SYDO - Secure Your Data by Obscurity

SYDO – Secure Your Data by Obscurity Andrei Avădănei Web Developer, Security enthusiast, Blogger www.worldit.info @AndreiAvadanei +AndreiAvadanei

Let's make some research :-)

Before that, what problems do we have?
mistrust in hosting provider aims
security problems
data stealing using SQL Injections
… or after server was hijacked
etc. etc.

“ Information”
one the most dangerous weapons
you have it, you rule
...money, women and finally the world
take a look at Google, Facebook, M$ etc.

We should be more careful!

But we are lazy...

We introduce SYDO
aims to protect your data stored in SQL databases
a built-in interface for SQL functions
based on client/server API
help you to store and manage your data

How it works?

The problem divided in layers
Low Level processing (SQL Interfaces)
SYDO
Medium Level processing (here we can add patches over SQL queries)
High-level processing (WAFs, htaccess etc.)
Post-processing (client side)

Solution
data (rows/tables/databases) encrypted with AES 128
keys stored in SYDO Hash Center (remote - server)
unique identification key + AES keys related
SQL Query identification by generating a key stub(Anti-SQLI)
RESTful encrypted API protocol between Client and server

Features
support over multiple SQL interfaces
API statistics
multiple website management for SYDO Hash Center
P2P Hash Center Service (lower latency)
cache over SYDO Hash Center (even lower latency)
Anti-DOS for SYDO Hash Center

Project Status
available on GitHub v.01 Alpha
http://bit.ly/o6qzjn
soon update!

Important
SYDO is not bullet proof but is a better solution!

Questions?

SYDO - Secure Your Data by Obscurity

by DefCamp Romania on Oct 05, 2011

Accessibility

Categories

Upload Details

Usage Rights

2 Embeds 597

Statistics

SYDO - Secure Your Data by Obscurity — Presentation Transcript

http://defcamp.ro	592
http://defcamp.com	5