SlideShare a Scribd company logo

Cloud Computing & Privacy Protection

Download as PPTX, PDF
Igor Zboran
Igor Zboran
TechnologyBusiness
1 of 18
Cloud Computing & Privacy Protection 07/2013
Cloud Computing • Infrastructure-as-a-Service (IaaS) • Platform-as-a-Service (PaaS) • Software-as-a-Service (SaaS) • Public Cloud • Private Cloud • Hybrid Cloud
Cloud Computing (cont.) Major Benefits: • • • • • reduce capital cost (CAPEX -> OPEX) focus on core business access from anywhere divest infrastructure management enterprise technology
Cloud Computing (cont.) Issues: • security / privacy • compliance • legal
Cloud Computing - Security Concerns Security vs. Privacy • Security – overall information protection • Privacy – individual information governance • Cloud Computing & Security – meet very well • Cloud Computing & Privacy – contradictory
Cloud Computing - Security Concerns (cont.) • Business information • Personal information Privacy is the issue!
Cloud Computing - Security Concerns (cont.) Encryption is one of the most effective data protection techniques. • Security Data at Rest Encryption, Data in Transit Encryption • Privacy Data in Use Encryption
Data Encryption & Privacy Preserving Challenges: • Data Storage/Sharing & Privacy preserving • Cloud Computing technology integration • Decentralized Identity Management • Multi-trusted domain model
Proposed model Identity-Based Encryption & Identity Management • Identity-Based Key Generator + OpenID Connect/OAuth2 • Identity provider (OpenID Connect/OAuth2) • Client-side zero-knowledge encryption
Proposed model (cont.) • Identity-Based Encryption - no passwords, no certificates, e-mail address • Identity identifier - e-mail address • OAuth2 - open standard for authorization • OpenID Connect - decentralized and secure authentication system on top of OAuth2
Proposed model (cont.) Identity-Based Encryption is as strong as Identity Management itself!
Business model I. Customer User Agent (Browser) Identity/OAuth Provider + Data/App Provider Identity-Based SecaaS Provider Google, Microsoft, Oracle, Dropbox Cisco, Symantec
Business model II. Patient, Physician, … User Agent (Browser) Data/App Provider Identity/OAuth Provider + Identity-Based SecaaS Provider Cloud Computing Health Service Hospital, Clinic, …
Technology • • • • NIST SHA-256, AES-256, CTR-DRBG-256 OpenSSL FIPS 140-2 validated OAuth 2.0 Identity Provider OpenID Connect Provider
Pros • usability (no passwords, no certificates) • no certificates management (creation, storage, distribution, revocation) • lost key prevention • IBE like features, key escrow/fair encryption, no need for receiver’s public key before encryption • no IBE revocation problem (online service)
Cons • online service • master key security
Opportunities • • • • • • • • • • • Data Storage / Sharing Health Records / Medical Data Sharing Big Data Data Boxes Databases Reporting / Business Intelligence Management Information System e-mail eForms / Workflow Document Management / Workflow Internet of Things
Featured links • www.leadict.com • igi64.github.io

Recommended

Identity-Based Privacy (IBP) - Cloud Computing and Privacy Protection
Identity-Based Privacy (IBP) - Cloud Computing and Privacy ProtectionIdentity-Based Privacy (IBP) - Cloud Computing and Privacy Protection
Identity-Based Privacy (IBP) - Cloud Computing and Privacy ProtectionIgor Zboran
 
Identity-Based Privacy (IBP)
Identity-Based Privacy (IBP)Identity-Based Privacy (IBP)
Identity-Based Privacy (IBP)Igor Zboran
 
Internet of Everything & WebRTC
Internet of Everything & WebRTCInternet of Everything & WebRTC
Internet of Everything & WebRTCIgor Zboran
 
Dutch Microsoft & Security Meetup - How to protect my data in Office 365?
Dutch Microsoft & Security Meetup - How to protect my data in Office 365?Dutch Microsoft & Security Meetup - How to protect my data in Office 365?
Dutch Microsoft & Security Meetup - How to protect my data in Office 365?Maarten Eekels
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud ComputingRohit Buddabathina
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Teja Babu
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
Azure Information Protection at the Cybercrime and Security Forum 2018
Azure Information Protection at the Cybercrime and Security Forum 2018Azure Information Protection at the Cybercrime and Security Forum 2018
Azure Information Protection at the Cybercrime and Security Forum 2018Albert Hoitingh
 

Recommended

Identity-Based Privacy (IBP) - Cloud Computing and Privacy Protection
Identity-Based Privacy (IBP) - Cloud Computing and Privacy ProtectionIdentity-Based Privacy (IBP) - Cloud Computing and Privacy Protection
Identity-Based Privacy (IBP) - Cloud Computing and Privacy ProtectionIgor Zboran
 
Identity-Based Privacy (IBP)
Identity-Based Privacy (IBP)Identity-Based Privacy (IBP)
Identity-Based Privacy (IBP)Igor Zboran
 
Internet of Everything & WebRTC
Internet of Everything & WebRTCInternet of Everything & WebRTC
Internet of Everything & WebRTCIgor Zboran
 
Dutch Microsoft & Security Meetup - How to protect my data in Office 365?
Dutch Microsoft & Security Meetup - How to protect my data in Office 365?Dutch Microsoft & Security Meetup - How to protect my data in Office 365?
Dutch Microsoft & Security Meetup - How to protect my data in Office 365?Maarten Eekels
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud ComputingRohit Buddabathina
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Teja Babu
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
Azure Information Protection at the Cybercrime and Security Forum 2018
Azure Information Protection at the Cybercrime and Security Forum 2018Azure Information Protection at the Cybercrime and Security Forum 2018
Azure Information Protection at the Cybercrime and Security Forum 2018Albert Hoitingh
 
Cloud Encryption
Cloud EncryptionCloud Encryption
Cloud EncryptionRituparnaNag
 
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Proofpoint
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computingsashi799
 
Introducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
Introducing Vistara 3.0 - Hybrid IT Service Management for the CloudIntroducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
Introducing Vistara 3.0 - Hybrid IT Service Management for the CloudVistara
 
Discover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudDiscover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudLaurenWendler
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Discover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudDiscover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudLaurenWendler
 
Azure IoT Hub: what is it and why we select other solution (production projec...
Azure IoT Hub: what is it and why we select other solution (production projec...Azure IoT Hub: what is it and why we select other solution (production projec...
Azure IoT Hub: what is it and why we select other solution (production projec...Katherine Golovinova
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Bitglass
 
Wadoop vivek shrivastava
Wadoop vivek shrivastavaWadoop vivek shrivastava
Wadoop vivek shrivastavaData Con LA
 
Automating Document Information Extraction and Content Understanding​
Automating Document Information Extraction and Content Understanding​Automating Document Information Extraction and Content Understanding​
Automating Document Information Extraction and Content Understanding​Henrik Brattlie
 
Cryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdfCryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdfMassimo Bertaccini
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingAbhishek Kumar Sinha
 
Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security Bahtiyar Bircan
 
SHIP Brochure
SHIP BrochureSHIP Brochure
SHIP BrochurePati Ross-Concepcion
 
IoT Cloud Overview
IoT Cloud OverviewIoT Cloud Overview
IoT Cloud OverviewEmertxe Information Technologies Pvt Ltd
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingDavid Strom
 
Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Miguel Isidoro
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge Pereira
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeCloudHesive
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 

More Related Content

What's hot

Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Proofpoint
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computingsashi799
 
Introducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
Introducing Vistara 3.0 - Hybrid IT Service Management for the CloudIntroducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
Introducing Vistara 3.0 - Hybrid IT Service Management for the CloudVistara
 
Discover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudDiscover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudLaurenWendler
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Discover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudDiscover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudLaurenWendler
 
Azure IoT Hub: what is it and why we select other solution (production projec...
Azure IoT Hub: what is it and why we select other solution (production projec...Azure IoT Hub: what is it and why we select other solution (production projec...
Azure IoT Hub: what is it and why we select other solution (production projec...Katherine Golovinova
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Bitglass
 
Wadoop vivek shrivastava
Wadoop vivek shrivastavaWadoop vivek shrivastava
Wadoop vivek shrivastavaData Con LA
 
Automating Document Information Extraction and Content Understanding​
Automating Document Information Extraction and Content Understanding​Automating Document Information Extraction and Content Understanding​
Automating Document Information Extraction and Content Understanding​Henrik Brattlie
 
Cryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdfCryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdfMassimo Bertaccini
 
Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security Bahtiyar Bircan
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingDavid Strom
 
Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Miguel Isidoro
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge Pereira
 

What's hot (20)

Cloud Encryption
Cloud EncryptionCloud Encryption
Cloud Encryption
 
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computing
 
Introducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
Introducing Vistara 3.0 - Hybrid IT Service Management for the CloudIntroducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
Introducing Vistara 3.0 - Hybrid IT Service Management for the Cloud
 
Discover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudDiscover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid Cloud
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)
 
Discover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudDiscover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid Cloud
 
Azure IoT Hub: what is it and why we select other solution (production projec...
Azure IoT Hub: what is it and why we select other solution (production projec...Azure IoT Hub: what is it and why we select other solution (production projec...
Azure IoT Hub: what is it and why we select other solution (production projec...
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
 
Wadoop vivek shrivastava
Wadoop vivek shrivastavaWadoop vivek shrivastava
Wadoop vivek shrivastava
 
Automating Document Information Extraction and Content Understanding​
Automating Document Information Extraction and Content Understanding​Automating Document Information Extraction and Content Understanding​
Automating Document Information Extraction and Content Understanding​
 
Cryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdfCryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdf
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security
 
SHIP Brochure
SHIP BrochureSHIP Brochure
SHIP Brochure
 
IoT Cloud Overview
IoT Cloud OverviewIoT Cloud Overview
IoT Cloud Overview
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computing
 
Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
 

Similar to Cloud Computing & Privacy Protection

Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeCloudHesive
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 
dtechnClouologyassociatepart2
dtechnClouologyassociatepart2dtechnClouologyassociatepart2
dtechnClouologyassociatepart2Anne Starr
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingRobert Herjavec
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud SecurityAlert Logic
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23Rolf Koski
 
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...Amazon Web Services
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Cloudhnologysstecociat
CloudhnologysstecociatCloudhnologysstecociat
CloudhnologysstecociatAnne Starr
 
When Your CISO Says No - Security & Compliance in Office 365
When Your CISO Says No - Security & Compliance in Office 365When Your CISO Says No - Security & Compliance in Office 365
When Your CISO Says No - Security & Compliance in Office 365Ricardo Wilkins
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
KoprowskiT_SQLSatMoscow_WASDforBeginners
KoprowskiT_SQLSatMoscow_WASDforBeginnersKoprowskiT_SQLSatMoscow_WASDforBeginners
KoprowskiT_SQLSatMoscow_WASDforBeginnersTobias Koprowski
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
IntroductorytocomputingAnne Starr
 
Cloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving itCloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving itHentsū
 

Similar to Cloud Computing & Privacy Protection (20)

Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our Time
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
 
dtechnClouologyassociatepart2
dtechnClouologyassociatepart2dtechnClouologyassociatepart2
dtechnClouologyassociatepart2
 
Rubik cloud risks-jun2012
Rubik cloud risks-jun2012Rubik cloud risks-jun2012
Rubik cloud risks-jun2012
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23
 
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Cloudhnologysstecociat
CloudhnologysstecociatCloudhnologysstecociat
Cloudhnologysstecociat
 
When Your CISO Says No - Security & Compliance in Office 365
When Your CISO Says No - Security & Compliance in Office 365When Your CISO Says No - Security & Compliance in Office 365
When Your CISO Says No - Security & Compliance in Office 365
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
 
KoprowskiT_SQLSatMoscow_WASDforBeginners
KoprowskiT_SQLSatMoscow_WASDforBeginnersKoprowskiT_SQLSatMoscow_WASDforBeginners
KoprowskiT_SQLSatMoscow_WASDforBeginners
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
Introductorytocomputing
 
Cloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving itCloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving it
 

Recently uploaded

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Recently uploaded (20)

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Cloud Computing & Privacy Protection

  • 2. Cloud Computing • Infrastructure-as-a-Service (IaaS) • Platform-as-a-Service (PaaS) • Software-as-a-Service (SaaS) • Public Cloud • Private Cloud • Hybrid Cloud
  • 3. Cloud Computing (cont.) Major Benefits: • • • • • reduce capital cost (CAPEX -> OPEX) focus on core business access from anywhere divest infrastructure management enterprise technology
  • 4. Cloud Computing (cont.) Issues: • security / privacy • compliance • legal
  • 5. Cloud Computing - Security Concerns Security vs. Privacy • Security – overall information protection • Privacy – individual information governance • Cloud Computing & Security – meet very well • Cloud Computing & Privacy – contradictory
  • 6. Cloud Computing - Security Concerns (cont.) • Business information • Personal information Privacy is the issue!
  • 7. Cloud Computing - Security Concerns (cont.) Encryption is one of the most effective data protection techniques. • Security Data at Rest Encryption, Data in Transit Encryption • Privacy Data in Use Encryption
  • 8. Data Encryption & Privacy Preserving Challenges: • Data Storage/Sharing & Privacy preserving • Cloud Computing technology integration • Decentralized Identity Management • Multi-trusted domain model
  • 9. Proposed model Identity-Based Encryption & Identity Management • Identity-Based Key Generator + OpenID Connect/OAuth2 • Identity provider (OpenID Connect/OAuth2) • Client-side zero-knowledge encryption
  • 10. Proposed model (cont.) • Identity-Based Encryption - no passwords, no certificates, e-mail address • Identity identifier - e-mail address • OAuth2 - open standard for authorization • OpenID Connect - decentralized and secure authentication system on top of OAuth2
  • 11. Proposed model (cont.) Identity-Based Encryption is as strong as Identity Management itself!
  • 12. Business model I. Customer User Agent (Browser) Identity/OAuth Provider + Data/App Provider Identity-Based SecaaS Provider Google, Microsoft, Oracle, Dropbox Cisco, Symantec
  • 13. Business model II. Patient, Physician, … User Agent (Browser) Data/App Provider Identity/OAuth Provider + Identity-Based SecaaS Provider Cloud Computing Health Service Hospital, Clinic, …
  • 14. Technology • • • • NIST SHA-256, AES-256, CTR-DRBG-256 OpenSSL FIPS 140-2 validated OAuth 2.0 Identity Provider OpenID Connect Provider
  • 15. Pros • usability (no passwords, no certificates) • no certificates management (creation, storage, distribution, revocation) • lost key prevention • IBE like features, key escrow/fair encryption, no need for receiver’s public key before encryption • no IBE revocation problem (online service)
  • 16. Cons • online service • master key security
  • 17. Opportunities • • • • • • • • • • • Data Storage / Sharing Health Records / Medical Data Sharing Big Data Data Boxes Databases Reporting / Business Intelligence Management Information System e-mail eForms / Workflow Document Management / Workflow Internet of Things