Non si può rinunciare alla comodità ed alla convenienza di salvare i dati nel cloud, ma dov’è la sicurezza?
FileRock, servizio di cloud storage sicuro, presenta le tecniche utilizzate nel suo client open source per fornire sicurezza indipendente dal provider: cifratura e controllo di integrità, completezza, in un’unica soluzione aperta ed integrabile in altre applicazioni.
2. Agenda
Alessandro Manfredi alessandro@filerock.com
1. Cloud computing in a nutshell
2. About cloud security
• Guarantees provided by cloud services
• Assumptions customers might regret
3. Focus on data security
• Data integrity check techniques
• The FileRock solution
• Demo
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
3. Agenda
Alessandro Manfredi alessandro@filerock.com
1. Cloud computing in a nutshell spoiler:
2. About cloud security not many
• Guarantees provided by cloud services
• Assumptions customers might regret
3. Focus on data security
• Data integrity check techniques
• The FileRock solution
• Demo
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
4. Cloud Computing - What
Alessandro Manfredi alessandro@filerock.com
Countless definitions and categories...
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
5. Cloud Computing - What
Alessandro Manfredi alessandro@filerock.com
Countless definitions and categories...
On demand
Cost-effective
Scalable
etc. etc.
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
6. Cloud Computing - How
Alessandro Manfredi alessandro@filerock.com
How?
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
7. Cloud Computing - How
Alessandro Manfredi alessandro@filerock.com
How? Consolidated hardware
Shared infrastructure
Automated
provisioning
...
Hey, we manage these
Remote
stuff from remote! administration
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
8. So what about security?
Alessandro Manfredi alessandro@filerock.com
“The cloud is built on trust” -- random.choice(cloud_enthusiasts)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
9. So what about security?
Alessandro Manfredi alessandro@filerock.com
“The cloud is built on trust” -- random.choice(cloud_enthusiasts)
WE AND OUR AFFILIATES AND LICENSORS MAKE NO
THE SERVICE OFFERINGS ARE PROVIDED “AS IS.”
REPRESENTATIONS OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR
OTHERWISE REGARDING THE SERVICE OFFERINGS OR THE THIRD PARTY CONTENT, INCLUDING ANY
WARRANTY THAT THE SERVICE OFFERINGS OR THIRD PARTY CONTENT WILL BE
UNINTERRUPTED, ERROR FREE OR FREE OF HARMFUL COMPONENTS, OR THAT
ANY CONTENT, INCLUDING YOUR CONTENT OR THE THIRD PARTY CONTENT, WILL BE SECURE
OR NOT OTHERWISE LOST OR DAMAGED. EXCEPT TO THE EXTENT PROHIBITED BY LAW, WE
AND OUR AFFILIATES AND LICENSORS DISCLAIM ALL WARRANTIES [...]
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
10. So what about security?
Alessandro Manfredi alessandro@filerock.com
“The cloud is built on trust” -- random.choice(cloud_enthusiasts)
WE AND OUR AFFILIATES AND LICENSORS MAKE NO
THE SERVICE OFFERINGS ARE PROVIDED “AS IS.”
REPRESENTATIONS OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR
OTHERWISE REGARDING THE SERVICE OFFERINGS OR THE THIRD PARTY CONTENT, INCLUDING ANY
WARRANTY THAT THE SERVICE OFFERINGS OR THIRD PARTY CONTENT WILL BE
UNINTERRUPTED, ERROR FREE OR FREE OF HARMFUL COMPONENTS, OR THAT
ANY CONTENT, INCLUDING YOUR CONTENT OR THE THIRD PARTY CONTENT, WILL BE SECURE
OR NOT OTHERWISE LOST OR DAMAGED. EXCEPT TO THE EXTENT PROHIBITED BY LAW, WE
AND OUR AFFILIATES AND LICENSORS DISCLAIM ALL WARRANTIES [...]
Source: https://aws.amazon.com/agreement/
..do not blame them, it’s common to the ToS of most of the service providers! E.g., see:
• https://www.rackspace.com/information/legal/cloud/tos
• https://developers.google.com/appengine/terms
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
11. So what about security?
Alessandro Manfredi alessandro@filerock.com
“The big guys probably handle
security better than how you could
do on premise”
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
12. So what about security?
Alessandro Manfredi alessandro@filerock.com
“The big guys probably handle
security better than how you could
do on premise”
To some extent, this actually makes sense
• Operating on a large scale, they have more resources
• Redundant networks, power sources, etc.
• Good physical surveillance
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
13. However...
Alessandro Manfredi alessandro@filerock.com
Betting on a lot of assumptions that the
provider...
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
14. Assuming that the provider...
Alessandro Manfredi alessandro@filerock.com
... has no malicious intent ...
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
15. Assuming that the provider...
Alessandro Manfredi alessandro@filerock.com
... has complete control over employees ...
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
16. Assuming that the provider...
Alessandro Manfredi alessandro@filerock.com
... uses software that never fails ...
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
17. Assuming that the provider...
Alessandro Manfredi alessandro@filerock.com
... does not introduce security-critical bugs ...
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
18. Assuming that the provider...
Alessandro Manfredi alessandro@filerock.com
... never screws up ...
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
19. Assuming that the provider...
Alessandro Manfredi alessandro@filerock.com
... always takes good care of your resources,
even if by ToS / SLA
they are not legally responsible
for any error or damage.
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
20. What can possibly go wrong?
Alessandro Manfredi alessandro@filerock.com
Wait, what can possibly go wrong with
services used by hundreds of millions of
customers around the world?
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
21. Mistakes happen
Alessandro Manfredi alessandro@filerock.com
On June 2011, for few hours
any Dropbox account was
accessible with any
password
( not blaming them, these
things can happen )
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
Screenshots of web pages can include contents whose license is defined by the relative publisher.
22. What about enterprise services?
Alessandro Manfredi alessandro@filerock.com
Ok, but that’s just because it’s a consumer service...
It will never happen in an enterprise-class service...
Plus everyone now offers two factor authentication.
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
23. Even big security firms have security breaches
Alessandro Manfredi alessandro@filerock.com
Earlier in 2011, RSA was
victim of a breach that
compromised customers
protected by their SecurID
( again, not blaming them,
these things can happen )
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
Screenshots of web pages can include contents whose license is defined by the relative publisher.
24. Even when providers behave as you expect...
Alessandro Manfredi alessandro@filerock.com
Cloud providers must obey the laws
enforced in the country where they are
based.
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
25. Even when providers behave as you expect...
Alessandro Manfredi alessandro@filerock.com
Cloud providers must obey the laws
enforced in the country where they are
based.
Authorities can access Data might be intentionally
your data tampered or made
unavailable
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
26. Data security
Alessandro Manfredi alessandro@filerock.com
Focus on data security
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
27. Data security
Alessandro Manfredi alessandro@filerock.com
Three main concerns
C
Confidentiality Integrity
I Availability
A
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
28. Data security
Alessandro Manfredi alessandro@filerock.com
Three main concerns
C
Confidentiality Integrity
I Availability
A
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
29. Why integrity matters
Alessandro Manfredi alessandro@filerock.com
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
30. Why integrity matters
Alessandro Manfredi alessandro@filerock.com
1 Data is stored
on the cloud
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
31. Why integrity matters
Alessandro Manfredi alessandro@filerock.com
2 The provider experiences
a fault or a breach.
Data gets corrupted.
(possibly, a previous
version of the data is
restored from a backup)
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
32. Why integrity matters
Alessandro Manfredi alessandro@filerock.com
3 The user wants to recover
his data from the cloud
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
33. Why integrity matters
Alessandro Manfredi alessandro@filerock.com
4 Corrupted data is
retrieved by the user
without any notice
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
34. Why integrity matters
Alessandro Manfredi alessandro@filerock.com
5 The corrupted data is used by the user
in his own activity, unnoticed.
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
35. Integrity check, from 10.000 ft
Alessandro Manfredi alessandro@filerock.com
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
36. Integrity check, from 10.000 ft
Alessandro Manfredi alessandro@filerock.com
1 Data is stored
on the cloud
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
37. Integrity check, from 10.000 ft
Alessandro Manfredi alessandro@filerock.com
2 A fingerprint of the whole data set,
called basis, is efficiently recomputed
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
38. Integrity check, from 10.000 ft
Alessandro Manfredi alessandro@filerock.com
3 The user wants to recover
his data from the cloud
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
39. Integrity check, from 10.000 ft
Alessandro Manfredi alessandro@filerock.com
4 The software
retrieves the
data together
with a proof
of integrity
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
40. Integrity check, from 10.000 ft
Alessandro Manfredi alessandro@filerock.com
5 The integrity of the data is checked by
matching the proof with the last trusted basis.
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
41. How is that done?
Alessandro Manfredi alessandro@filerock.com
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
42. Authenticated Data Structures
Alessandro Manfredi alessandro@filerock.com
a
b c
d e f g
A B C D
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
43. Authenticated Data Structures
Alessandro Manfredi alessandro@filerock.com
a basis: a fingerprint of
the whole data set
b c
d e f g
A B C D data
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
44. Authenticated Data Structures
Alessandro Manfredi alessandro@filerock.com
a basis: a fingerprint of
the whole data set
b c
kept safe
client side,
d e f g updated on
any data
modification
A B C D data
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
45. Example: Integrity check for “D"
Alessandro Manfredi alessandro@filerock.com
a
b c
d e f g
A B C D
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
46. Example: Integrity check for “D"
Alessandro Manfredi alessandro@filerock.com
a
b c
d e f g
A B C D D = data
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
47. Example: Integrity check for “D"
Alessandro Manfredi alessandro@filerock.com
Integrity Proof a
b c
d e f g
A B C D D = data
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
48. Example: Integrity check for “D"
Alessandro Manfredi alessandro@filerock.com
a
b c
d e f g g = hash(D)
A B C D D = data
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
49. Example: Integrity check for “D"
Alessandro Manfredi alessandro@filerock.com
a
b c c = hash(f, g)
d e f g g = hash(D)
A B C D D = data
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
50. Example: Integrity check for “D"
Alessandro Manfredi alessandro@filerock.com
a a = hash(b, c)
b c c = hash(f, g)
d e f g g = hash(D)
A B C D D = data
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
51. Example: Integrity check for “D"
Alessandro Manfredi alessandro@filerock.com
must match the
trusted basis
a a = hash(b, c)
b c c = hash(f, g)
d e f g g = hash(D)
A B C D D = data
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
52. Integrity check capabilities
Alessandro Manfredi alessandro@filerock.com
• Verify integrity of the whole dataset
• ...including completeness
• Work in log(dataset_size) time
• Only the basis needs to be stored locally
• ...small as the output of an hash function
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
53. Integrity check capabilities
Alessandro Manfredi alessandro@filerock.com
• Verify integrity of the whole dataset
• ...including completeness
• Work in log(dataset_size) time
• Only the basis needs to be stored locally
• ...small as the output of an hash function
• Always work with correct data
• Can be used for specific SLAs
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
54. By the way, if you look at the FileRock ToS...
Alessandro Manfredi alessandro@filerock.com
As the other services,
all warranties are disclaimed.
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
55. Your reaction...
Alessandro Manfredi alessandro@filerock.com
Are you kidding me?
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
56. The FileRock Solution
Alessandro Manfredi alessandro@filerock.com
• Open source client
• Client-side encryption
• Encryption keys never shared with the service
• Client-side integrity check
• Data replication
• Local replication (synchronization)
• Remote replication (cross-provider)*
*not implemented yet
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
57. The FileRock Solution
Alessandro Manfredi alessandro@filerock.com
• Open source client Available
on
• Client-side encryption
• Encryption keys never shared with the service
• Client-side integrity check
• Data replication
• Local replication (synchronization)
• Remote replication (cross-provider)*
*not implemented yet
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
58. FileRock: how it looks now
Alessandro Manfredi alessandro@filerock.com
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
59. FileRock Toolkit Demo
Alessandro Manfredi alessandro@filerock.com
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
60. FileRock - Try it
Alessandro Manfredi alessandro@filerock.com
https://www.filerock.com/register
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.
63. Images Licenses
Free for personal use
Public Domain
Free for commercial use
do not redistribute
See the owner note
Copyright belongs to the
original authors and
publishers
The images used in this presentation are covered by different licenses, see the “Images Licenses” at the end of the deck.