Cloud Computing & Privacy Protection

  • Published on

  • View

  • Download

Embed Size (px)


  • 1. Cloud Computing & Privacy Protection 07/2013

2. Cloud Computing Infrastructure-as-a-Service (IaaS) Platform-as-a-Service (PaaS) Software-as-a-Service (SaaS) Public Cloud Private Cloud Hybrid Cloud 3. Cloud Computing (cont.) Major Benefits: reduce capital cost (CAPEX -> OPEX) focus on core business access from anywhere divest infrastructure management enterprise technology 4. Cloud Computing (cont.) Issues: security / privacy compliance legal 5. Cloud Computing - Security Concerns Security vs. Privacy Security overall information protection Privacy individual information governance Cloud Computing & Security meet very well Cloud Computing & Privacy contradictory 6. Cloud Computing - Security Concerns (cont.) Business information Personal informationPrivacy is the issue! 7. Cloud Computing - Security Concerns (cont.) Encryption is one of the most effective data protection techniques. Security Data at Rest Encryption, Data in Transit Encryption Privacy Data in Use Encryption 8. Data Encryption & Privacy Preserving Challenges: Data Storage/Sharing & Privacy preserving Cloud Computing technology integration Decentralized Identity Management Multi-trusted domain model 9. Proposed model Identity-Based Encryption & Identity Management Identity-Based Key Generator + OpenID Connect/OAuth2 Identity provider (OpenID Connect/OAuth2) Client-side zero-knowledge encryption 10. Proposed model (cont.) Identity-Based Encryption - no passwords, no certificates, e-mail address Identity identifier - e-mail address OAuth2 - open standard for authorization OpenID Connect - decentralized and secure authentication system on top of OAuth2 11. Proposed model (cont.)Identity-Based Encryption is as strong as Identity Management itself! 12. Business model I. Customer User Agent (Browser)Identity/OAuth Provider + Data/App ProviderIdentity-Based SecaaS ProviderGoogle, Microsoft, Oracle, DropboxCisco, Symantec 13. Business model II. Patient, Physician, User Agent (Browser)Data/App ProviderIdentity/OAuth Provider + Identity-Based SecaaS ProviderCloud Computing Health ServiceHospital, Clinic, 14. Technology NIST SHA-256, AES-256, CTR-DRBG-256 OpenSSL FIPS 140-2 validated OAuth 2.0 Identity Provider OpenID Connect Provider 15. Pros usability (no passwords, no certificates) no certificates management (creation, storage, distribution, revocation) lost key prevention IBE like features, key escrow/fair encryption, no need for receivers public key before encryption no IBE revocation problem (online service) 16. Cons online service master key security 17. Opportunities Data Storage / Sharing Health Records / Medical Data Sharing Big Data Data Boxes Databases Reporting / Business Intelligence Management Information System e-mail eForms / Workflow Document Management / Workflow Internet of Things 18. Featured links


View more >