SlideShare a Scribd company logo

PaaSword - Technology Baseline

PaaSword EU Project
PaaSword EU Project

Presentations of the 1st PaaSword CS-IFG Workshop that took place on 10th of November 2016 in Athens, Greece

Software
1 of 18
Download to read offline
www.paasword.eu PaaSword Technology Baseline Innovathens 10/11/2016
Outline PaaSword in a Nutshell Involved Actors & Threat Landscape High Level Architecture Distributed Searchable Encryption Engine Semantic Authorization Engine PaaSword18/11/2016 2
PaaSword in a Nutshell Security and Privacy by-design Framework? It is a framework that if it is adopted it provides increased security and privacy guarantees Adopted by whom? Application Developers (it offers client libraries that have to be used by devs) DevOps users (it offers management interface for the two offered mechanisms) What kind of security guarantees ? PaaSword18/11/2016 3
Involved Actors & Threat Landscape PaaSword18/11/2016 4 Data can be circumvented/stolen Internal or external adversary Execution environment may be subjected to privilege escalation Authorization scheme may be static or even hardcoded
Framework Security Guarantees Framework Guarantees Mitigation of cyber threats that derive by malicious administrators that administer ‘trusted’ Infrastructural resources Minimization of breaking a privacy scheme through statistical attacks that rely on pattern identification Efficient security Policy enforcement through the decoupling of Policy Definition and Policy Evaluation PaaSword18/11/2016 5
How? Two distinct mechanisms 1 – Distributed Searchable Encryption Engine An engine that allows the transformation of any relational schema to a fragmentation scheme that respects user-defined privacy constraints The new schema is functionally equivalent with the original; yet it relies on multiple IaaS providers 2 – Semantic Policy Authorization Engine An engine that allows the decoupling of policy enforcement and policy definition Decoupling is meaningful both during development and execution PaaSword18/11/2016 6
PaaSword Walkthrough PaaSword18/11/2016 7
Mechanism 1 - Distributed Searchable Encryption Engine Why plain Transparent Encryption Decryption is not enough ? You loose a lot of SQL expressivity Vulnerable to statistical attacks PaaSword18/11/2016 8 PaaSword Annotations PaaSword Controller
What are Annotations? Annotations are a form of metadata that provide data about a program that is not part of the program itself They can be used using three different strategies Source Generation Strategy Bytecode Transformation Strategy Runtime Reflection Strategy PaaSword uses annotations to Define Entity Model which will be protected using advanced fragmentation techniques PaaSword18/11/2016 9
How JPA works? PaaSword18/11/2016 10
PaaSword JPA PaaSword18/11/2016 11 Several types of Annotations: 1) Data Object Definition 2) Encryption & Distribution
Virtual Database Proxy PaaSword18/11/2016 12 Data Index2Index1 SQL SQLDatabase Proxy (trusted) SQL Cloud (untrusted) User / Application Data (not encrypted) Data (encrypted)
What about Key Creation/Sharing Policies? 13
Overview Of Policies 14 Policy /Characteristic Where is the TED taking place? TED Key Generation TED Key Usage & Sharing Policy Modification of target schema SQL support P1 In the PaaS container Generated once during bootstrapping (in a Tenant Trusted Zone) and stored in-memory by the application It is recovered by the memory on demand per each query execution No Modification Yes P2 In the PaaS container One key is generated per Tenant (in a Tenant Trusted Zone) and a pair of user_key container_key is generated out of this tenant_key It is recomposed by the combination of a user_key and a container_key per each query_execution No Modification Yes P3 Outside the container in a Tenant Trusted Zone Generated once in a Tenant Trusted Zone E/D Key is used only in the Tenant Trusted Zone No Modification No P4 In the PaaS container Generated once during bootstrapping (in a Tenant Trusted Zone) and stored in-memory by the application It is recovered by the memory on demand per each query execution Modifications required No P5 In the PaaS container One key is generated per Tenant (in a Tenant Trusted Zone) and a pair of user_key container_key is generated out of this tenant_key It is recomposed by the combination of a user_key and a container_key per each query_execution Modifications required No
Comparative Analysis 15
Mechanism 2 – Semantic Policy Authorization Engine Why not an existing authorization engine? Based on authorization metamodel MAC, DAC, RBAC, ABAC ABAC is considered dominant (from NIST) Which Standard? and which Implementation of the Standard? De-facto ABAC standard is XA-CML Limitations of reference Implementation Balana Engine (pure syntactic execution of rules) PaaSword18/11/2016 16
Semantic Policy Enforcement PaaSword18/11/2016 17 AccessControl PaaSword Context Model
PaaSword18/11/2016 18 Questions? Visit us: www.paasword.euAcknowledgements: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814.

Recommended

A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service FrameworkA Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
PaaSword EU Project
 
Performance and penetration_testing_with_a_partner_how_to_start!
Performance and penetration_testing_with_a_partner_how_to_start!Performance and penetration_testing_with_a_partner_how_to_start!
Performance and penetration_testing_with_a_partner_how_to_start!
Sasha Kolomiichuk
 
Web Application Firewall
Web Application FirewallWeb Application Firewall
Web Application Firewall
Chandrapal Badshah
 
IT security : Keep calm and monitor PowerShell
IT security : Keep calm and monitor PowerShellIT security : Keep calm and monitor PowerShell
IT security : Keep calm and monitor PowerShell
ManageEngine
 
8 must dos for a perfect privileged account management strategy
8 must dos for a perfect privileged account management strategy8 must dos for a perfect privileged account management strategy
8 must dos for a perfect privileged account management strategy
ManageEngine
 
RSA 2015 Realities of Private Cloud Security
RSA 2015 Realities of Private Cloud SecurityRSA 2015 Realities of Private Cloud Security
RSA 2015 Realities of Private Cloud Security
Scott Carlson
 
Identity-Based Security and Privacy for the Internet of Things
Identity-Based Security and Privacy for the Internet of ThingsIdentity-Based Security and Privacy for the Internet of Things
Identity-Based Security and Privacy for the Internet of Things
Priyanka Aash
 
Confoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteConfoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteAntonio Fontes
 

Recommended

A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service FrameworkA Data Privacy and Security by Design Platform‐as‐a‐Service Framework
A Data Privacy and Security by Design Platform‐as‐a‐Service Framework
PaaSword EU Project
 
Performance and penetration_testing_with_a_partner_how_to_start!
Performance and penetration_testing_with_a_partner_how_to_start!Performance and penetration_testing_with_a_partner_how_to_start!
Performance and penetration_testing_with_a_partner_how_to_start!
Sasha Kolomiichuk
 
Web Application Firewall
Web Application FirewallWeb Application Firewall
Web Application Firewall
Chandrapal Badshah
 
IT security : Keep calm and monitor PowerShell
IT security : Keep calm and monitor PowerShellIT security : Keep calm and monitor PowerShell
IT security : Keep calm and monitor PowerShell
ManageEngine
 
8 must dos for a perfect privileged account management strategy
8 must dos for a perfect privileged account management strategy8 must dos for a perfect privileged account management strategy
8 must dos for a perfect privileged account management strategy
ManageEngine
 
RSA 2015 Realities of Private Cloud Security
RSA 2015 Realities of Private Cloud SecurityRSA 2015 Realities of Private Cloud Security
RSA 2015 Realities of Private Cloud Security
Scott Carlson
 
Identity-Based Security and Privacy for the Internet of Things
Identity-Based Security and Privacy for the Internet of ThingsIdentity-Based Security and Privacy for the Internet of Things
Identity-Based Security and Privacy for the Internet of Things
Priyanka Aash
 
Confoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteConfoo 2012 - Web security keynote
Confoo 2012 - Web security keynoteAntonio Fontes
 
Benefits of web application firewalls
Benefits of web application firewallsBenefits of web application firewalls
Benefits of web application firewallsEnclaveSecurity
 
PCI Compliane With Hadoop
PCI Compliane With HadoopPCI Compliane With Hadoop
PCI Compliane With Hadoop
Rommel Garcia
 
QualysGuard InfoDay 2013 - Web Application Firewall
QualysGuard InfoDay 2013 - Web Application FirewallQualysGuard InfoDay 2013 - Web Application Firewall
QualysGuard InfoDay 2013 - Web Application FirewallRisk Analysis Consultants, s.r.o.
 
HIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best PracticesHIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best Practices
Hostway|HOSTING
 
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
Nagios
 
Threat Detection using Analytics & Machine Learning
Threat Detection using Analytics & Machine LearningThreat Detection using Analytics & Machine Learning
Threat Detection using Analytics & Machine Learning
Priyanka Aash
 
Cloud penetration testing
Cloud penetration testingCloud penetration testing
Cloud penetration testing
vericlouds11
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
North Texas Chapter of the ISSA
 
Présentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo WazuhPrésentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo Wazuh
Aurélie Henriot
 
Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloads
Runcy Oommen
 
McAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMMcAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEM
Iftikhar Ali Iqbal
 
BeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone ElseBeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone Else
Ivan Dwyer
 
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-MelhaouiCSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
NCCOMMS
 
McAfee - McAfee Application Control (MAC) - Whitelisting
McAfee - McAfee Application Control (MAC) - WhitelistingMcAfee - McAfee Application Control (MAC) - Whitelisting
McAfee - McAfee Application Control (MAC) - Whitelisting
Iftikhar Ali Iqbal
 
IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513Alexander Doré
 
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
Iftikhar Ali Iqbal
 
Secure Web Applications Ver0.01
Secure Web Applications Ver0.01Secure Web Applications Ver0.01
Secure Web Applications Ver0.01
Vasan Ramadoss
 
CryptTech 2015
CryptTech 2015CryptTech 2015
CryptTech 2015
Mustafa Kuğu
 
Technologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the CloudTechnologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the CloudCloudPassage
 
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftCss sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Alert Logic
 
PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access Control
PaaSword EU Project
 
Segovia Nautique Collection
Segovia Nautique CollectionSegovia Nautique Collection
Segovia Nautique Collection
segoviaasia
 

More Related Content

What's hot

Benefits of web application firewalls
Benefits of web application firewallsBenefits of web application firewalls
Benefits of web application firewallsEnclaveSecurity
 
PCI Compliane With Hadoop
PCI Compliane With HadoopPCI Compliane With Hadoop
PCI Compliane With Hadoop
Rommel Garcia
 
HIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best PracticesHIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best Practices
Hostway|HOSTING
 
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
Nagios
 
Threat Detection using Analytics & Machine Learning
Threat Detection using Analytics & Machine LearningThreat Detection using Analytics & Machine Learning
Threat Detection using Analytics & Machine Learning
Priyanka Aash
 
Cloud penetration testing
Cloud penetration testingCloud penetration testing
Cloud penetration testing
vericlouds11
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
North Texas Chapter of the ISSA
 
Présentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo WazuhPrésentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo Wazuh
Aurélie Henriot
 
Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloads
Runcy Oommen
 
McAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMMcAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEM
Iftikhar Ali Iqbal
 
BeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone ElseBeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone Else
Ivan Dwyer
 
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-MelhaouiCSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
NCCOMMS
 
McAfee - McAfee Application Control (MAC) - Whitelisting
McAfee - McAfee Application Control (MAC) - WhitelistingMcAfee - McAfee Application Control (MAC) - Whitelisting
McAfee - McAfee Application Control (MAC) - Whitelisting
Iftikhar Ali Iqbal
 
IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513Alexander Doré
 
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
Iftikhar Ali Iqbal
 
Secure Web Applications Ver0.01
Secure Web Applications Ver0.01Secure Web Applications Ver0.01
Secure Web Applications Ver0.01
Vasan Ramadoss
 
CryptTech 2015
CryptTech 2015CryptTech 2015
CryptTech 2015
Mustafa Kuğu
 
Technologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the CloudTechnologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the CloudCloudPassage
 
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftCss sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Alert Logic
 

What's hot (20)

Benefits of web application firewalls
Benefits of web application firewallsBenefits of web application firewalls
Benefits of web application firewalls
 
PCI Compliane With Hadoop
PCI Compliane With HadoopPCI Compliane With Hadoop
PCI Compliane With Hadoop
 
QualysGuard InfoDay 2013 - Web Application Firewall
QualysGuard InfoDay 2013 - Web Application FirewallQualysGuard InfoDay 2013 - Web Application Firewall
QualysGuard InfoDay 2013 - Web Application Firewall
 
HIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best PracticesHIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best Practices
 
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organiza...
 
Threat Detection using Analytics & Machine Learning
Threat Detection using Analytics & Machine LearningThreat Detection using Analytics & Machine Learning
Threat Detection using Analytics & Machine Learning
 
Cloud penetration testing
Cloud penetration testingCloud penetration testing
Cloud penetration testing
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
 
Présentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo WazuhPrésentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo Wazuh
 
Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloads
 
McAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMMcAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEM
 
BeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone ElseBeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone Else
 
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-MelhaouiCSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
 
McAfee - McAfee Application Control (MAC) - Whitelisting
McAfee - McAfee Application Control (MAC) - WhitelistingMcAfee - McAfee Application Control (MAC) - Whitelisting
McAfee - McAfee Application Control (MAC) - Whitelisting
 
IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513IT_RFO10-14-ITS_AppendixA_20100513
IT_RFO10-14-ITS_AppendixA_20100513
 
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
McAfee - McAfee Active Response (MAR) - Endpoint Detection & Response (EDR)
 
Secure Web Applications Ver0.01
Secure Web Applications Ver0.01Secure Web Applications Ver0.01
Secure Web Applications Ver0.01
 
CryptTech 2015
CryptTech 2015CryptTech 2015
CryptTech 2015
 
Technologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the CloudTechnologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the Cloud
 
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftCss sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
 

Viewers also liked

PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access Control
PaaSword EU Project
 
Segovia Nautique Collection
Segovia Nautique CollectionSegovia Nautique Collection
Segovia Nautique Collection
segoviaasia
 
Concerto di primavera
Concerto di primaveraConcerto di primavera
Concerto di primavera
Ivan Marchitiello
 
Anisa Updated CV May
Anisa Updated CV MayAnisa Updated CV May
Anisa Updated CV MayAnisa Mohamed
 
Soudip sinha roy
Soudip sinha roySoudip sinha roy
Soudip sinha roy
Soudip Sinha Roy
 
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notesBio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notescourtcaitlin
 
Nano tubes Modern Technology
Nano tubes Modern TechnologyNano tubes Modern Technology
Nano tubes Modern TechnologySoudip Sinha Roy
 
2013 enhancing graduates’ employability skills-malaysia
2013 enhancing graduates’ employability skills-malaysia2013 enhancing graduates’ employability skills-malaysia
2013 enhancing graduates’ employability skills-malaysia
razalibmuda
 
HELLEN WANGUI GATHOGO-cv 2015 CONFIDENTIAL
HELLEN WANGUI GATHOGO-cv 2015 CONFIDENTIALHELLEN WANGUI GATHOGO-cv 2015 CONFIDENTIAL
HELLEN WANGUI GATHOGO-cv 2015 CONFIDENTIALHellen Gathogo
 
Williams gregpowersportsillustrated
Williams gregpowersportsillustratedWilliams gregpowersportsillustrated
Williams gregpowersportsillustrated
gregw1234
 
Goa Country
Goa CountryGoa Country
Goa Country
ULTRAPEDO
 
Acucut Presentation.rev1
Acucut Presentation.rev1Acucut Presentation.rev1
Acucut Presentation.rev1Ajit Shah
 
Kapanowski Final_FUNDAMENTALS
Kapanowski Final_FUNDAMENTALSKapanowski Final_FUNDAMENTALS
Kapanowski Final_FUNDAMENTALSGary Kapanowski
 
Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)
Julian Gamboa
 
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
Julian Gamboa
 

Viewers also liked (19)

PaaSword - Context-aware Access Control
PaaSword - Context-aware Access ControlPaaSword - Context-aware Access Control
PaaSword - Context-aware Access Control
 
Segovia Nautique Collection
Segovia Nautique CollectionSegovia Nautique Collection
Segovia Nautique Collection
 
DePauwThesis
DePauwThesisDePauwThesis
DePauwThesis
 
Kapanowski FINAL_CIPL
Kapanowski FINAL_CIPLKapanowski FINAL_CIPL
Kapanowski FINAL_CIPL
 
Concerto di primavera
Concerto di primaveraConcerto di primavera
Concerto di primavera
 
Anisa Updated CV May
Anisa Updated CV MayAnisa Updated CV May
Anisa Updated CV May
 
Soudip sinha roy
Soudip sinha roySoudip sinha roy
Soudip sinha roy
 
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notesBio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
Bio 1.0 ase biodiesel overview and benefits march 14 2015 instructor notes
 
Mike Faris
Mike FarisMike Faris
Mike Faris
 
Nano tubes Modern Technology
Nano tubes Modern TechnologyNano tubes Modern Technology
Nano tubes Modern Technology
 
2013 enhancing graduates’ employability skills-malaysia
2013 enhancing graduates’ employability skills-malaysia2013 enhancing graduates’ employability skills-malaysia
2013 enhancing graduates’ employability skills-malaysia
 
HELLEN WANGUI GATHOGO-cv 2015 CONFIDENTIAL
HELLEN WANGUI GATHOGO-cv 2015 CONFIDENTIALHELLEN WANGUI GATHOGO-cv 2015 CONFIDENTIAL
HELLEN WANGUI GATHOGO-cv 2015 CONFIDENTIAL
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_web
 
Williams gregpowersportsillustrated
Williams gregpowersportsillustratedWilliams gregpowersportsillustrated
Williams gregpowersportsillustrated
 
Goa Country
Goa CountryGoa Country
Goa Country
 
Acucut Presentation.rev1
Acucut Presentation.rev1Acucut Presentation.rev1
Acucut Presentation.rev1
 
Kapanowski Final_FUNDAMENTALS
Kapanowski Final_FUNDAMENTALSKapanowski Final_FUNDAMENTALS
Kapanowski Final_FUNDAMENTALS
 
Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)Social Media & Metrics (Digital Marketing Today)
Social Media & Metrics (Digital Marketing Today)
 
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
LinkedIn Workshop: Profiles and Publishing (Digital Marketing Today)
 

Similar to PaaSword - Technology Baseline

Writing RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIsWriting RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIs
Carsten Flensburg
 
The App Sec How-To: Choosing a SAST Tool
The App Sec How-To: Choosing a SAST ToolThe App Sec How-To: Choosing a SAST Tool
The App Sec How-To: Choosing a SAST Tool
Checkmarx
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
FernandoVizer
 
Apache Stratos - Building a PaaS using OSGi and Equinox
Apache Stratos - Building a PaaS using OSGi and EquinoxApache Stratos - Building a PaaS using OSGi and Equinox
Apache Stratos - Building a PaaS using OSGi and Equinox
Paul Fremantle
 
Pivotal Cloud Foundry 2.4: A First Look
Pivotal Cloud Foundry 2.4: A First LookPivotal Cloud Foundry 2.4: A First Look
Pivotal Cloud Foundry 2.4: A First Look
VMware Tanzu
 
PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges
PaaSword EU Project
 
G05.2013 Security Information and Event Management
G05.2013 Security Information and Event ManagementG05.2013 Security Information and Event Management
G05.2013 Security Information and Event Management
Satya Harish
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
Aryan G
 
Extra micrometer practices with Quarkus | DevNation Tech Talk
Extra micrometer practices with Quarkus | DevNation Tech TalkExtra micrometer practices with Quarkus | DevNation Tech Talk
Extra micrometer practices with Quarkus | DevNation Tech Talk
Red Hat Developers
 
Top10 Characteristics of Awesome Apps
Top10 Characteristics of Awesome AppsTop10 Characteristics of Awesome Apps
Top10 Characteristics of Awesome Apps
Casey Lee
 
Enhancing Password Manager Chrome Extension through Multi Authentication and ...
Enhancing Password Manager Chrome Extension through Multi Authentication and ...Enhancing Password Manager Chrome Extension through Multi Authentication and ...
Enhancing Password Manager Chrome Extension through Multi Authentication and ...
ijtsrd
 
pcnsa-study-guide_PAN-OS_v11.0-1__01.pdf
pcnsa-study-guide_PAN-OS_v11.0-1__01.pdfpcnsa-study-guide_PAN-OS_v11.0-1__01.pdf
pcnsa-study-guide_PAN-OS_v11.0-1__01.pdf
Azzeddine Salem
 
Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015
Silva_2
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloud
sdevillers
 
Tools & Techniques for Addressing Component Vulnerabilities for PCI Compliance
Tools & Techniques for Addressing Component Vulnerabilities for PCI ComplianceTools & Techniques for Addressing Component Vulnerabilities for PCI Compliance
Tools & Techniques for Addressing Component Vulnerabilities for PCI Compliance
Sonatype
 
Anypoint API Manager Custom Policies & Best Practices
Anypoint API Manager Custom Policies & Best PracticesAnypoint API Manager Custom Policies & Best Practices
Anypoint API Manager Custom Policies & Best Practices
MuleSoft Meetups
 
TrueSight Enterprise Edition
TrueSight Enterprise EditionTrueSight Enterprise Edition
TrueSight Enterprise Editionmichaelkmcdowell
 
Tideway Software Identification
Tideway Software IdentificationTideway Software Identification
Tideway Software IdentificationPeter Grant
 
Testing a Microservices Architecture
Testing a Microservices ArchitectureTesting a Microservices Architecture
Testing a Microservices Architecture
Parasoft
 
Představení Oracle SPARC Miniclusteru
Představení Oracle SPARC MiniclusteruPředstavení Oracle SPARC Miniclusteru
Představení Oracle SPARC Miniclusteru
MarketingArrowECS_CZ
 

Similar to PaaSword - Technology Baseline (20)

Writing RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIsWriting RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIs
 
The App Sec How-To: Choosing a SAST Tool
The App Sec How-To: Choosing a SAST ToolThe App Sec How-To: Choosing a SAST Tool
The App Sec How-To: Choosing a SAST Tool
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
 
Apache Stratos - Building a PaaS using OSGi and Equinox
Apache Stratos - Building a PaaS using OSGi and EquinoxApache Stratos - Building a PaaS using OSGi and Equinox
Apache Stratos - Building a PaaS using OSGi and Equinox
 
Pivotal Cloud Foundry 2.4: A First Look
Pivotal Cloud Foundry 2.4: A First LookPivotal Cloud Foundry 2.4: A First Look
Pivotal Cloud Foundry 2.4: A First Look
 
PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges PaaSword's main idea, technical architecture and scientific challenges
PaaSword's main idea, technical architecture and scientific challenges
 
G05.2013 Security Information and Event Management
G05.2013 Security Information and Event ManagementG05.2013 Security Information and Event Management
G05.2013 Security Information and Event Management
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
 
Extra micrometer practices with Quarkus | DevNation Tech Talk
Extra micrometer practices with Quarkus | DevNation Tech TalkExtra micrometer practices with Quarkus | DevNation Tech Talk
Extra micrometer practices with Quarkus | DevNation Tech Talk
 
Top10 Characteristics of Awesome Apps
Top10 Characteristics of Awesome AppsTop10 Characteristics of Awesome Apps
Top10 Characteristics of Awesome Apps
 
Enhancing Password Manager Chrome Extension through Multi Authentication and ...
Enhancing Password Manager Chrome Extension through Multi Authentication and ...Enhancing Password Manager Chrome Extension through Multi Authentication and ...
Enhancing Password Manager Chrome Extension through Multi Authentication and ...
 
pcnsa-study-guide_PAN-OS_v11.0-1__01.pdf
pcnsa-study-guide_PAN-OS_v11.0-1__01.pdfpcnsa-study-guide_PAN-OS_v11.0-1__01.pdf
pcnsa-study-guide_PAN-OS_v11.0-1__01.pdf
 
Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloud
 
Tools & Techniques for Addressing Component Vulnerabilities for PCI Compliance
Tools & Techniques for Addressing Component Vulnerabilities for PCI ComplianceTools & Techniques for Addressing Component Vulnerabilities for PCI Compliance
Tools & Techniques for Addressing Component Vulnerabilities for PCI Compliance
 
Anypoint API Manager Custom Policies & Best Practices
Anypoint API Manager Custom Policies & Best PracticesAnypoint API Manager Custom Policies & Best Practices
Anypoint API Manager Custom Policies & Best Practices
 
TrueSight Enterprise Edition
TrueSight Enterprise EditionTrueSight Enterprise Edition
TrueSight Enterprise Edition
 
Tideway Software Identification
Tideway Software IdentificationTideway Software Identification
Tideway Software Identification
 
Testing a Microservices Architecture
Testing a Microservices ArchitectureTesting a Microservices Architecture
Testing a Microservices Architecture
 
Představení Oracle SPARC Miniclusteru
Představení Oracle SPARC MiniclusteruPředstavení Oracle SPARC Miniclusteru
Představení Oracle SPARC Miniclusteru
 

More from PaaSword EU Project

PaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption Engine
PaaSword EU Project
 
PaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSword
PaaSword EU Project
 
PaaSword-Business Cases
PaaSword-Business CasesPaaSword-Business Cases
PaaSword-Business Cases
PaaSword EU Project
 
Daten unter Kontrolle
Daten unter KontrolleDaten unter Kontrolle
Daten unter Kontrolle
PaaSword EU Project
 
PaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword Presentation - Project Overview
PaaSword Presentation - Project Overview
PaaSword EU Project
 
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design FrameworkNo More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
PaaSword EU Project
 
Towards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudTowards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the Cloud
PaaSword EU Project
 
A Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudA Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the Cloud
PaaSword EU Project
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
PaaSword EU Project
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
PaaSword EU Project
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword EU Project
 

More from PaaSword EU Project (11)

PaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption EnginePaaSword - Distributed Searchable Encryption Engine
PaaSword - Distributed Searchable Encryption Engine
 
PaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSwordPaaSword - No More Dark Clouds with PaaSword
PaaSword - No More Dark Clouds with PaaSword
 
PaaSword-Business Cases
PaaSword-Business CasesPaaSword-Business Cases
PaaSword-Business Cases
 
Daten unter Kontrolle
Daten unter KontrolleDaten unter Kontrolle
Daten unter Kontrolle
 
PaaSword Presentation - Project Overview
PaaSword Presentation - Project OverviewPaaSword Presentation - Project Overview
PaaSword Presentation - Project Overview
 
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design FrameworkNo More Dark Clouds With PaaSword - An Innovative Security By Design Framework
No More Dark Clouds With PaaSword - An Innovative Security By Design Framework
 
Towards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the CloudTowards Trusted eHealth Services in the Cloud
Towards Trusted eHealth Services in the Cloud
 
A Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the CloudA Survey on Context Security Policies in the Cloud
A Survey on Context Security Policies in the Cloud
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 

Recently uploaded

How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi ArabiaTop 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Yara Milbes
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"
Donna Lenk
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
XfilesPro
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
ShamsuddeenMuhammadA
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
Alina Yurenko
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
Pro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp BookPro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp Book
abdulrafaychaudhry
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
Paco van Beckhoven
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
timtebeek1
 

Recently uploaded (20)

How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi ArabiaTop 7 Unique WhatsApp API Benefits | Saudi Arabia
Top 7 Unique WhatsApp API Benefits | Saudi Arabia
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
Pro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp BookPro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp Book
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
 

PaaSword - Technology Baseline

  • 2. Outline PaaSword in a Nutshell Involved Actors & Threat Landscape High Level Architecture Distributed Searchable Encryption Engine Semantic Authorization Engine PaaSword18/11/2016 2
  • 3. PaaSword in a Nutshell Security and Privacy by-design Framework? It is a framework that if it is adopted it provides increased security and privacy guarantees Adopted by whom? Application Developers (it offers client libraries that have to be used by devs) DevOps users (it offers management interface for the two offered mechanisms) What kind of security guarantees ? PaaSword18/11/2016 3
  • 4. Involved Actors & Threat Landscape PaaSword18/11/2016 4 Data can be circumvented/stolen Internal or external adversary Execution environment may be subjected to privilege escalation Authorization scheme may be static or even hardcoded
  • 5. Framework Security Guarantees Framework Guarantees Mitigation of cyber threats that derive by malicious administrators that administer ‘trusted’ Infrastructural resources Minimization of breaking a privacy scheme through statistical attacks that rely on pattern identification Efficient security Policy enforcement through the decoupling of Policy Definition and Policy Evaluation PaaSword18/11/2016 5
  • 6. How? Two distinct mechanisms 1 – Distributed Searchable Encryption Engine An engine that allows the transformation of any relational schema to a fragmentation scheme that respects user-defined privacy constraints The new schema is functionally equivalent with the original; yet it relies on multiple IaaS providers 2 – Semantic Policy Authorization Engine An engine that allows the decoupling of policy enforcement and policy definition Decoupling is meaningful both during development and execution PaaSword18/11/2016 6
  • 8. Mechanism 1 - Distributed Searchable Encryption Engine Why plain Transparent Encryption Decryption is not enough ? You loose a lot of SQL expressivity Vulnerable to statistical attacks PaaSword18/11/2016 8 PaaSword Annotations PaaSword Controller
  • 9. What are Annotations? Annotations are a form of metadata that provide data about a program that is not part of the program itself They can be used using three different strategies Source Generation Strategy Bytecode Transformation Strategy Runtime Reflection Strategy PaaSword uses annotations to Define Entity Model which will be protected using advanced fragmentation techniques PaaSword18/11/2016 9
  • 11. PaaSword JPA PaaSword18/11/2016 11 Several types of Annotations: 1) Data Object Definition 2) Encryption & Distribution
  • 12. Virtual Database Proxy PaaSword18/11/2016 12 Data Index2Index1 SQL SQLDatabase Proxy (trusted) SQL Cloud (untrusted) User / Application Data (not encrypted) Data (encrypted)
  • 13. What about Key Creation/Sharing Policies? 13
  • 14. Overview Of Policies 14 Policy /Characteristic Where is the TED taking place? TED Key Generation TED Key Usage & Sharing Policy Modification of target schema SQL support P1 In the PaaS container Generated once during bootstrapping (in a Tenant Trusted Zone) and stored in-memory by the application It is recovered by the memory on demand per each query execution No Modification Yes P2 In the PaaS container One key is generated per Tenant (in a Tenant Trusted Zone) and a pair of user_key container_key is generated out of this tenant_key It is recomposed by the combination of a user_key and a container_key per each query_execution No Modification Yes P3 Outside the container in a Tenant Trusted Zone Generated once in a Tenant Trusted Zone E/D Key is used only in the Tenant Trusted Zone No Modification No P4 In the PaaS container Generated once during bootstrapping (in a Tenant Trusted Zone) and stored in-memory by the application It is recovered by the memory on demand per each query execution Modifications required No P5 In the PaaS container One key is generated per Tenant (in a Tenant Trusted Zone) and a pair of user_key container_key is generated out of this tenant_key It is recomposed by the combination of a user_key and a container_key per each query_execution Modifications required No
  • 16. Mechanism 2 – Semantic Policy Authorization Engine Why not an existing authorization engine? Based on authorization metamodel MAC, DAC, RBAC, ABAC ABAC is considered dominant (from NIST) Which Standard? and which Implementation of the Standard? De-facto ABAC standard is XA-CML Limitations of reference Implementation Balana Engine (pure syntactic execution of rules) PaaSword18/11/2016 16
  • 17. Semantic Policy Enforcement PaaSword18/11/2016 17 AccessControl PaaSword Context Model
  • 18. PaaSword18/11/2016 18 Questions? Visit us: www.paasword.euAcknowledgements: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644814.