SlideShare ist ein Scribd-Unternehmen logo

A Data Privacy and Security by Design Platform‐as‐a‐Service Framework

PaaSword EU Project
PaaSword EU Project

Presentation given by Dr. Panagiotis Gouvas (UBITECH) at SecureCloud 2016 - CSA Congress on May 24 2016, Dublin, Ireland.

Technologie
1 von 23
Downloaden Sie, um offline zu lesen
www.paasword.eu A Data Privacy and Security by Design Platform‐as‐a‐Service Framework Dr. Panagiotis Gouvas - R&D Director - Ubitech Ltd Dr. Yiannis Verginadis -Senior Researcher - ICCS SecureCloud 2016 - May 24, 2016, Dublin
Agenda Motivation Goals PaaSword in a Nutshell Use Cases Ongoing work PaaSword28/06/2016 2
Motivation The cloud paradigm has definitely prevailed Most applications are delivered following the SaaS model Many developers rely on PaaS offerings for scalability Nearly all underlying resources (DBs, Queues etc) are outsourced at the IaaS level Attack vectors have increased ‘Raw data’ are the modern hacker’s holy grail The responsibility for the protection of data has shifted to the developer PaaSword28/06/2016 3
Motivation PaaSword28/06/2016 4
Motivation PaaSword28/06/2016 5 http://www.informationisbeautiful.net/visuaPaliazSawtoirodns/worlds-biggest-data-breaches-hacks/
Goals of PaaSword Framework To create a security-by-design framework which will allow developers to engineer secure applications To leverage the security and trust of data that reside on outsourced infrastructure To facilitate context-aware access to encrypted and (even) physically distributed datasets stored in outsourced infrastructure To prove the applicability, usability, effectiveness and value of our framework in real-life Cloud infrastructures, services and applications PaaSword28/06/2016 6
PaaSword in a Nutshell PaaSword28/06/2016 7
PaaSword Walkthrough PaaSword28/06/2016 8 Two types of Annotations: 1) Encryption & Distribution 2) Policy Enforcement
Concept of Secure Proxy PaaSword28/06/2016 9 Client Cloud DB Proxy Cloud DBClient Common (insecure) scenario Desired (secure) scenario in PaaSword
Virtual Database Architecture PaaSword28/06/2016 10 Data Index2Index1 SQL SQLDatabase Proxy (trusted) SQL Cloud (untrusted) User / Application Data (not encrypted) Data (encrypted)
What’s New PaaSword28/06/2016 11 ID Name Surname City Day of Birth 1 Paul Anderson Athens 01.01.1979 2 Howard Miller Karlsruhe 02.02.1974 3 Henry Cooper Berlin 03.03.1980 4 Henry Jones Thessaloniki 04.04.1985 ID Encrypted Data 1 Enc(Paul,Anderson,Athens,01.01.1979) 2 Enc(Howard,Miller,Karlsruhe,02.02.1974) 3 Enc(Henry,Cooper,Berlin,03.03.1980) 4 Enc(Henry,Jones,Thessaloniki,04.04.1985) Data Keyword-Name IDs Enc(Paul) Enc(1) Enc(Howard) Enc(2) Enc(Henry) Enc(3,4) Index1 Keyword-Surname IDs Enc(Anderson) Enc(1) Enc(Miller) Enc(2) Enc(Cooper) Enc(3) Enc(Jones) Enc(4) Index2 Original Keyword Encryption • AES (deterministic) • Support for most query types (excl. LIKE) Index Distribution • Index for same data type can be stored at different servers Distribution based on Privacy Constraints • Minimize exposure of sensitive information by careful distribution
What about Key Creation/Sharing Policies? 12
Overview Of Policies 13 Policy /Characteristic Where is the TED taking place? TED Key Generation TED Key Usage & Sharing Policy Modification of target schema SQL support P1 In the PaaS container Generated once during bootstrapping (in a Tenant Trusted Zone) and stored in-memory by the application It is recovered by the memory on demand per each query execution No Modification Yes P2 In the PaaS container One key is generated per Tenant (in a Tenant Trusted Zone) and a pair of user_key container_key is generated out of this tenant_key It is recomposed by the combination of a user_key and a container_key per each query_execution No Modification Yes P3 Outside the container in a Tenant Trusted Zone Generated once in a Tenant Trusted Zone E/D Key is used only in the Tenant Trusted Zone No Modification No P4 In the PaaS container Generated once during bootstrapping (in a Tenant Trusted Zone) and stored in-memory by the application It is recovered by the memory on demand per each query execution Modifications required No P5 In the PaaS container One key is generated per Tenant (in a Tenant Trusted Zone) and a pair of user_key container_key is generated out of this tenant_key It is recomposed by the combination of a user_key and a container_key per each query_execution Modifications required No
Comparative Analysis 14
Final Key Management Requirements Avoid running a service at the Tenant (T) that provides the Tenant Key (TK) to the Proxy (P). Tenant administrator is offline. Avoid giving TK to the Cloud Application (A) or the User (U) Ensure Access Control cannot be bypassed One key per tenant As simple as possible Recoverability PaaSword28/06/2016 15
Implemented Policy PaaSword28/06/2016 18 TKui User Encrypted with TK Cloud DB Application Access Control … TKa1 TKa2 TKa3 DB-Proxy TK = TKui  TKai  TKpi . … TKp1 TKp2 TKp3 TKui TKai TKui Admin Access
Semantic Authorization PaaSword will deliver an XACML 3.0 compliant Auth Engine with the ability to harmonize the attribute creation process through the usage of the extensible Context Model decouple the level of granularity of attributes that are used to define policies with the attributes that characterize ‘subjects’, ‘objects’ and the ‘environment’ to provide design-time conflict resolution for provided policies PaaSword28/06/2016 24
Semantic Authorization Engine PaaSword28/06/2016 25
Use Cases PaaSword Framework will be evaluated on 5 different Use Cases Secure Sensors Analytics for IoT applications Cloud-based Multi-tenant CRM software Encrypted Persistency included in PaaS/SaaS Services Multi-tenant ERP Environments Platform for Cross-border Document Exchange PaaSword28/06/2016 26
Challenges Functional Transparency: Developer should not implement security policies. S/he should only use them Comprehensive annotation framework: Proper annotations should be created for encryption/decryption and policy access Flexible Policy Management: Context-driven policies for accessing the stored information Efficient Virtualization of RDBMS: realizing the appropriate query synthesis and aposynthesis capabilities Flexible Key Management: mechanisms making the key usage transparent to the cloud-based applications and services Extensibility: the framework should be extensible even during runtime PaaSword28/06/2016 27
Consortium • Industrial Partner• Scientific Partner 28PaaSword
Interested in… ? Getting access to early results? Shaping and expanding PaaSword? Networking with leading companies & research institutes? Collaborating with us and the PaaSword Community? Join the Cloud Security Industrial Focus Group! Register at: https://www.paasword.eu/register/ 29PaaSword
PaaSword28/06/2016 30 Questions? Visit us: www.paasword.euAcknowledgements: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814.

Empfohlen

PaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword EU Project
 
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design FrameworkNo More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design FrameworkPaaSword EU Project
 
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Bloombase
 
PaaSword - Technology Baseline
PaaSword - Technology BaselinePaaSword - Technology Baseline
PaaSword - Technology BaselinePaaSword EU Project
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security CenterLalit Rawat
 
Jenkins Terraform Vault
Jenkins Terraform VaultJenkins Terraform Vault
Jenkins Terraform VaultShrivatsa Upadhye
 
IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513Alexander Doré
 
Cloud gateways for regulatory compliance
Cloud gateways for regulatory complianceCloud gateways for regulatory compliance
Cloud gateways for regulatory complianceUlf Mattsson
 

Empfohlen

PaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword EU Project
 
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design FrameworkNo More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design FrameworkPaaSword EU Project
 
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...
Delivering transparent data_encryption_while_centrally_managing_keys_eskm-blo...Bloombase
 
PaaSword - Technology Baseline
PaaSword - Technology BaselinePaaSword - Technology Baseline
PaaSword - Technology BaselinePaaSword EU Project
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security CenterLalit Rawat
 
Jenkins Terraform Vault
Jenkins Terraform VaultJenkins Terraform Vault
Jenkins Terraform VaultShrivatsa Upadhye
 
IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513Alexander Doré
 
Cloud gateways for regulatory compliance
Cloud gateways for regulatory complianceCloud gateways for regulatory compliance
Cloud gateways for regulatory complianceUlf Mattsson
 
Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudAmazon Web Services
 
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data Spain
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the CloudSecurity Innovation
 
Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19marketingsyone
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewValdez Ladd MBA, CISSP, CISA,
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Mastering the move
Mastering the moveMastering the move
Mastering the moveTrivadis
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security CenterCheah Eng Soon
 
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Big Data Spain
 
Trivadis - Microsoft Swiss Cloud Services
Trivadis - Microsoft Swiss Cloud ServicesTrivadis - Microsoft Swiss Cloud Services
Trivadis - Microsoft Swiss Cloud ServicesTrivadis
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSKarim Hopper
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...Cisco DevNet
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionElasticsearch
 
How to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherHow to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherPanther Labs
 
Database Modernization
Database ModernizationDatabase Modernization
Database ModernizationTrivadis
 
Trivadis - Microsoft Transform your data estate with cloud, data and AI
Trivadis - Microsoft Transform your data estate with cloud, data and AITrivadis - Microsoft Transform your data estate with cloud, data and AI
Trivadis - Microsoft Transform your data estate with cloud, data and AITrivadis
 
Azure security basics
Azure security basicsAzure security basics
Azure security basicsStas Lebedenko
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptGirish Chandra
 
Enterprise data management for microsoft hd insight
Enterprise data management for microsoft hd insightEnterprise data management for microsoft hd insight
Enterprise data management for microsoft hd insightJana Lass
 
Space time & power.
Space time & power.Space time & power.
Space time & power.Soudip Sinha Roy
 
DePauwThesis
DePauwThesisDePauwThesis
DePauwThesisWhitney Grandi
 

Weitere ähnliche Inhalte

Was ist angesagt?

Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudAmazon Web Services
 
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data Spain
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the CloudSecurity Innovation
 
Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19marketingsyone
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Mastering the move
Mastering the moveMastering the move
Mastering the moveTrivadis
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security CenterCheah Eng Soon
 
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Big Data Spain
 
Trivadis - Microsoft Swiss Cloud Services
Trivadis - Microsoft Swiss Cloud ServicesTrivadis - Microsoft Swiss Cloud Services
Trivadis - Microsoft Swiss Cloud ServicesTrivadis
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSKarim Hopper
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...Cisco DevNet
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionElasticsearch
 
How to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherHow to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherPanther Labs
 
Database Modernization
Database ModernizationDatabase Modernization
Database ModernizationTrivadis
 
Trivadis - Microsoft Transform your data estate with cloud, data and AI
Trivadis - Microsoft Transform your data estate with cloud, data and AITrivadis - Microsoft Transform your data estate with cloud, data and AI
Trivadis - Microsoft Transform your data estate with cloud, data and AITrivadis
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptGirish Chandra
 
Enterprise data management for microsoft hd insight
Enterprise data management for microsoft hd insightEnterprise data management for microsoft hd insight
Enterprise data management for microsoft hd insightJana Lass
 

Was ist angesagt? (20)

Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the Cloud
 
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the Cloud
 
Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack Overview
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
Mastering the move
Mastering the moveMastering the move
Mastering the move
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
 
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
 
Trivadis - Microsoft Swiss Cloud Services
Trivadis - Microsoft Swiss Cloud ServicesTrivadis - Microsoft Swiss Cloud Services
Trivadis - Microsoft Swiss Cloud Services
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWS
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
 
Keynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and visionKeynote: Elastic Security evolution and vision
Keynote: Elastic Security evolution and vision
 
How to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherHow to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with Panther
 
Database Modernization
Database ModernizationDatabase Modernization
Database Modernization
 
Trivadis - Microsoft Transform your data estate with cloud, data and AI
Trivadis - Microsoft Transform your data estate with cloud, data and AITrivadis - Microsoft Transform your data estate with cloud, data and AI
Trivadis - Microsoft Transform your data estate with cloud, data and AI
 
Azure security basics
Azure security basicsAzure security basics
Azure security basics
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
 
Enterprise data management for microsoft hd insight
Enterprise data management for microsoft hd insightEnterprise data management for microsoft hd insight
Enterprise data management for microsoft hd insight
 

Andere mochten auch

Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01Jennie Gajjar
 
COMMAND_V_Kaypresentation
COMMAND_V_KaypresentationCOMMAND_V_Kaypresentation
COMMAND_V_KaypresentationDayna Cotter
 
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)Julian Gamboa
 
Williams gregpowersportsillustrated
Williams gregpowersportsillustratedWilliams gregpowersportsillustrated
Williams gregpowersportsillustratedgregw1234
 
Segovia Nautique Collection
Segovia Nautique CollectionSegovia Nautique Collection
Segovia Nautique Collectionsegoviaasia
 
Inclusionary Zoning_McCarthy
Inclusionary Zoning_McCarthyInclusionary Zoning_McCarthy
Inclusionary Zoning_McCarthyLev McCarthy
 
TRC Summer Research Award_Final Report
TRC Summer Research Award_Final ReportTRC Summer Research Award_Final Report
TRC Summer Research Award_Final ReportLev McCarthy
 
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notesBio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notescourtcaitlin
 
2013 enhancing graduates’ employability skills-malaysia
2013 enhancing graduates’ employability skills-malaysia2013 enhancing graduates’ employability skills-malaysia
2013 enhancing graduates’ employability skills-malaysiarazalibmuda
 
Kapanowski FINAL_Lean Assessment
Kapanowski FINAL_Lean AssessmentKapanowski FINAL_Lean Assessment
Kapanowski FINAL_Lean AssessmentGary Kapanowski
 
Kapanowski Final_FUNDAMENTALS
Kapanowski Final_FUNDAMENTALSKapanowski Final_FUNDAMENTALS
Kapanowski Final_FUNDAMENTALSGary Kapanowski
 

Andere mochten auch (20)

Space time & power.
Space time & power.Space time & power.
Space time & power.
 
DePauwThesis
DePauwThesisDePauwThesis
DePauwThesis
 
Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_web
 
Soudip sinha roy
Soudip sinha roySoudip sinha roy
Soudip sinha roy
 
COMMAND_V_Kaypresentation
COMMAND_V_KaypresentationCOMMAND_V_Kaypresentation
COMMAND_V_Kaypresentation
 
Concerto di primavera
Concerto di primaveraConcerto di primavera
Concerto di primavera
 
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
 
Williams gregpowersportsillustrated
Williams gregpowersportsillustratedWilliams gregpowersportsillustrated
Williams gregpowersportsillustrated
 
Segovia Nautique Collection
Segovia Nautique CollectionSegovia Nautique Collection
Segovia Nautique Collection
 
Goa Country
Goa CountryGoa Country
Goa Country
 
Inclusionary Zoning_McCarthy
Inclusionary Zoning_McCarthyInclusionary Zoning_McCarthy
Inclusionary Zoning_McCarthy
 
TRC Summer Research Award_Final Report
TRC Summer Research Award_Final ReportTRC Summer Research Award_Final Report
TRC Summer Research Award_Final Report
 
sujata
sujatasujata
sujata
 
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notesBio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
 
Sabin_biodata_V5
Sabin_biodata_V5Sabin_biodata_V5
Sabin_biodata_V5
 
2013 enhancing graduates’ employability skills-malaysia
2013 enhancing graduates’ employability skills-malaysia2013 enhancing graduates’ employability skills-malaysia
2013 enhancing graduates’ employability skills-malaysia
 
Portfolio
PortfolioPortfolio
Portfolio
 
Kapanowski FINAL_Lean Assessment
Kapanowski FINAL_Lean AssessmentKapanowski FINAL_Lean Assessment
Kapanowski FINAL_Lean Assessment
 
Kapanowski Final_FUNDAMENTALS
Kapanowski Final_FUNDAMENTALSKapanowski Final_FUNDAMENTALS
Kapanowski Final_FUNDAMENTALS
 

Ähnlich wie A Data Privacy and Security by Design Platform‐as‐a‐Service Framework

PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges PaaSword EU Project
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing StrategyOracle Cloud Computing Strategy
Oracle Cloud Computing StrategyRex Wang
 
Oracle Keynote Cloud Expo 11-04-09
Oracle Keynote Cloud Expo 11-04-09Oracle Keynote Cloud Expo 11-04-09
Oracle Keynote Cloud Expo 11-04-09Rex Wang
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudPaaSword EU Project
 
Cooperative Schedule Data Possession for Integrity Verification in Multi-Clou...
Cooperative Schedule Data Possession for Integrity Verification in Multi-Clou...Cooperative Schedule Data Possession for Integrity Verification in Multi-Clou...
Cooperative Schedule Data Possession for Integrity Verification in Multi-Clou...IJMER
 
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep duttaCWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep duttaCapgemini
 
A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...IJARIIT
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSAmazon Web Services
 
ATMOSPHERE at Digital Infrastructure for Research (DI4R) 2018
ATMOSPHERE at Digital Infrastructure for Research (DI4R) 2018ATMOSPHERE at Digital Infrastructure for Research (DI4R) 2018
ATMOSPHERE at Digital Infrastructure for Research (DI4R) 2018ATMOSPHERE .
 
Cloud Data Protection for the Masses
Cloud Data Protection for the MassesCloud Data Protection for the Masses
Cloud Data Protection for the MassesIRJET Journal
 
The New Stack Container Summit Talk
The New Stack Container Summit TalkThe New Stack Container Summit Talk
The New Stack Container Summit TalkThe New Stack
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014Amazon Web Services
 
A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...
A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...
A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...IRJET Journal
 
PaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword EU Project
 
Techcello at a glance
Techcello at a glanceTechcello at a glance
Techcello at a glanceTechcello
 
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEDEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEcscpconf
 
Data Virtualization to Survive a Multi and Hybrid Cloud World
Data Virtualization to Survive a Multi and Hybrid Cloud WorldData Virtualization to Survive a Multi and Hybrid Cloud World
Data Virtualization to Survive a Multi and Hybrid Cloud WorldDenodo
 

Ähnlich wie A Data Privacy and Security by Design Platform‐as‐a‐Service Framework (20)

PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing StrategyOracle Cloud Computing Strategy
Oracle Cloud Computing Strategy
 
Oracle Keynote Cloud Expo 11-04-09
Oracle Keynote Cloud Expo 11-04-09Oracle Keynote Cloud Expo 11-04-09
Oracle Keynote Cloud Expo 11-04-09
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
 
Cooperative Schedule Data Possession for Integrity Verification in Multi-Clou...
Cooperative Schedule Data Possession for Integrity Verification in Multi-Clou...Cooperative Schedule Data Possession for Integrity Verification in Multi-Clou...
Cooperative Schedule Data Possession for Integrity Verification in Multi-Clou...
 
Practical Guide to Platform-as-a-Service
Practical Guide to Platform-as-a-Service Practical Guide to Platform-as-a-Service
Practical Guide to Platform-as-a-Service
 
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep duttaCWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
 
A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWS
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
ATMOSPHERE at Digital Infrastructure for Research (DI4R) 2018
ATMOSPHERE at Digital Infrastructure for Research (DI4R) 2018ATMOSPHERE at Digital Infrastructure for Research (DI4R) 2018
ATMOSPHERE at Digital Infrastructure for Research (DI4R) 2018
 
Cloud Data Protection for the Masses
Cloud Data Protection for the MassesCloud Data Protection for the Masses
Cloud Data Protection for the Masses
 
The New Stack Container Summit Talk
The New Stack Container Summit TalkThe New Stack Container Summit Talk
The New Stack Container Summit Talk
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
 
A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...
A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...
A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...
 
Cloud computing What Why How
Cloud computing What Why HowCloud computing What Why How
Cloud computing What Why How
 
PaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSword
 
Techcello at a glance
Techcello at a glanceTechcello at a glance
Techcello at a glance
 
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEDEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
 
Data Virtualization to Survive a Multi and Hybrid Cloud World
Data Virtualization to Survive a Multi and Hybrid Cloud WorldData Virtualization to Survive a Multi and Hybrid Cloud World
Data Virtualization to Survive a Multi and Hybrid Cloud World
 

Mehr von PaaSword EU Project

PaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword EU Project
 
PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword EU Project
 
Towards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudTowards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudPaaSword EU Project
 
A Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudA Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudPaaSword EU Project
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...PaaSword EU Project
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword EU Project
 

Mehr von PaaSword EU Project (8)

PaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption Engine
 
PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access Control
 
PaaSword-Business Cases
PaaSword-Business CasesPaaSword-Business Cases
PaaSword-Business Cases
 
Daten unter Kontrolle
Daten unter KontrolleDaten unter Kontrolle
Daten unter Kontrolle
 
Towards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudTowards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the Cloud
 
A Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudA Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the Cloud
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 

Kürzlich hochgeladen

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Kürzlich hochgeladen (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

A Data Privacy and Security by Design Platform‐as‐a‐Service Framework

  • 1. www.paasword.eu A Data Privacy and Security by Design Platform‐as‐a‐Service Framework Dr. Panagiotis Gouvas - R&D Director - Ubitech Ltd Dr. Yiannis Verginadis -Senior Researcher - ICCS SecureCloud 2016 - May 24, 2016, Dublin
  • 2. Agenda Motivation Goals PaaSword in a Nutshell Use Cases Ongoing work PaaSword28/06/2016 2
  • 3. Motivation The cloud paradigm has definitely prevailed Most applications are delivered following the SaaS model Many developers rely on PaaS offerings for scalability Nearly all underlying resources (DBs, Queues etc) are outsourced at the IaaS level Attack vectors have increased ‘Raw data’ are the modern hacker’s holy grail The responsibility for the protection of data has shifted to the developer PaaSword28/06/2016 3
  • 6. Goals of PaaSword Framework To create a security-by-design framework which will allow developers to engineer secure applications To leverage the security and trust of data that reside on outsourced infrastructure To facilitate context-aware access to encrypted and (even) physically distributed datasets stored in outsourced infrastructure To prove the applicability, usability, effectiveness and value of our framework in real-life Cloud infrastructures, services and applications PaaSword28/06/2016 6
  • 7. PaaSword in a Nutshell PaaSword28/06/2016 7
  • 8. PaaSword Walkthrough PaaSword28/06/2016 8 Two types of Annotations: 1) Encryption & Distribution 2) Policy Enforcement
  • 9. Concept of Secure Proxy PaaSword28/06/2016 9 Client Cloud DB Proxy Cloud DBClient Common (insecure) scenario Desired (secure) scenario in PaaSword
  • 10. Virtual Database Architecture PaaSword28/06/2016 10 Data Index2Index1 SQL SQLDatabase Proxy (trusted) SQL Cloud (untrusted) User / Application Data (not encrypted) Data (encrypted)
  • 11. What’s New PaaSword28/06/2016 11 ID Name Surname City Day of Birth 1 Paul Anderson Athens 01.01.1979 2 Howard Miller Karlsruhe 02.02.1974 3 Henry Cooper Berlin 03.03.1980 4 Henry Jones Thessaloniki 04.04.1985 ID Encrypted Data 1 Enc(Paul,Anderson,Athens,01.01.1979) 2 Enc(Howard,Miller,Karlsruhe,02.02.1974) 3 Enc(Henry,Cooper,Berlin,03.03.1980) 4 Enc(Henry,Jones,Thessaloniki,04.04.1985) Data Keyword-Name IDs Enc(Paul) Enc(1) Enc(Howard) Enc(2) Enc(Henry) Enc(3,4) Index1 Keyword-Surname IDs Enc(Anderson) Enc(1) Enc(Miller) Enc(2) Enc(Cooper) Enc(3) Enc(Jones) Enc(4) Index2 Original Keyword Encryption • AES (deterministic) • Support for most query types (excl. LIKE) Index Distribution • Index for same data type can be stored at different servers Distribution based on Privacy Constraints • Minimize exposure of sensitive information by careful distribution
  • 12. What about Key Creation/Sharing Policies? 12
  • 13. Overview Of Policies 13 Policy /Characteristic Where is the TED taking place? TED Key Generation TED Key Usage & Sharing Policy Modification of target schema SQL support P1 In the PaaS container Generated once during bootstrapping (in a Tenant Trusted Zone) and stored in-memory by the application It is recovered by the memory on demand per each query execution No Modification Yes P2 In the PaaS container One key is generated per Tenant (in a Tenant Trusted Zone) and a pair of user_key container_key is generated out of this tenant_key It is recomposed by the combination of a user_key and a container_key per each query_execution No Modification Yes P3 Outside the container in a Tenant Trusted Zone Generated once in a Tenant Trusted Zone E/D Key is used only in the Tenant Trusted Zone No Modification No P4 In the PaaS container Generated once during bootstrapping (in a Tenant Trusted Zone) and stored in-memory by the application It is recovered by the memory on demand per each query execution Modifications required No P5 In the PaaS container One key is generated per Tenant (in a Tenant Trusted Zone) and a pair of user_key container_key is generated out of this tenant_key It is recomposed by the combination of a user_key and a container_key per each query_execution Modifications required No
  • 15. Final Key Management Requirements Avoid running a service at the Tenant (T) that provides the Tenant Key (TK) to the Proxy (P). Tenant administrator is offline. Avoid giving TK to the Cloud Application (A) or the User (U) Ensure Access Control cannot be bypassed One key per tenant As simple as possible Recoverability PaaSword28/06/2016 15
  • 16. Implemented Policy PaaSword28/06/2016 18 TKui User Encrypted with TK Cloud DB Application Access Control … TKa1 TKa2 TKa3 DB-Proxy TK = TKui  TKai  TKpi . … TKp1 TKp2 TKp3 TKui TKai TKui Admin Access
  • 17. Semantic Authorization PaaSword will deliver an XACML 3.0 compliant Auth Engine with the ability to harmonize the attribute creation process through the usage of the extensible Context Model decouple the level of granularity of attributes that are used to define policies with the attributes that characterize ‘subjects’, ‘objects’ and the ‘environment’ to provide design-time conflict resolution for provided policies PaaSword28/06/2016 24
  • 19. Use Cases PaaSword Framework will be evaluated on 5 different Use Cases Secure Sensors Analytics for IoT applications Cloud-based Multi-tenant CRM software Encrypted Persistency included in PaaS/SaaS Services Multi-tenant ERP Environments Platform for Cross-border Document Exchange PaaSword28/06/2016 26
  • 20. Challenges Functional Transparency: Developer should not implement security policies. S/he should only use them Comprehensive annotation framework: Proper annotations should be created for encryption/decryption and policy access Flexible Policy Management: Context-driven policies for accessing the stored information Efficient Virtualization of RDBMS: realizing the appropriate query synthesis and aposynthesis capabilities Flexible Key Management: mechanisms making the key usage transparent to the cloud-based applications and services Extensibility: the framework should be extensible even during runtime PaaSword28/06/2016 27
  • 21. Consortium • Industrial Partner• Scientific Partner 28PaaSword
  • 22. Interested in… ? Getting access to early results? Shaping and expanding PaaSword? Networking with leading companies & research institutes? Collaborating with us and the PaaSword Community? Join the Cloud Security Industrial Focus Group! Register at: https://www.paasword.eu/register/ 29PaaSword
  • 23. PaaSword28/06/2016 30 Questions? Visit us: www.paasword.euAcknowledgements: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814.