Soon Secure Confidential data on HDD without Encryption on Open source software
Academics are keen on developing an open source application on Steganography an extremely advanced technique of hiding sensitive data without encryption in plain sight.
This late April news release follows years of work by computer scientists at University of South Califormia, LA and NUST, Islamabad. The research found that sensitive data securing is very easy by simply denying access or controlling the disk location where the sensitive data is stored in the form of clusters.
The futuristic software will use a predetermined code to store data fragments in independent disk clusters. For viewing these secured files, a reader or the person who is permitted access to it, simply has to use the same application and the file will be reassembled. Presently 20 Megabytes of message can easily be stored on 160-Giga bytes of removable hard drives.
Disk Forensics basic search parameters
Frontier research in Disk Forensics has lead to covert channel securing of confidential data in clusters on the Hard disk itself. Data securing is usually investigated based on two parameters- degree of evasiveness or the ability to resemble non-sensitive or normal data. The second parameter is the capacity or the size/capacity of information hoarding attempted. Most secure data storage methods that strive to introduce techniques that look beyond storage and transmission of data as coded or encrypted formats.
How is encrypted data format compromised?
Quite often, forensic investigators have been able to encrypt content stashed on desktops as well as USB disks by standard investigating tools. Analysis of content storage patterns using sophisticated forensic tools is graphed and investigators extract a contour or boundary called as sample entropy. Encrypted content or data reflects higher entropy in comparison to unencrypted data.
Forensic investigators can then compel owners of the disk or traffic owners to reveal the key codes for decryption. If at one-end soldiers or intelligence personnel could be physically forced into revealing the codes, confidential business data of any enterprise could be legally compelled to reveal decryption codes. This will lead to sensitive data compromise.
Why cluster-formation data storage more secure?
Researchers arrived at this tectonic shift in data security mechanism as covert channelized file system would make data hoarding on mass storage devices or removable/permanent storage devices easy and evasion of disk forensics doubles significantly.
The premise worked upon by scientists here is called plausible denial and by adopting advanced software such as the proposed open source project, it will have a two-fold impregnable plausible deniability possibility.
Researchers have indicated that there is negligible performance downgrade but need to be over ridden in comparison to the content value of the data that is being secured.
This could lead to the development of platform free data protection applications that will allow enterprises as well as personal data information securing possibilities.