Successfully reported this slideshow.

SYDO - Secure Your Data by Obscurity

0

Share

Oct. 05, 2011
0 likes 2,268 views
Upcoming SlideShare
Pci compliance writing secure code
Pci compliance writing secure code
Loading in …3
×
1 of 16
1 of 16

SYDO - Secure Your Data by Obscurity

Oct. 05, 2011
0 likes 2,268 views

0

Share

Download to read offline

Technology
Technology

Recommended

More Related Content

More from DefCamp

Mobile, IoT, Clouds… It’s time to hire your own risk manager!
DefCamp
The Charter of Trust
DefCamp
Internet Balkanization: Why Are We Raising Borders Online?
DefCamp
Bridging the gap between CyberSecurity R&D and UX
DefCamp
Secure and privacy-preserving data transmission and processing using homomorp...
DefCamp
Drupalgeddon 2 – Yet Another Weapon for the Attacker
DefCamp
Economical Denial of Sustainability in the Cloud (EDOS)
DefCamp
Trust, but verify – Bypassing MFA
DefCamp
Threat Hunting: From Platitudes to Practical Application
DefCamp
Building application security with 0 money down
DefCamp
Implementation of information security techniques on modern android based Kio...
DefCamp
Lattice based Merkle for post-quantum epoch
DefCamp
The challenge of building a secure and safe digital environment in healthcare
DefCamp
Timing attacks against web applications: Are they still practical?
DefCamp
Tor .onions: The Good, The Rotten and The Misconfigured
DefCamp
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
DefCamp
We will charge you. How to [b]reach vendor’s network using EV charging station.
DefCamp
Connect & Inspire Cyber Security
DefCamp
The lions and the watering hole
DefCamp
Catch Me If You Can - Finding APTs in your network
DefCamp

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
Bezonomics: How Amazon Is Changing Our Lives and What the World's Best Companies Are Learning from It Brian Dumaine
(4/5)
Free
No Filter: The Inside Story of Instagram Sarah Frier
(4.5/5)
Free
Autonomy: The Quest to Build the Driverless Car—And How It Will Reshape Our World Lawrence D. Burns
(5/5)
Free
Talk to Me: How Voice Computing Will Transform the Way We Live, Work, and Think James Vlahos
(4/5)
Free
SAM: One Robot, a Dozen Engineers, and the Race to Revolutionize the Way We Build Jonathan Waldman
(5/5)
Free
From Gutenberg to Google: The History of Our Future Tom Wheeler
(3.5/5)
Free
The Future Is Faster Than You Think: How Converging Technologies Are Transforming Business, Industries, and Our Lives Peter H. Diamandis
(4.5/5)
Free
So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community That Will Listen Kristen Meinzer
(3.5/5)
Free
Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Seth Stephens-Davidowitz
(4.5/5)
Free
Life After Google: The Fall of Big Data and the Rise of the Blockchain Economy George Gilder
(4/5)
Free
Future Presence: How Virtual Reality Is Changing Human Connection, Intimacy, and the Limits of Ordinary Life Peter Rubin
(4/5)
Free
Live Work Work Work Die: A Journey into the Savage Heart of Silicon Valley Corey Pein
(4.5/5)
Free
Carrying the Fire: 50th Anniversary Edition Michael Collins
(4.5/5)
Free
Ninety Percent of Everything: Inside Shipping, the Invisible Industry That Puts Clothes on Your Back, Gas in Your Car, and Food on Your Plate Rose George
(4/5)
Free
Island of the Lost: An Extraordinary Story of Survival at the Edge of the World Joan Druett
(4/5)
Free
The Basics of Bitcoins and Blockchains: An Introduction to Cryptocurrencies and the Technology that Powers Them (Cryptography, Derivatives Investments, Futures Trading, Digital Assets, NFT) Antony Lewis
(4/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
Dignity in a Digital Age: Making Tech Work for All of Us Ro Khanna
(4/5)
Free
After Steve: How Apple Became a Trillion-Dollar Company and Lost its Soul Tripp Mickle
(4.5/5)
Free
The Quiet Zone: Unraveling the Mystery of a Town Suspended in Silence Stephen Kurczy
(4.5/5)
Free
The Wires of War: Technology and the Global Struggle for Power Jacob Helberg
(4/5)
Free
System Error: Where Big Tech Went Wrong and How We Can Reboot Rob Reich
(4.5/5)
Free
If Then: How the Simulmatics Corporation Invented the Future Jill Lepore
(4.5/5)
Free
Liftoff: Elon Musk and the Desperate Early Days That Launched SpaceX Eric Berger
(5/5)
Free
The Science of Time Travel: The Secrets Behind Time Machines, Time Loops, Alternate Realities, and More! Elizabeth Howell
(3/5)
Free
A Brief History of Motion: From the Wheel, to the Car, to What Comes Next Tom Standage
(4/5)
Free
An Ugly Truth: Inside Facebook’s Battle for Domination Sheera Frenkel
(4.5/5)
Free
The Players Ball: A Genius, a Con Man, and the Secret History of the Internet's Rise David Kushner
(4.5/5)
Free
Bitcoin Billionaires: A True Story of Genius, Betrayal, and Redemption Ben Mezrich
(4.5/5)
Free
User Friendly: How the Hidden Rules of Design Are Changing the Way We Live, Work, and Play Cliff Kuang
(4.5/5)
Free
Lean Out: The Truth About Women, Power, and the Workplace Marissa Orr
(4.5/5)
Free
Blockchain: The Next Everything Stephen P. Williams
(4/5)
Free
Uncanny Valley: A Memoir Anna Wiener
(4/5)
Free

SYDO - Secure Your Data by Obscurity

  1. 1. SYDO – Secure Your Data by Obscurity Andrei Avădănei Web Developer, Security enthusiast, Blogger www.worldit.info @AndreiAvadanei +AndreiAvadanei
  2. 2. Let's make some research :-)
  3. 3. Before that, what problems do we have? <ul><li>mistrust in hosting provider aims </li></ul><ul><li>security problems </li></ul><ul><li>data stealing using SQL Injections </li></ul><ul><li>… or after server was hijacked </li></ul><ul><li>etc. etc. </li></ul>
  4. 4. “ Information” <ul><li>one the most dangerous weapons </li></ul><ul><li>you have it, you rule </li></ul><ul><li>...money, women and finally the world </li></ul><ul><li>take a look at Google, Facebook, M$ etc. </li></ul>
  5. 5. We should be more careful!
  6. 6. But we are lazy...
  7. 7. We introduce SYDO <ul><li>aims to protect your data stored in SQL databases </li></ul><ul><li>a built-in interface for SQL functions </li></ul><ul><li>based on client/server API </li></ul><ul><li>help you to store and manage your data </li></ul>
  8. 8. How it works?
  9. 9. The problem divided in layers <ul><li>Low Level processing (SQL Interfaces) </li></ul><ul><li>SYDO </li></ul><ul><li>Medium Level processing (here we can add patches over SQL queries) </li></ul><ul><li>High-level processing (WAFs, htaccess etc.) </li></ul><ul><li>Post-processing (client side) </li></ul>
  10. 10. Solution <ul><li>data (rows/tables/databases) encrypted with AES 128 </li></ul><ul><li>keys stored in SYDO Hash Center (remote - server) </li></ul><ul><li>unique identification key + AES keys related </li></ul><ul><li>SQL Query identification by generating a key stub(Anti-SQLI) </li></ul><ul><li>RESTful encrypted API protocol between Client and server </li></ul>
  11. 11. Demo
  12. 12. Features <ul><li>support over multiple SQL interfaces </li></ul><ul><li>API statistics </li></ul><ul><li>multiple website management for SYDO Hash Center </li></ul><ul><li>P2P Hash Center Service (lower latency) </li></ul><ul><li>cache over SYDO Hash Center (even lower latency) </li></ul><ul><li>Anti-DOS for SYDO Hash Center </li></ul>
  13. 13. Project Status <ul><li>available on GitHub v.01 Alpha </li></ul><ul><li>http://bit.ly/o6qzjn </li></ul><ul><li>soon update! </li></ul>
  14. 14. Important <ul><li>SYDO is not bullet proof but is a better solution! </li></ul>
  15. 15. Questions?

×