Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Cloud Computing
&
Privacy Protection
07/2013
Cloud Computing
• Infrastructure-as-a-Service (IaaS)
• Platform-as-a-Service (PaaS)
• Software-as-a-Service (SaaS)
• Publi...
Cloud Computing (cont.)
Major Benefits:
•
•
•
•
•

reduce capital cost (CAPEX -> OPEX)
focus on core business
access from ...
Cloud Computing (cont.)
Issues:
• security / privacy
• compliance
• legal
Cloud Computing - Security Concerns
Security vs. Privacy
• Security – overall information protection
• Privacy – individua...
Cloud Computing - Security Concerns
(cont.)
• Business information
• Personal information

Privacy is the issue!
Cloud Computing - Security Concerns
(cont.)
Encryption is one of the most effective data
protection techniques.
• Security...
Data Encryption & Privacy Preserving
Challenges:
• Data Storage/Sharing & Privacy preserving

• Cloud Computing technology...
Proposed model
Identity-Based Encryption & Identity Management
• Identity-Based Key Generator + OpenID Connect/OAuth2

• I...
Proposed model (cont.)
• Identity-Based Encryption
- no passwords, no certificates, e-mail address
• Identity identifier
-...
Proposed model (cont.)

Identity-Based Encryption is as strong as
Identity Management itself!
Business model I.
Customer
User Agent
(Browser)

Identity/OAuth Provider +
Data/App Provider

Identity-Based SecaaS Provid...
Business model II.
Patient, Physician, …
User Agent
(Browser)

Data/App Provider

Identity/OAuth Provider +
Identity-Based...
Technology
•
•
•
•

NIST SHA-256, AES-256, CTR-DRBG-256
OpenSSL FIPS 140-2 validated
OAuth 2.0 Identity Provider
OpenID Co...
Pros
• usability (no passwords, no certificates)
• no certificates management
(creation, storage, distribution, revocation...
Cons
• online service
• master key security
Opportunities
•
•
•
•
•
•
•
•
•
•
•

Data Storage / Sharing
Health Records / Medical Data Sharing
Big Data
Data Boxes
Data...
Featured links
• www.leadict.com
• igi64.github.io
Upcoming SlideShare
Loading in …5
×

Cloud Computing & Privacy Protection

639 views

Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Cloud Computing & Privacy Protection

  1. 1. Cloud Computing & Privacy Protection 07/2013
  2. 2. Cloud Computing • Infrastructure-as-a-Service (IaaS) • Platform-as-a-Service (PaaS) • Software-as-a-Service (SaaS) • Public Cloud • Private Cloud • Hybrid Cloud
  3. 3. Cloud Computing (cont.) Major Benefits: • • • • • reduce capital cost (CAPEX -> OPEX) focus on core business access from anywhere divest infrastructure management enterprise technology
  4. 4. Cloud Computing (cont.) Issues: • security / privacy • compliance • legal
  5. 5. Cloud Computing - Security Concerns Security vs. Privacy • Security – overall information protection • Privacy – individual information governance • Cloud Computing & Security – meet very well • Cloud Computing & Privacy – contradictory
  6. 6. Cloud Computing - Security Concerns (cont.) • Business information • Personal information Privacy is the issue!
  7. 7. Cloud Computing - Security Concerns (cont.) Encryption is one of the most effective data protection techniques. • Security Data at Rest Encryption, Data in Transit Encryption • Privacy Data in Use Encryption
  8. 8. Data Encryption & Privacy Preserving Challenges: • Data Storage/Sharing & Privacy preserving • Cloud Computing technology integration • Decentralized Identity Management • Multi-trusted domain model
  9. 9. Proposed model Identity-Based Encryption & Identity Management • Identity-Based Key Generator + OpenID Connect/OAuth2 • Identity provider (OpenID Connect/OAuth2) • Client-side zero-knowledge encryption
  10. 10. Proposed model (cont.) • Identity-Based Encryption - no passwords, no certificates, e-mail address • Identity identifier - e-mail address • OAuth2 - open standard for authorization • OpenID Connect - decentralized and secure authentication system on top of OAuth2
  11. 11. Proposed model (cont.) Identity-Based Encryption is as strong as Identity Management itself!
  12. 12. Business model I. Customer User Agent (Browser) Identity/OAuth Provider + Data/App Provider Identity-Based SecaaS Provider Google, Microsoft, Oracle, Dropbox Cisco, Symantec
  13. 13. Business model II. Patient, Physician, … User Agent (Browser) Data/App Provider Identity/OAuth Provider + Identity-Based SecaaS Provider Cloud Computing Health Service Hospital, Clinic, …
  14. 14. Technology • • • • NIST SHA-256, AES-256, CTR-DRBG-256 OpenSSL FIPS 140-2 validated OAuth 2.0 Identity Provider OpenID Connect Provider
  15. 15. Pros • usability (no passwords, no certificates) • no certificates management (creation, storage, distribution, revocation) • lost key prevention • IBE like features, key escrow/fair encryption, no need for receiver’s public key before encryption • no IBE revocation problem (online service)
  16. 16. Cons • online service • master key security
  17. 17. Opportunities • • • • • • • • • • • Data Storage / Sharing Health Records / Medical Data Sharing Big Data Data Boxes Databases Reporting / Business Intelligence Management Information System e-mail eForms / Workflow Document Management / Workflow Internet of Things
  18. 18. Featured links • www.leadict.com • igi64.github.io

×