Publicité
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration
GCCS-Unplugged Secure and private communication and collaboration

Check these out next

ICHET Cutting-Edge R&D Laboratories 2008-2012
ICHET Cutting-Edge R&D Laboratories 2008-2012
Osman Malik Atanur
2015 03 nllgg-event Organizing Duoconferences.
2015 03 nllgg-event Organizing Duoconferences.
hcderaad
GCIP-T 2014 Yılı Kataloğu
GCIP-T 2014 Yılı Kataloğu
Osman Malik Atanur
ODFPlugfest 2015 Kolab, WebODF, Pleio
ODFPlugfest 2015 Kolab, WebODF, Pleio
hcderaad
Instagram
Instagram
darrenpayton
Điều kiện thanh toán quốc tế
Điều kiện thanh toán quốc tế
nhungzi
Điều kiện thanh toán quốc tế
Điều kiện thanh toán quốc tế
nhungzi
Open source privacy respecting websites FTW Linux Days 2015 - Drupal and Piwik
Open source privacy respecting websites FTW Linux Days 2015 - Drupal and Piwik
hcderaad
1 sur 28

GCCS-Unplugged Secure and private communication and collaboration

17 Apr 2015
Télécharger pour lire hors ligne
Internet

Slides prepared for the GCCS Unplugged conference in april 2015 in The Hague.

hcderaad
Publicité
Publicité
Publicité

Recommandé

ARLIS-presentationARLIS-presentation
ARLIS-presentationVictoria Pilato132 vues14 diapositives
Group Presentation Slide Week13Group Presentation Slide Week13
Group Presentation Slide Week13Yorito Tamura140 vues6 diapositives
بحث الجراحهبحث الجراحه
بحث الجراحهameerh1415202 vues4 diapositives
cremascremas
cremaspatyortizlinda176 vues5 diapositives
Universidade Federal FluminenseUniversidade Federal Fluminense
Universidade Federal FluminenseWillThurnner224 vues16 diapositives
Data security, privacy and patient safety in the 21st centuryData security, privacy and patient safety in the 21st century
Data security, privacy and patient safety in the 21st centuryhcderaad389 vues23 diapositives

Contenu connexe

En vedette(7)

ICHET Cutting-Edge R&D Laboratories 2008-2012ICHET Cutting-Edge R&D Laboratories 2008-2012
ICHET Cutting-Edge R&D Laboratories 2008-2012
Osman Malik Atanur311 vues
2015 03 nllgg-event Organizing Duoconferences.2015 03 nllgg-event Organizing Duoconferences.
2015 03 nllgg-event Organizing Duoconferences.
hcderaad386 vues
GCIP-T 2014 Yılı KataloğuGCIP-T 2014 Yılı Kataloğu
GCIP-T 2014 Yılı Kataloğu
Osman Malik Atanur1.8K vues
ODFPlugfest 2015 Kolab, WebODF, PleioODFPlugfest 2015 Kolab, WebODF, Pleio
ODFPlugfest 2015 Kolab, WebODF, Pleio
hcderaad301 vues
InstagramInstagram
Instagram
darrenpayton347 vues
Điều kiện thanh toán quốc tếĐiều kiện thanh toán quốc tế
Điều kiện thanh toán quốc tế
nhungzi2K vues
Điều kiện thanh toán quốc tếĐiều kiện thanh toán quốc tế
Điều kiện thanh toán quốc tế
nhungzi8.3K vues

Similaire à GCCS-Unplugged Secure and private communication and collaboration(20)

Open source privacy respecting websites FTW Linux Days 2015 - Drupal and PiwikOpen source privacy respecting websites FTW Linux Days 2015 - Drupal and Piwik
Open source privacy respecting websites FTW Linux Days 2015 - Drupal and Piwik
hcderaad439 vues
DORS/CLUC Open source privacy respecting websites FTWDORS/CLUC Open source privacy respecting websites FTW
DORS/CLUC Open source privacy respecting websites FTW
hcderaad309 vues
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
Chris Swan156 vues
Dev ops in the Digital Repository of Ireland - Stuart KennyDev ops in the Digital Repository of Ireland - Stuart Kenny
Dev ops in the Digital Repository of Ireland - Stuart Kenny
dri_ireland807 vues
Apache Syncope and TirasaApache Syncope and Tirasa
Apache Syncope and Tirasa
Francesco Chicchiriccò2.9K vues
Cloud services in Estonian, startups cloud meetupCloud services in Estonian, startups cloud meetup
Cloud services in Estonian, startups cloud meetup
Riho Kurg405 vues
Unifying Events and Logs into the CloudUnifying Events and Logs into the Cloud
Unifying Events and Logs into the Cloud
Eduardo Silva Pereira493 vues
Unifying Events and Logs into the CloudUnifying Events and Logs into the Cloud
Unifying Events and Logs into the Cloud
Treasure Data, Inc.1.5K vues
Large drupal site builds a workshop for sxsw interactive - march 17, 2015Large drupal site builds a workshop for sxsw interactive - march 17, 2015
Large drupal site builds a workshop for sxsw interactive - march 17, 2015
rgristroph396 vues
BPM and SOA Are Going Mobile: An Architectural PerspectiveBPM and SOA Are Going Mobile: An Architectural Perspective
BPM and SOA Are Going Mobile: An Architectural Perspective
Guido Schmutz4.1K vues
SIM RTP Meeting - So Who's Using Open Source Anyway?SIM RTP Meeting - So Who's Using Open Source Anyway?
SIM RTP Meeting - So Who's Using Open Source Anyway?
Alex Meadows679 vues
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES.eu52 vues
Why “It’s over TLS” is not good enoughWhy “It’s over TLS” is not good enough
Why “It’s over TLS” is not good enough
MatthewHooper22368 vues
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career Day
Artur Babyuk42 vues
Shift Left SecurityShift Left Security
Shift Left Security
gjdevos201 vues
What are Decentralized Identifiers (DIDs)?What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?
Evernym4.3K vues
OpenChain Mini-Summit 2023 - State of Tooling in Open Source AutomationOpenChain Mini-Summit 2023 - State of Tooling in Open Source Automation
OpenChain Mini-Summit 2023 - State of Tooling in Open Source Automation
Shane Coughlan184 vues
Open Source in Real LifeOpen Source in Real Life
Open Source in Real Life
Kenneth Geisshirt77 vues
OpenFest.org: MariaDB and open source collaborationOpenFest.org: MariaDB and open source collaboration
OpenFest.org: MariaDB and open source collaboration
Otto Kekäläinen566 vues
Secure and private collaboration - LinuxDays 2015 Kolab and UniventionSecure and private collaboration - LinuxDays 2015 Kolab and Univention
Secure and private collaboration - LinuxDays 2015 Kolab and Univention
hcderaad398 vues
Publicité

Dernier(20)

bloomstaxonomyofeducationalobjectives-ppt-171111042614.pptxbloomstaxonomyofeducationalobjectives-ppt-171111042614.pptx
bloomstaxonomyofeducationalobjectives-ppt-171111042614.pptx
Subi Babu0 vue
From Sitting to Energising. Where do you want to Be?From Sitting to Energising. Where do you want to Be?
From Sitting to Energising. Where do you want to Be?
CSUC - Consorci de Serveis Universitaris de Catalunya0 vue
CYBER SECURITY SEMINAR.pptxCYBER SECURITY SEMINAR.pptx
CYBER SECURITY SEMINAR.pptx
DCEISO580thACWW1 vue
Calameo PDF Downloader.pdfCalameo PDF Downloader.pdf
Calameo PDF Downloader.pdf
ManuelAlejandroUlloa32 vues
Facebook PDF.pdfFacebook PDF.pdf
Facebook PDF.pdf
sepia55 vues
Lessons learned using GitOpsLessons learned using GitOps
Lessons learned using GitOps
Edgaras Apšega6 vues
AI-Driven Market Research Platform.pdfAI-Driven Market Research Platform.pdf
AI-Driven Market Research Platform.pdf
Prasanna Hegde0 vue
National chocolate ice cream day. National chocolate ice cream day.
National chocolate ice cream day.
Shathya11c3 vues
Matlab.pdfMatlab.pdf
Matlab.pdf
MAROUA1102 vues
Hybrid App Development.pdfHybrid App Development.pdf
Hybrid App Development.pdf
Sanjaysharma9946542 vues
Network Development in the GÉANT ProjectNetwork Development in the GÉANT Project
Network Development in the GÉANT Project
CSUC - Consorci de Serveis Universitaris de Catalunya0 vue
QTS diploma.pdfQTS diploma.pdf
QTS diploma.pdf
lunabarajas8164 vues
Charter Oak State College diploma.pdfCharter Oak State College diploma.pdf
Charter Oak State College diploma.pdf
lunabarajas8164 vues
Cellular Forensics (1).pptxCellular Forensics (1).pptx
Cellular Forensics (1).pptx
AMIRHAMZA189531 vue
evolution-gaming-w88evolution-gaming-w88
evolution-gaming-w88
w88 hey2 vues
javascript.pptxjavascript.pptx
javascript.pptx
hasiny22 vues
wipo_smes_kul_06_www_68913.pptwipo_smes_kul_06_www_68913.ppt
wipo_smes_kul_06_www_68913.ppt
RamaNingaiah1 vue
Facebook X.pdfFacebook X.pdf
Facebook X.pdf
sepia54 vues
introduction.pptxintroduction.pptx
introduction.pptx
KelvinDube40 vue
1ST Cellular Forensics.pptx1ST Cellular Forensics.pptx
1ST Cellular Forensics.pptx
AMIRHAMZA189531 vue

GCCS-Unplugged Secure and private communication and collaboration

  1. info@hcderaad.nl www.hcderaad.nl Secure and private communication and collaboration OpenNovations & Kolab Systems AG
  2. info@hcderaad.nl www.hcderaad.nl About OpenNovations ● >13 years experience in open source, open standards and security. ● Clients in (international) Government, SME, startups. ● Project lead for openSUSE Conference and Kolab Summit (1-4 May 2015)
  3. info@hcderaad.nl www.hcderaad.nl About Kolab Systems AG ● Patron of the Kolab collaboration suite ● Based in Zurich ● Offers scalable and secure collaboration software. ● 100% open source and open standards
  4. info@hcderaad.nl www.hcderaad.nl Topics ● Platforms ● Technical aspects – Standards ● What is missing? ● How to organize?
  5. info@hcderaad.nl www.hcderaad.nl Communication and collaboration software needs external exposure ● Cross network communication ● Authentication (identity management) ● Spam, security issues. ● Old developments – PGP, S/MIME ● Adoption still not very widespread. ● New developments – DKIM, DMARC, DANE
  6. info@hcderaad.nl www.hcderaad.nl Current offerings focus on availability and price ● Competition on file storage size ● Cross device information access ● Hosted by cloud vendors – Integration with existing infrastructure minimal ● SLA's only focussed on uptime, availability – No security, privacy, etc. ● Especially when personal accounts are used. ● Data ownership? Copyright?
  7. info@hcderaad.nl www.hcderaad.nl Platforms
  8. info@hcderaad.nl www.hcderaad.nl What solutions that cover both do exist? ● What open source groupware and collaboration solutions work? – Kolab? – Zimbra? ● Not fully open source ● Why does open source matter? – Transparency – Vendor lockin – Exit strategy / sustainable data
  9. info@hcderaad.nl www.hcderaad.nl Security === open source ● Only way to validate fit-for-purpose and implementation ● Maximum exchange of knowledge – Learn from others' mistakes ● Would you trust a proprietary fully closed source medical operation? – Or rather, would a doctor trust another doctor to operate on him/her if he wouldn't know exactly what he/she was doing?
  10. info@hcderaad.nl www.hcderaad.nl Functional areas ● Secure collaboration covers several functional area's – Email – Calendar – Todo lists – File storage – VoIP, chat ● What's missing?
  11. info@hcderaad.nl www.hcderaad.nl Document collaboration ● ODF is the standard – LibreOffice – WebODF ● Both cover different use cases. – But are equally important ● Use cases for both?
  12. info@hcderaad.nl www.hcderaad.nl Secure storage ● Server side encryption? – Trust the admin? ● End to end encryption? – Key management? – Web access? ● Browser security model weak. ● Host your own? – VPS? Do you also control the platform? ● Any ideas?
  13. info@hcderaad.nl www.hcderaad.nl Secure exchange ● PGP? S/MIME? – Hard to implement? ● SSL / TLS / STARTTLS? – Only transport, it helps, but no identity validation ● Do you use it? Or something else?
  14. info@hcderaad.nl www.hcderaad.nl Secure documents ● Storage is one thing, access another. – WebDAV as secure as HTTP(s)? ● Large file support not ideal – CMIS? ● Syncing? – Only for small sets of files ● Else you'll create your own network DdoS ● Security of the reader/writer apps? – Temporary storage? ● Use cases?
  15. info@hcderaad.nl www.hcderaad.nl Chat and voice ● Unified communications ● Carriers also not focussed on security ● Most chat apps use centralized servers – Some even store chat sessions ● End to end encryption – Mostly PR.
  16. info@hcderaad.nl www.hcderaad.nl What is still missing?
  17. info@hcderaad.nl www.hcderaad.nl How to improve this? ● New standards? ● New technologies? ● Legislation? – US / EU Privacy legislation? ● Security versus privacy? – This has been the pov of the Dutch government
  18. info@hcderaad.nl www.hcderaad.nl (New) standards ● DMARC, DKIM, SPF, DANE? – All focussed on improving the reliability of the transport ● PGP, S/MIME – Message confidentiality and integrity ● How come adoption still is very low?
  19. info@hcderaad.nl www.hcderaad.nl New technologies? ● Quite a lot of crowd funding campaigns for – Secure email storage – End to end encrypted file storage ● Is this really new? ● Are they proven technology? – “Old” technologies are battle tested. ● Perhaps the focus should be more on improving existing (and quite wide spread) technologies.
  20. info@hcderaad.nl www.hcderaad.nl Legislation ● New EU Privacy directive ● ENISA guidelines ● In Dutch government – ARBIT – Parlementairy inquiry (Elias committee) ● Trends are strongly towards open source software – Netherlands: Motion Vendrik (2002), yesterday motion Oosenbrug & Gesthuizen – International adoption (UK, Sweden, etc). ● International treaties? – TTIP? DMCA?
  21. info@hcderaad.nl www.hcderaad.nl Security versus privacy ● There appears to be some tension between security and privacy – Not from an individual persons' point of view ● The more private, the more secure – From government point of view ● Issues with wiretapping ● Lawful interception?
  22. info@hcderaad.nl www.hcderaad.nl Which areas are still missing? ● Secure one time data/document sharing ● Improved crypto for web mail ● PKI Integration into all different apps ● Two factor authentication across applications ● Other ideas?
  23. info@hcderaad.nl www.hcderaad.nl How to organize secure collaboration platforms for individuals?
  24. info@hcderaad.nl www.hcderaad.nl Host it yourself ● Feels good – Your data under your own control ● But is it really? – How technically skilled are you really? – How much time do you spend on maintainance? – Is your server platform really secure?
  25. info@hcderaad.nl www.hcderaad.nl Hire a hosting company? ● Outsourcing security and availability – Professionals working on the platform ● But do you really trust them?
  26. info@hcderaad.nl www.hcderaad.nl Community hosting! ● Organize in communities! – Pay someone (or two) to actually do maintainance – Get enterprisegrade support for your platform – Host your own hardware (colocated?), know your platform ● But still, keep it between a (small) known group of people – Stay in control of your data!
  27. info@hcderaad.nl www.hcderaad.nl Questions / suggestions ?
  28. info@hcderaad.nl www.hcderaad.nl Contact! Hans de Raad www.opennovations.nl info@hcderaad.nl Kolab Systems AG www.kolabsys.com
Publicité