Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
SYDO – Secure Your Data by Obscurity Andrei Avădănei Web Developer, Security enthusiast, Blogger www.worldit.info @AndreiA...
Let's make some research :-)
Before that, what problems do we have? <ul><li>mistrust in hosting provider aims </li></ul><ul><li>security problems </li>...
“ Information” <ul><li>one the most dangerous weapons </li></ul><ul><li>you have it, you rule </li></ul><ul><li>...money...
We should be more careful!
But we are lazy...
We introduce SYDO <ul><li>aims to protect your data stored in SQL databases </li></ul><ul><li>a built-in interface for SQL...
How it works?
The problem divided in layers <ul><li>Low Level processing (SQL Interfaces) </li></ul><ul><li>SYDO </li></ul><ul><li>Mediu...
Solution <ul><li>data (rows/tables/databases) encrypted with AES 128 </li></ul><ul><li>keys stored in SYDO Hash Center (re...
Demo
Features <ul><li>support over multiple SQL interfaces </li></ul><ul><li>API statistics </li></ul><ul><li>multiple website ...
Project Status <ul><li>available on GitHub v.01 Alpha </li></ul><ul><li>http://bit.ly/o6qzjn </li></ul><ul><li>soon update...
Important <ul><li>SYDO is not bullet proof but is a better solution! </li></ul>
Questions?
 
Upcoming SlideShare
Loading in …5
×

SYDO - Secure Your Data by Obscurity

2,104 views

Published on

Published in: Technology
no profile picture user

  • Be the first to comment

  • Be the first to like this

SYDO - Secure Your Data by Obscurity

  1. 1. SYDO – Secure Your Data by Obscurity Andrei Avădănei Web Developer, Security enthusiast, Blogger www.worldit.info @AndreiAvadanei +AndreiAvadanei
  2. 2. Let's make some research :-)
  3. 3. Before that, what problems do we have? <ul><li>mistrust in hosting provider aims </li></ul><ul><li>security problems </li></ul><ul><li>data stealing using SQL Injections </li></ul><ul><li>… or after server was hijacked </li></ul><ul><li>etc. etc. </li></ul>
  4. 4. “ Information” <ul><li>one the most dangerous weapons </li></ul><ul><li>you have it, you rule </li></ul><ul><li>...money, women and finally the world </li></ul><ul><li>take a look at Google, Facebook, M$ etc. </li></ul>
  5. 5. We should be more careful!
  6. 6. But we are lazy...
  7. 7. We introduce SYDO <ul><li>aims to protect your data stored in SQL databases </li></ul><ul><li>a built-in interface for SQL functions </li></ul><ul><li>based on client/server API </li></ul><ul><li>help you to store and manage your data </li></ul>
  8. 8. How it works?
  9. 9. The problem divided in layers <ul><li>Low Level processing (SQL Interfaces) </li></ul><ul><li>SYDO </li></ul><ul><li>Medium Level processing (here we can add patches over SQL queries) </li></ul><ul><li>High-level processing (WAFs, htaccess etc.) </li></ul><ul><li>Post-processing (client side) </li></ul>
  10. 10. Solution <ul><li>data (rows/tables/databases) encrypted with AES 128 </li></ul><ul><li>keys stored in SYDO Hash Center (remote - server) </li></ul><ul><li>unique identification key + AES keys related </li></ul><ul><li>SQL Query identification by generating a key stub(Anti-SQLI) </li></ul><ul><li>RESTful encrypted API protocol between Client and server </li></ul>
  11. 11. Demo
  12. 12. Features <ul><li>support over multiple SQL interfaces </li></ul><ul><li>API statistics </li></ul><ul><li>multiple website management for SYDO Hash Center </li></ul><ul><li>P2P Hash Center Service (lower latency) </li></ul><ul><li>cache over SYDO Hash Center (even lower latency) </li></ul><ul><li>Anti-DOS for SYDO Hash Center </li></ul>
  13. 13. Project Status <ul><li>available on GitHub v.01 Alpha </li></ul><ul><li>http://bit.ly/o6qzjn </li></ul><ul><li>soon update! </li></ul>
  14. 14. Important <ul><li>SYDO is not bullet proof but is a better solution! </li></ul>
  15. 15. Questions?

×