SlideShare a Scribd company logo

No More Dark Clouds With PaaSword - An Innovative Security By Design Framework

PaaSword EU Project
PaaSword EU Project

Best Demo Award winning presentation given by Dr. Panagiotis Gouvas (UBITECH) at SME Event - Cloud Forward Conference 2016 on October 20 2016, Madrid, Spain.

Technology
1 of 16
Download to read offline
www.paasword.eu No More Dark Clouds With PaaSword – An Innovative Security By Design Framework Cloud Forward Conference Oct 18-20, 2016 – Madrid, Spain
Cloud Paradigm Shift The cloud paradigm has definitely prevailed Most application are delivered following the SaaS model Many developers rely on PaaS offerings for scalablity Nearly all underlying resources (DBs, Queues etc) are outsourced at the IaaS level Attack vectors have increased ‘Raw data’ are the modern hacker’s holy grail The responsibility for the protection of data has shifted to the developer PaaSword24/10/2016 2
60% of attacks target the database PaaSword24/10/2016 3
Data leaks PaaSword24/10/2016 4
Motivation – Security as an Enterprise Requirement Enterprises identify security concerns and data privacy as the most significant barriers of Cloud adoption; In addition: Compliance (e.g., legal, regulatory, industry-standard compliance) Cultural resistance Encryption and key management as top priority requirements [3] & [4] PaaSword24/10/2016 5 [3] P. Institute, “2015 Global Encryption & Key,” Thales, 2015. [4] CipherCloud, “Global cloud data security report - The authority on how to protect data in the cloud,” CipherCloud, 2015.
How shall we lower the barriers? Security concerns Protect confidential information Control access Trust cloud provider Secure Cloud Applications Data privacy Secure storage Encryption Trustable Key Management Control Access to data PaaSword 24/10/2016 6 PaaSword
Problem Areas Targeted Insufficient security and trust of cloud infrastructures and services Cloud application developers have difficulties specifying appropriate level of security Appropriate context-aware access control mechanisms for cloud applications Ensure protection, privacy and integrity of data stored in the cloud Prove applicability, usability, effectiveness and value of secure cloud platforms PaaSword24/10/2016 7
PaaSword Platform PaaSword24/10/2016 8
PaaSword Features A security-by-design framework which will allow developers to engineer secure applications Leverage the security and trust of data that reside on outsourced infrastructure Facilitate context-aware access to encrypted and (even) physically distributed datasets stored in the cloud Prove applicability, usability, effectiveness and value of our framework in real-life Cloud infrastructures, services and applications29/06/2016 9 PaaSProvider PaaSword API DBwith Indexersonencrypteddata QueriesusingSearchable Trusted IaaSProvider Adversary User Developer PublishesApplication Encryption Scheme usingPaaSword API encrypteddata PaaSword
Major Assets developed so far… A JAVA annotation library that can be used during development in order to annotate database models (using JPA) These annotations are translated during runtime to privacy constraints that drive the fragmentation of the database A virtual-database proxy that is able to handle any SQL query by translating it in the proper format based on the fragmentation scheme An XACML-compliant authorization engine that is able to perform reasoning prior to attribute-evaluation An integrated IDE environment where developers can submit and control their PaaSword-enabled applications PaaSword24/10/2016 10
Integration of Eclipse CHE IDE PaaSword24/10/2016 11
Native Integration with OpenStack PaaSword24/10/2016 12
Asset: Virtual Database Architecture PaaSword24/10/2016 13 Data Index2Index1 SQL SQLDatabase Proxy (trusted) SQL Cloud (untrusted) User / Application Data (not encrypted) Data (encrypted)
Model-driven Expression editing PaaSword24/10/2016 14
Interested in… ? Getting access to early results? Shaping and expanding PaaSword? Networking with leading companies & research institutes? Collaborating with us and the PaaSword Community? Join the Cloud Security Industrial Focus Group! Register at: https://www.paasword.eu/register/ 19PaaSword
PaaSword24/10/2016 20 Join our Industrial Focus Group Today! Visit us: www.paasword. eu Acknowledgements: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814.

Recommended

PaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword Presentation - Project Overview
PaaSword Presentation - Project Overview
PaaSword EU Project
 
PaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSword
PaaSword EU Project
 
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service FrameworkA Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
PaaSword EU Project
 
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find Them
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find ThemFantastic Beasts (aka Cloud Audit Issues) and Where to Find Them
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find Them
Suvabrata Sinha
 
Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...
Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...
Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...
Morgan Simonsen
 
Bloombase store safe bloombase, inc. - oracle cloud marketplace
Bloombase store safe bloombase, inc. - oracle cloud marketplaceBloombase store safe bloombase, inc. - oracle cloud marketplace
Bloombase store safe bloombase, inc. - oracle cloud marketplace
Bloombase
 
Is Pharma Ready for the Cloud?
Is Pharma Ready for the Cloud?Is Pharma Ready for the Cloud?
Is Pharma Ready for the Cloud?
CSols, Inc.
 
Oracle Product Catagories Authorized to Resell.
Oracle Product Catagories Authorized to Resell.Oracle Product Catagories Authorized to Resell.
Oracle Product Catagories Authorized to Resell.Mark Annala
 

Recommended

PaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword Presentation - Project Overview
PaaSword Presentation - Project Overview
PaaSword EU Project
 
PaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSword
PaaSword EU Project
 
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service FrameworkA Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
PaaSword EU Project
 
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find Them
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find ThemFantastic Beasts (aka Cloud Audit Issues) and Where to Find Them
Fantastic Beasts (aka Cloud Audit Issues) and Where to Find Them
Suvabrata Sinha
 
Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...
Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...
Turning off the lights - Going all in with the Public Cloud (Lumagate Nordic ...
Morgan Simonsen
 
Bloombase store safe bloombase, inc. - oracle cloud marketplace
Bloombase store safe bloombase, inc. - oracle cloud marketplaceBloombase store safe bloombase, inc. - oracle cloud marketplace
Bloombase store safe bloombase, inc. - oracle cloud marketplace
Bloombase
 
Is Pharma Ready for the Cloud?
Is Pharma Ready for the Cloud?Is Pharma Ready for the Cloud?
Is Pharma Ready for the Cloud?
CSols, Inc.
 
Oracle Product Catagories Authorized to Resell.
Oracle Product Catagories Authorized to Resell.Oracle Product Catagories Authorized to Resell.
Oracle Product Catagories Authorized to Resell.Mark Annala
 
01 milan roadshow keynote
01 milan roadshow keynote01 milan roadshow keynote
01 milan roadshow keynote
mlraviol
 
Launching a Highly-regulated Startup in the Public Cloud
Launching a Highly-regulated Startup in the Public CloudLaunching a Highly-regulated Startup in the Public Cloud
Launching a Highly-regulated Startup in the Public Cloud
Poornaprajna Udupi
 
8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb
ciphercloud1
 
Elastic Security Solution Brief
Elastic Security Solution BriefElastic Security Solution Brief
Elastic Security Solution Brief
Joseph DeFever
 
Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the Cloud
Amazon Web Services
 
Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overview
Mitchell Pronschinske
 
Oas un llamado a la accion
Oas un llamado a la accionOas un llamado a la accion
Oas un llamado a la accion
Marcela Cárdenas Hidalgo
 
Simplify security with Trend Micro's Managed Rules
Simplify security with Trend Micro's Managed RulesSimplify security with Trend Micro's Managed Rules
Simplify security with Trend Micro's Managed Rules
Amazon Web Services
 
MariaDB Vorstellung
MariaDB VorstellungMariaDB Vorstellung
MariaDB Vorstellung
MariaDB plc
 
Scaling towards a thousand micro services
Scaling towards a thousand micro servicesScaling towards a thousand micro services
Scaling towards a thousand micro services
Diego Berrueta
 
Safari cloud
Safari cloudSafari cloud
Safari cloud
Gabor Vincze
 
Cloud vs Desktop: What it means for Document Management - Accounting Business...
Cloud vs Desktop: What it means for Document Management - Accounting Business...Cloud vs Desktop: What it means for Document Management - Accounting Business...
Cloud vs Desktop: What it means for Document Management - Accounting Business...
John Woodbridge
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
Bitglass
 
Helix Brochure
Helix BrochureHelix Brochure
Helix BrochureWaseem Naik
 
Eskm & bloombase integration data security oct 16
Eskm & bloombase integration data security oct 16Eskm & bloombase integration data security oct 16
Eskm & bloombase integration data security oct 16
Bloombase
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
Bitglass
 
Secure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile LegionSecure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile Legion
Raphael Reitzig
 
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
Bloombase
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Under IaaS, the client is offered a virtual hardware resource
Under IaaS, the client is offered a virtual hardware resource Under IaaS, the client is offered a virtual hardware resource
Under IaaS, the client is offered a virtual hardware resource
thomasmperez
 
Presentation esl part 1 and tech part 1
Presentation esl part 1 and tech part 1Presentation esl part 1 and tech part 1
Presentation esl part 1 and tech part 1
Candice Clark
 
mamtalq
mamtalqmamtalq
mamtalqAlice Notarianni
 

More Related Content

What's hot

01 milan roadshow keynote
01 milan roadshow keynote01 milan roadshow keynote
01 milan roadshow keynote
mlraviol
 
Launching a Highly-regulated Startup in the Public Cloud
Launching a Highly-regulated Startup in the Public CloudLaunching a Highly-regulated Startup in the Public Cloud
Launching a Highly-regulated Startup in the Public Cloud
Poornaprajna Udupi
 
8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb
ciphercloud1
 
Elastic Security Solution Brief
Elastic Security Solution BriefElastic Security Solution Brief
Elastic Security Solution Brief
Joseph DeFever
 
Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the Cloud
Amazon Web Services
 
Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overview
Mitchell Pronschinske
 
Oas un llamado a la accion
Oas un llamado a la accionOas un llamado a la accion
Oas un llamado a la accion
Marcela Cárdenas Hidalgo
 
Simplify security with Trend Micro's Managed Rules
Simplify security with Trend Micro's Managed RulesSimplify security with Trend Micro's Managed Rules
Simplify security with Trend Micro's Managed Rules
Amazon Web Services
 
MariaDB Vorstellung
MariaDB VorstellungMariaDB Vorstellung
MariaDB Vorstellung
MariaDB plc
 
Scaling towards a thousand micro services
Scaling towards a thousand micro servicesScaling towards a thousand micro services
Scaling towards a thousand micro services
Diego Berrueta
 
Safari cloud
Safari cloudSafari cloud
Safari cloud
Gabor Vincze
 
Cloud vs Desktop: What it means for Document Management - Accounting Business...
Cloud vs Desktop: What it means for Document Management - Accounting Business...Cloud vs Desktop: What it means for Document Management - Accounting Business...
Cloud vs Desktop: What it means for Document Management - Accounting Business...
John Woodbridge
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
Bitglass
 
Eskm & bloombase integration data security oct 16
Eskm & bloombase integration data security oct 16Eskm & bloombase integration data security oct 16
Eskm & bloombase integration data security oct 16
Bloombase
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
Bitglass
 
Secure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile LegionSecure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile Legion
Raphael Reitzig
 
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
Bloombase
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Under IaaS, the client is offered a virtual hardware resource
Under IaaS, the client is offered a virtual hardware resource Under IaaS, the client is offered a virtual hardware resource
Under IaaS, the client is offered a virtual hardware resource
thomasmperez
 

What's hot (20)

01 milan roadshow keynote
01 milan roadshow keynote01 milan roadshow keynote
01 milan roadshow keynote
 
Launching a Highly-regulated Startup in the Public Cloud
Launching a Highly-regulated Startup in the Public CloudLaunching a Highly-regulated Startup in the Public Cloud
Launching a Highly-regulated Startup in the Public Cloud
 
8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb
 
Elastic Security Solution Brief
Elastic Security Solution BriefElastic Security Solution Brief
Elastic Security Solution Brief
 
Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the Cloud
 
Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overview
 
Oas un llamado a la accion
Oas un llamado a la accionOas un llamado a la accion
Oas un llamado a la accion
 
Simplify security with Trend Micro's Managed Rules
Simplify security with Trend Micro's Managed RulesSimplify security with Trend Micro's Managed Rules
Simplify security with Trend Micro's Managed Rules
 
MariaDB Vorstellung
MariaDB VorstellungMariaDB Vorstellung
MariaDB Vorstellung
 
Scaling towards a thousand micro services
Scaling towards a thousand micro servicesScaling towards a thousand micro services
Scaling towards a thousand micro services
 
Safari cloud
Safari cloudSafari cloud
Safari cloud
 
Cloud vs Desktop: What it means for Document Management - Accounting Business...
Cloud vs Desktop: What it means for Document Management - Accounting Business...Cloud vs Desktop: What it means for Document Management - Accounting Business...
Cloud vs Desktop: What it means for Document Management - Accounting Business...
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
 
Helix Brochure
Helix BrochureHelix Brochure
Helix Brochure
 
Eskm & bloombase integration data security oct 16
Eskm & bloombase integration data security oct 16Eskm & bloombase integration data security oct 16
Eskm & bloombase integration data security oct 16
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
 
Secure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile LegionSecure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile Legion
 
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
Bloombase StoreSafe Intelligent Storage Firewall secures sensitive informatio...
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Under IaaS, the client is offered a virtual hardware resource
Under IaaS, the client is offered a virtual hardware resource Under IaaS, the client is offered a virtual hardware resource
Under IaaS, the client is offered a virtual hardware resource
 

Viewers also liked

Presentation esl part 1 and tech part 1
Presentation esl part 1 and tech part 1Presentation esl part 1 and tech part 1
Presentation esl part 1 and tech part 1
Candice Clark
 
Word Cloud | LBSA Marketing Fall 2015
Word Cloud | LBSA Marketing Fall 2015Word Cloud | LBSA Marketing Fall 2015
Word Cloud | LBSA Marketing Fall 2015
Julian Gamboa
 
Segovia Timeless Elegance Collection
Segovia Timeless Elegance CollectionSegovia Timeless Elegance Collection
Segovia Timeless Elegance Collection
segoviaasia
 
Revathy pp da 1
Revathy pp da 1Revathy pp da 1
Revathy pp da 1revasurev
 
PassiveVoiceChart
PassiveVoiceChartPassiveVoiceChart
PassiveVoiceChart
aalr94
 
Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)
Julian Gamboa
 
TRC Summer Research Award_Final Report
TRC Summer Research Award_Final ReportTRC Summer Research Award_Final Report
TRC Summer Research Award_Final ReportLev McCarthy
 
Kapanowski FINAL_Lean Assessment
Kapanowski FINAL_Lean AssessmentKapanowski FINAL_Lean Assessment
Kapanowski FINAL_Lean AssessmentGary Kapanowski
 
Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01Jennie Gajjar
 
Concerto di primavera
Concerto di primaveraConcerto di primavera
Concerto di primavera
Ivan Marchitiello
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
PaaSword EU Project
 
Nano tubes Modern Technology
Nano tubes Modern TechnologyNano tubes Modern Technology
Nano tubes Modern TechnologySoudip Sinha Roy
 
Soudip sinha roy
Soudip sinha roySoudip sinha roy
Soudip sinha roy
Soudip Sinha Roy
 
Goa Country
Goa CountryGoa Country
Goa Country
ULTRAPEDO
 
UKRAINE CRISIS TIMELINE - updated 28 Aug 2014
UKRAINE CRISIS TIMELINE - updated 28 Aug 2014UKRAINE CRISIS TIMELINE - updated 28 Aug 2014
UKRAINE CRISIS TIMELINE - updated 28 Aug 2014Samip Shrestha
 

Viewers also liked (20)

Presentation esl part 1 and tech part 1
Presentation esl part 1 and tech part 1Presentation esl part 1 and tech part 1
Presentation esl part 1 and tech part 1
 
mamtalq
mamtalqmamtalq
mamtalq
 
Word Cloud | LBSA Marketing Fall 2015
Word Cloud | LBSA Marketing Fall 2015Word Cloud | LBSA Marketing Fall 2015
Word Cloud | LBSA Marketing Fall 2015
 
Portfolio
PortfolioPortfolio
Portfolio
 
Segovia Timeless Elegance Collection
Segovia Timeless Elegance CollectionSegovia Timeless Elegance Collection
Segovia Timeless Elegance Collection
 
Revathy pp da 1
Revathy pp da 1Revathy pp da 1
Revathy pp da 1
 
PassiveVoiceChart
PassiveVoiceChartPassiveVoiceChart
PassiveVoiceChart
 
Portfolio
PortfolioPortfolio
Portfolio
 
Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)
 
TRC Summer Research Award_Final Report
TRC Summer Research Award_Final ReportTRC Summer Research Award_Final Report
TRC Summer Research Award_Final Report
 
DePauwThesis
DePauwThesisDePauwThesis
DePauwThesis
 
Kapanowski FINAL_Lean Assessment
Kapanowski FINAL_Lean AssessmentKapanowski FINAL_Lean Assessment
Kapanowski FINAL_Lean Assessment
 
Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01Mvc 130330091359-phpapp01
Mvc 130330091359-phpapp01
 
Concerto di primavera
Concerto di primaveraConcerto di primavera
Concerto di primavera
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
 
Nano tubes Modern Technology
Nano tubes Modern TechnologyNano tubes Modern Technology
Nano tubes Modern Technology
 
Portfolio
PortfolioPortfolio
Portfolio
 
Soudip sinha roy
Soudip sinha roySoudip sinha roy
Soudip sinha roy
 
Goa Country
Goa CountryGoa Country
Goa Country
 
UKRAINE CRISIS TIMELINE - updated 28 Aug 2014
UKRAINE CRISIS TIMELINE - updated 28 Aug 2014UKRAINE CRISIS TIMELINE - updated 28 Aug 2014
UKRAINE CRISIS TIMELINE - updated 28 Aug 2014
 

Similar to No More Dark Clouds With PaaSword - An Innovative Security By Design Framework

Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack Overview
Valdez Ladd MBA, CISSP, CISA,
 
Service Models
Service ModelsService Models
Service Models
Allwyn24
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing StrategyOracle Cloud Computing Strategy
Oracle Cloud Computing Strategy
Rex Wang
 
Cloud Computing Presentation
Cloud Computing PresentationCloud Computing Presentation
Cloud Computing Presentation
JReifman
 
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep duttaCWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
Capgemini
 
Cloud computing-course-description-and-syllabus-spring2014
Cloud computing-course-description-and-syllabus-spring2014Cloud computing-course-description-and-syllabus-spring2014
Cloud computing-course-description-and-syllabus-spring2014
hajlaoui jaleleddine
 
PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges
PaaSword EU Project
 
A clear strategy for moving your enterprise to the cloud
A clear strategy for moving your enterprise to the cloudA clear strategy for moving your enterprise to the cloud
A clear strategy for moving your enterprise to the cloudWSO2
 
Practical Guide to Platform-as-a-Service
Practical Guide to Platform-as-a-Service Practical Guide to Platform-as-a-Service
Practical Guide to Platform-as-a-Service
Cloud Standards Customer Council
 
Private, Managed, Public - All Things WSO2 Cloud
Private, Managed, Public - All Things WSO2 CloudPrivate, Managed, Public - All Things WSO2 Cloud
Private, Managed, Public - All Things WSO2 Cloud
WSO2
 
UNIT III - ppt.pptx
UNIT III - ppt.pptxUNIT III - ppt.pptx
UNIT III - ppt.pptx
Padmapriya471418
 
SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.
SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.
SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.
OW2
 
Moving Your Enterprise to the Cloud
Moving Your Enterprise to the CloudMoving Your Enterprise to the Cloud
Moving Your Enterprise to the CloudImesh Gunaratne
 
Choosing a PaaS for the Enterprise
Choosing a PaaS for the EnterpriseChoosing a PaaS for the Enterprise
Choosing a PaaS for the EnterpriseCloud Elements
 
2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...
2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...
2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...
Timothy Spann
 
Xanadu Big Data Platform Technology Introduction
Xanadu Big Data Platform Technology IntroductionXanadu Big Data Platform Technology Introduction
Xanadu Big Data Platform Technology Introduction
Alex G. Lee, Ph.D. Esq. CLP
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
Amazon Web Services
 
PaaSword-Business Cases
PaaSword-Business CasesPaaSword-Business Cases
PaaSword-Business Cases
PaaSword EU Project
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
BugRaptors
 

Similar to No More Dark Clouds With PaaSword - An Innovative Security By Design Framework (20)

Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack Overview
 
Service Models
Service ModelsService Models
Service Models
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing StrategyOracle Cloud Computing Strategy
Oracle Cloud Computing Strategy
 
Cloud Computing Presentation
Cloud Computing PresentationCloud Computing Presentation
Cloud Computing Presentation
 
Losing Control to the Cloud
Losing Control to the CloudLosing Control to the Cloud
Losing Control to the Cloud
 
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep duttaCWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
CWIN17 India / Insights platform architecture v1 0 virtual - subhadeep dutta
 
Cloud computing-course-description-and-syllabus-spring2014
Cloud computing-course-description-and-syllabus-spring2014Cloud computing-course-description-and-syllabus-spring2014
Cloud computing-course-description-and-syllabus-spring2014
 
PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges
 
A clear strategy for moving your enterprise to the cloud
A clear strategy for moving your enterprise to the cloudA clear strategy for moving your enterprise to the cloud
A clear strategy for moving your enterprise to the cloud
 
Practical Guide to Platform-as-a-Service
Practical Guide to Platform-as-a-Service Practical Guide to Platform-as-a-Service
Practical Guide to Platform-as-a-Service
 
Private, Managed, Public - All Things WSO2 Cloud
Private, Managed, Public - All Things WSO2 CloudPrivate, Managed, Public - All Things WSO2 Cloud
Private, Managed, Public - All Things WSO2 Cloud
 
UNIT III - ppt.pptx
UNIT III - ppt.pptxUNIT III - ppt.pptx
UNIT III - ppt.pptx
 
SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.
SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.
SeedStack : new application patterns, presented at OW2con'19, June 12-13, Paris.
 
Moving Your Enterprise to the Cloud
Moving Your Enterprise to the CloudMoving Your Enterprise to the Cloud
Moving Your Enterprise to the Cloud
 
Choosing a PaaS for the Enterprise
Choosing a PaaS for the EnterpriseChoosing a PaaS for the Enterprise
Choosing a PaaS for the Enterprise
 
2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...
2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...
2024 February 28 - NYC - Meetup Unlocking Financial Data with Real-Time Pipel...
 
Xanadu Big Data Platform Technology Introduction
Xanadu Big Data Platform Technology IntroductionXanadu Big Data Platform Technology Introduction
Xanadu Big Data Platform Technology Introduction
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 
PaaSword-Business Cases
PaaSword-Business CasesPaaSword-Business Cases
PaaSword-Business Cases
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 

More from PaaSword EU Project

PaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption Engine
PaaSword EU Project
 
PaaSword - Technology Baseline
PaaSword - Technology BaselinePaaSword - Technology Baseline
PaaSword - Technology Baseline
PaaSword EU Project
 
PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access Control
PaaSword EU Project
 
Daten unter Kontrolle
Daten unter KontrolleDaten unter Kontrolle
Daten unter Kontrolle
PaaSword EU Project
 
Towards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudTowards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the Cloud
PaaSword EU Project
 
A Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudA Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the Cloud
PaaSword EU Project
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
PaaSword EU Project
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword EU Project
 

More from PaaSword EU Project (8)

PaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption Engine
 
PaaSword - Technology Baseline
PaaSword - Technology BaselinePaaSword - Technology Baseline
PaaSword - Technology Baseline
 
PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access Control
 
Daten unter Kontrolle
Daten unter KontrolleDaten unter Kontrolle
Daten unter Kontrolle
 
Towards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudTowards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the Cloud
 
A Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudA Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the Cloud
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 

Recently uploaded

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 

Recently uploaded (20)

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 

No More Dark Clouds With PaaSword - An Innovative Security By Design Framework

  • 1. www.paasword.eu No More Dark Clouds With PaaSword – An Innovative Security By Design Framework Cloud Forward Conference Oct 18-20, 2016 – Madrid, Spain
  • 2. Cloud Paradigm Shift The cloud paradigm has definitely prevailed Most application are delivered following the SaaS model Many developers rely on PaaS offerings for scalablity Nearly all underlying resources (DBs, Queues etc) are outsourced at the IaaS level Attack vectors have increased ‘Raw data’ are the modern hacker’s holy grail The responsibility for the protection of data has shifted to the developer PaaSword24/10/2016 2
  • 3. 60% of attacks target the database PaaSword24/10/2016 3
  • 5. Motivation – Security as an Enterprise Requirement Enterprises identify security concerns and data privacy as the most significant barriers of Cloud adoption; In addition: Compliance (e.g., legal, regulatory, industry-standard compliance) Cultural resistance Encryption and key management as top priority requirements [3] & [4] PaaSword24/10/2016 5 [3] P. Institute, “2015 Global Encryption & Key,” Thales, 2015. [4] CipherCloud, “Global cloud data security report - The authority on how to protect data in the cloud,” CipherCloud, 2015.
  • 6. How shall we lower the barriers? Security concerns Protect confidential information Control access Trust cloud provider Secure Cloud Applications Data privacy Secure storage Encryption Trustable Key Management Control Access to data PaaSword 24/10/2016 6 PaaSword
  • 7. Problem Areas Targeted Insufficient security and trust of cloud infrastructures and services Cloud application developers have difficulties specifying appropriate level of security Appropriate context-aware access control mechanisms for cloud applications Ensure protection, privacy and integrity of data stored in the cloud Prove applicability, usability, effectiveness and value of secure cloud platforms PaaSword24/10/2016 7
  • 9. PaaSword Features A security-by-design framework which will allow developers to engineer secure applications Leverage the security and trust of data that reside on outsourced infrastructure Facilitate context-aware access to encrypted and (even) physically distributed datasets stored in the cloud Prove applicability, usability, effectiveness and value of our framework in real-life Cloud infrastructures, services and applications29/06/2016 9 PaaSProvider PaaSword API DBwith Indexersonencrypteddata QueriesusingSearchable Trusted IaaSProvider Adversary User Developer PublishesApplication Encryption Scheme usingPaaSword API encrypteddata PaaSword
  • 10. Major Assets developed so far… A JAVA annotation library that can be used during development in order to annotate database models (using JPA) These annotations are translated during runtime to privacy constraints that drive the fragmentation of the database A virtual-database proxy that is able to handle any SQL query by translating it in the proper format based on the fragmentation scheme An XACML-compliant authorization engine that is able to perform reasoning prior to attribute-evaluation An integrated IDE environment where developers can submit and control their PaaSword-enabled applications PaaSword24/10/2016 10
  • 11. Integration of Eclipse CHE IDE PaaSword24/10/2016 11
  • 13. Asset: Virtual Database Architecture PaaSword24/10/2016 13 Data Index2Index1 SQL SQLDatabase Proxy (trusted) SQL Cloud (untrusted) User / Application Data (not encrypted) Data (encrypted)
  • 15. Interested in… ? Getting access to early results? Shaping and expanding PaaSword? Networking with leading companies & research institutes? Collaborating with us and the PaaSword Community? Join the Cloud Security Industrial Focus Group! Register at: https://www.paasword.eu/register/ 19PaaSword
  • 16. PaaSword24/10/2016 20 Join our Industrial Focus Group Today! Visit us: www.paasword. eu Acknowledgements: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814.