custos
play

Custos A Flexibly Secure Key-Value Storage Platform Andy Sayler - PowerPoint PPT Presentation

Nov 02, 2023 •390 likes •2.39k views

Custos A Flexibly Secure Key-Value Storage Platform Andy Sayler www.andysayler.com University of Colorado, Boulder Masters of Science Computer Science Trust Who do we trust with our data? Today... Feature Provider Features Feature

  1. Custos A Flexibly Secure Key-Value Storage Platform Andy Sayler www.andysayler.com University of Colorado, Boulder Masters of Science Computer Science

  2. Trust

  3. Who do we trust with our data?

  4. Today...

  7. Feature Provider Features

  8. Feature Provider Features Trust

  9. Feature Provider User Data Features Trust

  10. Feature Provider User Data Unrestricted Access Features Trust

  11. Conflicts of Interest Lack of Control Absence of Oversight

  12. So you don’t use cloud services...

  18. How can we control and protect our data?

  19. Encryption

  20. Encrypt “My Secret” TXkgU2VjcmV0 Decrypt

  21. How does it help us?

  23. X

  24. But what about the keys?

  25. ? X

  26. X

  28. Key Management Challenges

  29. Multi-Device Sync

  36. X

  37. Out-of-Band Sharing

  43. X

  44. Autonomous Access

  49. X X

  50. The Cloud

  51. Feature Provider User Data Unrestricted Access Features Trust

  52. Feature Provider Encrypted User Data Features

  53. Feature Provider Encrypted User Data X No Access Features

  54. Feature Provider Encrypted User Data X No Access

  55. Encryption is broken

  56. Lack of key access

  57. X

  58. X

  59. Feature Provider Encrypted User Data X No Access Features

  60. Lack of flexibility

  61. X X

  62. Security Accessibility

  63. Security Accessibility Fixed Point Traditional Encryption Systems

  64. Ill-suited for Modern Application Difficult to Use Doesn’t Solve the Real Problem

  65. Encryption is broken

  66. Encryption is fine

  67. Encryption is fine Key storage is broken

  68. To fix key storage...

  69. Flexibility Centralization

  70. Flexibility

  71. Security Accessibility Flexible Points Flexible Encryption Systems

  72. X X

  74. Centralization

  75. Feature Provider User Data Unrestricted Access Features Trust

  76. Feature Provider User Data Features Trust

  77. Feature Provider User Data Trust Provider Features Trust

  78. Feature Provider Encrypted User Data Trust Provider Encryption Keys Features Trust

  79. Feature Provider Encrypted User Data Trust Provider Encryption Keys Controlled Access Features Trust

  80. Feature Provider Encrypted User Data Trust Provider Controlled Access Encryption By Proxy Keys Controlled Access Features Trust

  81. Data Host Encrypted User Data Trust Provider Controlled Feature Provider Encryption Access Keys Features Trust

  82. Custos

  83. “Secret Storage as a Service”

  84. “Key Storage as a Service”

  85. Central Key:Value Storage Flexible Access Control Access Auditing

  86. Custos Server

  87. Custos Server Key:Value Store

  88. Custos Server Key:Value Store Management Auditing Data Subsystem Subsystem Subsystem

  89. Custos Server Key:Value Store Authentication Management Auditing Data Subsystem Subsystem Subsystem Subsystem

  90. Custos Server Key:Value Store Authentication Management Auditing Data Subsystem Subsystem Subsystem Subsystem Auth Plugins

  91. Custos Server Key:Value Store Authentication Management Auditing Data Subsystem Subsystem Subsystem Subsystem Access Control Subsystem Auth Plugins

  92. Custos Server Key:Value Store Authentication Management Auditing Data Subsystem Subsystem Subsystem Subsystem Access Control Subsystem API Auth Plugins

  93. Custos Server Key:Value Store Authentication Management Auditing Data Subsystem Subsystem Subsystem Subsystem Access Control Subsystem API Auth Plugins SSL Custos API Custos API Custos API Application Application Application System A System B System C

  94. Application Domains

  95. File Systems

  96. Mail Trusted Alice Bob Daemon Collaborators X Password Auth Password Password Auth Auth X X Msg A Doc B Msg A Doc B Encrypted Encrypted Local Local File System File System Key Key Store Store Networked or Cloud File System System A System B

  97. Mail Trusted Alice Bob Daemon Collaborators Password P a s s w o r d Auth A u t h Contextual Auth Msg A Doc B Msg A Doc B Custos Encrypted Encrypted Key Store File System File System Networked or Cloud File System Trust Provider System A System B

  98. Data Centers

  99. User Server SSH Verification Login Server Users SSH VM Instance A

  100. User Server SSH Verification Login Server Users Server Users Destroy SSH SSH VM Instance A VM Instance A

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Tema Esquema Bsico da Contabilidade De Custos Projeto Engenharia de Produo Curso

Tema Esquema Bsico da Contabilidade De Custos Projeto Engenharia de Produo Curso

Tema Esquema Bsico da Contabilidade De Custos Projeto Engenharia de Produo Curso Custos Industriais Disciplina Esquema Bsico da Contabilidade de Custos Tema Luizete Aparecida Fabbris Professor Kenedy Rufino Introduo Como

380 views • 12 slides
Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution Riccardo

Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution Riccardo

Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution Riccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates, Christopher W. Fletcher, Andrew Miller, Dave Tian Logs Are Useful 2 Custos: Practical

730 views • 58 slides
MENSURANDO OS CUSTOS EM DO MODELO DE REMUNERAO DOS

MENSURANDO OS CUSTOS EM DO MODELO DE REMUNERAO DOS

APERFEIOAMENTO DA GESTO ASSISTENCIAL E MENSURANDO OS CUSTOS EM DO MODELO DE REMUNERAO DOS SADE PROVEDORES DE SERVIOS HOSPITALARES Srgio Lopez Bento

948 views • 53 slides
Centers aliado s restries oramentrias Alisson Meneses Mesquita Rede Nacional de Ensino

Centers aliado s restries oramentrias Alisson Meneses Mesquita Rede Nacional de Ensino

Estratgia e desafios para melhoria de Data Centers aliado s restries oramentrias Alisson Meneses Mesquita Rede Nacional de Ensino e Pesquisa Custos em CAPEX para Data Center Fonte: Frost & Sullivan Custos em CAPEX para Data

294 views • 18 slides
From No Accountability to Accountability. Now. Why Enhancing Public Financial Management Really

From No Accountability to Accountability. Now. Why Enhancing Public Financial Management Really

From No Accountability to Accountability. Now. Why Enhancing Public Financial Management Really Matters Vincent Tophoff IV Seminario Brasileiro de Contabilidade e Custos Aplicados ao Setor Publico Brasilia, October 4-6, 2017 Page 1 IFAC A

361 views • 23 slides
Tema Custeio Varivel e Margem de Contribuio Projeto Ps-graduao Curso MBA em

Tema Custeio Varivel e Margem de Contribuio Projeto Ps-graduao Curso MBA em

Tema Custeio Varivel e Margem de Contribuio Projeto Ps-graduao Curso MBA em Engenharia da Produo Disciplina Custos Industriais Tema Custeio Varivel e Margem de Contribuio Professora Luizete Aparecida Fabbris

406 views • 16 slides
Modelos para Estimativas de Custo Hermano Perrelli hermano@cin.ufpe.br 1 Modelos para

Modelos para Estimativas de Custo Hermano Perrelli hermano@cin.ufpe.br 1 Modelos para

Modelos para Estimativas de Custo Hermano Perrelli hermano@cin.ufpe.br 1 Modelos para estimativas de custos Normalmente o custo uma funo de: tamanho do produto habilidades da equipe (pessoal) ambiente (ferramentas e

905 views • 34 slides
CSE 143 Stacks and Queues Reading: Secs. 25.1 & 25.2 12/2/2004 (c) 2001-4, University of

CSE 143 Stacks and Queues Reading: Secs. 25.1 & 25.2 12/2/2004 (c) 2001-4, University of

Typing and Correcting Chars What data structure would you use for this problem? User types characters on the command line Until she hits enter, the backspace key (<) can be used to "erase the previous character" CSE 143

449 views • 3 slides
A Survey of Human-Computer Interaction Design in Science Fiction Movies Michael Schmitz,

A Survey of Human-Computer Interaction Design in Science Fiction Movies Michael Schmitz,

A Survey of Human-Computer Interaction Design in Science Fiction Movies Michael Schmitz, Saarland University Christoph Endres, DFKI GmbH Andreas Butz, University of Munich History of this paper Seminar talk by Michael Schmitz in 2003

476 views • 32 slides
Secure Vickrey Auctions without Threshold Trust Helger Lipmaa Helsinki University of Technology, {

Secure Vickrey Auctions without Threshold Trust Helger Lipmaa Helsinki University of Technology, {

Secure Vickrey Auctions without Threshold Trust Helger Lipmaa Helsinki University of Technology, { helger } @tcs.hut.fi N. Asokan, Valtteri Niemi Nokia Research Center, { n.asokan,valtteri.niemi } @nokia.com Roosta, 17.10.2002 Secure Vickrey

857 views • 30 slides
CSE543 - Introduction to Computer and Network Security Module: Authentication Professor Trent

CSE543 - Introduction to Computer and Network Security Module: Authentication Professor Trent

540 views • 27 slides
ISO 20400:2017 Helen Carter & Ross Primmer v Welcome & Introductions The

ISO 20400:2017 Helen Carter & Ross Primmer v Welcome & Introductions The

Sustainable Procurement ISO 20400:2017 Helen Carter & Ross Primmer v Welcome & Introductions The Sustainable World Today Session 1 Sustainable Procurement Sustainable Procurement Definitions Fundamentals

1.2k views • 94 slides
Software Security Daniel Bosk Department of Information and Communication Systems, Mid Sweden

Software Security Daniel Bosk Department of Information and Communication Systems, Mid Sweden

Introduction Broken Abstractions Memory Management Malware References Software Security Daniel Bosk Department of Information and Communication Systems, Mid Sweden University, SE-851 70 Sundsvall 13th March 2019 Daniel Bosk MIUN IKS

739 views • 35 slides
Fundamental and Adjoint scalar fields coupled to Yang-Mills theory Veronika Macher, Reinhard

Fundamental and Adjoint scalar fields coupled to Yang-Mills theory Veronika Macher, Reinhard

Outline Introduction Methods and Results Summary and Outlook Fundamental and Adjoint scalar fields coupled to Yang-Mills theory Veronika Macher, Reinhard Alkofer, Axel Maas 11.3.2010 Veronika Macher, Reinhard Alkofer, Axel Maas Fundamental

582 views • 32 slides
Non-perturbative results for n-point functions of Landau gauge Yang-Mills theory at

Non-perturbative results for n-point functions of Landau gauge Yang-Mills theory at

Non-perturbative results for n-point functions of Landau gauge Yang-Mills theory at (non-)vanishing temperature Markus Q. Huber in collaboration with Anton K. Cyrol, Lorenz von Smekal Institute of Physics, University of Graz Non-Perturbative

681 views • 44 slides
WELCOME! CHAIR HOST: Prof. Judah Denburg MD, FRCP(C) William J. Walsh Chair in Medicine

WELCOME! CHAIR HOST: Prof. Judah Denburg MD, FRCP(C) William J. Walsh Chair in Medicine

MODULATING THE GUT MICROBIOTA WITH TARGETED NUTRITION SPONSORED BY NUTRICIA WELCOME! CHAIR HOST: Prof. Judah Denburg MD, FRCP(C) William J. Walsh Chair in Medicine Professor of Medicine, Faculty of Health Sciences, McMaster University,

492 views • 8 slides
Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free

Tor: Anonymous Communications for the Dept of Defense ... and you. Roger Dingledine The Free Haven Project http://tor.eff.org/ 1 Tor: Big Picture Freely available (Open Source), unencumbered. Comes with a spec and full documentation:

704 views • 49 slides
Collecting Provenance via the Xen Hypervisor Peter Macko, Marc Chiarini, Margo Seltzer Harvard

Collecting Provenance via the Xen Hypervisor Peter Macko, Marc Chiarini, Margo Seltzer Harvard

Collecting Provenance via the Xen Hypervisor Peter Macko, Marc Chiarini, Margo Seltzer Harvard SEAS TaPP '11 What We're Doing Provenance-Aware Storage Systems Group Modified Linux Kernel Captures rich relationships between

195 views • 6 slides
Causality-Based Versioning Causality-Based Versioning Kiran-Kumar Muniswamy-Reddy and David A.

Causality-Based Versioning Causality-Based Versioning Kiran-Kumar Muniswamy-Reddy and David A.

Causality-Based Versioning Causality-Based Versioning Kiran-Kumar Muniswamy-Reddy and David A. Holland Harvard School of Engineering and Applied Sciences Consider this scenario Consider this scenario I installed a piece of software I

947 views • 61 slides
Polari rization on of light Ideas for Demonstrations and materials needed: Horizontally and

Polari rization on of light Ideas for Demonstrations and materials needed: Horizontally and

Polari rization on of light Ideas for Demonstrations and materials needed: Horizontally and vertically polarized waves: -slinky and poster board -available graphics Showing that light is a polarized wave : -light source and polarizing plastic

424 views • 6 slides
Leslie e Ridle Mike Navarr rre Valer erie e Davidson Dr. Michael el Johnson Administration

Leslie e Ridle Mike Navarr rre Valer erie e Davidson Dr. Michael el Johnson Administration

2/8/2018 1). Describe ibe recen ent t legisla slativ tive e issues es where re AKPhA represe resente ted d Alask ska Pharm rmacy issues. es. AkPhA 2). List three ee AKPhA Legisla slativ tive Priori rities ties for 2018

463 views • 5 slides
The International Typographic Style Ernst Keller was one of the pioneers of Swiss design. His

The International Typographic Style Ernst Keller was one of the pioneers of Swiss design. His

The International Typographic Style Ernst Keller was one of the pioneers of Swiss design. His work used symbolic imagery, simplified geometric forms and vibrant contrasting color. Poster for the Rietberg Museum, 1952 The

771 views • 42 slides
International Framework of Investment Law Dr Rodrigo Polanco Senior Lecturer and Researcher

International Framework of Investment Law Dr Rodrigo Polanco Senior Lecturer and Researcher

International Framework of Investment Law Dr Rodrigo Polanco Senior Lecturer and Researcher World Trade Institute November 2017 Outline Standards of Treatment Relative standards: - National Treatment (NT) - Most Favoured Nation Treatment

1.06k views • 94 slides
STRATEGIC TRADE POLICY WHAT MAKES A GOOD OR SECTOR STRATEGIC? Usual answers: [1] High value

STRATEGIC TRADE POLICY WHAT MAKES A GOOD OR SECTOR STRATEGIC? Usual answers: [1] High value

ECO 352 Spring 2010 No. 17 Apr. 6 STRATEGIC TRADE POLICY WHAT MAKES A GOOD OR SECTOR STRATEGIC? Usual answers: [1] High value added per worker. But this is usually just a high K/L ratio. [2] Importance for defense, survival. This is

346 views • 12 slides

More recommend