SlideShare une entreprise Scribd logo

Bletchley

Diogo Mónica
Diogo Mónica

Bletchley is a home-grown decryption service that we built @square

TechnologieFormation
1  sur  35
Télécharger pour lire hors ligne
Bletchley: dealing with HSM’s so you don’t have to @diogomonica • Square Security
Roadmap ‣ Square’s Service-Oriented Architecture ‣ Why do we need a decryption service? ‣ Our decryption service: Bletchley ‣ Bletchley’s architecture ‣ Use cases for Bletchley ‣ Conclusion
Square ‣ Mobile Payments Company. ‣ 1 Security Team. ‣ Infra: Java & Ruby, some Go. ‣ Moving > $15 billion annually.
Service Oriented Architecture ‣ Move fast! ‣ Loose component coupling. ‣ Independent scaling. ‣ Multiple languages.
‣ Front ends ‣ User data ‣ Payments service ‣ Reader fulfillment ‣ TokenizationExample Architecture
SOA Security Goals Establish Trust at Layer 7 ‣ Authenticate and authorize every request Protect Secrets ‣ Application secrets and customer data Separate Concerns ‣ Principle of least privilege Provide Common Security Infrastructure ‣ Get it right once, other services benefit
Security Services ‣ Login Service: verify user creds, create client cookies ‣ Token Service: associates stable identifier with secret data ‣ Certificate Signing: manages CAs ‣ Secret Management: delivers secrets to other services ‣ Crypto Service: offloaded crypto, manages keys
The Problem(s) ‣ Managing keys is hard. ‣ Infrastructure persists data aggressively. ‣ Crypto is hard ™ ‣ Crypto can be expensive (CPU cycles && time && $$).
Why do we need a decryption service? ‣ Private Key centralization. ‣ Guaranteed key deletion. ‣ Get the code right, once. ‣ Crypto offloading. ‣ Database compromise requires an online attack. ‣ Hide the HSM complexity.
Bletchley
Assumptions ‣ We have a magic way to: • Distribute secrets (e.g. private keys) • Do strong S2S authentication
Our Solution: Bletchley ‣ Very simple API. ‣ Issues public keys, decrypts with private keys. ‣ Supports strong key deletion. ‣ Backed by HSMs (nCipher). • Hides the complexity/pain of dealing with these things.
Bletchley API ‣ (publicKey, keyId) = createKey() Bletchley Host Service createKey() Bletchley Host Service (publicKey, keyId) 1 2
Bletchley API ‣ data = decrypt(keyId, blob) Bletchley Host Service decrypt(keyId, blob) Bletchley Host Service data 1 2
Bletchley API ‣ success = deleteKey(keyId) Bletchley Host Service deleteKey(KeyId) Bletchley Host Service success2 1
Use Case 1: External Partner Square External Partner {message}KprivBletchley Cluster Money Moving App Visa {message} 1 23 4 Kpub Kpriv
Bletchley Architecture ‣ Several servers running the bletchley w/ access to HSMs ‣ Backed by a PG database Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
Key Generation ‣ Each individual bletchley host generates keys on it’s local HSM. ‣ The HSM uses files on disk to represent the keys. Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
Key Replication ‣ New keys are registered in the database ‣ Other bletchley hosts go to the original host and retrieve it Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
Decryption Authorization ‣ ACL could be stored in the Database ‣ On decryption request, verify if service matches ACL Service DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database Bletchley createKey() addPerm(keyId, service) Service DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database Bletchley decrypt(keyId, blob) checkPerm(keyId, service) 1 2
Database Failure ‣ Decryptions become dependent on the database for authorization Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
keyID to the rescue ‣ keyId = base64(key_alias|service1| HMAC(key_alias, service1) Bletchley Host Service decrypt(keyId, blob) Bletchley Host Service data 1 2
Decryption Authorization ‣ Decryption authorization independent from database Service Bletchley createKey(services) 1 newKeyId(services) Service Bletchley decrypt(keyId, blob) 2 decrypt(blob) iff keyId.include?(service)
Key Deletion ‣ The key is marked for deletion in the DB ‣ All bletchley hosts securely delete it from disk Service DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database Bletchley deleteKey(KeyId) markDelete(keyId) Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
Key Rotation ‣ Service requests for new key ‣ Starts encrypting all new requests with new key. Tries to decrypt all requests with both. Service Bletchley createKey(services) 1 keyId2 = newKeyId(services) Service addKey(keyId) 2 [ keyId1, keyId2 ]
Scaling ‣ Just add more hosts Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
Use Case 2: Internal File Transfer Square External Partner {blob}Bletchley Cluster File Transfer App 1 23 Kpriv service1 {blob}Kpub 4 5 createKey(service1)
Use Case 2: Internal File Transfer Square External Partner Bletchley Cluster File Transfer App 1 Kpriv service1 {blob}Kpub 2 decrypt(keyID, {blob}) Kpub
Use Case 2: Internal File Transfer Square External Partner Bletchley Cluster File Transfer App 1 Kpriv service1 {blob}Kpub decrypt(keyID, service1)
Use Case 3: Downstream Outage Square Customer Bletchley Cluster Money Moving App Visa 1 2 {message} {message} Kpub DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch Database {message} Kpub 5 34 Kpriv
Use Case 3: Downstream Outage Database Square Customer Bletchley Cluster Money Moving App Visa Kpub 12 3 {message} DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch 4 Kpriv
Disadvantages ‣ Cross-DC story is sad ‣ Tied to one vendor ‣ HSMs are hard to debug and support is bad.
Conclusions ‣ You should have a crypto service! ‣ Solves a lot of architectural problems. ‣ Get it right once. ‣ Save money by sharing HSM resources with multiple applications. ‣ Not that hard to make HA
Thanks @justincummins @ebolten
@diogomonica diogo@squareup.com https://squareup.com/careers/engineering

Recommandé

MTLS in a Microservices World
MTLS in a Microservices WorldMTLS in a Microservices World
MTLS in a Microservices WorldDiogo Mónica
 
Leveraging Honest Users: Stealth Command-and-Control of Botnets
Leveraging Honest Users: Stealth Command-and-Control of BotnetsLeveraging Honest Users: Stealth Command-and-Control of Botnets
Leveraging Honest Users: Stealth Command-and-Control of BotnetsDiogo Mónica
 
Moby SIG Orchestration Security Summit Presentation
Moby SIG Orchestration Security Summit PresentationMoby SIG Orchestration Security Summit Presentation
Moby SIG Orchestration Security Summit PresentationDiogo Mónica
 
Basics of ssl
Basics of sslBasics of ssl
Basics of ssln|u - The Open Security Community
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshellFrank Kelly
 
OpenSSL
OpenSSLOpenSSL
OpenSSLTimbal Mayank
 
Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Cloudflare
 
Managing secrets at scale
Managing secrets at scaleManaging secrets at scale
Managing secrets at scaleAlex Schoof
 

Recommandé

MTLS in a Microservices World
MTLS in a Microservices WorldMTLS in a Microservices World
MTLS in a Microservices WorldDiogo Mónica
 
Leveraging Honest Users: Stealth Command-and-Control of Botnets
Leveraging Honest Users: Stealth Command-and-Control of BotnetsLeveraging Honest Users: Stealth Command-and-Control of Botnets
Leveraging Honest Users: Stealth Command-and-Control of BotnetsDiogo Mónica
 
Moby SIG Orchestration Security Summit Presentation
Moby SIG Orchestration Security Summit PresentationMoby SIG Orchestration Security Summit Presentation
Moby SIG Orchestration Security Summit PresentationDiogo Mónica
 
Basics of ssl
Basics of sslBasics of ssl
Basics of ssln|u - The Open Security Community
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshellFrank Kelly
 
OpenSSL
OpenSSLOpenSSL
OpenSSLTimbal Mayank
 
Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Sullivan red october-oscon-2014
Sullivan red october-oscon-2014Cloudflare
 
Managing secrets at scale
Managing secrets at scaleManaging secrets at scale
Managing secrets at scaleAlex Schoof
 
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...DynamicInfraDays
 
Credential store using HashiCorp Vault
Credential store using HashiCorp VaultCredential store using HashiCorp Vault
Credential store using HashiCorp VaultMayank Patel
 
DevOpsDays - DevOps: Security 干我何事?
DevOpsDays - DevOps: Security 干我何事?DevOpsDays - DevOps: Security 干我何事?
DevOpsDays - DevOps: Security 干我何事?smalltown
 
Botconf ppt
Botconf pptBotconf ppt
Botconf pptCloudflare
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultMitchell Pronschinske
 
PhD Thesis Diogo Mónica
PhD Thesis Diogo MónicaPhD Thesis Diogo Mónica
PhD Thesis Diogo MónicaDiogo Mónica
 
MRA AMA Part 7: The Circuit Breaker Pattern
MRA AMA Part 7: The Circuit Breaker PatternMRA AMA Part 7: The Circuit Breaker Pattern
MRA AMA Part 7: The Circuit Breaker PatternNGINX, Inc.
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEATLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEANGINX, Inc.
 
6 Months Sailing with Docker in Production
6 Months Sailing with Docker in Production 6 Months Sailing with Docker in Production
6 Months Sailing with Docker in Production Hung Lin
 
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareSurviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareCloudflare
 
SSl/TLS Analysis
SSl/TLS AnalysisSSl/TLS Analysis
SSl/TLS AnalysisDuduman Bogdan Vlad
 
Authorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice EnvironmentsAuthorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice EnvironmentsLeanIX GmbH
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open SourceTLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open SourceNGINX, Inc.
 
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays
 
Sniffing SSL Traffic
Sniffing SSL TrafficSniffing SSL Traffic
Sniffing SSL Trafficdkaya
 
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Michael Man
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layerAhmed Elnaggar
 
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultTom Kerkhove
 
Blockchain testing strategy
Blockchain testing strategyBlockchain testing strategy
Blockchain testing strategyrajni singh
 
SSL
SSLSSL
SSLDuy Do Phan
 
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc NetworksObservable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc NetworksDiogo Mónica
 
ESORICS 2014: Local Password validation using Self-Organizing Maps
ESORICS 2014: Local Password validation using Self-Organizing MapsESORICS 2014: Local Password validation using Self-Organizing Maps
ESORICS 2014: Local Password validation using Self-Organizing MapsDiogo Mónica
 

Contenu connexe

Tendances

ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...DynamicInfraDays
 
Credential store using HashiCorp Vault
Credential store using HashiCorp VaultCredential store using HashiCorp Vault
Credential store using HashiCorp VaultMayank Patel
 
DevOpsDays - DevOps: Security 干我何事?
DevOpsDays - DevOps: Security 干我何事?DevOpsDays - DevOps: Security 干我何事?
DevOpsDays - DevOps: Security 干我何事?smalltown
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultMitchell Pronschinske
 
PhD Thesis Diogo Mónica
PhD Thesis Diogo MónicaPhD Thesis Diogo Mónica
PhD Thesis Diogo MónicaDiogo Mónica
 
MRA AMA Part 7: The Circuit Breaker Pattern
MRA AMA Part 7: The Circuit Breaker PatternMRA AMA Part 7: The Circuit Breaker Pattern
MRA AMA Part 7: The Circuit Breaker PatternNGINX, Inc.
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEATLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEANGINX, Inc.
 
6 Months Sailing with Docker in Production
6 Months Sailing with Docker in Production 6 Months Sailing with Docker in Production
6 Months Sailing with Docker in Production Hung Lin
 
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareSurviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareCloudflare
 
Authorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice EnvironmentsAuthorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice EnvironmentsLeanIX GmbH
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open SourceTLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open SourceNGINX, Inc.
 
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays
 
Sniffing SSL Traffic
Sniffing SSL TrafficSniffing SSL Traffic
Sniffing SSL Trafficdkaya
 
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Michael Man
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layerAhmed Elnaggar
 
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultTom Kerkhove
 
Blockchain testing strategy
Blockchain testing strategyBlockchain testing strategy
Blockchain testing strategyrajni singh
 

Tendances (20)

ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
 
Credential store using HashiCorp Vault
Credential store using HashiCorp VaultCredential store using HashiCorp Vault
Credential store using HashiCorp Vault
 
DevOpsDays - DevOps: Security 干我何事?
DevOpsDays - DevOps: Security 干我何事?DevOpsDays - DevOps: Security 干我何事?
DevOpsDays - DevOps: Security 干我何事?
 
Botconf ppt
Botconf pptBotconf ppt
Botconf ppt
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp Vault
 
PhD Thesis Diogo Mónica
PhD Thesis Diogo MónicaPhD Thesis Diogo Mónica
PhD Thesis Diogo Mónica
 
MRA AMA Part 7: The Circuit Breaker Pattern
MRA AMA Part 7: The Circuit Breaker PatternMRA AMA Part 7: The Circuit Breaker Pattern
MRA AMA Part 7: The Circuit Breaker Pattern
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEATLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source EMEA
 
6 Months Sailing with Docker in Production
6 Months Sailing with Docker in Production 6 Months Sailing with Docker in Production
6 Months Sailing with Docker in Production
 
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareSurviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
 
SSl/TLS Analysis
SSl/TLS AnalysisSSl/TLS Analysis
SSl/TLS Analysis
 
Authorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice EnvironmentsAuthorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice Environments
 
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open SourceTLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
TLS 1.3 and Other New Features in NGINX Plus R17 and NGINX Open Source
 
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
 
Sniffing SSL Traffic
Sniffing SSL TrafficSniffing SSL Traffic
Sniffing SSL Traffic
 
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
 
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
 
Blockchain testing strategy
Blockchain testing strategyBlockchain testing strategy
Blockchain testing strategy
 
SSL
SSLSSL
SSL
 

En vedette

Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc NetworksObservable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc NetworksDiogo Mónica
 
ESORICS 2014: Local Password validation using Self-Organizing Maps
ESORICS 2014: Local Password validation using Self-Organizing MapsESORICS 2014: Local Password validation using Self-Organizing Maps
ESORICS 2014: Local Password validation using Self-Organizing MapsDiogo Mónica
 
From 0 to 0xdeadbeef - security mistakes that will haunt your startup
From 0 to 0xdeadbeef - security mistakes that will haunt your startupFrom 0 to 0xdeadbeef - security mistakes that will haunt your startup
From 0 to 0xdeadbeef - security mistakes that will haunt your startupDiogo Mónica
 
An IDS for browser hijacking
An IDS for browser hijackingAn IDS for browser hijacking
An IDS for browser hijackingDiogo Mónica
 
WiFiHop - mitigating the Evil twin attack through multi-hop detection
WiFiHop - mitigating the Evil twin attack through multi-hop detectionWiFiHop - mitigating the Evil twin attack through multi-hop detection
WiFiHop - mitigating the Evil twin attack through multi-hop detectionDiogo Mónica
 
MultiPath TCP - The path to multipath
MultiPath TCP - The path to multipathMultiPath TCP - The path to multipath
MultiPath TCP - The path to multipathDiogo Mónica
 
Secure Software Distribution in an Adversarial World
Secure Software Distribution in an Adversarial WorldSecure Software Distribution in an Adversarial World
Secure Software Distribution in an Adversarial WorldDiogo Mónica
 
Application Security from the Inside - OWASP
Application Security from the Inside - OWASPApplication Security from the Inside - OWASP
Application Security from the Inside - OWASPSqreen
 
On the use of radio resource tests in wireless ad hoc networks
On the use of radio resource tests in wireless ad hoc networksOn the use of radio resource tests in wireless ad hoc networks
On the use of radio resource tests in wireless ad hoc networksDiogo Mónica
 
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, SecurityWeb Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, SecurityDiogo Mónica
 
Tune your App Perf (and get fit for summer)
Tune your App Perf (and get fit for summer)Tune your App Perf (and get fit for summer)
Tune your App Perf (and get fit for summer)Sqreen
 
NoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDBNoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDBSqreen
 
Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica Docker, Inc.
 
Security best practices for kubernetes deployment
Security best practices for kubernetes deploymentSecurity best practices for kubernetes deployment
Security best practices for kubernetes deploymentMichael Cherny
 
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Amazon Web Services
 

En vedette (15)

Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc NetworksObservable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
 
ESORICS 2014: Local Password validation using Self-Organizing Maps
ESORICS 2014: Local Password validation using Self-Organizing MapsESORICS 2014: Local Password validation using Self-Organizing Maps
ESORICS 2014: Local Password validation using Self-Organizing Maps
 
From 0 to 0xdeadbeef - security mistakes that will haunt your startup
From 0 to 0xdeadbeef - security mistakes that will haunt your startupFrom 0 to 0xdeadbeef - security mistakes that will haunt your startup
From 0 to 0xdeadbeef - security mistakes that will haunt your startup
 
An IDS for browser hijacking
An IDS for browser hijackingAn IDS for browser hijacking
An IDS for browser hijacking
 
WiFiHop - mitigating the Evil twin attack through multi-hop detection
WiFiHop - mitigating the Evil twin attack through multi-hop detectionWiFiHop - mitigating the Evil twin attack through multi-hop detection
WiFiHop - mitigating the Evil twin attack through multi-hop detection
 
MultiPath TCP - The path to multipath
MultiPath TCP - The path to multipathMultiPath TCP - The path to multipath
MultiPath TCP - The path to multipath
 
Secure Software Distribution in an Adversarial World
Secure Software Distribution in an Adversarial WorldSecure Software Distribution in an Adversarial World
Secure Software Distribution in an Adversarial World
 
Application Security from the Inside - OWASP
Application Security from the Inside - OWASPApplication Security from the Inside - OWASP
Application Security from the Inside - OWASP
 
On the use of radio resource tests in wireless ad hoc networks
On the use of radio resource tests in wireless ad hoc networksOn the use of radio resource tests in wireless ad hoc networks
On the use of radio resource tests in wireless ad hoc networks
 
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, SecurityWeb Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
 
Tune your App Perf (and get fit for summer)
Tune your App Perf (and get fit for summer)Tune your App Perf (and get fit for summer)
Tune your App Perf (and get fit for summer)
 
NoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDBNoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDB
 
Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica
 
Security best practices for kubernetes deployment
Security best practices for kubernetes deploymentSecurity best practices for kubernetes deployment
Security best practices for kubernetes deployment
 
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM
 

Similaire à Bletchley

Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layerBU
 
New Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQLNew Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQLconfluent
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013javagroup2006
 
Securing sensitive data with Azure Key Vault
Securing sensitive data with Azure Key VaultSecuring sensitive data with Azure Key Vault
Securing sensitive data with Azure Key VaultTom Kerkhove
 
Level 500: Let's Get (Really) Technical – Versent
Level 500: Let's Get (Really) Technical – VersentLevel 500: Let's Get (Really) Technical – Versent
Level 500: Let's Get (Really) Technical – VersentAmazon Web Services
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to BlockchainShyam Kamadolli
 
ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSISSIMeetup
 
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...Intelligent Cloud Conference 2018 - Building secure cloud applications with A...
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...Tom Kerkhove
 
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityDEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityFelipe Prado
 
Bitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceBitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceAll Things Open
 
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...Beau Bullock
 
Tutorial s crypto api session keys
Tutorial s crypto api session keysTutorial s crypto api session keys
Tutorial s crypto api session keysDr. Edwin Hernandez
 
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...Hitachi, Ltd. OSS Solution Center.
 
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...Mary Racter
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...Ambassador Labs
 
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays
 
Applications and deployment patterns of o auth and open id connect
Applications and deployment patterns of o auth and open id connectApplications and deployment patterns of o auth and open id connect
Applications and deployment patterns of o auth and open id connectKavindu Dodanduwa
 
Mongo DB in gaming industry
Mongo DB in gaming industryMongo DB in gaming industry
Mongo DB in gaming industryDmitry Makarchuk
 

Similaire à Bletchley (20)

Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
New Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQLNew Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQL
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013
 
Securing sensitive data with Azure Key Vault
Securing sensitive data with Azure Key VaultSecuring sensitive data with Azure Key Vault
Securing sensitive data with Azure Key Vault
 
Level 500: Let's Get (Really) Technical – Versent
Level 500: Let's Get (Really) Technical – VersentLevel 500: Let's Get (Really) Technical – Versent
Level 500: Let's Get (Really) Technical – Versent
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to Blockchain
 
ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSI
 
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...Intelligent Cloud Conference 2018 - Building secure cloud applications with A...
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...
 
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityDEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud security
 
Bitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceBitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open Source
 
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
 
Tutorial s crypto api session keys
Tutorial s crypto api session keysTutorial s crypto api session keys
Tutorial s crypto api session keys
 
Key management
Key managementKey management
Key management
 
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
 
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
 
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
 
Applications and deployment patterns of o auth and open id connect
Applications and deployment patterns of o auth and open id connectApplications and deployment patterns of o auth and open id connect
Applications and deployment patterns of o auth and open id connect
 
Mongo DB in gaming industry
Mongo DB in gaming industryMongo DB in gaming industry
Mongo DB in gaming industry
 

Dernier

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 

Dernier (20)

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 

Bletchley

  • 1. Bletchley: dealing with HSM’s so you don’t have to @diogomonica • Square Security
  • 2. Roadmap ‣ Square’s Service-Oriented Architecture ‣ Why do we need a decryption service? ‣ Our decryption service: Bletchley ‣ Bletchley’s architecture ‣ Use cases for Bletchley ‣ Conclusion
  • 3. Square ‣ Mobile Payments Company. ‣ 1 Security Team. ‣ Infra: Java & Ruby, some Go. ‣ Moving > $15 billion annually.
  • 4. Service Oriented Architecture ‣ Move fast! ‣ Loose component coupling. ‣ Independent scaling. ‣ Multiple languages.
  • 5. ‣ Front ends ‣ User data ‣ Payments service ‣ Reader fulfillment ‣ TokenizationExample Architecture
  • 6. SOA Security Goals Establish Trust at Layer 7 ‣ Authenticate and authorize every request Protect Secrets ‣ Application secrets and customer data Separate Concerns ‣ Principle of least privilege Provide Common Security Infrastructure ‣ Get it right once, other services benefit
  • 7. Security Services ‣ Login Service: verify user creds, create client cookies ‣ Token Service: associates stable identifier with secret data ‣ Certificate Signing: manages CAs ‣ Secret Management: delivers secrets to other services ‣ Crypto Service: offloaded crypto, manages keys
  • 8. The Problem(s) ‣ Managing keys is hard. ‣ Infrastructure persists data aggressively. ‣ Crypto is hard ™ ‣ Crypto can be expensive (CPU cycles && time && $$).
  • 9. Why do we need a decryption service? ‣ Private Key centralization. ‣ Guaranteed key deletion. ‣ Get the code right, once. ‣ Crypto offloading. ‣ Database compromise requires an online attack. ‣ Hide the HSM complexity.
  • 11. Assumptions ‣ We have a magic way to: • Distribute secrets (e.g. private keys) • Do strong S2S authentication
  • 12. Our Solution: Bletchley ‣ Very simple API. ‣ Issues public keys, decrypts with private keys. ‣ Supports strong key deletion. ‣ Backed by HSMs (nCipher). • Hides the complexity/pain of dealing with these things.
  • 13. Bletchley API ‣ (publicKey, keyId) = createKey() Bletchley Host Service createKey() Bletchley Host Service (publicKey, keyId) 1 2
  • 14. Bletchley API ‣ data = decrypt(keyId, blob) Bletchley Host Service decrypt(keyId, blob) Bletchley Host Service data 1 2
  • 15. Bletchley API ‣ success = deleteKey(keyId) Bletchley Host Service deleteKey(KeyId) Bletchley Host Service success2 1
  • 16. Use Case 1: External Partner Square External Partner {message}KprivBletchley Cluster Money Moving App Visa {message} 1 23 4 Kpub Kpriv
  • 17. Bletchley Architecture ‣ Several servers running the bletchley w/ access to HSMs ‣ Backed by a PG database Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
  • 18. Key Generation ‣ Each individual bletchley host generates keys on it’s local HSM. ‣ The HSM uses files on disk to represent the keys. Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
  • 19. Key Replication ‣ New keys are registered in the database ‣ Other bletchley hosts go to the original host and retrieve it Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
  • 20. Decryption Authorization ‣ ACL could be stored in the Database ‣ On decryption request, verify if service matches ACL Service DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database Bletchley createKey() addPerm(keyId, service) Service DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database Bletchley decrypt(keyId, blob) checkPerm(keyId, service) 1 2
  • 21. Database Failure ‣ Decryptions become dependent on the database for authorization Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
  • 22. keyID to the rescue ‣ keyId = base64(key_alias|service1| HMAC(key_alias, service1) Bletchley Host Service decrypt(keyId, blob) Bletchley Host Service data 1 2
  • 23. Decryption Authorization ‣ Decryption authorization independent from database Service Bletchley createKey(services) 1 newKeyId(services) Service Bletchley decrypt(keyId, blob) 2 decrypt(blob) iff keyId.include?(service)
  • 24. Key Deletion ‣ The key is marked for deletion in the DB ‣ All bletchley hosts securely delete it from disk Service DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database Bletchley deleteKey(KeyId) markDelete(keyId) Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
  • 25. Key Rotation ‣ Service requests for new key ‣ Starts encrypting all new requests with new key. Tries to decrypt all requests with both. Service Bletchley createKey(services) 1 keyId2 = newKeyId(services) Service addKey(keyId) 2 [ keyId1, keyId2 ]
  • 26. Scaling ‣ Just add more hosts Bletchley Cluster DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch database
  • 27. Use Case 2: Internal File Transfer Square External Partner {blob}Bletchley Cluster File Transfer App 1 23 Kpriv service1 {blob}Kpub 4 5 createKey(service1)
  • 28. Use Case 2: Internal File Transfer Square External Partner Bletchley Cluster File Transfer App 1 Kpriv service1 {blob}Kpub 2 decrypt(keyID, {blob}) Kpub
  • 29. Use Case 2: Internal File Transfer Square External Partner Bletchley Cluster File Transfer App 1 Kpriv service1 {blob}Kpub decrypt(keyID, service1)
  • 30. Use Case 3: Downstream Outage Square Customer Bletchley Cluster Money Moving App Visa 1 2 {message} {message} Kpub DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch Database {message} Kpub 5 34 Kpriv
  • 31. Use Case 3: Downstream Outage Database Square Customer Bletchley Cluster Money Moving App Visa Kpub 12 3 {message} DATASHEET SANbox9000Series SANbox® ProductFamily Thenewlookforpowerful,easytomanagefabrics TheSANbox9000istheflagshipintheSANboxlineoffabricswitches,intelligentstoragerouters,andstorageser- vicesplatforms.Asindividualcomponents,everyQLogicSANboxdeliverstheadvantagesofabest-in-classproduct. Workingtogetherasanintelligentnetworksolution,theyareeasytodeployandadministratorandtheymakeyour SANperformbetter,too.That’swhytheentireQLogicSANboxlinewontheWindowsITPro“ReadersChoice”award. Foryourswitchedfabric,youcancountonQLogicforexactlytherightswitch…fromthecore,tothedistribution layer,totheedge.Forlow-costlocalandremoteserverconnectivity,QLogicIntelligentStorageRoutersboostutili- zationwhiledrivingdowncostandcomplexity.Andforstoragevirtualization,theQLogicStorageServicesPlatform offersnetwork-basedcommandandcontrolofyourheterogeneousstorage.Byvirtualizingstoragefromwithinthe fabric,yougreatlysimplifymanagement.Moreimportantly,youensureanopenenvironmentthatcanaccommodate multiplevendors,newsolutionsandfutureflexibility. SANbox® Thenewlookforpowerful,easytomanagefabrics •SANbox9000StackableChassisSwitch •SANbox8000StorageServicesPlatform •SANbox6000IntelligentStorageRouter •SANbox5000StackableSwitch •SANbox1000FixedPortSwitch 4 Kpriv
  • 32. Disadvantages ‣ Cross-DC story is sad ‣ Tied to one vendor ‣ HSMs are hard to debug and support is bad.
  • 33. Conclusions ‣ You should have a crypto service! ‣ Solves a lot of architectural problems. ‣ Get it right once. ‣ Save money by sharing HSM resources with multiple applications. ‣ Not that hard to make HA