SlideShare a Scribd company logo
www.paasword.eu
Business Cases
Dr. Simone Braun
CAS Software AG
PaaSword CS-IFG Workshop
Nov 10, 2016, Athens, Greece
Business Validation & Use Cases
Five industry-driven pilots in different business application
areas
Data Protection in a Multi-tenant xRM Platform (CAS)
Secure Sensor Data Fusion and Analytics (SIEMENS)
Protection of Sensitive Enterprise Information in a Multi-tenant ERP
Environment (Singular Logic)
Encrypted Persistency as PaaS/IaaS Service (SixSq)
Qualified e-Delivery Service (UBITECH)
PaaSword10/11/2016 2
BUSINESS CASE: DATA PROTECTION IN
A MULTI-TENANT XRM PLATFORM
Simone Braun & Sebastian Schork – CAS
PaaSword10/11/2016 3
CRM / xRM Domain Security Challenges
CRM / xRM solutions store, link and process large amount of
personal and customer data as well as sensitive enterprise
data
Huge variety of data types with varying need for security
Availability everywhere and at any time
CRM / xRM developers are non-security experts
PaaSword10/11/2016 4
Benefits from PaaSword
Secure Key Management ensures maximum control over data
usage
Context-aware access control and encryption for specific
highly sensitive data and business operations
 Perfectly fitting customers’ security requirements
Security-by-design approach enables non-security experts to
implement security-aware CRM / xRM solutions
PaaSword10/11/2016 5
BUSINESS CASE: SECURE SENSOR DATA
FUSION AND ANALYTICS
George Moldovan – SIEMENS
PaaSword10/11/2016 6
Internet of Things, Industrial Monitoring,
Smart X Domain Security Challenges
Industrial and governmental clients, services assume being able to
process data on site or central
Deficiencies in the (custom) applications operating on the data can
expose unrelated clients or the underlying infrastructure and resources to
security threats
Joint collaboration on specific topics requiring flexibility in defining access
to the required resources, as well as non-repudiation regarding actions
taken
Deploying/customizing applications running on the Siemens infrastructure
should require validation/checking mechanisms in order to ensure a
minimum compliance regarding privacy and security
PaaSword18/11/2016 7
Benefits from PaaSword
Flexible policy models and per-instance (deployment/client)
specific changes – configurable by the end-clients
 allowing the more control over how and where the data can
be accessed
Transparency in provided security and privacy-related
mechanisms offloading time and resources from the (normal,
not security-professional) developers and their related
entities through the use of annotation
Proactive, contextual anomaly detection
PaaSword18/11/2016 8
BUSINESS CASE: PROTECTION OF
SENSITIVE ENTERPRISE INFORMATION
IN A MULTI-TENANT ERP
ENVIRONMENT
Giannis Ledakis – Singular Logic
PaaSword10/11/2016 9
ERP Domain Security Challenges
ERPs usually store information that can be confidential and
sensitive
Data protection is of high importance for any ERP and sensitive data
should be encrypted
Multi-tenancy is supported by running one-schema-per-
tenant in the same installation
Exposure of the data of a tenant to other tenants or to a third party is
the main security consideration
Access management mechanism is important for protecting
user accounts
PaaSword11/18/2016 10
Benefits from PaaSword
Support for a searchable encryption of the database
Distribution of database to increase data level security
Providing context-aware access control to protect user
accounts
Easy enablement of security aspects through annotations on
code level
 Increasing the provided security to the customers
PaaSword11/18/2016 11
BUSINESS CASE: ENCRYPTED
PERSISTENCY AS PAAS/IAAS SERVICE
Charles Loomis - SixSq
PaaSword10/11/2016 12
PaaS Providers
Data protection and security for cloud applications are
concerns for nearly all developers/operators.
In the spirit of PaaS providers exposing high-level services to
developers/operator, PaaSword components can be made
available through the PaaS
Benefits:
Less costly than developing components “in house”
Faster “time-to-market” for new applications
More confidence in using validated framework
Additional flexibility from policy-based authorization
PaaSword11/18/2016 13
BUSINESS CASE: QUALIFIED E-DELIVERY
SERVICE
Panagiotis Gouvas – UBITECH Ltd
PaaSword10/11/2016 14
eDelivery Security Challenges
Context
e-Delivery refers to the qualified electronic delivery of data
(e.g. documents and invoices) between two organizations
Qualified e-Delivery requires specific guarantees
e-Signing, e-Timestamping, e-Sealing of all steps
Challenges
Dominant model of e-Delivery Platform is SaaS
Increased need for encrypting e-delivery payloads
Compliance is very strict
GPDR has tremendous impact on SaaS providers
PaaSword10/11/2016 15
Benefits from PaaSword
Transparent searchable encryption of e-Delivery metadata
Dynamic update of Policies and Models with zero downtime
Acceleration to compliance (GDPR)
PaaSword10/11/2016 16
ASSISTING THE EU GENERAL DATA
PROTECTION REGULATION (GDPR)
PaaSword10/11/2016 17
Motivation
The new data protection regulation (GDPR) will
enter into force on 25 May 2018
be valid for public and private sector
Directly effective in Member States without the need for implementing
legislation
The GDPR will apply
to organizations (data processors or data controllers) which have EU
“establishments”,
where personal data are processed “in the context of the activities” of such an
establishment,
irrespective of whether the actual data processing takes place in the EU or not
Non-compliance can lead to a high administrative fine
up to either €20 Mio. or 4% of global annual turnover (the higher one)
09/2016 PaaSword 18
New Concepts
Personal Data Breach – a new security breach communication
law
Data protection by design and accountability – organizations
have to demonstrate their GDPR compliance
Enhanced rights – including the right to be forgotten, data
portability rights and the right to object to automated
decision making
Supervisory authorities and the EDPB – introduction of a new
single point of reference for multi-national groups
09/2016 PaaSword 19
Assisting GDPR Adoption
How PaaSword contributes in the acceleration of GDPR adoption?
Data Security and Processing
Data Breach communication by the data processor
Data protection by design / default and accountability
Right of Informedness
Right to be forgotten
PaaSword10/11/2016 20
How PaaSword Helps
Data Security and Processing:
PaaSword Key Management, DB Encryption and Context-aware Access
Control provide measures to ensure data security and prevent
processing that violates the GDPR
Data Breach communication by the data processor:
PaaSword Encryption as appropriate technical and organizational
protection measures
PaaSword10/11/2016 21
How PaaSword Helps
Data protection by design / default and accountability:
Privacy by default with PaaSword Key Management and Encryption
Privacy by design with PaaSword code and data model annotations
and their enforcement through the framework middleware
PaaSword Pilot Demonstrators as best practices and demonstrations
of compliance
Framework as a basis to fulfill certification requirements
PaaSword10/11/2016 22
How PaaSword Helps
Right of informedness
Annotated data model can be automatically analyzed to identify
contained personally identifiable information
Increased transparency, also regarding data processing by
applications
Right to be forgotten
Shared key ownership allows every owning party to make information
inaccessible by deleting the owned key part (“erase”)
PaaSword10/11/2016 23
Conclusion
Higher privacy with distributed searchable encryption at DB
layer
Increased user control and less dependency on cloud
provider with tenant-controlled Key Management
Appropriate access control with context-awareness and
flexible Policy Management
Easier development of secure cloud applications for non-
security experts with comprehensive Annotation Framework
 Making cloud solutions more attractive and ready for the EU
General Data Protection Regulation
10/11/2016 24
10/11/2016 25
Questions?
Visit us:
www.paasword.euAcknowledgements:
This project has received funding from the
European Union’s Horizon 2020 research and
innovation programme under grant
agreement No 644814.
PaaSword

More Related Content

What's hot

Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP DataWebinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
UL Transaction Security
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
Amit Bhargava
 
8549 bloombase ss_usl_v1
8549 bloombase ss_usl_v18549 bloombase ss_usl_v1
8549 bloombase ss_usl_v1
Bloombase
 
Bloombase storage-protection-entrust-hsm-sb
Bloombase storage-protection-entrust-hsm-sbBloombase storage-protection-entrust-hsm-sb
Bloombase storage-protection-entrust-hsm-sb
Bloombase
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Ulf Mattsson
 
The connection beyond non stop encryption
The connection   beyond non stop encryptionThe connection   beyond non stop encryption
The connection beyond non stop encryption
Bloombase
 
Webinar: Worried about privacy of your data on public cloud - Bring your own key
Webinar: Worried about privacy of your data on public cloud - Bring your own keyWebinar: Worried about privacy of your data on public cloud - Bring your own key
Webinar: Worried about privacy of your data on public cloud - Bring your own key
Vaultastic
 
13 Tips for Cloud Security
13 Tips for Cloud Security13 Tips for Cloud Security
13 Tips for Cloud Security
Peak 10
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
SafeNet
 
Secupi - Veri Maskeleme - Anonimleştirme ve Mantıksal Silme Çözümü
Secupi - Veri Maskeleme - Anonimleştirme ve Mantıksal Silme ÇözümüSecupi - Veri Maskeleme - Anonimleştirme ve Mantıksal Silme Çözümü
Secupi - Veri Maskeleme - Anonimleştirme ve Mantıksal Silme Çözümü
SAYGIN SAMAN
 
Cloud & Sécurité
Cloud & SécuritéCloud & Sécurité
Cloud & Sécurité
Technofutur TIC
 
Protect your sensitive data against data leaks with Safetica DLP
Protect your sensitive data against data leaks with Safetica DLPProtect your sensitive data against data leaks with Safetica DLP
Protect your sensitive data against data leaks with Safetica DLP
Adi Saputra
 
Office 365 data loss prevention
Office 365 data loss preventionOffice 365 data loss prevention
Office 365 data loss prevention
ssuser1eca7d
 
Protect customer's personal information eng 191018
Protect customer's personal information eng 191018Protect customer's personal information eng 191018
Protect customer's personal information eng 191018
sang yoo
 
Securing data today and in the future - Oracle NYC
Securing data today and in the future - Oracle NYCSecuring data today and in the future - Oracle NYC
Securing data today and in the future - Oracle NYC
Ulf Mattsson
 
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
UL Transaction Security
 
Guide: Security and Compliance
Guide: Security and ComplianceGuide: Security and Compliance
Guide: Security and Compliance
QuestionPro
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Ulf Mattsson
 
Isaca new delhi india privacy and big data
Isaca new delhi india   privacy and big dataIsaca new delhi india   privacy and big data
Isaca new delhi india privacy and big data
Ulf Mattsson
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 days
Solarwinds N-able
 

What's hot (20)

Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP DataWebinar: Data Classification - Closing the Gap between Enterprise and SAP Data
Webinar: Data Classification - Closing the Gap between Enterprise and SAP Data
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
 
8549 bloombase ss_usl_v1
8549 bloombase ss_usl_v18549 bloombase ss_usl_v1
8549 bloombase ss_usl_v1
 
Bloombase storage-protection-entrust-hsm-sb
Bloombase storage-protection-entrust-hsm-sbBloombase storage-protection-entrust-hsm-sb
Bloombase storage-protection-entrust-hsm-sb
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
 
The connection beyond non stop encryption
The connection   beyond non stop encryptionThe connection   beyond non stop encryption
The connection beyond non stop encryption
 
Webinar: Worried about privacy of your data on public cloud - Bring your own key
Webinar: Worried about privacy of your data on public cloud - Bring your own keyWebinar: Worried about privacy of your data on public cloud - Bring your own key
Webinar: Worried about privacy of your data on public cloud - Bring your own key
 
13 Tips for Cloud Security
13 Tips for Cloud Security13 Tips for Cloud Security
13 Tips for Cloud Security
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
 
Secupi - Veri Maskeleme - Anonimleştirme ve Mantıksal Silme Çözümü
Secupi - Veri Maskeleme - Anonimleştirme ve Mantıksal Silme ÇözümüSecupi - Veri Maskeleme - Anonimleştirme ve Mantıksal Silme Çözümü
Secupi - Veri Maskeleme - Anonimleştirme ve Mantıksal Silme Çözümü
 
Cloud & Sécurité
Cloud & SécuritéCloud & Sécurité
Cloud & Sécurité
 
Protect your sensitive data against data leaks with Safetica DLP
Protect your sensitive data against data leaks with Safetica DLPProtect your sensitive data against data leaks with Safetica DLP
Protect your sensitive data against data leaks with Safetica DLP
 
Office 365 data loss prevention
Office 365 data loss preventionOffice 365 data loss prevention
Office 365 data loss prevention
 
Protect customer's personal information eng 191018
Protect customer's personal information eng 191018Protect customer's personal information eng 191018
Protect customer's personal information eng 191018
 
Securing data today and in the future - Oracle NYC
Securing data today and in the future - Oracle NYCSecuring data today and in the future - Oracle NYC
Securing data today and in the future - Oracle NYC
 
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
Solving Security, Collaboration, and Mobility Challenges in SAP With Microsof...
 
Guide: Security and Compliance
Guide: Security and ComplianceGuide: Security and Compliance
Guide: Security and Compliance
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA Atlanta
 
Isaca new delhi india privacy and big data
Isaca new delhi india   privacy and big dataIsaca new delhi india   privacy and big data
Isaca new delhi india privacy and big data
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 days
 

Viewers also liked

Ekurhuleni BPM Case Study
Ekurhuleni BPM Case StudyEkurhuleni BPM Case Study
Ekurhuleni BPM Case Study
zwanev
 
Aris business process_modelling
Aris business process_modellingAris business process_modelling
Aris business process_modelling
vanny tsoe
 
Digital disruption, digital transformation1 kh streibich software ag
Digital disruption, digital transformation1 kh streibich software agDigital disruption, digital transformation1 kh streibich software ag
Digital disruption, digital transformation1 kh streibich software ag
Teleconnect & Service GmbH
 
Democracy - an operating system for the people
Democracy - an operating system for the peopleDemocracy - an operating system for the people
Democracy - an operating system for the people
Håkon Skramstad
 
Se for cross industry presentation #4
Se for cross industry presentation #4Se for cross industry presentation #4
Se for cross industry presentation #4
AIMFirst
 
SAG_Digital business platform_short
SAG_Digital business platform_shortSAG_Digital business platform_short
SAG_Digital business platform_short
Pascal Van Hove
 
The Road Map to Digitization - Software AG's Heritage of Innovation - Patrick...
The Road Map to Digitization - Software AG's Heritage of Innovation - Patrick...The Road Map to Digitization - Software AG's Heritage of Innovation - Patrick...
The Road Map to Digitization - Software AG's Heritage of Innovation - Patrick...
Software AG South Africa
 
ARIS World
ARIS World ARIS World
ARIS World
Software AG
 
ARIS Roadmap: Business and IT transformation with ARIS
ARIS Roadmap: Business and IT transformation with ARISARIS Roadmap: Business and IT transformation with ARIS
ARIS Roadmap: Business and IT transformation with ARIS
NRB
 
Segovia Nautique Collection
Segovia Nautique CollectionSegovia Nautique Collection
Segovia Nautique Collection
segoviaasia
 
new pamphlet revision 8 page layout
new pamphlet revision 8 page layoutnew pamphlet revision 8 page layout
new pamphlet revision 8 page layout
Brandi Jorgensen
 
Kapanowski FINAL_CIPL
Kapanowski FINAL_CIPLKapanowski FINAL_CIPL
Kapanowski FINAL_CIPL
Gary Kapanowski
 
Energía solar - definiciones y terminología
Energía solar - definiciones y terminologíaEnergía solar - definiciones y terminología
Energía solar - definiciones y terminología
Brad Pitt
 
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design FrameworkNo More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
PaaSword EU Project
 
Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)
Julian Gamboa
 
paper
paperpaper
paper
Jing Ren
 
DePauwThesis
DePauwThesisDePauwThesis
DePauwThesis
Whitney Grandi
 
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
Julian Gamboa
 
Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01
Jennie Gajjar
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_web
Derrick McBreairty
 

Viewers also liked (20)

Ekurhuleni BPM Case Study
Ekurhuleni BPM Case StudyEkurhuleni BPM Case Study
Ekurhuleni BPM Case Study
 
Aris business process_modelling
Aris business process_modellingAris business process_modelling
Aris business process_modelling
 
Digital disruption, digital transformation1 kh streibich software ag
Digital disruption, digital transformation1 kh streibich software agDigital disruption, digital transformation1 kh streibich software ag
Digital disruption, digital transformation1 kh streibich software ag
 
Democracy - an operating system for the people
Democracy - an operating system for the peopleDemocracy - an operating system for the people
Democracy - an operating system for the people
 
Se for cross industry presentation #4
Se for cross industry presentation #4Se for cross industry presentation #4
Se for cross industry presentation #4
 
SAG_Digital business platform_short
SAG_Digital business platform_shortSAG_Digital business platform_short
SAG_Digital business platform_short
 
The Road Map to Digitization - Software AG's Heritage of Innovation - Patrick...
The Road Map to Digitization - Software AG's Heritage of Innovation - Patrick...The Road Map to Digitization - Software AG's Heritage of Innovation - Patrick...
The Road Map to Digitization - Software AG's Heritage of Innovation - Patrick...
 
ARIS World
ARIS World ARIS World
ARIS World
 
ARIS Roadmap: Business and IT transformation with ARIS
ARIS Roadmap: Business and IT transformation with ARISARIS Roadmap: Business and IT transformation with ARIS
ARIS Roadmap: Business and IT transformation with ARIS
 
Segovia Nautique Collection
Segovia Nautique CollectionSegovia Nautique Collection
Segovia Nautique Collection
 
new pamphlet revision 8 page layout
new pamphlet revision 8 page layoutnew pamphlet revision 8 page layout
new pamphlet revision 8 page layout
 
Kapanowski FINAL_CIPL
Kapanowski FINAL_CIPLKapanowski FINAL_CIPL
Kapanowski FINAL_CIPL
 
Energía solar - definiciones y terminología
Energía solar - definiciones y terminologíaEnergía solar - definiciones y terminología
Energía solar - definiciones y terminología
 
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design FrameworkNo More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
 
Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)
 
paper
paperpaper
paper
 
DePauwThesis
DePauwThesisDePauwThesis
DePauwThesis
 
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
 
Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_web
 

Similar to PaaSword-Business Cases

PaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSword
PaaSword EU Project
 
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service FrameworkA Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
PaaSword EU Project
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
PaaSword EU Project
 
Data Security Whitepaper
Data Security WhitepaperData Security Whitepaper
Data Security Whitepaper
Sample Solutions
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
PaaSword EU Project
 
Webinar Industrial Data Space Association: Introduction and Architecture
Webinar Industrial Data Space Association: Introduction and ArchitectureWebinar Industrial Data Space Association: Introduction and Architecture
Webinar Industrial Data Space Association: Introduction and Architecture
Thorsten Huelsmann
 
A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...
ijccsa
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
Yiannis Verginadis
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2
jeffirby
 
Losing Control to the Cloud
Losing Control to the CloudLosing Control to the Cloud
Losing Control to the Cloud
Rochester Security Summit
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword EU Project
 
SaaS Platform Securing
SaaS Platform SecuringSaaS Platform Securing
SaaS Platform Securing
Leo TechnoSoft
 
Protecting your data against cyber attacks in big data environments
Protecting your data against cyber attacks in big data environmentsProtecting your data against cyber attacks in big data environments
Protecting your data against cyber attacks in big data environments
at MicroFocus Italy ❖✔
 
Protecting your data against cyber attacks in big data environments
Protecting your data against cyber attacks in big data environmentsProtecting your data against cyber attacks in big data environments
Protecting your data against cyber attacks in big data environments
at MicroFocus Italy ❖✔
 
Predicting The Future: Security and Compliance in the Cloud Age
Predicting The Future: Security and Compliance in the Cloud AgePredicting The Future: Security and Compliance in the Cloud Age
Predicting The Future: Security and Compliance in the Cloud Age
Alert Logic
 
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
akquinet enterprise solutions GmbH
 
The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
The Enablement of an Identity-Centric SOC in the Regulatory Rumba EraThe Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
Luca Martelli
 
Study on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in CloudStudy on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in Cloud
ijtsrd
 
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
VMUG IT
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
Adrian Dumitrescu
 

Similar to PaaSword-Business Cases (20)

PaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSword
 
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service FrameworkA Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
 
Data Security Whitepaper
Data Security WhitepaperData Security Whitepaper
Data Security Whitepaper
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
 
Webinar Industrial Data Space Association: Introduction and Architecture
Webinar Industrial Data Space Association: Introduction and ArchitectureWebinar Industrial Data Space Association: Introduction and Architecture
Webinar Industrial Data Space Association: Introduction and Architecture
 
A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...A proficient 5 c approach to boost the security in the saas model's technical...
A proficient 5 c approach to boost the security in the saas model's technical...
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2
 
Losing Control to the Cloud
Losing Control to the CloudLosing Control to the Cloud
Losing Control to the Cloud
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 
SaaS Platform Securing
SaaS Platform SecuringSaaS Platform Securing
SaaS Platform Securing
 
Protecting your data against cyber attacks in big data environments
Protecting your data against cyber attacks in big data environmentsProtecting your data against cyber attacks in big data environments
Protecting your data against cyber attacks in big data environments
 
Protecting your data against cyber attacks in big data environments
Protecting your data against cyber attacks in big data environmentsProtecting your data against cyber attacks in big data environments
Protecting your data against cyber attacks in big data environments
 
Predicting The Future: Security and Compliance in the Cloud Age
Predicting The Future: Security and Compliance in the Cloud AgePredicting The Future: Security and Compliance in the Cloud Age
Predicting The Future: Security and Compliance in the Cloud Age
 
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
 
The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
The Enablement of an Identity-Centric SOC in the Regulatory Rumba EraThe Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
The Enablement of an Identity-Centric SOC in the Regulatory Rumba Era
 
Study on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in CloudStudy on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in Cloud
 
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
 

More from PaaSword EU Project

PaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption Engine
PaaSword EU Project
 
PaaSword - Technology Baseline
PaaSword - Technology BaselinePaaSword - Technology Baseline
PaaSword - Technology Baseline
PaaSword EU Project
 
PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access Control
PaaSword EU Project
 
Daten unter Kontrolle
Daten unter KontrolleDaten unter Kontrolle
Daten unter Kontrolle
PaaSword EU Project
 
PaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword Presentation - Project Overview
PaaSword Presentation - Project Overview
PaaSword EU Project
 
Towards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudTowards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the Cloud
PaaSword EU Project
 
A Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudA Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the Cloud
PaaSword EU Project
 

More from PaaSword EU Project (7)

PaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption Engine
 
PaaSword - Technology Baseline
PaaSword - Technology BaselinePaaSword - Technology Baseline
PaaSword - Technology Baseline
 
PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access Control
 
Daten unter Kontrolle
Daten unter KontrolleDaten unter Kontrolle
Daten unter Kontrolle
 
PaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword Presentation - Project Overview
PaaSword Presentation - Project Overview
 
Towards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudTowards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the Cloud
 
A Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudA Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the Cloud
 

Recently uploaded

Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
confluent
 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
Alina Yurenko
 
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
kalichargn70th171
 
What is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdfWhat is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdf
kalichargn70th171
 
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdfBaha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid
 
Superpower Your Apache Kafka Applications Development with Complementary Open...
Superpower Your Apache Kafka Applications Development with Complementary Open...Superpower Your Apache Kafka Applications Development with Complementary Open...
Superpower Your Apache Kafka Applications Development with Complementary Open...
Paul Brebner
 
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
manji sharman06
 
Strengthening Web Development with CommandBox 6: Seamless Transition and Scal...
Strengthening Web Development with CommandBox 6: Seamless Transition and Scal...Strengthening Web Development with CommandBox 6: Seamless Transition and Scal...
Strengthening Web Development with CommandBox 6: Seamless Transition and Scal...
Ortus Solutions, Corp
 
What’s New in VictoriaLogs - Q2 2024 Update
What’s New in VictoriaLogs - Q2 2024 UpdateWhat’s New in VictoriaLogs - Q2 2024 Update
What’s New in VictoriaLogs - Q2 2024 Update
VictoriaMetrics
 
How GenAI Can Improve Supplier Performance Management.pdf
How GenAI Can Improve Supplier Performance Management.pdfHow GenAI Can Improve Supplier Performance Management.pdf
How GenAI Can Improve Supplier Performance Management.pdf
Zycus
 
42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert
vaishalijagtap12
 
Software Test Automation - A Comprehensive Guide on Automated Testing.pdf
Software Test Automation - A Comprehensive Guide on Automated Testing.pdfSoftware Test Automation - A Comprehensive Guide on Automated Testing.pdf
Software Test Automation - A Comprehensive Guide on Automated Testing.pdf
kalichargn70th171
 
Refactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contextsRefactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contexts
Michał Kurzeja
 
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
kgyxske
 
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptxMigration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
ervikas4
 
TheFutureIsDynamic-BoxLang-CFCamp2024.pdf
TheFutureIsDynamic-BoxLang-CFCamp2024.pdfTheFutureIsDynamic-BoxLang-CFCamp2024.pdf
TheFutureIsDynamic-BoxLang-CFCamp2024.pdf
Ortus Solutions, Corp
 
Streamlining End-to-End Testing Automation
Streamlining End-to-End Testing AutomationStreamlining End-to-End Testing Automation
Streamlining End-to-End Testing Automation
Anand Bagmar
 
ACE - Team 24 Wrapup event at ahmedabad.
ACE - Team 24 Wrapup event at ahmedabad.ACE - Team 24 Wrapup event at ahmedabad.
ACE - Team 24 Wrapup event at ahmedabad.
Maitrey Patel
 
Penify - Let AI do the Documentation, you write the Code.
Penify - Let AI do the Documentation, you write the Code.Penify - Let AI do the Documentation, you write the Code.
Penify - Let AI do the Documentation, you write the Code.
KrishnaveniMohan1
 

Recently uploaded (20)

Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
 
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
 
What is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdfWhat is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdf
 
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdfBaha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
 
bgiolcb
bgiolcbbgiolcb
bgiolcb
 
Superpower Your Apache Kafka Applications Development with Complementary Open...
Superpower Your Apache Kafka Applications Development with Complementary Open...Superpower Your Apache Kafka Applications Development with Complementary Open...
Superpower Your Apache Kafka Applications Development with Complementary Open...
 
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
 
Strengthening Web Development with CommandBox 6: Seamless Transition and Scal...
Strengthening Web Development with CommandBox 6: Seamless Transition and Scal...Strengthening Web Development with CommandBox 6: Seamless Transition and Scal...
Strengthening Web Development with CommandBox 6: Seamless Transition and Scal...
 
What’s New in VictoriaLogs - Q2 2024 Update
What’s New in VictoriaLogs - Q2 2024 UpdateWhat’s New in VictoriaLogs - Q2 2024 Update
What’s New in VictoriaLogs - Q2 2024 Update
 
How GenAI Can Improve Supplier Performance Management.pdf
How GenAI Can Improve Supplier Performance Management.pdfHow GenAI Can Improve Supplier Performance Management.pdf
How GenAI Can Improve Supplier Performance Management.pdf
 
42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert
 
Software Test Automation - A Comprehensive Guide on Automated Testing.pdf
Software Test Automation - A Comprehensive Guide on Automated Testing.pdfSoftware Test Automation - A Comprehensive Guide on Automated Testing.pdf
Software Test Automation - A Comprehensive Guide on Automated Testing.pdf
 
Refactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contextsRefactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contexts
 
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
 
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptxMigration From CH 1.0 to CH 2.0 and  Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
 
TheFutureIsDynamic-BoxLang-CFCamp2024.pdf
TheFutureIsDynamic-BoxLang-CFCamp2024.pdfTheFutureIsDynamic-BoxLang-CFCamp2024.pdf
TheFutureIsDynamic-BoxLang-CFCamp2024.pdf
 
Streamlining End-to-End Testing Automation
Streamlining End-to-End Testing AutomationStreamlining End-to-End Testing Automation
Streamlining End-to-End Testing Automation
 
ACE - Team 24 Wrapup event at ahmedabad.
ACE - Team 24 Wrapup event at ahmedabad.ACE - Team 24 Wrapup event at ahmedabad.
ACE - Team 24 Wrapup event at ahmedabad.
 
Penify - Let AI do the Documentation, you write the Code.
Penify - Let AI do the Documentation, you write the Code.Penify - Let AI do the Documentation, you write the Code.
Penify - Let AI do the Documentation, you write the Code.
 

PaaSword-Business Cases

  • 1. www.paasword.eu Business Cases Dr. Simone Braun CAS Software AG PaaSword CS-IFG Workshop Nov 10, 2016, Athens, Greece
  • 2. Business Validation & Use Cases Five industry-driven pilots in different business application areas Data Protection in a Multi-tenant xRM Platform (CAS) Secure Sensor Data Fusion and Analytics (SIEMENS) Protection of Sensitive Enterprise Information in a Multi-tenant ERP Environment (Singular Logic) Encrypted Persistency as PaaS/IaaS Service (SixSq) Qualified e-Delivery Service (UBITECH) PaaSword10/11/2016 2
  • 3. BUSINESS CASE: DATA PROTECTION IN A MULTI-TENANT XRM PLATFORM Simone Braun & Sebastian Schork – CAS PaaSword10/11/2016 3
  • 4. CRM / xRM Domain Security Challenges CRM / xRM solutions store, link and process large amount of personal and customer data as well as sensitive enterprise data Huge variety of data types with varying need for security Availability everywhere and at any time CRM / xRM developers are non-security experts PaaSword10/11/2016 4
  • 5. Benefits from PaaSword Secure Key Management ensures maximum control over data usage Context-aware access control and encryption for specific highly sensitive data and business operations  Perfectly fitting customers’ security requirements Security-by-design approach enables non-security experts to implement security-aware CRM / xRM solutions PaaSword10/11/2016 5
  • 6. BUSINESS CASE: SECURE SENSOR DATA FUSION AND ANALYTICS George Moldovan – SIEMENS PaaSword10/11/2016 6
  • 7. Internet of Things, Industrial Monitoring, Smart X Domain Security Challenges Industrial and governmental clients, services assume being able to process data on site or central Deficiencies in the (custom) applications operating on the data can expose unrelated clients or the underlying infrastructure and resources to security threats Joint collaboration on specific topics requiring flexibility in defining access to the required resources, as well as non-repudiation regarding actions taken Deploying/customizing applications running on the Siemens infrastructure should require validation/checking mechanisms in order to ensure a minimum compliance regarding privacy and security PaaSword18/11/2016 7
  • 8. Benefits from PaaSword Flexible policy models and per-instance (deployment/client) specific changes – configurable by the end-clients  allowing the more control over how and where the data can be accessed Transparency in provided security and privacy-related mechanisms offloading time and resources from the (normal, not security-professional) developers and their related entities through the use of annotation Proactive, contextual anomaly detection PaaSword18/11/2016 8
  • 9. BUSINESS CASE: PROTECTION OF SENSITIVE ENTERPRISE INFORMATION IN A MULTI-TENANT ERP ENVIRONMENT Giannis Ledakis – Singular Logic PaaSword10/11/2016 9
  • 10. ERP Domain Security Challenges ERPs usually store information that can be confidential and sensitive Data protection is of high importance for any ERP and sensitive data should be encrypted Multi-tenancy is supported by running one-schema-per- tenant in the same installation Exposure of the data of a tenant to other tenants or to a third party is the main security consideration Access management mechanism is important for protecting user accounts PaaSword11/18/2016 10
  • 11. Benefits from PaaSword Support for a searchable encryption of the database Distribution of database to increase data level security Providing context-aware access control to protect user accounts Easy enablement of security aspects through annotations on code level  Increasing the provided security to the customers PaaSword11/18/2016 11
  • 12. BUSINESS CASE: ENCRYPTED PERSISTENCY AS PAAS/IAAS SERVICE Charles Loomis - SixSq PaaSword10/11/2016 12
  • 13. PaaS Providers Data protection and security for cloud applications are concerns for nearly all developers/operators. In the spirit of PaaS providers exposing high-level services to developers/operator, PaaSword components can be made available through the PaaS Benefits: Less costly than developing components “in house” Faster “time-to-market” for new applications More confidence in using validated framework Additional flexibility from policy-based authorization PaaSword11/18/2016 13
  • 14. BUSINESS CASE: QUALIFIED E-DELIVERY SERVICE Panagiotis Gouvas – UBITECH Ltd PaaSword10/11/2016 14
  • 15. eDelivery Security Challenges Context e-Delivery refers to the qualified electronic delivery of data (e.g. documents and invoices) between two organizations Qualified e-Delivery requires specific guarantees e-Signing, e-Timestamping, e-Sealing of all steps Challenges Dominant model of e-Delivery Platform is SaaS Increased need for encrypting e-delivery payloads Compliance is very strict GPDR has tremendous impact on SaaS providers PaaSword10/11/2016 15
  • 16. Benefits from PaaSword Transparent searchable encryption of e-Delivery metadata Dynamic update of Policies and Models with zero downtime Acceleration to compliance (GDPR) PaaSword10/11/2016 16
  • 17. ASSISTING THE EU GENERAL DATA PROTECTION REGULATION (GDPR) PaaSword10/11/2016 17
  • 18. Motivation The new data protection regulation (GDPR) will enter into force on 25 May 2018 be valid for public and private sector Directly effective in Member States without the need for implementing legislation The GDPR will apply to organizations (data processors or data controllers) which have EU “establishments”, where personal data are processed “in the context of the activities” of such an establishment, irrespective of whether the actual data processing takes place in the EU or not Non-compliance can lead to a high administrative fine up to either €20 Mio. or 4% of global annual turnover (the higher one) 09/2016 PaaSword 18
  • 19. New Concepts Personal Data Breach – a new security breach communication law Data protection by design and accountability – organizations have to demonstrate their GDPR compliance Enhanced rights – including the right to be forgotten, data portability rights and the right to object to automated decision making Supervisory authorities and the EDPB – introduction of a new single point of reference for multi-national groups 09/2016 PaaSword 19
  • 20. Assisting GDPR Adoption How PaaSword contributes in the acceleration of GDPR adoption? Data Security and Processing Data Breach communication by the data processor Data protection by design / default and accountability Right of Informedness Right to be forgotten PaaSword10/11/2016 20
  • 21. How PaaSword Helps Data Security and Processing: PaaSword Key Management, DB Encryption and Context-aware Access Control provide measures to ensure data security and prevent processing that violates the GDPR Data Breach communication by the data processor: PaaSword Encryption as appropriate technical and organizational protection measures PaaSword10/11/2016 21
  • 22. How PaaSword Helps Data protection by design / default and accountability: Privacy by default with PaaSword Key Management and Encryption Privacy by design with PaaSword code and data model annotations and their enforcement through the framework middleware PaaSword Pilot Demonstrators as best practices and demonstrations of compliance Framework as a basis to fulfill certification requirements PaaSword10/11/2016 22
  • 23. How PaaSword Helps Right of informedness Annotated data model can be automatically analyzed to identify contained personally identifiable information Increased transparency, also regarding data processing by applications Right to be forgotten Shared key ownership allows every owning party to make information inaccessible by deleting the owned key part (“erase”) PaaSword10/11/2016 23
  • 24. Conclusion Higher privacy with distributed searchable encryption at DB layer Increased user control and less dependency on cloud provider with tenant-controlled Key Management Appropriate access control with context-awareness and flexible Policy Management Easier development of secure cloud applications for non- security experts with comprehensive Annotation Framework  Making cloud solutions more attractive and ready for the EU General Data Protection Regulation 10/11/2016 24
  • 25. 10/11/2016 25 Questions? Visit us: www.paasword.euAcknowledgements: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814. PaaSword