Zentrum für sichere Informationstechnologie - Austria Bojan Suzic Open Identity Summit 2013 September 10th, Kloster Banz Secure Hardware-Based Public Cloud.

Slides:



Advertisements
Similar presentations
Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA MESH VOIP.
Advertisements

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Cloud Computing EDT Cloud Computing Overview Cloud Computing can be defined as a network of applications, services, and infrastructure that are.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Cloud Computing for E-Learning Group Name: Bright Line Author: Abid, Muhammad Co-member: Majed, Ahlem, Qasim.
Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp
Microsoft Certification and IT Professional Tracks Anthony Khan Director of Federal Learning NetCom Learning.
Identity and Access IDGo Secure (ISE) for Android Didier Bonnet April 2015.
About PKI Key Stores Dartmouth College PKI Lab. Key Store Defined Protected “vault” to hold user’s private key with their copy of their x.509 certificate.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.
Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.
Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.
PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security
Public Key Infrastructure Ammar Hasayen ….
General Presentation August Based out of the Netherlands 8 years of development Launched in May Sales offices in Los Angeles, Amsterdam, Hong.
Plan Introduction What is Cloud Computing?
Identity and Access IDGo Secure (ISE) for Android Didier Bonnet November 2014.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Your storage on the ground; Your files in the cloud.
Cloud Computing All Copyrights reserved to Talal Abu-Ghazaleh Organization
For more notes and topics visit:
By Mihir Joshi Nikhil Dixit Limaye Pallavi Bhide Payal Godse.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Computer Applications Unit D Remote Desktop, Cloud Storage, Dropbox.
Mehdi Ghayoumi Kent State University Computer Science Department Summer 2015 Exposition on Cyber Infrastructure and Big Data.
Introduction Thomson Chan Rosaryhill School
Copyright 2012 Gladinet Inc. Cloud Storage Storage Account Access Key Gladinet Cloud Identity Active Directory Identity Cloud Cluster Remote Access CIFS/SMB.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
Instructional Technology & Design Office or Box at U of I: Cloud Services Presented by Kate Rojas.
Building Security into Your System Bill Major Gregory Ponto.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Store your files in the sky Intro to Cloud file storage.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.
CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
Cloud Computing By Reedy McGeady. What is Cloud Computing? Cloud Computing is using another organisations computer, which are known as hosts.
Cloud Archive By: Kimberly Nolan. What it is?  The goal of a cloud archiving service is to provide a data storage (ex. Google drive and SkyDrive) as.
Introduction to Cloud Computing What is cloud? Use of computing resources (hardware and software) that are delivered as a service over a network Why cloud.
One Drive for Business: More Than a File Share Erica Toelle
Cloud Computing ENG. YOUSSEF ABDELHAKIM. Agenda :  The definitions of Cloud Computing.  Examples of Cloud Computing.  Which companies are using Cloud.
What is Cloud Computing 1. Cloud computing is a service that helps you to perform the tasks over the Internet. The users can access resources as they.
Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
Clouding with Microsoft Azure
Unit 3 Virtualization.
CLOUD ARCHITECTURE Many organizations and researchers have defined the architecture for cloud computing. Basically the whole system can be divided into.
Chapter 6: Securing the Cloud
Jenny Pange University of Ioannina
Cloud Computing Cloud computing: (the Internet represents the Cloud).
Cloud Computing I hear this question often. It is not easy to explain, because it means different things depending on who you talk to. Today’s Webinar.
Fastdroid Produced by : Firas Abdalhaq Mohammad Amour Supervised by : Dr. Raed Alqadi.
Store, Share, Sync and Collaborate
Microsoft OneDrive Accessing content and information when you need it, no matter where you are.
Cloud Storage Services
Access and Information Protection Product Overview October 2013
Public Key Infrastructure from the Most Trusted Name in e-Security
To help manage your network storage .
K!M SAA LOGICAL SECURITY Strong Adaptive Authentication
ONLINE SECURE DATA SERVICE
Presentation transcript:

Zentrum für sichere Informationstechnologie - Austria Bojan Suzic Open Identity Summit 2013 September 10th, Kloster Banz Secure Hardware-Based Public Cloud Storage Secure Information Technology Center - Austria

Agenda □Motivation □Related Work □Citizen Card and CCE-Software □Implementation □Comparison with existing Solutions □Conclusion and Future Work OID 20132

Agenda □Motivation □Related Work □Citizen Card and CCE-Software □Implementation □Comparison with existing Solutions □Conclusion and Future Work OID 20133

Motivation □Storage in the public cloud OID 20134

Motivation □Secure storage in the public cloud using a smart-card OID 20135

Agenda □Motivation □Related Work □Citizen Card and CCE-Software □Implementation □Comparison with existing Solutions □Conclusion and Future Work OID 20136

Related Work □Cloud Storage Services  DropBox  Google Drive  Microsoft SkyDrive  etc. □Cloud Storage Services (client based encryption)  TeamDrive  Wuala OID 20137

Related Work □Encryption Middleware  Middleware Layer performs encryption between Client and Cloud Storage Service  Support for diverse Cloud Storage Service Providers  BoxCryptor  Cloud Fogger  Viivo  etc. OID 20138

Agenda □Motivation □Related Work □Citizen Card and CCE-Software □Implementation □Comparison with existing Solutions □Conclusion and Future Work OID 20139

The Concept of Citizen Card □Citizen Card* technology-neutral  Smart-Card or Handy-Signatur □Citizen Card unifies…  eIdentification  Qualified eSignature  Data encryption Central LDAP-Server  eMandates (Mandates/Powers)  eDelivery OID * Locally known as Bürgerkarte

The Software CCE (Citizen Card Encrypted) □Platform-independent Open Source-Tool □Encryption and decryption based on Software and Hardware keys □Supports Austrian Citizen Card □S/MIME as Container-Format □Uses local file-system as a data storage OID

CCE Properties □Secure decryption unit  Decryption using Smart Card  Hybrid approach □Group based encryption  Encryption for several users and groups  Backup-key □Austrian PKI Infrastructure  LDAP Directory OID

Agenda □Motivation □Related Work □Citizen Card and CCE-Software □Implementation □Comparison with existing Solutions □Conclusion and Future Work OID

Implementation OID LDAP directory Austrian Citizens

Implementation □Inclusion of Cloud Storage Services  DropBox  Google Drive □Mapping between Cloud-Credentials and Smart Card  Logging in automatically □Connecting with File System  Synchronization of local folder with remote Service OID

Screenshot - Configuration OID

Screenshots - Encryption OID

Screenshots - Decryption OID

Agenda □Motivation □Related Work □Citizen Card and CCE-Software □Implementation □Comparison with existing Solutions □Conclusion and Future Work OID

Evaluation - Advantages □Usage of external PKI Infrastructure  LDAP Directory enables encryption for arbitrary Austrian citizen  User-Management separated from Cloud Provider □Vendor Lock-In Prevention  Keys are managed by trusted external party, not CCE  Changing cloud provider easier OID

Evaluation - Advantages □Secure Hardware-based decryption  Private Key cannot be read  2-Factor Authentication □Open Source Implementation  Easy to extend  Cloud Provider, Container-Format, PKI, etc. OID

Evaluation - Disadvantages □Web Interface and Mobile version missing  Usage of Smart Cards on mobile phones  Storing private key securely □Two way sync with Cloud Storage  First encrypted locally, then uploaded □Smart card reader necessary  Reducing the systems to be used OID

Agenda □Motivation □Related Work □Citizen Card and CCE-Software □Implementation □Comparison with existing Solutions □Conclusion and Future Work OID

Conclusion and Future Work □Secure storage in the Public Cloud using Smart Cards □Supports DropBox and Google Drive □Uses Austrian PKI Infrastructure □Development of mobile versions for iOS and Android □Evaluation of Browser-Version OID

Conclusion and Future Work □Available on Joinup.EU Platform □EUPL Open-Source License □Collaboration OID

OID Thanks for your attention! Questions? ○ Bojan Suzic

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.