cloud privacy in a
play

Cloud Privacy in a PervasivE Monitoring t Landscape pt - PowerPoint PPT Presentation

Jun 14, 2023 •181 likes •259 views

44 pt Cloud Privacy in a PervasivE Monitoring t Landscape pt JOHN MATTSSON

  1. 44 pt Cloud Privacy in a PervasivE Monitoring t Landscape pt ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ JOHN MATTSSON δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № STEFAN HÅKANSSSON ERICSSON RESEARCH Ericsson | 2014-09-11 | Page 1

  2. INTRODUCTION 44 pt • Ongoing transformation towards third-party cloud services for storing and managing information. t • This has many benefits (cost, flexibility, ease of use). pt • Data aggregated in global data centers are natural targets for pervasive surveillance. • Also active attacks, e.g. celebrity image theft. • The market potential for enterprise and government cloud services and web applications are held back ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ by privacy and security concerns. δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № • Problematic with servers in other countries and vendors from other countries. Ericsson | 2014-09-11 | Page 2

  3. SECURITY MODEL 44 pt • WebCrypto uses so called host-based security where the security depends on the security of the host. t • This alone is not enough in a pervasive monitoring landscape pt • Need to protect against service provider, data breaches, and government demands. • Need to shield not just encryption keys, but also plaintext data from the hosting application. • Similar thoughts have been pursued in WebRTC, Isolated Media Streams, and Encrypted Media Extensions. ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Browser Web Server Ericsson | 2014-09-11 | Page 3

  4. EXAMPLES 44 pt Cloud storage • There is currently no easy way to use cloud storage in a way that ensures privacy. t • Needed: Secure File Input / File Download where pt cleartext is not accessible by the web application / JavaScript runtime environment. HTML forms • Data entered in forms is available to the web ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ application in cleartext. ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № • Needed: secure forms where the data is not accessible to the application in any other form than encrypted. • Example: Google Chrome extension End-to-End. Ericsson | 2014-09-11 | Page 4

  5. SUMMARY 44 pt • Sensitive data should be protected in such a way that the service provider cannot access keys nor cleartext. t • In this way, cleartext data is only accessible by the individual or enterprise that protected it in the first place, or someone pt selectively given authorization to access the data. • Protects data against service provider, data breaches, and government demands. ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Ericsson | 2014-09-11 | Page 5

  6. REFERENCES 44 pt The presented paper: “Cloud Service Privacy in a Pervasive W3C, “WebRTC 1.0: Real-time Communication Between Browse Monitoring Landscape” http://www.w3.org/TR/webrtc/ http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/ papers/webcrypto2014_submission_9.pdf IETF, “Real-Time Communication in WEB-browser t http://tools.ietf.org/wg/rtcweb/ TRINT - A W3C/IAB workshop on Strengthening the Internet Against Pervasive Monitoring W3C, “Media Capture and Streams” pt http://www.w3.org/TR/WebCryptoAPI/ http://www.w3.org/TR/mediacapture-streams/#isolated-media-streams Barnes et al. “Pervasive Attack: A Threat Model and Problem W3C, “Encrypted Media Extensions” Statement” http://www.w3.org/TR/encrypted-media/ http://tools.ietf.org/html/draft-barnes-pervasive-problem Google, “End-To-End” Cooper, Jennings, “The Trust-to-Trust Model of Cloud Services” https://code.google.com/p/end-to-end/ https://www.w3.org/2014/strint/papers/30.pdf ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ Halpin, “The W3C Web Cryptography API: Design and Issues”, 2014 δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ Farrell, Tschofenig, IETF RFC 7258, “Pervasive Monitoring Is an ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ http://ws-rest.org/2014/sites/default/files/wsrest2014_submission_11.pdf ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Attack” https://tools.ietf.org/html/rfc7258 W3C, “Web Cryptography API” http://www.w3.org/TR/WebCryptoAPI/ Ericsson | 2014-09-11 | Page 6

  7. 44 pt t pt ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Ericsson | 2014-09-11 | Page 7

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity & Flexibility Security and Privacy for Cloud

529 views • 36 slides
#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy across hybrid IT Farshad Ghazi - Moderator Mat Spitz Lacy Gruen #MicroFocusCyberSummit Reiner Kappenberger Cloud-based Data Privacy and Protection:

453 views • 10 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia University of Applied Science Wolfenbttel, Germany IFIP Summerschool: Privacy and Identity Management for Life, Helsingborg, August 2nd, 2010 Cloud

775 views • 43 slides
CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns Hopkins University What is Cloud Computing ? Lets hear from the experts 2 What is Cloud Computing ? The infinite wisdom of the crowds (via

709 views • 38 slides
Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology Transactions Practice Groups November 14, 2017 Linda Rhodes Joe Pennell Brad Peterson Partner Partner Partner 202-263-3382 312-701-8354

313 views • 29 slides
beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the cloud BLOOMBERG FORBES BAIN AND COMPANY the other side of the coin beyond the technology ZDNET FORTUNE beyond the technology WIRED MASHABLE

904 views • 45 slides
Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud Computing Services for Educational Institutions Presented by: Cristina Blanton Erin Fonte Associate Systemwide Compliance and Member, Privacy

310 views • 28 slides
Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from powerful threats 2 3 Powerful Threats to User Privacy Organized Crime Nation-State Actors 4 Powerful Threats to User Privacy Gather

1.56k views • 104 slides
Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Outline Introduction Support technologies Privacy-preserving IDaaS system Conclusions Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services David Nu nez , Isaac Agudo, and Javier Lopez Network,

422 views • 24 slides
Healthcare Data Privacy on the Cloud (AKA How can we use a public cloud for patient health

Healthcare Data Privacy on the Cloud (AKA How can we use a public cloud for patient health

Healthcare Data Privacy on the Cloud (AKA How can we use a public cloud for patient health records?) Kunwadee Sripanidkulchai, Ph.D. Head of Healthcare Systems and Data Analytics Lab (HDA), NECTEC 1 kunwadee (AT) nectec.or.th Around 2011, we

415 views • 18 slides
Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office

Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office

Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office of the Victorian Information Commission Victorian Privacy Network Meeting State Library of Victoria 9 October 2019 Freedom of Information | Privacy

398 views • 26 slides
Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis,

Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis,

Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis, Sergiu Bursuc, Mark Ryan School of Computer Science, University of Birmingham Security of cloud computing Does user have to trust the service provider?

589 views • 16 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH FOC2015 Vienna / 17.06.2015 Challenges for Future ICT Systems Cloud computing will be at the heart of future ICT

426 views • 17 slides
Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit

Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit

Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit degli Studi di Milano sara.foresti@unimi.it Secure Cloud Services and Storage Workshop 2017 September 10, 2017 Oslo, Norway SPDP Lab c 1/32

761 views • 48 slides
synchronization 3: monitors pt 2 / semaphores / rwlock 1 last time barriers everyone waits

synchronization 3: monitors pt 2 / semaphores / rwlock 1 last time barriers everyone waits

synchronization 3: monitors pt 2 / semaphores / rwlock 1 last time barriers everyone waits for everyone else locking integrated with scheduler make non-runnable when waiting for lock unlock operation responsible for making runnable again

1.28k views • 100 slides
Performance Measurements of QUIC Communications Algorithm to improve connection RTT evaluation

Performance Measurements of QUIC Communications Algorithm to improve connection RTT evaluation

Performance Measurements of QUIC Communications Algorithm to improve connection RTT evaluation using 1 bit more Authors: Fabio Bulgarella (Telecom Italia - TIM) Mauro Cociglio (Telecom Italia - TIM) Giuseppe Fioccola (Huawei Technologies)

408 views • 14 slides
Machine Learning based algorithm for reconstructing prompt and displaced muons at Level-1 in CMS

Machine Learning based algorithm for reconstructing prompt and displaced muons at Level-1 in CMS

Dec 8, 2019 CPAD Instrumentation Frontier Workshop 2019 Machine Learning based algorithm for reconstructing prompt and displaced muons at Level-1 in CMS detector Sergo Jindariani 1 , Jia Fu Low 2 on behalf of the CMS collaboration 1 Fermilab

301 views • 29 slides
Challenges 1 Who We Are Communities In Schools History THEN Started 40 years ago in NYC

Challenges 1 Who We Are Communities In Schools History THEN Started 40 years ago in NYC

Building a Community Response to Out of School Challenges 1 Who We Are Communities In Schools History THEN Started 40 years ago in NYC Focus on bringing resources into schools NOW Nationally CIS serves 1.5 million youth in 26

492 views • 24 slides
Farzin Haddadpour Joint work with Mohammad Mahdi Mehrdad Mahdavi Viveck Cadambe Kamani X min

Farzin Haddadpour Joint work with Mohammad Mahdi Mehrdad Mahdavi Viveck Cadambe Kamani X min

Trading Redundancy for Communication: Speeding up Distributed SGD for Non-convex Optimization Farzin Haddadpour Joint work with Mohammad Mahdi Mehrdad Mahdavi Viveck Cadambe Kamani X min f ( x ) , Goal: Solving f i ( x ) i X min f ( x )

871 views • 25 slides
Variation of canonical height, illustrated Laura DeMarco Northwestern University Theorem I.0.3.

Variation of canonical height, illustrated Laura DeMarco Northwestern University Theorem I.0.3.

Variation of canonical height, illustrated Laura DeMarco Northwestern University Theorem I.0.3. (Silverman, VCH I, 1992) P = (0 , 0) E = { y 2 + Txy + Ty = x 3 + 2 Tx 3 } (log 2) 2 h E t ( P t ) = 1 15 log t + 2 25 log 2 + 2 log( t 5 / 2) +

743 views • 35 slides
Personnel Management Personnel Management B A R B N I S S E L R E T I R E D F O O D S E R V I

Personnel Management Personnel Management B A R B N I S S E L R E T I R E D F O O D S E R V I

Personnel Management Personnel Management B A R B N I S S E L R E T I R E D F O O D S E R V I C E D I R E C T O R C O N S U L T A N T S O S G R O U P , I N C . Orientation Session for New Foodservice Directors 1 What is Personnel

293 views • 7 slides
ASSIST: Using performance analysis tools for driving Feedback Directed Optimizations Youenn Lebras

ASSIST: Using performance analysis tools for driving Feedback Directed Optimizations Youenn Lebras

ASSIST ASSIST: Using performance analysis tools for driving Feedback Directed Optimizations Youenn Lebras (PhD Thesis) Advisor William Jalby, Co-supervisor: Andres S. Charif-Rubial UVSQ/ECR 1 Hardware trends and consequences The

306 views • 26 slides

More recommend