cara cloud, ha chiamato l’utente, rivuole la sicurezza by alessandro manfredi
DESCRIPTION
Non si può rinunciare alla comodità ed alla convenienza di salvare i dati nel cloud, ma dov’è la sicurezza? FileRock, servizio di cloud storage sicuro, presenta le tecniche utilizzate nel suo client open source per fornire sicurezza indipendente dal provider: cifratura e controllo di integrità, completezza, in un’unica soluzione aperta ed integrabile in altre applicazioni.TRANSCRIPT
![Page 1: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/1.jpg)
Alessandro Manfredi
Hey Cloud,it’s the user calling,he says he wants the security back
![Page 2: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/2.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
1. Cloud computing in a nutshell2. About cloud security
• Guarantees provided by cloud services• Assumptions customers might regret
3. Focus on data security• Data integrity check techniques• The FileRock solution• Demo
[email protected] Manfredi
Agenda
![Page 3: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/3.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
1. Cloud computing in a nutshell2. About cloud security
• Guarantees provided by cloud services• Assumptions customers might regret
3. Focus on data security• Data integrity check techniques• The FileRock solution• Demo
[email protected] Manfredi
Agenda
spoiler:not many
![Page 4: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/4.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Cloud Computing - What
Countless definitions and categories...
![Page 5: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/5.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Cloud Computing - What
On demand
Scalable
Cost-effective
etc. etc.
Countless definitions and categories...
![Page 6: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/6.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Cloud Computing - How
How?
![Page 7: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/7.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Cloud Computing - How
How?Shared infrastructure
Automatedprovisioning
Consolidated hardware
Remoteadministration
Hey, we manage these stuff from remote!
...
![Page 8: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/8.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
So what about security?
“The cloud is built on trust”-- random.choice(cloud_enthusiasts)
![Page 9: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/9.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
So what about security?
“The cloud is built on trust”-- random.choice(cloud_enthusiasts)
THE SERVICE OFFERINGS ARE PROVIDED “AS IS.” WE AND OUR AFFILIATES AND LICENSORS MAKE NO
REPRESENTATIONS OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR
OTHERWISE REGARDING THE SERVICE OFFERINGS OR THE THIRD PARTY CONTENT, INCLUDING ANY
WARRANTY THAT THE SERVICE OFFERINGS OR THIRD PARTY CONTENT WILL BE UNINTERRUPTED, ERROR FREE OR FREE OF HARMFUL COMPONENTS, OR THAT
ANY CONTENT, INCLUDING YOUR CONTENT OR THE THIRD PARTY CONTENT, WILL BE SECURE
OR NOT OTHERWISE LOST OR DAMAGED. EXCEPT TO THE EXTENT PROHIBITED BY LAW, WE AND OUR AFFILIATES AND LICENSORS DISCLAIM ALL WARRANTIES [...]
![Page 10: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/10.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
So what about security?
“The cloud is built on trust”-- random.choice(cloud_enthusiasts)
THE SERVICE OFFERINGS ARE PROVIDED “AS IS.” WE AND OUR AFFILIATES AND LICENSORS MAKE NO
REPRESENTATIONS OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR
OTHERWISE REGARDING THE SERVICE OFFERINGS OR THE THIRD PARTY CONTENT, INCLUDING ANY
WARRANTY THAT THE SERVICE OFFERINGS OR THIRD PARTY CONTENT WILL BE UNINTERRUPTED, ERROR FREE OR FREE OF HARMFUL COMPONENTS, OR THAT
ANY CONTENT, INCLUDING YOUR CONTENT OR THE THIRD PARTY CONTENT, WILL BE SECURE
OR NOT OTHERWISE LOST OR DAMAGED. EXCEPT TO THE EXTENT PROHIBITED BY LAW, WE AND OUR AFFILIATES AND LICENSORS DISCLAIM ALL WARRANTIES [...]
Source: https://aws.amazon.com/agreement/
..do not blame them, it’s common to the ToS of most of the service providers! E.g., see:
• https://www.rackspace.com/information/legal/cloud/tos
• https://developers.google.com/appengine/terms
![Page 11: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/11.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
So what about security?
“The big guys probably handle security better than how you could
do on premise”
![Page 12: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/12.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
So what about security?
“The big guys probably handle security better than how you could
do on premise”
To some extent, this actually makes sense• Operating on a large scale, they have more resources• Redundant networks, power sources, etc.• Good physical surveillance
![Page 13: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/13.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
However...
Betting on a lot of assumptions that the provider...
![Page 14: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/14.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Assuming that the provider...
... has no malicious intent ...
![Page 15: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/15.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Assuming that the provider...
... has complete control over employees ...
![Page 16: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/16.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Assuming that the provider...
... uses software that never fails ...
![Page 17: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/17.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Assuming that the provider...
... does not introduce security-critical bugs ...
![Page 18: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/18.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Assuming that the provider...
... never screws up ...
![Page 19: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/19.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Assuming that the provider...
... always takes good care of your resources,even if by ToS / SLA
they are not legally responsiblefor any error or damage.
![Page 20: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/20.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
Wait, what can possibly go wrong with services used by hundreds of millions of
customers around the world?
[email protected] Manfredi
What can possibly go wrong?
![Page 21: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/21.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Mistakes happen
On June 2011, for few hours any Dropbox account was
accessible with any password
( not blaming them, these things can happen )
Screenshots of web pages can include contents whose license is defined by the relative publisher.
![Page 22: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/22.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
Ok, but that’s just because it’s a consumer service...It will never happen in an enterprise-class service...Plus everyone now offers two factor authentication.
[email protected] Manfredi
What about enterprise services?
![Page 23: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/23.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Even big security firms have security breaches
Screenshots of web pages can include contents whose license is defined by the relative publisher.
Earlier in 2011, RSA was victim of a breach that
compromised customers protected by their SecurID
( again, not blaming them, these things can happen )
![Page 24: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/24.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Even when providers behave as you expect...
Cloud providers must obey the laws enforced in the country where they are
based.
![Page 25: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/25.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Even when providers behave as you expect...
Cloud providers must obey the laws enforced in the country where they are
based.
Authorities can access your data
Data might be intentionally tampered or made
unavailable
![Page 26: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/26.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
Focus on data security
[email protected] Manfredi
Data security
![Page 27: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/27.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
Three main concerns
[email protected] Manfredi
Data security
ConfidentialityC
IntegrityI
AvailabilityA
![Page 28: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/28.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
Three main concerns
[email protected] Manfredi
Data security
ConfidentialityC
IntegrityI
AvailabilityA
![Page 29: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/29.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Why integrity matters
![Page 30: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/30.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Why integrity matters
1 Data is stored on the cloud
![Page 31: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/31.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Why integrity matters
2 The provider experiences a fault or a breach.Data gets corrupted.(possibly, a previous version of the data is restored from a backup)
![Page 32: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/32.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Why integrity matters
3 The user wants to recoverhis data from the cloud
![Page 33: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/33.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Why integrity matters
4 Corrupted data is retrieved by the user without any notice
![Page 34: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/34.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Why integrity matters
5 The corrupted data is used by the user in his own activity, unnoticed.
![Page 35: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/35.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Integrity check, from 10.000 ft
![Page 36: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/36.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Integrity check, from 10.000 ft
1 Data is stored on the cloud
![Page 37: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/37.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Integrity check, from 10.000 ft
2 A fingerprint of the whole data set,called basis, is efficiently recomputed
![Page 38: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/38.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Integrity check, from 10.000 ft
3 The user wants to recoverhis data from the cloud
![Page 39: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/39.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Integrity check, from 10.000 ft
4 The software retrieves the data together with a proof of integrity
![Page 40: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/40.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Integrity check, from 10.000 ft
5 The integrity of the data is checked by matching the proof with the last trusted basis.
![Page 41: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/41.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
How is that done?
![Page 42: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/42.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Authenticated Data Structures
A B C D
d e f g
a
b c
![Page 43: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/43.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Authenticated Data Structures
data
basis: a fingerprint of the whole data set
A B C D
d e f g
a
b c
![Page 44: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/44.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Authenticated Data Structures
data
basis: a fingerprint of the whole data set
kept safeclient side,updated on
any data modification
A B C D
d e f g
a
b c
![Page 45: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/45.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Example: Integrity check for “D"
A B C
d e f g
a
b c
D
![Page 46: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/46.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Example: Integrity check for “D"
A B C
d e f g
a
b c
D = data D
![Page 47: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/47.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Example: Integrity check for “D"
A B C
d e f g
a
b c
D = data
Integrity Proof
D
![Page 48: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/48.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
g = hash(D)
[email protected] Manfredi
Example: Integrity check for “D"
A B C
d e f g
a
b c
D = data D
![Page 49: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/49.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
c = hash(f, g)
g = hash(D)
[email protected] Manfredi
Example: Integrity check for “D"
A B C
d e f g
a
b c
D = data D
![Page 50: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/50.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
a = hash(b, c)
c = hash(f, g)
g = hash(D)
[email protected] Manfredi
Example: Integrity check for “D"
A B C
d e f g
a
b c
D = data D
![Page 51: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/51.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
a = hash(b, c)
c = hash(f, g)
g = hash(D)
[email protected] Manfredi
Example: Integrity check for “D"
A B C
d e f g
a
b c
D = data
must match the trusted basis
D
![Page 52: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/52.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
• Verify integrity of the whole dataset• ...including completeness
• Work in log(dataset_size) time• Only the basis needs to be stored locally
• ...small as the output of an hash function
[email protected] Manfredi
Integrity check capabilities
![Page 53: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/53.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
• Verify integrity of the whole dataset• ...including completeness
• Work in log(dataset_size) time• Only the basis needs to be stored locally
• ...small as the output of an hash function
[email protected] Manfredi
Integrity check capabilities
• Always work with correct data• Can be used for specific SLAs
![Page 54: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/54.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
By the way, if you look at the FileRock ToS...
As the other services,all warranties are disclaimed.
![Page 55: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/55.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
Your reaction...
Are you kidding me?
![Page 56: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/56.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
• Open source client• Client-side encryption
• Encryption keys never shared with the service
• Client-side integrity check• Data replication
• Local replication (synchronization)• Remote replication (cross-provider)*
[email protected] Manfredi
The FileRock Solution
*not implemented yet
![Page 57: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/57.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
• Open source client• Client-side encryption
• Encryption keys never shared with the service
• Client-side integrity check• Data replication
• Local replication (synchronization)• Remote replication (cross-provider)*
[email protected] Manfredi
The FileRock Solution
*not implemented yet
Available on
![Page 58: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/58.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
FileRock: how it looks now
![Page 59: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/59.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
FileRock Toolkit Demo
![Page 60: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/60.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
[email protected] Manfredi
FileRock - Try it
https://www.filerock.com/register
![Page 61: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/61.jpg)
Alessandro Manfredi
Hey Cloud,it’s the user calling,he says he wants the security back
@n0on3 in/n0on3
![Page 62: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/62.jpg)
End of the presentation
![Page 63: Cara cloud, ha chiamato l’utente, rivuole la sicurezza by Alessandro Manfredi](https://reader034.vdocuments.net/reader034/viewer/2022052618/54b4ee454a7959244d8b46c4/html5/thumbnails/63.jpg)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
Images Licenses
Public Domain
See the owner note
Free for personal use
Free for commercial usedo not redistribute
Copyright belongs to the original authors and
publishers