cloud privacy in a
play

Cloud Privacy in a PervasivE Monitoring t Landscape pt - PowerPoint PPT Presentation

Jun 14, 2023 •181 likes •259 views

44 pt Cloud Privacy in a PervasivE Monitoring t Landscape pt JOHN MATTSSON

  1. 44 pt Cloud Privacy in a PervasivE Monitoring t Landscape pt ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ JOHN MATTSSON δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № STEFAN HÅKANSSSON ERICSSON RESEARCH Ericsson | 2014-09-11 | Page 1

  2. INTRODUCTION 44 pt • Ongoing transformation towards third-party cloud services for storing and managing information. t • This has many benefits (cost, flexibility, ease of use). pt • Data aggregated in global data centers are natural targets for pervasive surveillance. • Also active attacks, e.g. celebrity image theft. • The market potential for enterprise and government cloud services and web applications are held back ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ by privacy and security concerns. δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № • Problematic with servers in other countries and vendors from other countries. Ericsson | 2014-09-11 | Page 2

  3. SECURITY MODEL 44 pt • WebCrypto uses so called host-based security where the security depends on the security of the host. t • This alone is not enough in a pervasive monitoring landscape pt • Need to protect against service provider, data breaches, and government demands. • Need to shield not just encryption keys, but also plaintext data from the hosting application. • Similar thoughts have been pursued in WebRTC, Isolated Media Streams, and Encrypted Media Extensions. ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Browser Web Server Ericsson | 2014-09-11 | Page 3

  4. EXAMPLES 44 pt Cloud storage • There is currently no easy way to use cloud storage in a way that ensures privacy. t • Needed: Secure File Input / File Download where pt cleartext is not accessible by the web application / JavaScript runtime environment. HTML forms • Data entered in forms is available to the web ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ application in cleartext. ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № • Needed: secure forms where the data is not accessible to the application in any other form than encrypted. • Example: Google Chrome extension End-to-End. Ericsson | 2014-09-11 | Page 4

  5. SUMMARY 44 pt • Sensitive data should be protected in such a way that the service provider cannot access keys nor cleartext. t • In this way, cleartext data is only accessible by the individual or enterprise that protected it in the first place, or someone pt selectively given authorization to access the data. • Protects data against service provider, data breaches, and government demands. ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Ericsson | 2014-09-11 | Page 5

  6. REFERENCES 44 pt The presented paper: “Cloud Service Privacy in a Pervasive W3C, “WebRTC 1.0: Real-time Communication Between Browse Monitoring Landscape” http://www.w3.org/TR/webrtc/ http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/ papers/webcrypto2014_submission_9.pdf IETF, “Real-Time Communication in WEB-browser t http://tools.ietf.org/wg/rtcweb/ TRINT - A W3C/IAB workshop on Strengthening the Internet Against Pervasive Monitoring W3C, “Media Capture and Streams” pt http://www.w3.org/TR/WebCryptoAPI/ http://www.w3.org/TR/mediacapture-streams/#isolated-media-streams Barnes et al. “Pervasive Attack: A Threat Model and Problem W3C, “Encrypted Media Extensions” Statement” http://www.w3.org/TR/encrypted-media/ http://tools.ietf.org/html/draft-barnes-pervasive-problem Google, “End-To-End” Cooper, Jennings, “The Trust-to-Trust Model of Cloud Services” https://code.google.com/p/end-to-end/ https://www.w3.org/2014/strint/papers/30.pdf ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ Halpin, “The W3C Web Cryptography API: Design and Issues”, 2014 δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ Farrell, Tschofenig, IETF RFC 7258, “Pervasive Monitoring Is an ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ http://ws-rest.org/2014/sites/default/files/wsrest2014_submission_11.pdf ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Attack” https://tools.ietf.org/html/rfc7258 W3C, “Web Cryptography API” http://www.w3.org/TR/WebCryptoAPI/ Ericsson | 2014-09-11 | Page 6

  7. 44 pt t pt ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Ericsson | 2014-09-11 | Page 7

Recommend

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity & Flexibility Security and Privacy for Cloud

529 views • 36 slides
#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy across hybrid IT Farshad Ghazi - Moderator Mat Spitz Lacy Gruen #MicroFocusCyberSummit Reiner Kappenberger Cloud-based Data Privacy and Protection:

455 views • 10 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia

Cloud Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia University of Applied Science Wolfenbttel, Germany IFIP Summerschool: Privacy and Identity Management for Life, Helsingborg, August 2nd, 2010 Cloud

775 views • 43 slides
CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns

CS573 Data privacy and security in the cloud in the cloud Slide credits: Ragib Hasan, Johns Hopkins University What is Cloud Computing ? Lets hear from the experts 2 What is Cloud Computing ? The infinite wisdom of the crowds (via

709 views • 38 slides
Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology Transactions Practice Groups November 14, 2017 Linda Rhodes Joe Pennell Brad Peterson Partner Partner Partner 202-263-3382 312-701-8354

313 views • 29 slides
beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the

beyond the technology privacy, trust and security in the cloud disclaimers about me age of the cloud BLOOMBERG FORBES BAIN AND COMPANY the other side of the coin beyond the technology ZDNET FORTUNE beyond the technology WIRED MASHABLE

904 views • 45 slides
Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud Computing Services for Educational Institutions Presented by: Cristina Blanton Erin Fonte Associate Systemwide Compliance and Member, Privacy

310 views • 28 slides
Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from

Privacy as a Service Raymond Cheng Build practical cloud services that protect user privacy from powerful threats 2 3 Powerful Threats to User Privacy Organized Crime Nation-State Actors 4 Powerful Threats to User Privacy Gather

1.56k views • 104 slides
Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Outline Introduction Support technologies Privacy-preserving IDaaS system Conclusions Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services David Nu nez , Isaac Agudo, and Javier Lopez Network,

422 views • 24 slides
Healthcare Data Privacy on the Cloud (AKA How can we use a public cloud for patient health

Healthcare Data Privacy on the Cloud (AKA How can we use a public cloud for patient health

Healthcare Data Privacy on the Cloud (AKA How can we use a public cloud for patient health records?) Kunwadee Sripanidkulchai, Ph.D. Head of Healthcare Systems and Data Analytics Lab (HDA), NECTEC 1 kunwadee (AT) nectec.or.th Around 2011, we

415 views • 18 slides
Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office

Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office

Cloud Computing - the basics Rachel Dixon Privacy and Data Protection Deputy Commissioner Office of the Victorian Information Commission Victorian Privacy Network Meeting State Library of Victoria 9 October 2019 Freedom of Information | Privacy

398 views • 26 slides
Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis,

Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis,

Privacy-supporting cloud-based conference systems: protocol and verification Myrto Arapinis, Sergiu Bursuc, Mark Ryan School of Computer Science, University of Birmingham Security of cloud computing Does user have to trust the service provider?

589 views • 16 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH FOC2015 Vienna / 17.06.2015 Challenges for Future ICT Systems Cloud computing will be at the heart of future ICT

426 views • 17 slides
Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit

Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit

Data Security and Privacy in the Cloud Sara Foresti Dipartimento di Informatica Universit degli Studi di Milano sara.foresti@unimi.it Secure Cloud Services and Storage Workshop 2017 September 10, 2017 Oslo, Norway SPDP Lab c 1/32

761 views • 48 slides
Privacy Issues in Cloud computing Zeeshan Ali Shah System administrator PhD researcher KTH PDC

Privacy Issues in Cloud computing Zeeshan Ali Shah System administrator PhD researcher KTH PDC

Privacy Issues in Cloud computing Zeeshan Ali Shah System administrator PhD researcher KTH PDC Center for High Performance Computing W-Sunday, October 28, 12 Agenda Zeeshan Ali Shah Introduc5on to Cloud compu5ng

355 views • 18 slides
Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is

Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is

Security and Privacy at Scale Geetanjali Sampemane geta@google.com Cloud All your stuff is online All your stuff The cloud, aka "online" You Cloud v0? Shared multi-user computing: Multics, Unix, VMS, ... Online user

463 views • 22 slides
Crime and Punishment in the Cloud Accountability, Transparency, and Privacy Stefan Berthold ,

Crime and Punishment in the Cloud Accountability, Transparency, and Privacy Stefan Berthold ,

Crime and Punishment in the Cloud Accountability, Transparency, and Privacy Stefan Berthold , Simone Fischer-Hbner, Leonardo A. Martucci, and T obias Pulls Karlstad University Department of Mathematics and Computer Science 651 88 Karlstad,

250 views • 20 slides
Security & Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security & Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security & Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik, Preeti Aggarwal and Shilpa Bahl Ansal University, Gurgaon- 122011, India 1 mmchaturvedi@ansaluniversity.edu.in Indian Context The potential uptake

1.27k views • 28 slides
Privacy and security in the cloud Challenges and solutions for our future information society

Privacy and security in the cloud Challenges and solutions for our future information society

Privacy and security in the cloud Challenges and solutions for our future information society Panel Building trust the technical challenges World Summit on the Information Society Forum 25-29 May 2015 ITU, UNESCO, UNDP and UNCTAD

709 views • 17 slides
$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
Social Impact of Privacy in Cloud Computing Rui Mximo Esteves, Chunming Rong Department of

Social Impact of Privacy in Cloud Computing Rui Mximo Esteves, Chunming Rong Department of

Social Impact of Privacy in Cloud Computing Rui Mximo Esteves, Chunming Rong Department of Electrical and Computer Engineering University of Stavanger Norway About today Social considerations under a philosophical perspective Not a

860 views • 34 slides
Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search Ph.D. Dissertation Defense Zeeshan Pervez Department of Computer Engineering Kyung Hee University, Global Campus, Korea email:

650 views • 24 slides

More recommend