-
The International Company HQ (possibly in the home country). Email communications, video conferences and SMS messages between the International
HQ and Offshore Oil Rigs, Pipeline Stations, Refineries, Storage Depots, Sales Outlets, Drilling/ Exploration Sites, Laboratories, Tankers (air, sea, land), locations of oil fires etc.
Highly confidential and sensitive communications inter alia pertaining to assay reports, country risk assessment and mitigation reports, production & sales figures, inventories, assessment of the competition, geological studies/ surveys, site security, evacuation strategies, laboratories & patents, oil transportation, financial reports & statements etc.
Different band widths, communication media, gateway access, VPN issues at diverse locations.
Multiple access to terminals and channels of transmission. Different levels, periodicity, formats and procedures of reporting.
Marketing Offices
Oil Company
HQ
Business Administration
Project Offices
Branch Offices
Fire Control
MNCs & Critical Business Units Contd.
A Global Oil Company Environment
Field locations & Business Interests Oil Fire
Oil Rigs Oil Wells Oil Pipeline Oil Refinery
MNCs & Critical Business Units Contd. A Global Chain Store Environment
A chain store company, with a global presence, would include the following (among other) components:-
The International Company HQ (possibly in the home country).
Email communications, video conferences and SMS messages between the International HQ and Country Ops HQs.
Passage of sales figures, reports on the competition, analysis of own and rival’s weaknesses, inventory projections and other info that could be used for insider trading.
Different band widths, communication media, gateway access, VPN issues at diverse locations.
Multiple access to terminals and channels of transmission.
Different levels, periodicity, formats and procedures of reporting.
FEATURES OF AARKTECH SBMS
Basic Function Diagram
Platform Robust LINUX platform at the server end, while
interfacing with variety of OS like Windows, MAC etc.
Rock solid SQL database.
Virtualisation Support - The Secure Messaging System can be installed over VMWare servers for virtualization and Disaster Recovery/replication.
Application Features
Confidentiality grading for messages.
Work flow and escalation.
Operate with low latency on small bandwidths.
Covers all aspects related to typical formal messaging solution like assured delivery (through repeated attempts and re-routing), non-repudiation & SSO.
Automated network re-routing in case of failures.
Application Features Contd.
Capability to display usage summary per user, types of messages, messages sizes, time of delivery of messages, number of messages escalated and other parameters provided by user.
Access Control List for functions, messaging, directory, PKI etc.
Capability to function with Android phones, PDAs, hardened smart phone handsets and other similar mobile devices.
Release, distribution, security, and timely delivery of voice, video, data and messaging across public and closed networks.
Security Features A user can login only from his workstation – this prevents
somebody from stealing the user ID, password and attempting to break in from some other location.
Messages can be read only by the intended recipient based on DPAT authorization and key dongle.
Enhanced security and data integrity - Two factor authentication for logging on and encryption of IP traffic using the customised SSO and SSL/ IPSec.
Dynamic Password Authentication Tool (DPAT) for higher security authentication/verification.
Encrypted message store and secure email messaging server.
Messages are encrypted using AES, Blowfish and proprietary algorithms are customized as per client requirement.
Communication link between client and server encrypted.
Transaction monitor protects header and message content.
Security Features Contd.
No message is lost.
Balanced use of authentication and encryption algorithms without compromising the transmission rate and CPU consumption.
Option of forwarding all incoming and outgoing mail (i.e. only packet details, time taken, route, priority) to a single email id for forensic purposes without knowledge of any internal or external users.
Granular level of logs to enable forensic analysis of every activity that happens in messaging application.
Security Features Contd.
DPAT authorized enabled pointer with key dongle used for pulling out keys for encryption/decryption.
Mails can be kept in encrypted format and decrypted as and when required; e.g. when sending/ receiving; from/ to non-secure messaging systems.
Indigenous Security for Voice, Video and Data: Encryption algorithms designed and implemented using
complex key algorithms. Registration Authority (RA), Certification Authority (CA) and
Key Management. Emergency Erasure – can be employed in case of critical
operations.
Security Features Contd.
Email Customisation Authentication based on access device tokens.
Low band width connectivity with radio links / mobile users.
Capability – external gateways to connect sister organizations.
Migration of legacy systems / existing mails systems.
Directory services using LDAP (Lightweight Directory Access Protocol).
Secure FTP transmission for transmission of large files in secure mode.
Secure portal for single sign on (SSO).
Instant Messenger for text and voice chat.
SBMS Delivery Schedule
The joint IPR holders, viz. Aarktech & KBCRF are in the process of delivering the SBMS to the client which would then be deployed in the Homeland Security & Defence.
Summary Ensure usability (communication) with sustained security.
Security threat is a continuous process and will increase in sophistication.
Solution should be user friendly, scalable and manageable.
Solution should be constantly upgradable with latest standards and technology.
SBMS offers a scalable, customizable and cost effective solution
Thank You…AARKEN
TECHNOLOGIESContact us:AARKEN Technologies Pvt. Ltd.C-12, Chirag Enclave,New Delhi-110048.Ph: 011 -26443221Email: [email protected] us @ www.aarktech.net