Download - PaaSword Presentation - Project Overview
![Page 1: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/1.jpg)
www.paasword.eu
No More Dark Clouds With PaaSword – An Innovative Security By Design Framework
Project Overview
![Page 2: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/2.jpg)
Cloud Paradigm Shift
The cloud paradigm has definitely prevailedMost application are delivered following the SaaS modelMany developers rely on PaaS offerings for scalablityNearly all underlying resources (DBs, Queues etc) are outsourced at the IaaS level
Attack vectors have increased‘Raw data’ are the modern hacker’s holy grailThe responsibility for the protection of data has shifted to the developer
PaaSword03/05/2023 2
![Page 3: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/3.jpg)
60% of attacks target the database
PaaSword03/05/2023 3
![Page 4: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/4.jpg)
Data leaks
PaaSword 4
![Page 5: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/5.jpg)
Motivation – Security as an Enterprise Requirement
Enterprises identify security concerns and data privacy as the most significant barriers of Cloud adoption;
In addition:Compliance (e.g., legal, regulatory, industry-standard compliance)Cultural resistance
Encryption and key management as top priority requirements [3] & [4]
PaaSword 5
[3] P. Institute, “2015 Global Encryption & Key,” Thales, 2015.[4] CipherCloud, “Global cloud data security report - The authority on how to protect data in the cloud,” CipherCloud, 2015.
![Page 6: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/6.jpg)
How shall we lower the barriers?
Security concernsProtect confidential informationControl accessTrust cloud providerSecure Cloud Applications
Data privacySecure storage
EncryptionTrustable Key Management
Control Access to data
PaaSword 6
PaaSword
![Page 7: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/7.jpg)
Problem Areas Targeted
Insufficient security and trust of cloud infrastructures and services
Cloud application developers have difficulties specifying appropriate level of security
Appropriate context-aware access control mechanisms for cloud applications
Ensure protection, privacy and integrity of data stored in the cloud
Prove applicability, usability, effectiveness and value of secure cloud platforms
PaaSword 7
![Page 8: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/8.jpg)
PaaSword Platform
PaaSword03/05/2023 8
![Page 9: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/9.jpg)
PaaSword Features
A security-by-design framework which will allow developers to engineer secure applicationsLeverage the security and trust of data that reside on outsourced infrastructureFacilitate context-aware access to encrypted and (even) physically distributed datasets stored in the cloudProve applicability, usability, effectiveness and value of our framework in real-life Cloud infrastructures, services and applications
9
PaaS Provider
PaaSword API
DB with
Indexers on encrypted data
Queries using Searchable
Trusted IaaS Provider
AdversaryUser
Developer
Publishes Application
Encryption Scheme
using PaaSword API
encrypted data
PaaSword
![Page 10: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/10.jpg)
Major Assets developed so far…
A JAVA annotation library that can be used during development in order to annotate database models (using JPA)
These annotations are translated during runtime to privacy constraints that drive the fragmentation of the database
A virtual-database proxy that is able to handle any SQL query by translating it in the proper format based on the fragmentation schemeAn XACML-compliant authorization engine that is able to perform reasoning prior to attribute-evaluationAn integrated IDE environment where developers can submit and control their PaaSword-enabled applications
PaaSword 10
![Page 11: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/11.jpg)
Integration of Eclipse CHE IDE
PaaSword 11
![Page 12: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/12.jpg)
Native Integration with OpenStack
PaaSword 12
![Page 13: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/13.jpg)
Asset: Virtual Database Architecture
PaaSword 13
Data Index2Index1
SQL
SQLDatabaseProxy
(trusted)
SQL
Cloud(untrusted)
User / Application
Data(not encrypted)
Data (encrypted)
![Page 14: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/14.jpg)
Model-driven Expression editing
PaaSword 14
![Page 15: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/15.jpg)
Interested in… ?
Getting access to early results?Shaping and expanding PaaSword?Networking with leading companies & research institutes?Collaborating with us and the PaaSword Community?
Join the Cloud Security Industrial Focus Group!
Register at: https://www.paasword.eu/register/
19PaaSword
![Page 16: PaaSword Presentation - Project Overview](https://reader036.vdocument.in/reader036/viewer/2022062503/587163e01a28ab58758b4e87/html5/thumbnails/16.jpg)
PaaSword 20
Join our Industrial Focus Group Today!
Visit us:www.paasword.euAcknowledgements:
This project has received funding from the European Union’s Horizon 2020 research and
innovation programme under grant agreement No 644814.