Friday, 25 May 2018

Hiding Secret Messages in Images using C# Program aka Steganography

What is Steganography?


As Wikipedia puts it


    Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography combines the Greek words steganos (στεγανός), meaning “covered, concealed, or protected”, and graphein (γράφειν) meaning “writing”.

Today steganography is often used to hide copyright information in an image, movie, or audio file. The information is carefully encrypted and hidden so you cannot easily find it. Later, if I think you have stolen my movie file, I can pull the hidden copyright information out of it to prove it is mine not yours.


How to Do Steganography in C#?


This example encodes a message in an image. An image is composed of pixels. For each bit in our secret message, the program selects a pseudo-random pixel and color component (red, green, or blue). It then sets the least significant bit of the color component on that pixel to the message bit.

For example, suppose the chosen pixel is green so its red, green, and blue components in binary are 0000, 1111, and 0000 respectively. Now suppose the program wants to hide the bit value 1 in this pixel’s red component. The new pixel value has components 0001, 1111, 0000. That’s so close to the original value that you won’t notice the difference when you look at the image.


Steganography Source Code in C#

Here is the Steganography.EmbedSecretMessege class code.


using System;

using System.Drawing;

namespace Stegnography.
EmbedSecretMessege
{

    class Stegnography

    {

        public enum State

        {

            Hiding,

            Filling_With_Zeros

        };



        public static Bitmap embedText(string text, Bitmap bmp)

        {

            // initially, we'll be hiding characters in the image

            State state = State.Hiding;

            // holds the index of the character that is being hidden

            int charIndex = 0;

            // holds the value of the character converted to integer

            int charValue = 0;

            // holds the index of the color element (R or G or B) that is currently being processed

            long pixelElementIndex = 0;

            // holds the number of trailing zeros that have been added when finishing the process

            int zeros = 0;

            // hold pixel elements

            int R = 0, G = 0, B = 0;

            // pass through the rows

            for (int i = 0; i < bmp.Height; i++)

            {

                // pass through each row

                for (int j = 0; j < bmp.Width; j++)

                {

                    // holds the pixel that is currently being processed

                    Color pixel = bmp.GetPixel(j, i);

                    // now, clear the least significant bit (LSB) from each pixel element

                    R = pixel.R - pixel.R % 2;

                    G = pixel.G - pixel.G % 2;

                    B = pixel.B - pixel.B % 2;

                    // for each pixel, pass through its elements (RGB)

                    for (int n = 0; n < 3; n++)

                    {

                        // check if new 8 bits has been processed

                        if (pixelElementIndex % 8 == 0)

                        {

                            // check if the whole process has finished

                            // we can say that it's finished when 8 zeros are added

                            if (state == State.Filling_With_Zeros && zeros == 8)

                            {

                                // apply the last pixel on the image

                                // even if only a part of its elements have been affected

                                if ((pixelElementIndex - 1) % 3 < 2)

                                {

                                    bmp.SetPixel(j, i, Color.FromArgb(R, G, B));

                                }

                                // return the bitmap with the text hidden in

                                return bmp;

                            }

                            // check if all characters has been hidden

                            if (charIndex >= text.Length)

                            {

                                // start adding zeros to mark the end of the text

                                state = State.Filling_With_Zeros;

                            }

                            else

                            {

                                // move to the next character and process again

                                charValue = text[charIndex++];

                            }

                        }

                        // check which pixel element has the turn to hide a bit in its LSB

                        switch (pixelElementIndex % 3)

                        {

                            case 0:

                                {

                                    if (state == State.Hiding)

                                    {

                                        // the rightmost bit in the character will be (charValue % 2)

                                        // to put this value instead of the LSB of the pixel element

                                        // just add it to it

                                        // recall that the LSB of the pixel element had been cleared

                                        // before this operation

                                        R += charValue % 2;

                                        // removes the added rightmost bit of the character

                                        // such that next time we can reach the next one

                                        charValue /= 2;

                                    }

                                } break;

                            case 1:

                                {

                                    if (state == State.Hiding)

                                    {

                                        G += charValue % 2;



                                        charValue /= 2;

                                    }

                                } break;

                            case 2:

                                {

                                    if (state == State.Hiding)

                                    {

                                        B += charValue % 2;

                                        charValue /= 2;

                                    }

                                    bmp.SetPixel(j, i, Color.FromArgb(R, G, B));

                                } break;

                        }

                        pixelElementIndex++;

                        if (state == State.Filling_With_Zeros)

                        {

                            // increment the value of zeros until it is 8

                            zeros++;

                        }

                    }

                }

            }

            return bmp;

        }



        public static string extractText(Bitmap bmp)

        {

            int colorUnitIndex = 0;

            int charValue = 0;

            // holds the text that will be extracted from the image

            string extractedText = String.Empty;

            // pass through the rows

            for (int i = 0; i < bmp.Height; i++)

            {

                // pass through each row

                for (int j = 0; j < bmp.Width; j++)

                {

                    Color pixel = bmp.GetPixel(j, i);

                    // for each pixel, pass through its elements (RGB)

                    for (int n = 0; n < 3; n++)

                    {

                        switch (colorUnitIndex % 3)

                        {

                            case 0:

                                {

                                    // get the LSB from the pixel element (will be pixel.R % 2)

                                    // then add one bit to the right of the current character

                                    // this can be done by (charValue = charValue * 2)

                                    // replace the added bit (which value is by default 0) with

                                    // the LSB of the pixel element, simply by addition

                                    charValue = charValue * 2 + pixel.R % 2;

                                } break;

                            case 1:

                                {

                                    charValue = charValue * 2 + pixel.G % 2;

                                } break;

                            case 2:

                                {

                                    charValue = charValue * 2 + pixel.B % 2;

                                } break;

                        }
                        colorUnitIndex++;

                        // if 8 bits has been added, then add the current character to the result text

                        if (colorUnitIndex % 8 == 0)

                        {

                            // reverse? of course, since each time the process happens on the right (for simplicity)

                            charValue = reverseBits(charValue);

                            // can only be 0 if it is the stop character (the 8 zeros)

                            if (charValue == 0)

                            {
                                return extractedText;

                            }
                            // convert the character value from int to char

                            char c = (char)charValue;

                            // add the current character to the result text

                            extractedText += c.ToString();

                        }

                    }

                }

            }

            return extractedText;

        }

        public static int reverseBits(int n)

        {

            int result = 0;

            for (int i = 0; i < 8; i++)

            {

                result = result * 2 + n % 2;

                n /= 2;

            }

            return result;

        }

    }

}



Stegnography implications to security

Data transmission over an unsecure channel is becoming a major issue of concern nowadays. And at the same time intruders are spreading over the internet and being very active. So to protect the secret data from theft some security measures need to be taken. In order to keep the data secret various techniques have been implemented to encrypt and decrypt the secret data. Cryptography and Steganography are the two most prominent techniques from them. But these two techniques alone can't do work as much efficiently as they do together.  
Steganography is a way to hide the fact that data communication is taking place. While cryptography converts the secret message in other than human readable form but this technique is having a limitation that the encrypted message is visible to everyone. In this way over the internet, intruders may try to apply heat and trial method to get the secret message. Steganography overcome the limitation of cryptography by hiding the fact that some transmission is taking place. In steganography the secret message is hidden in other than original media such as Text, Image, video and audio form. These two techniques are different and having their own significance.




Wednesday, 20 December 2017

SAAS : Multitenancy Approach

SAAS : Multitenancy Approach



What Is Multi Tenancy?

 "Software Multitenancy refers to a software architecture in which a single instance of a software runs on a server and serves multiple tenants. A tenant is a group of users who share a common access with specific privileges to the software instance. With a multitenant architecture, a software application is designed to provide every tenant a dedicated share of the instance including its data, configuration, user management, tenant individual functionality and non-functional properties. Multitenancy contrasts with multi-instance architectures, where separate software instances operate on behalf of different tenants" (Wikipedia)

In brief, multi-tenancy is a technique that is used to create SaaS (Software as-a Service) applications.

Database & Deployment Architectures

There are some different multi-tenant database & deployment approaches:


a) Multiple Deployment - Multiple Database

This is not multi tenancy actually. But, if we run one instance of the application for each customer (tenant) with a seperated database, we can serve to multiple tenants in a single server. We just make sure that multiple instance of the application don't conflict with each other in same server environment.
This can be possible also for an existing application which is not designed as multitenant. It's easier to create such an application since the application has not aware of multitenancy. But there are setup, utilization and maintenance problems in this approach.

b) Single Deployment - Multiple Database

ln this approach, we may run a single instance of the application in a server. We have a master (host) database to store tenant metadata (like tenant name and subdomain) and a seperated database for each tenant. Once we identify the current tenant (for example; from subdomain or from a user login form), then we can switch to that tenant's database to perform operations.
In this approach, application should be designed as multi-tenant in some level. But most of the application can remain independed from multi-tenancy.
We should create and maintain a seperated database for each tenant, this includes database migrations. If we have many customers with dedicated databases, it may take long time to migrate database schema in an application update. Since we have seperated database for a tenant, we can backup it's database seperately from other tenants. Also, we can move the tenant database to a stronger server if that tenant needs it.

c) Single Deployment - Single Database

This is the most real multi-tenancy architecture: We only deploy single instance of the application with a single database into a single server. We have a TenantId (or similar) field in each table (for a RDBMS) which is used to isolate a tenant's data from others.
This is easy to setup and maintain. But harder to create such an application. Because, we must prevent a Tenant to read or write other tenant data. We may add TenantId filter for each database read (select) operation. Also, we may check it every write, if this entity is related to the current tenant. This is tedious and error-prone.
This approach may have performance problems if we have many tenants with huge data. We may use table partitioning or other database features to overcome this problem.

D) Single Deployment - Hybrid Databases

We may want to store tenants in single databases normally, but want to create seperated databases for desired tenants. For example, we can store tenants with big data in their own databases, but store all other tenants in a single database.
Multiple Deployment - Single/Multiple/Hybrid Database
Finally, we may want to deploy our application to more than one server (like web farms) for a better application performance, high availability, and/or scalability. This is independent from the database approach.

Host vs Tenant

First, we should define two terms used in a multi-tenant system:
  • Tenant: A customer which have it's own users, roles, permissions, settings... and uses the application completely isolated from other tenants. A multi-tenant application will have one or more tenants. If this is a CRM application, different tenants have also thier own accounts, contacts, products and orders. So, when we say a 'tenant user', we mean a user owned by a tenant.
  • Host: Host is singleton (there is a single host). The Host is responsible to create and manage tenants. So, a 'host user' is higher level and independent from all tenants and can control they.
·          




Multi tenancy: It is an essential part of SAAS world. Auto provisioning of tenants, on boarding them automatically are the primary features of Multi tenancy concept. 

Multi-tenant and Single Tenants Architecture


·  What exactly Multi-tenant and Single Tenants Architecture,As name suggest, Multi-tenant Software as a Service (SaaS) is an architecture where multiple companies share the same instance to store their data.  This instance is typically divided (or partitioned) to prevent the companies from accessing each other’s information. This is like high-rise building where the floor plans are generally set but minor cosmetic changes can be made to the individual units. Significant change comes at a much higher cost, On the Other hand,Single-tenant (or hosted) Software as a Service (SaaS) is an architecture where each company has their own instance of the software application and supporting infrastructure. Think of it like a neighborhood community developed by the same architect and engineer where each household has the ability to change and customize their property as desired. By having a single hosted instance the purchaser can tweak and customize the software to meet their needs. 
With the difference and various definitions of the different architectures we can focus on we can immediately compare all benefits and drawbacks with our real time challenges.
 

a) If Customer decides to run the cloud on-premise, they must bear the costs of the whole system alone.
b) A single-tenant system is generally more expensive than a multi-tenant solution.
c) A single-tenant system is generally not the most efficient use of resources, unless it’s fully loaded. For each instance, the underlying software, such as the operating system and run time libraries, must be updated.
Benefits of Multiple Tenant SaaS 

a) Hardware and Power Economy – A major benefit to multi-tenant is on the cost side. With resource pooling, there are considerable savings in hardware and power. With single tenancy, a separate physical or virtual machine needs to be “spun up” for each customer.
b) Effort to Upgrade – Multi-tenancy has forced upgrades to be seamless, as upgrades can’t require any level of per customer intervention when thousands of customers are upgraded simultaneously.
c) Backups and Redundancy – Creating that level of redundancy would be a lot more technically challenging if tens of thousands of customers each had their own virtual server in each of two data centers.

Drawbacks of Multi-tenant Architecture 

a) Less Customization: As a result of multiple tenants running their business off the same code and database, individual businesses have virtually no ability to customize the software to their specific needs
b) Less Authorization and Time Delay: Changes to the software application could be made and deployed to your business without authorization as you are relying on the same code base as the other (potentially larger) tenants. In addition, future features / functionality could be delayed or removed from the product road map as multi-tenant SaaS providers typically focus on the feature requests (and bugs) submitted by their largest customers

Benefits of Single Tenant SaaS 
a) Maximum privacy: There is only one instance for a user, there’s less risk of another business either accidentally or through corporate espionage snooping on data that doesn’t belong to them.
b) It’s impossible to affect someone else’s tasks. Single-tenant solutions are more popular with enterprise businesses.
c) Jobs with intensive computing requirements can make full use of the system.

Drawbacks of Single Tenant SaaS:

a) If Customer decides to run the cloud on-premise, they must bear the costs of the whole system alone.
b) A single-tenant system is generally more expensive than a multi-tenant solution.
c) A single-tenant system is generally not the most efficient use of resources, unless it’s fully loaded. For each instance, the underlying software, such as the operating system and run time libraries, must be updated.


Conclusion
A multi-tenant Approach depends on the software intended platform,target clients i.e is the client a unique client or the software will be used by a clique of clients. 

What Next
We will see how to design a multi-tenant database schema.