|
Information Technology (IT)
Sam Eldin
- IT Profile
|
|
The Deaf Ear:
This article covers a number of important points, and sadly, I am getting the deaf ear
from every security vendor and also the big corporations, which had been hacked as mentioned in
the Lorenzo Ligato of Huffpost Tech (08/20/2015 11:20 am ET | Updated Aug 21, 2015). We will try
to keep the article's content not very technical for our nontechnical audience.
We will cover the following points:
|
•
|
The nine biggest data breaches ever
|
|
•
|
What could hackers do to companies' system and databases?
|
|
•
|
How can we stop hackers breaches?
|
|
•
|
Our Vertical and Horizontal approach in stopping hackers
|
|
•
|
The cost of developing our security system
|
|
•
|
Transferring existing databases into our new system
|
The nine biggest data breaches ever:
We let the images speak for themselves.
What could hackers do to companies system and databases?
|
•
|
Access information
|
|
•
|
Damage information
|
|
•
|
Interrupt the flow - using viruses, ...
|
|
•
|
Jam or overload a running web system with bogus requests
|
|
•
|
As for internal hackers (system care takers), they can do all the above and it is very difficult to track
|
How can we stop hackers breaches?
Stopping hackers is not easy, and the following are the keys steps in stopping hackers:
|
•
|
We forget the fact that the best hackers out there are developers or someone using code where the code has functionalities and limitations.
|
|
•
|
We have control of every gate and every action that takes place from the entry point of the system to the reply back with our services.
|
|
•
|
We have the ability to make the entry point almost impossible to bypass
|
|
•
|
We can develop system components, which are intelligent and have the ability to detect abnormal actions within the running system.
For example, SQL injection will be stopped since our data objects (Intelligent Data Access Object - IDAO) would parse and
flag SQL injections, plus farm the data into a new format for storage.
|
|
•
|
Develop system tiers with intelligent components which communicate with authenticated ID or password, so these components can flag impostors and illegal access.
|
|
•
|
Audit trail is one way to stop internal hackers
|
|
•
|
Compress-encrypt data so data would not be of any value to unauthorized accesses
|
Our Vertical and Horizontal approach in stopping hackers
Our security approach works vertically by making data itself do the work and horizontally by adding
features which add security layers of components and speed the data access and processes.
Vertical:
|
•
|
Data goes one way into the system and services are the only output of the system
|
|
•
|
Structure the data where data become intelligent not just a dummy storage (IDAO) and data answer questions, check security, correct itself
|
|
•
|
Data exists only in memory once it leaves the database and only services is out
|
|
•
|
Save IDAO to disk as an object(s) for faster initialization of our services.
|
Horizontal:
|
•
|
Store data as XML plus tables for most frequently used values
|
|
•
|
Data are xml files - keep tables to minimum
|
|
•
|
Create hashing and index tables for fast processes
|
|
•
|
Data is compressed and encrypted
|
|
•
|
Data transfer is compressed-encryption
|
|
•
|
Use point-to-point or short routing distances for transferring of data
|
The cost of developing our security system:
Our system development is cloud-tier-based system with services, engines and loosely
coupled components. The system components are used and shared for cost effective
development, where reusability, refactoring and transparency are some of the main architected
features. Compression and encryption are done by using a microchip which will be doing the
compression-encryption and decryption and decompression.
Transferring existing databases into our new system:
The only analogy we give here is where we have two cargo ships and the goods are being transferred
from one to the other, and no interruption in services. It is not a simple task, but it is doable:
|
•
|
Straight conversion to the new system
|
|
•
|
Batch processes during slow system activity time
|
|
•
|
It can be done as any customers are using the system, where we read all the customer data, service the customer and also transfer the data into the new system
|
|
•
|
Combination of the listed processes
|
Sam I am.
|
