WELCOME

AARKEN TECHNOLOGIES

SBMS Security based Messaging SYSTEM

Some Rude Statistics & Facts

80% of Internet email is spam

60% of business users get at least 1 phishing email every day

Malware hits the average enterprise once every three minutes,3 April 2013http://www.infosecurity-magazine.com/view/31600/malware-hits-the-average-enterprise-once-every-three-minutes/

Leaked Wal-Mart Email Drags Down Retail Stocks,12 Feb 2013. http://www.cnbc.com/id/100464743

BIGGEST DDoS ATTACK IN HISTORY hammers Spamhaus, 27 March 2013.http://www.theregister.co.uk/2013/03/27/spamhaus_ddos_megaflood/

Chinese ‘hack’ DRDO computers,14 March 2013,

http://newindianexpress.com/nation/article1500336.ece

Where is Secure Messaging Needed ? Policing in Trouble torn, Criminal gang affected,

Terrorist afflicted areas.

Battlefield / Counter Insurgency situations.

MNC with globally distributed networks/ offices which need data protection for security of human resources and technology and economic/commercial interests.

Operability in low bandwidth situations with minimal latency. Operability across different OS platforms like Linux (Ubuntu,

Fedora, SUSE ,RHEL etc.), Windows. Operability with audio, video, graphics and texts. Compatibility with iOS, various versions of Android (Jelly Bean &

Ice Cream Sandwich) etc. Speed of the application acting in tandem with hardware. Complete security at points of origin, transit and reception,

including transaction only amongst cleared and designated entities. Assured delivery. Safety against message hacking.

SBMS conforms to the highest existing email security standards,

maintains interoperability and has scalable security flexibility.

Essential Qualities of a Secure Messaging System

The Aarktech SBMSIPR held jointly with

KBCRF

SBMS Overview - I

Defence SecurityDefence services rely deeply on secrecy, authenticity

& non repudiation of real time information exchange : Intelligence inputs and sharing Operational directions / compliance Annual appraisals Defence security scheme documents War games Defence acquisition, projects and plans Locational / Positional inputs

Field Management System

SBMS Overview - II

Internal SecurityInternal Security is severely handicapped by

Non-secure emails: Intelligence inputs / transactions Operational planning, direction & execution VIP security Commissioning of new projects and plans Annual appraisals Leakage of other sensitive government

documents in electronic transit

PCR Vans Concentration of Extremists

Air Support - Chopper

Satellite Transmission

Internal Security - A

Armed Police Vehicle

Sniper Team

Ops Centre

Internal Security - B

PCR Vans Isolation team Mobile Interceptor

Under Attack

Boat Landing Dock

Armed Police Vehicle

Chopper

Commandos

Ops Centre

VIP SECURITY - A

OPS Centre

- - - - - - - - - - - - - - - - - - - - - - - - - - - - -

- - - - - - - - - -

- - - - - - - - - -

VIP Security - B

Outer Ring

Inner RingClose Quarter Security

Sky SentriesSky Sentries

VIP

Sky Sentries Sky Sentries

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

SBMS Overview - III

MNCs & Critical Business Units

Potential damage to organizations posed by

insecure email:

Management and operational discussions Sensitive hiring/firing decisions Sales and other financial data Critical contract negotiations & proposals M&A discussions Proprietary innovations and trade secrets

MNCs & Critical Business Units Contd. A Global Oil Company Environment

AN OIL CONGLOMERATE, with a global footprint, would include the following (among other) components:-

The International Company HQ (possibly in the home country). Email communications, video conferences and SMS messages between the International

HQ and Offshore Oil Rigs, Pipeline Stations, Refineries, Storage Depots, Sales Outlets, Drilling/ Exploration Sites, Laboratories, Tankers (air, sea, land), locations of oil fires etc.

Highly confidential and sensitive communications inter alia pertaining to assay reports, country risk assessment and mitigation reports, production & sales figures, inventories, assessment of the competition, geological studies/ surveys, site security, evacuation strategies, laboratories & patents, oil transportation, financial reports & statements etc.

Different band widths, communication media, gateway access, VPN issues at diverse locations.

Multiple access to terminals and channels of transmission. Different levels, periodicity, formats and procedures of reporting.

Marketing Offices

Oil Company

HQ

Business Administration

Project Offices

Branch Offices

Fire Control

MNCs & Critical Business Units Contd.

A Global Oil Company Environment

Field locations & Business Interests Oil Fire

Oil Rigs Oil Wells Oil Pipeline Oil Refinery

MNCs & Critical Business Units Contd. A Global Chain Store Environment

A chain store company, with a global presence, would include the following (among other) components:-

The International Company HQ (possibly in the home country).

Email communications, video conferences and SMS messages between the International HQ and Country Ops HQs.

Passage of sales figures, reports on the competition, analysis of own and rival’s weaknesses, inventory projections and other info that could be used for insider trading.

Different band widths, communication media, gateway access, VPN issues at diverse locations.

Multiple access to terminals and channels of transmission.

Different levels, periodicity, formats and procedures of reporting.

FEATURES OF AARKTECH SBMS

Basic Function Diagram

Platform Robust LINUX platform at the server end, while

interfacing with variety of OS like Windows, MAC etc.

Rock solid SQL database.

Virtualisation Support - The Secure Messaging System can be installed over VMWare servers for virtualization and Disaster Recovery/replication.

Application Features

Confidentiality grading for messages.

Work flow and escalation.

Operate with low latency on small bandwidths.

Covers all aspects related to typical formal messaging solution like assured delivery (through repeated attempts and re-routing), non-repudiation & SSO.

Automated network re-routing in case of failures.

Application Features Contd.

Capability to display usage summary per user, types of messages, messages sizes, time of delivery of messages, number of messages escalated and other parameters provided by user.

Access Control List for functions, messaging, directory, PKI etc.

Capability to function with Android phones, PDAs, hardened smart phone handsets and other similar mobile devices.

Release, distribution, security, and timely delivery of voice, video, data and messaging across public and closed networks.

Security Features A user can login only from his workstation – this prevents

somebody from stealing the user ID, password and attempting to break in from some other location.

Messages can be read only by the intended recipient based on DPAT authorization and key dongle.

Enhanced security and data integrity - Two factor authentication for logging on and encryption of IP traffic using the customised SSO and SSL/ IPSec.

Dynamic Password Authentication Tool (DPAT) for higher security authentication/verification.

Encrypted message store and secure email messaging server.

Messages are encrypted using AES, Blowfish and proprietary algorithms are customized as per client requirement.

Communication link between client and server encrypted.

Transaction monitor protects header and message content.

Security Features Contd.

No message is lost.

Balanced use of authentication and encryption algorithms without compromising the transmission rate and CPU consumption.

Option of forwarding all incoming and outgoing mail (i.e. only packet details, time taken, route, priority) to a single email id for forensic purposes without knowledge of any internal or external users.

Granular level of logs to enable forensic analysis of every activity that happens in messaging application.

Security Features Contd.

DPAT authorized enabled pointer with key dongle used for pulling out keys for encryption/decryption.

Mails can be kept in encrypted format and decrypted as and when required; e.g. when sending/ receiving; from/ to non-secure messaging systems.

Indigenous Security for Voice, Video and Data: Encryption algorithms designed and implemented using

complex key algorithms. Registration Authority (RA), Certification Authority (CA) and

Key Management. Emergency Erasure – can be employed in case of critical

operations.

Security Features Contd.

Email Customisation Authentication based on access device tokens.

Low band width connectivity with radio links / mobile users.

Capability – external gateways to connect sister organizations.

Migration of legacy systems / existing mails systems.

Directory services using LDAP (Lightweight Directory Access Protocol).

Secure FTP transmission for transmission of large files in secure mode.

Secure portal for single sign on (SSO).

Instant Messenger for text and voice chat.

SBMS Delivery Schedule

The joint IPR holders, viz. Aarktech & KBCRF are in the process of delivering the SBMS to the client which would then be deployed in the Homeland Security & Defence.

Summary Ensure usability (communication) with sustained security.

Security threat is a continuous process and will increase in sophistication.

Solution should be user friendly, scalable and manageable.

Solution should be constantly upgradable with latest standards and technology.

SBMS offers a scalable, customizable and cost effective solution

Thank You…AARKEN

TECHNOLOGIESContact us:AARKEN Technologies Pvt. Ltd.C-12, Chirag Enclave,New Delhi-110048.Ph: 011 -26443221Email: info@aarktech.netVisit us @ www.aarktech.net