ORCON in 10 Minutes
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
365
On Slideshare
365
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. © Cocoon Data Holdings Limited 2013. All rights reserved. COVATA SELF-DEFENDING DATA (in 10 minutes) Vic Winkler CTO Covata USA, Inc Reston, Virginia
  • 2. © Cocoon Data Holdings Limited 2013. All rights reserved. Can You Control Unprotected Data? No. Adding strong security components to an otherwise weak system is usually NOT effective X
  • 3. © Cocoon Data Holdings Limited 2013. All rights reserved. First, Control The Data Adding strong security components to an otherwise weak system is usually NOT effective Encrypt the data and apply access controls Access Controls Persisting Control X ✔encrypted
  • 4. © Cocoon Data Holdings Limited 2013. All rights reserved. Self-Defending Data •  Doesn’t grant access unless you meet it’s requirements •  Doesn’t care if the computer or network are hacked •  Every access is audited •  Originator can revoke access anytime •  …Every copy behaves the same way
  • 5. © Cocoon Data Holdings Limited 2013. All rights reserved. So, What is ORCON? •  History: U.S. Intelligence Community -  Desired “Originator Control” in Closed-Network Information Sharing Examples: Rescind Access; Prevent Forwarding •  Extends classic access controls •  Has elements of: DRM, MAC, RBAC, ABAC, and Capability-Based approaches ORCON Persisting Originator Control over Data Data }
  • 6. © Cocoon Data Holdings Limited 2013. All rights reserved. ORCON … •  Does it have to be “Originator” control? Not always. The enterprise may require default controls Other systems like DLP might “attach” additional ORCON •  It is a flexible framework for persisting controls …But, but how does it work?
  • 7. © Cocoon Data Holdings Limited 2013. All rights reserved. Policy Enforcement & Caveats
  • 8. © Cocoon Data Holdings Limited 2013. All rights reserved. Covata ORCON is Built on Other Access Control Models •  Again, the goal is control over your data -  ORCON extends your control -  It empowers control and sharing (X-domain and ad-hoc) •  In brief, ORCON: -  Extends traditional access controls with “persistent controls” -  These persistent controls can be “shaped” to meet your security needs •  ORCON is more lightweight than DRM | IRM | MAC •  ORCON is more flexible than DRM | IRM | MAC
  • 9. © Cocoon Data Holdings Limited 2013. All rights reserved. What Is It? REST API SO 2.1 Server Client Apps Java API Client Apps Java API Client Apps Java API Client Apps Java API Client Apps Java API Windows Apps C# API Client Apps Java API Client Apps Java API iPhone/ iPad Apps Objective C API Client Libraries REST API
  • 10. © Cocoon Data Holdings Limited 2013. All rights reserved. …What Is?
  • 11. © Cocoon Data Holdings Limited 2013. All rights reserved. Ranges of Use-Cases in Cloud
  • 12. © Cocoon Data Holdings Limited 2013. All rights reserved. Value Proposition •  Accessible Crypto for Developers (helper libs) •  FIPS Compliant Crypto and Key Management •  All Accesses to Secured Data are ALWAYS Audited •  Persistent and Fine-Grained Originator Control Covata provides technology that enables persisting owner control over data for compliance with regulatory, privacy, security or data governance requirements