Social Icons

Showing posts with label data centre. Show all posts
Showing posts with label data centre. Show all posts

Sunday, September 09, 2018

Aadhaar on Blockchain : Consider or not? - Post 1/2

[This post builds upon introducing Aadhaar,its size,current way of handling the data sets,discuss its problems and subsequently followed by proposing Blockchain as a solution]

1.   When Aadhaar was originally introduced around 2009-10 by the Unique Identification Authority of India (UIDAI),it would not have envisaged the kind of Data juggling,analytics and security threats it would be subjected to in times to come.And here we are around the third quarter of 2018,wherein Aadhaar is central to so many authentications in the country ,being exploited in so many public utility services and also at the same time being subjected to all kind of threats and claims of data theft and leaks.For a record,it is estimated that around 1.2 billion citizens record are held in the CENTRAL servers and thus forms the worlds largest bio-metric identity repository in the world.UIDAI claims that the same is protected by layers of state of art cryptography in central servers located in the country. 

2.  Now in the world of IT,wherein claiming to be 100% secure is likely to remain a myth for ages ahead,can something like un-hackable really exist on this earth? We may harden something,we may actually add layers of security, we may do every possible hard encryption on this earth,but can we imagine a fool-proof IT domain anywhere. The question here attains severe importance when a Bio-metric repository data of 1.2 billion plus population of a country is at stake.

3.  Now what do we have on the platter here,if we consider the size of data,we can have the following assumptions :

(a) Per person biometric data size : 4-6 MB (Maximum I take)

(b) Approx data populated for : Around 1.25 billion plus ie 1,250,000,000 count

Total data ie to say 6 MB x 1,250,000,000 = 7500000000 MB Data ie around 7.5 Petabyte.....that's it...extrapolate the same with on-site backup and mirrors around...disaster recovery sites...we may just be discussing around 20 PB of data.

Even if we consider,augmenting data with the remaining population and generations ahead,we will be at max around 40-45PB of data to suffice around next few decades.That's all from point of view of the scalability of data and size.

4.  Now for this amount data, what are our security options in the present scenario.

Firstly we keep doing permutations and combinations and applying layers of hard coded security to the central servers that we have at various locations mirrored to each other.This presently includes the following : [SOURCE : http://www.cse.iitd.ernet.in/~suban/reports/aadhaar.pdf]

- 2048 bit PKI  encryption of biometric data in transit. End-to-end encryption from enrollment/POS to CIDR.

-   Trusted network carriers.

Effective precaution against denial of service (DOS) attacks.

- HMAC(
keyed-hash message authentication code) based tamper detection of PID (Personal Identity Data) blocks,  which encapsulate bio-metric and other data at the field devices.

Registration and authentication of AUAs.

-  Within CIDR only a SHA-n Hash of Aadhaar number is stored.

Audit trails are stored SHA-n encrypted, possibly also with HMAC based tamper detection.

Only hashes of passwords and PINs are stored

-  Biometric data are stored in original form though.

Authentication requests have unique session keys and HMAC.

- Protection against replay attacks.

-  Resident data stored using 100 way sharding (vertical partitioning).First two digits of Aadhaar number are used as shared keys.

-  All system accesses, including administration, through a hardware security module (HSM) which maintains an audit trail.

All analytics carried out only on anonymized data.

From the IT guys perspectives,don't we actually know that above are all individual knitted layers and tools of security wherein we are creating a very complex network of solution for ourselves which might get even more complex to handle and manage in times to come with more severe security threats in pipelines. 

At the same time, above all solutions and knits combinations are looking and bracing for external threats while we take the insider threats as negligible or taken for granted any day.

So do we have any other ecosystem of architecture that turns the tables upside down from the security and immutability point of view while OFFERING A MORE ROBUST SECURE IMMUTABLE AND TRANSPARENT ARCHITECTURE...whether BLOCKCHAIN can be a solution?

So,we have the above scenario which discusses what do we have on the platter and what are we actually doing to negate the threats....the next post will discuss how BLOCKCHAIN can assist to negate the security threats Aadhaar faces as on date.

Thursday, March 21, 2013

MODULAR DATA CENTERs

1.   Modular data center system's are a portable method of deploying data center capacity ie an alternative to the typical building set up like traditional data center.


2.   In general Modular data centers come in two types of form factors. 

-    Containerized Data Centers  fits data center repository (servers, storage and networking equipment) into a standard shipping container.A perfect example of this is the NEBULA@NASA.Few details of this are mentioned below :

How Nebula Looks Like ?





Features :

    -  40-foot long container
    -  Designed in consultation with CISCO
    -  built inside a FOREST container from Verari Systems
    -  Self-service platform built from open source software
    -  Each shipping container data center can hold up to 15,000 CPU cores
    -  Can accommodate files as large as eight terabytes 
    -  Can accommodate an individual file system of 100 terabytes
    -  Makes easier for NASA scientists to share large/complex data sets

2.   Another form of modular data center fits data center equipment into a facility composed of Prefabricated components.Example is HP’s version of this type of modular data center, which it calls Flexible Data Center.How this looks like is shown below :


Tuesday, January 19, 2010

Google vs Bing : On Data retention policy change

1. Ever wondered about privacy policy of search engines specifically about Google and Bing...i came to know of this recently while i read at http://www.bing.com/community/blogs/search/archive/2010/01/19/updates-to-bing-privacy.aspx on the subject.

2. In case of Bing,the amount of time IP addresses are stored from searchers is 18 months which the claim now to reduce to 6 months. Generally, when Bing receives search data ,the following things undergo action

First, steps to separate the account information (such as email or phone number) from other information (what the query was, for example).

Secondly , after 18 months another additional step of deleting the IP address and any other cross session IDs associated with the query.

3. Under the new policy, all the steps will continue as were applied previously except that now IP address will be completely removed at 6 months, instead of 18 months. Rival Google had cut retention time to 9 months from 18 in August 2008.Notwithstanding, Microsoft executives arrogates their initiative go much further than Google , because Microsoft intends deleting all parts of the IP (Internet Protocol) address after six months, while Google still retains part of the address after its self-imposed nine-month cut-off point.

Tuesday, January 13, 2009

Google & Carbon Dioxide : The relationship most of us don't know

1.   Now this again is something new that I came across. I certainly know about a typical data center and its long term cordial relation of janam janam with heat generation. Now what I came across new is something to do with statistical data about equivocalness and measurement of this heat connection with the Google hits.

2.    A recent study survey says that performing two Google searches from a desktop computer generates about 15 gm of Carbon Dioxide which tantamounts to boiling a kettle for a cup of tea. Isn’t it something nonplussing. Now I am sure you would read the sentence again. Meanwhile I will go ahead…… 

3.    So hunting in Google has a definite environmental wallop. So why is everyone after google…..y measure in terms of google hits …y not measure in terms of hits of http://anupriti.blogspot.com  Ha...ha ha….ha  …its simple because Google has the largest number of hits about 200 million global hits every day andhttp://anupriti.blogspot.com has only the author who reads……SIMPLE!!!!!!!!!!

 4.  Further in store is says that CO2 emanations caused by individual use of internet generates about 0.02 gm of CO2 per second. This increases by 10 fold to 0.2 gm of CO2 when viewing a website with complex images, animations or videos. 

5.  So what’s the worry folks…is their something to worry…….Yes I unfeignedly believe it’s a critical issue. The internet revolution has just begun in last 8-9 years and has a long way to go and if this is the beginning what’s in store ahead ???What now then?........let the brain techies think over it and we can just appreciate later……..thats what 99% of us belong to and do most of our lives………!!!!!!!!!!!!!!
Powered By Blogger