Igor Zboran, profile picture
Uploaded byIgor Zboran
PPTX, PDF708 views

Cloud Computing & Privacy Protection

This document discusses cloud computing and privacy protection. It describes various cloud computing models including IaaS, PaaS, and SaaS. While cloud computing provides benefits like reduced costs, it also raises issues around security and privacy. The document proposes an identity-based encryption and identity management model using technologies like OAuth2 and OpenID Connect to help address privacy concerns when using cloud computing.

Embed presentation

Downloaded 39 times
Cloud Computing & Privacy Protection 07/2013
Cloud Computing • Infrastructure-as-a-Service (IaaS) • Platform-as-a-Service (PaaS) • Software-as-a-Service (SaaS) • Public Cloud • Private Cloud • Hybrid Cloud
Cloud Computing (cont.) Major Benefits: • • • • • reduce capital cost (CAPEX -> OPEX) focus on core business access from anywhere divest infrastructure management enterprise technology
Cloud Computing (cont.) Issues: • security / privacy • compliance • legal
Cloud Computing - Security Concerns Security vs. Privacy • Security – overall information protection • Privacy – individual information governance • Cloud Computing & Security – meet very well • Cloud Computing & Privacy – contradictory
Cloud Computing - Security Concerns (cont.) • Business information • Personal information Privacy is the issue!
Cloud Computing - Security Concerns (cont.) Encryption is one of the most effective data protection techniques. • Security Data at Rest Encryption, Data in Transit Encryption • Privacy Data in Use Encryption
Data Encryption & Privacy Preserving Challenges: • Data Storage/Sharing & Privacy preserving • Cloud Computing technology integration • Decentralized Identity Management • Multi-trusted domain model
Proposed model Identity-Based Encryption & Identity Management • Identity-Based Key Generator + OpenID Connect/OAuth2 • Identity provider (OpenID Connect/OAuth2) • Client-side zero-knowledge encryption
Proposed model (cont.) • Identity-Based Encryption - no passwords, no certificates, e-mail address • Identity identifier - e-mail address • OAuth2 - open standard for authorization • OpenID Connect - decentralized and secure authentication system on top of OAuth2
Proposed model (cont.) Identity-Based Encryption is as strong as Identity Management itself!
Business model I. Customer User Agent (Browser) Identity/OAuth Provider + Data/App Provider Identity-Based SecaaS Provider Google, Microsoft, Oracle, Dropbox Cisco, Symantec
Business model II. Patient, Physician, … User Agent (Browser) Data/App Provider Identity/OAuth Provider + Identity-Based SecaaS Provider Cloud Computing Health Service Hospital, Clinic, …
Technology • • • • NIST SHA-256, AES-256, CTR-DRBG-256 OpenSSL FIPS 140-2 validated OAuth 2.0 Identity Provider OpenID Connect Provider
Pros • usability (no passwords, no certificates) • no certificates management (creation, storage, distribution, revocation) • lost key prevention • IBE like features, key escrow/fair encryption, no need for receiver’s public key before encryption • no IBE revocation problem (online service)
Cons • online service • master key security
Opportunities • • • • • • • • • • • Data Storage / Sharing Health Records / Medical Data Sharing Big Data Data Boxes Databases Reporting / Business Intelligence Management Information System e-mail eForms / Workflow Document Management / Workflow Internet of Things
Featured links • www.leadict.com • igi64.github.io

More Related Content

PDF
Overview of Data Loss Prevention Policies in Office 365
byDock 365
 
PDF
Identity-Based Privacy (IBP) - Cloud Computing and Privacy Protection
byIgor Zboran
 
PPTX
Identity-Based Privacy (IBP)
byIgor Zboran
 
PDF
Internet of Everything & WebRTC
byIgor Zboran
 
PPTX
Dutch Microsoft & Security Meetup - How to protect my data in Office 365?
byMaarten Eekels
 
PPTX
Security in Cloud Computing
byRohit Buddabathina
 
PPTX
Cloud computing security
byTeja Babu
 
PPTX
Azure Information Protection at the Cybercrime and Security Forum 2018
byAlbert Hoitingh
 
Overview of Data Loss Prevention Policies in Office 365
byDock 365
 
Identity-Based Privacy (IBP) - Cloud Computing and Privacy Protection
byIgor Zboran
 
Identity-Based Privacy (IBP)
byIgor Zboran
 
Internet of Everything & WebRTC
byIgor Zboran
 
Dutch Microsoft & Security Meetup - How to protect my data in Office 365?
byMaarten Eekels
 
Security in Cloud Computing
byRohit Buddabathina
 
Cloud computing security
byTeja Babu
 
Azure Information Protection at the Cybercrime and Security Forum 2018
byAlbert Hoitingh
 

What's hot

PPTX
Cloud Encryption
byRituparnaNag
 
PPTX
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
byProofpoint
 
PPT
On technical security issues in cloud computing
bysashi799
 
PDF
Introducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
byVistara
 
PDF
Discover - Securing Your Hybrid Cloud
byLaurenWendler
 
PPTX
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
by☁️ Gustavo Magella
 
PPTX
Overview of Microsoft Teams and Data Loss Prevention(DLP)
byRadhakrishnan Govindan
 
PDF
Discover - Securing Your Hybrid Cloud
byLaurenWendler
 
PDF
Azure IoT Hub: what is it and why we select other solution (production projec...
byKatherine Golovinova
 
PPTX
Webinar Express: What is a CASB?
byBitglass
 
PPTX
Wadoop vivek shrivastava
byData Con LA
 
PPTX
Automating Document Information Extraction and Content Understanding​
byHenrik Brattlie
 
PDF
Cryptolab cse datasheet v1.1.pdf
byMassimo Bertaccini
 
PPTX
Security in cloud computing
byAbhishek Kumar Sinha
 
PDF
Cloud Computing v.s. Cyber Security
byBahtiyar Bircan
 
PDF
SHIP Brochure
byPati Ross-Concepcion
 
PDF
IoT Cloud Overview
byEmertxe Information Technologies Pvt Ltd
 
PPTX
How to make the move towards hybrid cloud computing
byDavid Strom
 
PPTX
Intelligent Security, Compliance and Privacy in Office 365
byMiguel Isidoro
 
PPTX
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
byEdge Pereira
 
Cloud Encryption
byRituparnaNag
 
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
byProofpoint
 
On technical security issues in cloud computing
bysashi799
 
Introducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
byVistara
 
Discover - Securing Your Hybrid Cloud
byLaurenWendler
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
by☁️ Gustavo Magella
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
byRadhakrishnan Govindan
 
Discover - Securing Your Hybrid Cloud
byLaurenWendler
 
Azure IoT Hub: what is it and why we select other solution (production projec...
byKatherine Golovinova
 
Webinar Express: What is a CASB?
byBitglass
 
Wadoop vivek shrivastava
byData Con LA
 
Automating Document Information Extraction and Content Understanding​
byHenrik Brattlie
 
Cryptolab cse datasheet v1.1.pdf
byMassimo Bertaccini
 
Security in cloud computing
byAbhishek Kumar Sinha
 
Cloud Computing v.s. Cyber Security
byBahtiyar Bircan
 
SHIP Brochure
byPati Ross-Concepcion
 
IoT Cloud Overview
byEmertxe Information Technologies Pvt Ltd
 
How to make the move towards hybrid cloud computing
byDavid Strom
 
Intelligent Security, Compliance and Privacy in Office 365
byMiguel Isidoro
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
byEdge Pereira
 

Similar to Cloud Computing & Privacy Protection

PPTX
Cloud Computing (1).pptx
byGokulNair86
 
PDF
Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checki...
byrahulmonikasharma
 
PDF
Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checki...
byrahulmonikasharma
 
PDF
Privacy Preserving Identity Management as a Service
bycygnusv
 
PDF
Security of Data in Cloud Environment Using DPaaS
byIJMER
 
PDF
Data Security Model Enhancement In Cloud Environment
byIOSR Journals
 
PPTX
Data security in cloud computing
byPrince Chandu
 
PPTX
IdM vs. IDaaS
byDrew Koenig
 
PPT
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
bygueste4e93e3
 
PPTX
Brave new world of encryption v1
byKhazret Sapenov
 
PPTX
Winkler Cloud, ORCON, and Mobility
byVic Winkler
 
PPT
Up 2011-ken huang
byKen Huang
 
PPTX
Data security in Hybrid Cloud Computing
byAnushkae0001
 
PDF
The Intersection of Identity Management and Cloud Computing
byHitachi ID Systems, Inc.
 
PDF
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
byIJERD Editor
 
PDF
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
byIJCNCJournal
 
PPT
Lecture31.ppt
byamanyosama21
 
PPTX
IAM.pptxIAM.pptxIAM.pptxIAM.pptxIAM.pptx
byGangujyothi
 
PPT
Cloud ID
byOpenSourceCamp
 
DOCX
Directions Answer each question individual and respond with full .docx
bymariona83
 
Cloud Computing (1).pptx
byGokulNair86
 
Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checki...
byrahulmonikasharma
 
Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checki...
byrahulmonikasharma
 
Privacy Preserving Identity Management as a Service
bycygnusv
 
Security of Data in Cloud Environment Using DPaaS
byIJMER
 
Data Security Model Enhancement In Cloud Environment
byIOSR Journals
 
Data security in cloud computing
byPrince Chandu
 
IdM vs. IDaaS
byDrew Koenig
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
bygueste4e93e3
 
Brave new world of encryption v1
byKhazret Sapenov
 
Winkler Cloud, ORCON, and Mobility
byVic Winkler
 
Up 2011-ken huang
byKen Huang
 
Data security in Hybrid Cloud Computing
byAnushkae0001
 
The Intersection of Identity Management and Cloud Computing
byHitachi ID Systems, Inc.
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
byIJERD Editor
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
byIJCNCJournal
 
Lecture31.ppt
byamanyosama21
 
IAM.pptxIAM.pptxIAM.pptxIAM.pptxIAM.pptx
byGangujyothi
 
Cloud ID
byOpenSourceCamp
 
Directions Answer each question individual and respond with full .docx
bymariona83
 

Recently uploaded

PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
PDF
MuleSoft Vibes is an AI-powered assistant
byVikalp Bhalia
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
cybercrime in Information security .pptx
byismaeelsahib032
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
The year in review - MarvelClient in 2025
bypanagenda
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
API206-S: Transforming Supply Chains with Amazon Bedrock AgentCore - AWS re:I...
byChris Bingham
 
MuleSoft Vibes is an AI-powered assistant
byVikalp Bhalia
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 

Cloud Computing & Privacy Protection

  • 1.
  • 2.
    Cloud Computing • Infrastructure-as-a-Service(IaaS) • Platform-as-a-Service (PaaS) • Software-as-a-Service (SaaS) • Public Cloud • Private Cloud • Hybrid Cloud
  • 3.
    Cloud Computing (cont.) MajorBenefits: • • • • • reduce capital cost (CAPEX -> OPEX) focus on core business access from anywhere divest infrastructure management enterprise technology
  • 4.
    Cloud Computing (cont.) Issues: •security / privacy • compliance • legal
  • 5.
    Cloud Computing -Security Concerns Security vs. Privacy • Security – overall information protection • Privacy – individual information governance • Cloud Computing & Security – meet very well • Cloud Computing & Privacy – contradictory
  • 6.
    Cloud Computing -Security Concerns (cont.) • Business information • Personal information Privacy is the issue!
  • 7.
    Cloud Computing -Security Concerns (cont.) Encryption is one of the most effective data protection techniques. • Security Data at Rest Encryption, Data in Transit Encryption • Privacy Data in Use Encryption
  • 8.
    Data Encryption &Privacy Preserving Challenges: • Data Storage/Sharing & Privacy preserving • Cloud Computing technology integration • Decentralized Identity Management • Multi-trusted domain model
  • 9.
    Proposed model Identity-Based Encryption& Identity Management • Identity-Based Key Generator + OpenID Connect/OAuth2 • Identity provider (OpenID Connect/OAuth2) • Client-side zero-knowledge encryption
  • 10.
    Proposed model (cont.) •Identity-Based Encryption - no passwords, no certificates, e-mail address • Identity identifier - e-mail address • OAuth2 - open standard for authorization • OpenID Connect - decentralized and secure authentication system on top of OAuth2
  • 11.
    Proposed model (cont.) Identity-BasedEncryption is as strong as Identity Management itself!
  • 12.
    Business model I. Customer UserAgent (Browser) Identity/OAuth Provider + Data/App Provider Identity-Based SecaaS Provider Google, Microsoft, Oracle, Dropbox Cisco, Symantec
  • 13.
    Business model II. Patient,Physician, … User Agent (Browser) Data/App Provider Identity/OAuth Provider + Identity-Based SecaaS Provider Cloud Computing Health Service Hospital, Clinic, …
  • 14.
    Technology • • • • NIST SHA-256, AES-256,CTR-DRBG-256 OpenSSL FIPS 140-2 validated OAuth 2.0 Identity Provider OpenID Connect Provider
  • 15.
    Pros • usability (nopasswords, no certificates) • no certificates management (creation, storage, distribution, revocation) • lost key prevention • IBE like features, key escrow/fair encryption, no need for receiver’s public key before encryption • no IBE revocation problem (online service)
  • 16.
    Cons • online service •master key security
  • 17.
    Opportunities • • • • • • • • • • • Data Storage /Sharing Health Records / Medical Data Sharing Big Data Data Boxes Databases Reporting / Business Intelligence Management Information System e-mail eForms / Workflow Document Management / Workflow Internet of Things
  • 18.