Upload File

cloud storage security - tech conf 2014

15
Stockage Cloud: Confidentialité, Encryption et Deduplication Deduplication PUZIO Pasquale Doctorant CIFRE SecludIT & EURECOM

Upload: telecomvalley

Post on 12-Jul-2015

95 views

Category:

Data & Analytics


4 download

Report

TRANSCRIPT

Page 1: Cloud storage security - Tech conf 2014

Stockage Cloud:

Confidentialité, Encryption et

Deduplication Deduplication

PUZIO Pasquale

Doctorant CIFRE

SecludIT & EURECOM

Page 2: Cloud storage security - Tech conf 2014

Stockage Cloud

2

Page 3: Cloud storage security - Tech conf 2014

3

Page 4: Cloud storage security - Tech conf 2014

4

Page 5: Cloud storage security - Tech conf 2014

Confidentialité• Premier menace selon le rapport du CSA (Cloud Security Alliance)

5

Page 6: Cloud storage security - Tech conf 2014

Encryption

6

Page 7: Cloud storage security - Tech conf 2014

Encryption

7

Page 8: Cloud storage security - Tech conf 2014

Deduplication

8

Page 9: Cloud storage security - Tech conf 2014

Deduplication

...mais ça ne marche pas avec les données chiffrées!

D = Hello World

D = Hello World

ENCRYPTION with K1 ENCRYPTION with K2

owhfgr0wgr[whfrw0[h0[erghe0[gh0[eg

dfjl;dbfrwbfirbfroepthwobgfrugtwertgrtwu

9

Page 10: Cloud storage security - Tech conf 2014

Convergent Encryption

K = hash(Data)

D = Hello World

D = Hello World

ENCRYPTION with H(D) ENCRYPTION with H(D)

klfgwilegfiorwegtriegtiergieiergriegrigfifiw

klfgwilegfiorwegtriegtiergieiergriegrigfifiw

10

Page 11: Cloud storage security - Tech conf 2014

Deduplication + Convergent

Encryption

11

Page 12: Cloud storage security - Tech conf 2014

Risques pour la Confidentialité

• Offline brute-force attack

• Confirmation of a file

• Learn the remaining information

12

Page 13: Cloud storage security - Tech conf 2014

Learn the remaining information attack

REMAINING

13

REMAINING

INFORMATION

Page 14: Cloud storage security - Tech conf 2014

Solution: ClouDedup

14

Page 15: Cloud storage security - Tech conf 2014

MerciMerciQuestions ?

http://elastic-security.com/

http://secludit.com/

15


Vmware and Isci Storage Conf

2011 National BDPA Tech Conf Presenation Final

D conf 2016 - Using D for Primary Storage

Ashrae tech conf 2010

Trusted Cloud Storage Tech Talk

Conf ibm big data en santé télécom paris tech 16062016 v1

Entrepreneurship in the 21st Century - Teens in Tech Conf

Mobile Games Revenue Models Presentation at Gamer Tech Law conf. oct 2013

Rakuten tech conf

Enabling optimization of business processes in banking ws tech conf logan_2011

IRENA-ETSAP Tech Brief E18 Electricity-Storage

OpenStack Block Storage (Cinder) - Tech Overview

DOSCH DESIGN · Conf 323 329 335 Conf 333 Conf 337 Conf 343 Conf 349 Conf 338 Conf 344 Conf 350 Conf 339 Conf 345 Conf 351 Conf 340 Conf 346 Conf 352 Conf 341 Conf 347 Conf 342 Conf

Wash tech mole conf 2

Fall ed tech conf teachers:soc media

Midrange Storage - Tech Data Manufacturer Stores

2009 Kaia Midwest Tech Conf Web Sites And Sm V08 21 09

2014.12.11 - TECH CONF #3 - Présentation Node.js

Hindustan Fibre Tech, Chennai, FRP Storage Tanks

AC-Tech - Project 1. Motorcycle Winter Storage

Storage virtualization citrix blr wide tech talk

Rakuten Tech Conf 2015 Yet Another Security Talk

Storage tech-map-eng

OpenStack Object storage (Swift) - Tech Overview

2011 ASAE Tech Conf Social Media Strategy

Tech Data ActivRac Industrial Storage Racks

MCLI T&L with Tech Conf 2008

Susan Ayers Walker 11- 5 -09 aging tech conf call

Tutorial SAS Zoning 2011 LSI Tech Conf

20140503 Nico-Tech Fablab Asia Network 1st Conf

Date: OFFSHORE TECH CONF By: Stephanie Hudgens

ME165-1_Week-10.2 Energy Storage Tech

E tech spring tech conf may 20

PSC 4/14-15/08 Tech Conf - Government of New York

Lib Tech Conf Google Wave Short