SlideShare une entreprise Scribd logo

My private cloud overview

D
davidwchadwick

Granting anyone access to your cloud resources at any time from anywhere

Technologie
1  sur  16
Télécharger pour lire hors ligne
My Private Cloud Overview David W Chadwick, Matteo Casenove, Stijn F Lievens, Jerry I den Hartog, Andreas Pashalidis, Joseph Alhadeff 5 July 2011 IEEE Cloud 2011 1
Project Objectives • Migrate the trust, security and privacy preserving infrastructure from the EC TAS3 project to cloud services. • The TSP infrastructure relies on trusted cloud providers to operate in good faith but this can be checked – trust but verify • Infrastructure is built from legal agreements and open source software services • Software services include: trust and reputation management, sticky policies with fine grained access controls, privacy preserving delegation of authority, federated identity management, different levels of assurance and configurable audit trails 5 July 2011 IEEE Cloud 2011 2
Legend IdP=Identity Provider Architectural Components AA=Attribute Authority IdP Service DS=Delegation Service Authn=Authentication Directory AA Service DS P/S=Publish-Subscribe Audit Service Authn Service CSP=Cloud Service P/S Provider PEP=Policy Enforcement Point Trust and Trust PDP= Policy Decision Reputation Network Point Service Authz=Authorisation CSP WSC Infrastructure Appln=Application Code Dash Appln P WSC=Web Services Audit E Authz Client P Infr Dash=User’s dashboard service TAAS PDP DS TAAS=Trusted Attribute Aggregation Service 5 July 2011 IEEE Cloud 2011 3
Progress To Date • Have defined and implemented APIs (in php) for • Federated Identity Management with different Levels of Assurance • Privacy Preserving Delegation of Authority • Granting of Access Rights to Other Account Holders • And built these into a front end Proxy Service to Amazon/Eucalyptus S3 service 5 July 2011 IEEE Cloud 2011 4
UK AMF Authz Database IdP 1 Account DB Authz API IdP 2 WAYF … Simple SAMLphp IdP n Authn Proxy API IdP Cloud (Simple Service SAML Other IdPs phpSP) CVS OpenID Facebook Google Twitter Org LDAP Delegation API LEGEND Delegation Issuing = Cloud API Security Services Web Service = External Services = Locally Provided Services
Welcome Screen 5 July 2011 IEEE Cloud 2011 6
Login Redirects to Proxy IdP 5 July 2011 IEEE Cloud 2011 7
User Logs In via chosen IdP 5 July 2011 IEEE Cloud 2011 8
User is shown all the Accounts that his Attributes give him Ownership of, and Opens (or Creates) one 5 July 2011 IEEE Cloud 2011 9
User is shown Account Details of Opened Account List of Your Delegates List of Buckets You Own List of Buckets and Files that other Account Owners have shared with you 5 July 2011 IEEE Cloud 2011 10
User Opens a Bucket Can view/alter Access Rights Can upload/download files 5 July 2011 IEEE Cloud 2011 11
Showing Permissions that You have Granted to Others Permissions given to other Account Holders Permissions given to Contacts Give New Permissions to Others 5 July 2011 IEEE Cloud 2011 12
Granting Permissions To Others Granting Public access Granting access to other Account Holders Granting access to Contacts/Delegates 5 July 2011 IEEE Cloud 2011 13
Adding a New Contact 5 July 2011 IEEE Cloud 2011 14
Next Steps • Define an API for secure auditing and integrate this into system • Implement existing APIs in other cloud services • Define APIs for trust and reputation management 5 July 2011 IEEE Cloud 2011 15
Acknowledgements • This research has received funding from • EC’s FP7 under grant agreement n° 216287 (Trusted Architecture for Securely Shared Services) and • UK’s EPSRC under grant ref. n° EP/1034181/1 (My Private Cloud) 5 July 2011 IEEE Cloud 2011 16

Recommandé

Best Practices for testing of SOA-based systems - with examples of SOA Suite 11g
Best Practices for testing of SOA-based systems - with examples of SOA Suite 11gBest Practices for testing of SOA-based systems - with examples of SOA Suite 11g
Best Practices for testing of SOA-based systems - with examples of SOA Suite 11gGuido Schmutz
 
Oracle SOA Suite Overview - Integration in a Service-Oriented World
Oracle SOA Suite Overview - Integration in a Service-Oriented WorldOracle SOA Suite Overview - Integration in a Service-Oriented World
Oracle SOA Suite Overview - Integration in a Service-Oriented WorldOracleContractors
 
Implementing Applications with SOA and Application Integration Architecture
Implementing Applications with SOA and Application Integration ArchitectureImplementing Applications with SOA and Application Integration Architecture
Implementing Applications with SOA and Application Integration ArchitectureBob Rhubart
 
Developing Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS LambdaDeveloping Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS Lambdamitesh_sharma
 
Blaze Ds Slides
Blaze Ds SlidesBlaze Ds Slides
Blaze Ds Slidesmichael.labriola
 
How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7CA API Management
 
Layer 7 and Oracle -
Layer 7 and Oracle - Layer 7 and Oracle -
Layer 7 and Oracle - CA API Management
 
Identity Manager in Cloud with Openflow Switches
Identity Manager in Cloud with Openflow SwitchesIdentity Manager in Cloud with Openflow Switches
Identity Manager in Cloud with Openflow SwitchesMohammad Faraji
 

Recommandé

Best Practices for testing of SOA-based systems - with examples of SOA Suite 11g
Best Practices for testing of SOA-based systems - with examples of SOA Suite 11gBest Practices for testing of SOA-based systems - with examples of SOA Suite 11g
Best Practices for testing of SOA-based systems - with examples of SOA Suite 11gGuido Schmutz
 
Oracle SOA Suite Overview - Integration in a Service-Oriented World
Oracle SOA Suite Overview - Integration in a Service-Oriented WorldOracle SOA Suite Overview - Integration in a Service-Oriented World
Oracle SOA Suite Overview - Integration in a Service-Oriented WorldOracleContractors
 
Implementing Applications with SOA and Application Integration Architecture
Implementing Applications with SOA and Application Integration ArchitectureImplementing Applications with SOA and Application Integration Architecture
Implementing Applications with SOA and Application Integration ArchitectureBob Rhubart
 
Developing Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS LambdaDeveloping Url Shortener With Dynamic Behaviour Using AWS Lambda
Developing Url Shortener With Dynamic Behaviour Using AWS Lambdamitesh_sharma
 
Blaze Ds Slides
Blaze Ds SlidesBlaze Ds Slides
Blaze Ds Slidesmichael.labriola
 
How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7CA API Management
 
Layer 7 and Oracle -
Layer 7 and Oracle - Layer 7 and Oracle -
Layer 7 and Oracle - CA API Management
 
Identity Manager in Cloud with Openflow Switches
Identity Manager in Cloud with Openflow SwitchesIdentity Manager in Cloud with Openflow Switches
Identity Manager in Cloud with Openflow SwitchesMohammad Faraji
 
Introduction to WCF RIA Services for Silverlight 4 Developers
Introduction to WCF RIA Services for Silverlight 4 DevelopersIntroduction to WCF RIA Services for Silverlight 4 Developers
Introduction to WCF RIA Services for Silverlight 4 DevelopersSaltmarch Media
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Melbourne API Management Seminar
Melbourne API Management SeminarMelbourne API Management Seminar
Melbourne API Management SeminarCA API Management
 
Cross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San FranciscoCross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San FranciscoCA API Management
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to findDan Diephouse
 
Accelerating SOA Security and Gov
Accelerating SOA Security and GovAccelerating SOA Security and Gov
Accelerating SOA Security and GovCA API Management
 
AWS Customer Presentation - Alcatel Lucent
AWS Customer Presentation - Alcatel LucentAWS Customer Presentation - Alcatel Lucent
AWS Customer Presentation - Alcatel LucentAmazon Web Services
 
Secure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the CloudSecure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the CloudCA API Management
 
Netflix MSA and Pivotal
Netflix MSA and PivotalNetflix MSA and Pivotal
Netflix MSA and PivotalVMware Tanzu Korea
 
Visibility from user to infrastructure on AWS
Visibility from user to infrastructure on AWSVisibility from user to infrastructure on AWS
Visibility from user to infrastructure on AWSAppDynamics
 
Authentication Server
Authentication ServerAuthentication Server
Authentication ServerAbhishek Chikane
 
IBM Pulse 2013 session - DevOps for Mobile Apps
IBM Pulse 2013 session - DevOps for Mobile AppsIBM Pulse 2013 session - DevOps for Mobile Apps
IBM Pulse 2013 session - DevOps for Mobile AppsSanjeev Sharma
 
Nuno Godinho
Nuno GodinhoNuno Godinho
Nuno Godinhojoaogoncalves
 
Anypoint connector Roadmap
Anypoint connector RoadmapAnypoint connector Roadmap
Anypoint connector Roadmapdanishsm84
 
Connectivity for a Smarter Planet
Connectivity for a Smarter PlanetConnectivity for a Smarter Planet
Connectivity for a Smarter PlanetProlifics
 
Private cloud in a box
Private cloud in a boxPrivate cloud in a box
Private cloud in a boxKamesh Pemmaraju
 
An Approach for Multi-Tenancy Through Apache Knox
An Approach for Multi-Tenancy Through Apache KnoxAn Approach for Multi-Tenancy Through Apache Knox
An Approach for Multi-Tenancy Through Apache KnoxDataWorks Summit/Hadoop Summit
 
AMIS Oracle OpenWorld 2013 Review Part 2 - Platform Middleware Publication
AMIS Oracle OpenWorld 2013 Review Part 2 - Platform Middleware PublicationAMIS Oracle OpenWorld 2013 Review Part 2 - Platform Middleware Publication
AMIS Oracle OpenWorld 2013 Review Part 2 - Platform Middleware PublicationGetting value from IoT, Integration and Data Analytics
 
OpenStack Hybrid Cloud Management and Orchestration - James Bond
OpenStack Hybrid Cloud Management and Orchestration - James BondOpenStack Hybrid Cloud Management and Orchestration - James Bond
OpenStack Hybrid Cloud Management and Orchestration - James Bondscoopnewsgroup
 
ReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered serviceReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered serviceGen-i
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Contenu connexe

Similaire à My private cloud overview

Introduction to WCF RIA Services for Silverlight 4 Developers
Introduction to WCF RIA Services for Silverlight 4 DevelopersIntroduction to WCF RIA Services for Silverlight 4 Developers
Introduction to WCF RIA Services for Silverlight 4 DevelopersSaltmarch Media
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Melbourne API Management Seminar
Melbourne API Management SeminarMelbourne API Management Seminar
Melbourne API Management SeminarCA API Management
 
Cross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San FranciscoCross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San FranciscoCA API Management
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to findDan Diephouse
 
Accelerating SOA Security and Gov
Accelerating SOA Security and GovAccelerating SOA Security and Gov
Accelerating SOA Security and GovCA API Management
 
AWS Customer Presentation - Alcatel Lucent
AWS Customer Presentation - Alcatel LucentAWS Customer Presentation - Alcatel Lucent
AWS Customer Presentation - Alcatel LucentAmazon Web Services
 
Secure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the CloudSecure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the CloudCA API Management
 
Visibility from user to infrastructure on AWS
Visibility from user to infrastructure on AWSVisibility from user to infrastructure on AWS
Visibility from user to infrastructure on AWSAppDynamics
 
IBM Pulse 2013 session - DevOps for Mobile Apps
IBM Pulse 2013 session - DevOps for Mobile AppsIBM Pulse 2013 session - DevOps for Mobile Apps
IBM Pulse 2013 session - DevOps for Mobile AppsSanjeev Sharma
 
Anypoint connector Roadmap
Anypoint connector RoadmapAnypoint connector Roadmap
Anypoint connector Roadmapdanishsm84
 
Connectivity for a Smarter Planet
Connectivity for a Smarter PlanetConnectivity for a Smarter Planet
Connectivity for a Smarter PlanetProlifics
 
OpenStack Hybrid Cloud Management and Orchestration - James Bond
OpenStack Hybrid Cloud Management and Orchestration - James BondOpenStack Hybrid Cloud Management and Orchestration - James Bond
OpenStack Hybrid Cloud Management and Orchestration - James Bondscoopnewsgroup
 
ReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered serviceReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered serviceGen-i
 

Similaire à My private cloud overview (20)

Introduction to WCF RIA Services for Silverlight 4 Developers
Introduction to WCF RIA Services for Silverlight 4 DevelopersIntroduction to WCF RIA Services for Silverlight 4 Developers
Introduction to WCF RIA Services for Silverlight 4 Developers
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the Cloud
 
Melbourne API Management Seminar
Melbourne API Management SeminarMelbourne API Management Seminar
Melbourne API Management Seminar
 
Cross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San FranciscoCross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San Francisco
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to find
 
Accelerating SOA Security and Gov
Accelerating SOA Security and GovAccelerating SOA Security and Gov
Accelerating SOA Security and Gov
 
AWS Customer Presentation - Alcatel Lucent
AWS Customer Presentation - Alcatel LucentAWS Customer Presentation - Alcatel Lucent
AWS Customer Presentation - Alcatel Lucent
 
Secure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the CloudSecure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the Cloud
 
Netflix MSA and Pivotal
Netflix MSA and PivotalNetflix MSA and Pivotal
Netflix MSA and Pivotal
 
Visibility from user to infrastructure on AWS
Visibility from user to infrastructure on AWSVisibility from user to infrastructure on AWS
Visibility from user to infrastructure on AWS
 
Authentication Server
Authentication ServerAuthentication Server
Authentication Server
 
IBM Pulse 2013 session - DevOps for Mobile Apps
IBM Pulse 2013 session - DevOps for Mobile AppsIBM Pulse 2013 session - DevOps for Mobile Apps
IBM Pulse 2013 session - DevOps for Mobile Apps
 
Nuno Godinho
Nuno GodinhoNuno Godinho
Nuno Godinho
 
Anypoint connector Roadmap
Anypoint connector RoadmapAnypoint connector Roadmap
Anypoint connector Roadmap
 
Connectivity for a Smarter Planet
Connectivity for a Smarter PlanetConnectivity for a Smarter Planet
Connectivity for a Smarter Planet
 
Private cloud in a box
Private cloud in a boxPrivate cloud in a box
Private cloud in a box
 
An Approach for Multi-Tenancy Through Apache Knox
An Approach for Multi-Tenancy Through Apache KnoxAn Approach for Multi-Tenancy Through Apache Knox
An Approach for Multi-Tenancy Through Apache Knox
 
AMIS Oracle OpenWorld 2013 Review Part 2 - Platform Middleware Publication
AMIS Oracle OpenWorld 2013 Review Part 2 - Platform Middleware PublicationAMIS Oracle OpenWorld 2013 Review Part 2 - Platform Middleware Publication
AMIS Oracle OpenWorld 2013 Review Part 2 - Platform Middleware Publication
 
OpenStack Hybrid Cloud Management and Orchestration - James Bond
OpenStack Hybrid Cloud Management and Orchestration - James BondOpenStack Hybrid Cloud Management and Orchestration - James Bond
OpenStack Hybrid Cloud Management and Orchestration - James Bond
 
ReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered serviceReadyCloud Collaboration, a Cisco Powered service
ReadyCloud Collaboration, a Cisco Powered service
 

Dernier

"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 

Dernier (20)

"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 

My private cloud overview

  • 1. My Private Cloud Overview David W Chadwick, Matteo Casenove, Stijn F Lievens, Jerry I den Hartog, Andreas Pashalidis, Joseph Alhadeff 5 July 2011 IEEE Cloud 2011 1
  • 2. Project Objectives • Migrate the trust, security and privacy preserving infrastructure from the EC TAS3 project to cloud services. • The TSP infrastructure relies on trusted cloud providers to operate in good faith but this can be checked – trust but verify • Infrastructure is built from legal agreements and open source software services • Software services include: trust and reputation management, sticky policies with fine grained access controls, privacy preserving delegation of authority, federated identity management, different levels of assurance and configurable audit trails 5 July 2011 IEEE Cloud 2011 2
  • 3. Legend IdP=Identity Provider Architectural Components AA=Attribute Authority IdP Service DS=Delegation Service Authn=Authentication Directory AA Service DS P/S=Publish-Subscribe Audit Service Authn Service CSP=Cloud Service P/S Provider PEP=Policy Enforcement Point Trust and Trust PDP= Policy Decision Reputation Network Point Service Authz=Authorisation CSP WSC Infrastructure Appln=Application Code Dash Appln P WSC=Web Services Audit E Authz Client P Infr Dash=User’s dashboard service TAAS PDP DS TAAS=Trusted Attribute Aggregation Service 5 July 2011 IEEE Cloud 2011 3
  • 4. Progress To Date • Have defined and implemented APIs (in php) for • Federated Identity Management with different Levels of Assurance • Privacy Preserving Delegation of Authority • Granting of Access Rights to Other Account Holders • And built these into a front end Proxy Service to Amazon/Eucalyptus S3 service 5 July 2011 IEEE Cloud 2011 4
  • 5. UK AMF Authz Database IdP 1 Account DB Authz API IdP 2 WAYF … Simple SAMLphp IdP n Authn Proxy API IdP Cloud (Simple Service SAML Other IdPs phpSP) CVS OpenID Facebook Google Twitter Org LDAP Delegation API LEGEND Delegation Issuing = Cloud API Security Services Web Service = External Services = Locally Provided Services
  • 6. Welcome Screen 5 July 2011 IEEE Cloud 2011 6
  • 7. Login Redirects to Proxy IdP 5 July 2011 IEEE Cloud 2011 7
  • 8. User Logs In via chosen IdP 5 July 2011 IEEE Cloud 2011 8
  • 9. User is shown all the Accounts that his Attributes give him Ownership of, and Opens (or Creates) one 5 July 2011 IEEE Cloud 2011 9
  • 10. User is shown Account Details of Opened Account List of Your Delegates List of Buckets You Own List of Buckets and Files that other Account Owners have shared with you 5 July 2011 IEEE Cloud 2011 10
  • 11. User Opens a Bucket Can view/alter Access Rights Can upload/download files 5 July 2011 IEEE Cloud 2011 11
  • 12. Showing Permissions that You have Granted to Others Permissions given to other Account Holders Permissions given to Contacts Give New Permissions to Others 5 July 2011 IEEE Cloud 2011 12
  • 13. Granting Permissions To Others Granting Public access Granting access to other Account Holders Granting access to Contacts/Delegates 5 July 2011 IEEE Cloud 2011 13
  • 14. Adding a New Contact 5 July 2011 IEEE Cloud 2011 14
  • 15. Next Steps • Define an API for secure auditing and integrate this into system • Implement existing APIs in other cloud services • Define APIs for trust and reputation management 5 July 2011 IEEE Cloud 2011 15
  • 16. Acknowledgements • This research has received funding from • EC’s FP7 under grant agreement n° 216287 (Trusted Architecture for Securely Shared Services) and • UK’s EPSRC under grant ref. n° EP/1034181/1 (My Private Cloud) 5 July 2011 IEEE Cloud 2011 16