SYDO - Secure Your Data by Obscurity
Upcoming SlideShare
Loading in...5
×
 

SYDO - Secure Your Data by Obscurity

on

  • 355 views

 

Statistics

Views

Total Views
355
Views on SlideShare
340
Embed Views
15

Actions

Likes
0
Downloads
2
Comments
0

2 Embeds 15

http://www.linkedin.com 12
https://www.linkedin.com 3

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

SYDO - Secure Your Data by Obscurity SYDO - Secure Your Data by Obscurity Presentation Transcript

  • SYDO – Secure Your Data by Obscurity Andrei Avădănei Web Developer, Security enthusiast, Blogger www.worldit.info @AndreiAvadanei +AndreiAvadanei
  • Let's make some research :-)
  • Before that, what problems do we have?
    • mistrust in hosting provider aims
    • security problems
    • data stealing using SQL Injections
    • … or after server was hijacked
    • etc. etc.
  • “ Information”
    • one the most dangerous weapons
    • you have it, you rule
    • ...money, women and finally the world
    • take a look at Google, Facebook, M$ etc.
  • We should be more careful!
  • But we are lazy...
  • We introduce SYDO
    • aims to protect your data stored in SQL databases
    • a built-in interface for SQL functions
    • based on client/server API
    • help you to store and manage your data
  • How it works?
  • The problem divided in layers
    • Low Level processing (SQL Interfaces)
    • SYDO
    • Medium Level processing (here we can add patches over SQL queries)
    • High-level processing (WAFs, htaccess etc.)
    • Post-processing (client side)
  • Solution
    • data (rows/tables/databases) encrypted with AES 128
    • keys stored in SYDO Hash Center (remote - server)
    • unique identification key + AES keys related
    • SQL Query identification by generating a key stub(Anti-SQLI)
    • RESTful encrypted API protocol between Client and server
  • Demo
  • Features
    • support over multiple SQL interfaces
    • API statistics
    • multiple website management for SYDO Hash Center
    • P2P Hash Center Service (lower latency)
    • cache over SYDO Hash Center (even lower latency)
    • Anti-DOS for SYDO Hash Center
  • Project Status
    • available on GitHub v.01 Alpha
    • http://bit.ly/o6qzjn
    • soon update!
  • Important
    • SYDO is not bullet proof but is a better solution!
  • Questions?
  •