Your SlideShare is downloading. ×
SYDO - Secure Your Data by Obscurity
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

SYDO - Secure Your Data by Obscurity

1,721
views

Published on

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,721
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SYDO – Secure Your Data by Obscurity Andrei Avădănei Web Developer, Security enthusiast, Blogger www.worldit.info @AndreiAvadanei +AndreiAvadanei
  • 2. Let's make some research :-)
  • 3. Before that, what problems do we have?
    • mistrust in hosting provider aims
    • security problems
    • data stealing using SQL Injections
    • … or after server was hijacked
    • etc. etc.
  • 4. “ Information”
    • one the most dangerous weapons
    • you have it, you rule
    • ...money, women and finally the world
    • take a look at Google, Facebook, M$ etc.
  • 5. We should be more careful!
  • 6. But we are lazy...
  • 7. We introduce SYDO
    • aims to protect your data stored in SQL databases
    • a built-in interface for SQL functions
    • based on client/server API
    • help you to store and manage your data
  • 8. How it works?
  • 9. The problem divided in layers
    • Low Level processing (SQL Interfaces)
    • SYDO
    • Medium Level processing (here we can add patches over SQL queries)
    • High-level processing (WAFs, htaccess etc.)
    • Post-processing (client side)
  • 10. Solution
    • data (rows/tables/databases) encrypted with AES 128
    • keys stored in SYDO Hash Center (remote - server)
    • unique identification key + AES keys related
    • SQL Query identification by generating a key stub(Anti-SQLI)
    • RESTful encrypted API protocol between Client and server
  • 11. Demo
  • 12. Features
    • support over multiple SQL interfaces
    • API statistics
    • multiple website management for SYDO Hash Center
    • P2P Hash Center Service (lower latency)
    • cache over SYDO Hash Center (even lower latency)
    • Anti-DOS for SYDO Hash Center
  • 13. Project Status
    • available on GitHub v.01 Alpha
    • http://bit.ly/o6qzjn
    • soon update!
  • 14. Important
    • SYDO is not bullet proof but is a better solution!
  • 15. Questions?
  • 16.