Presentation is loading. Please wait.

Presentation is loading. Please wait.

Institut Mines-Télécom “Digital Safe Client via HTML5 ” Mayssa JEMEL Ahmed SERHROUCHNI Journée: Cloud Coffre Fort Numérique 26 Février 2015.

Published byClaire Davidson Modified over 8 years ago

Similar presentations

Presentation on theme: "Institut Mines-Télécom “Digital Safe Client via HTML5 ” Mayssa JEMEL Ahmed SERHROUCHNI Journée: Cloud Coffre Fort Numérique 26 Février 2015."— Presentation transcript:

1 Institut Mines-Télécom “Digital Safe Client via HTML5 ” Mayssa JEMEL Ahmed SERHROUCHNI Journée: Cloud Coffre Fort Numérique 26 Février 2015

2 Institut Mines-Télécom HTML5: Web Revolution HTML5: Local Storage APIs Local Digital Safe Conclusion Plan

3 Institut Mines-Télécom HTML5: Web Revolution

4 Institut Mines-Télécom 3 HTML5: Web Revolution Bypassing the proprietary environment Reducing the gap between Web 2.0 services and underlying technologies Standardized by: W3C: World Wide Web Consortium WHATWG: Web Hypertext Application Technology Working Group

5 Institut Mines-Télécom 4 HTML5: APIs classification

6 Institut Mines-Télécom HTML5: Local Storage APIs

7 Institut Mines-Télécom 5 IndexedDB: Replacing the relational databases. Storing data in an indexed database pair data in the browser FileSystem API: Simulating a virtual file system to enable web application managing files and folders HTML5: Local Storage APIs Indexed WebStorage API Storing key/value pair data in the browser Key Browser’s architecture with the Local Data Storage

8 Institut Mines-Télécom 6 HTML5: Local Storage APIs WebStorage API Storing key/value pair data in the browser Key Browser’s architecture with the Local Data Storage

9 Institut Mines-Télécom WebStorage API 7 Indexed

10 Institut Mines-Télécom 8 FileSystem API: Simulating a virtual file system to enable web application managing files and folders HTML5: Local Storage APIs WebStorage API Storing key/value pair data in the browser Key Browser’s architecture with the Local Data Storage

11 Institut Mines-Télécom 9 FileSystem API

12 Institut Mines-Télécom 10 IndexedDB: Replacing the relational databases. Storing data in an indexed database pair data in the browser FileSystem API: Simulating a virtual file system to enable web application managing files and folders HTML5: Local Storage APIs Indexed WebStorage API Storing key/value pair data in the browser Key Browser’s architecture with the Local Data Storage

13 Institut Mines-Télécom 11 IndexedDB API Key

14 Institut Mines-Télécom Local Digital Safe

15 Institut Mines-Télécom HTML5 Local Storage APIs Decreasing the physical storage maintained by the web site operator Avoiding the loss of user’s data in case of vulnerability in web application Reducing the server load and improving the service scalability Replacing the proprietary solution such as Google Gears, LSO, etc. Lack of security in data storage as data are stored in clear Lack of web application continuity across the user’s machine Using Offline application when the device is disconnected Giving to the Local Storage the specification of the digital safe as it is defined by Afnor Ensuring the synchronization between the Client Digital Safe and the Cloud Digital Safe Local Digital Safe 13

16 Institut Mines-Télécom Local Digital Safe Network Architecture Local CCFN: - Preserving a copy of the digital objects with their metadata in the user device (considering the offline cases) Cloud CCFN - Archiving digital information in the Cloud - Ensuring their integrity over the long time - Storing ON and their metadata in the Cloud Metadata server: - Storing information about files stored in the digital safe Sychronization server: - handling the different synchronization request and response - Handling conflict resolution - Interact with the blocks stored in the Digital Safe Metada Server: - Storing the metadata of each file - Handling the access control Third Party - Prove the data archiving 14

17 Institut Mines-Télécom Local Digital Safe [1] [1]: L113_gsafe_Dossier-Architecture-et-des-technologies Deployment Architecture 14

18 Institut Mines-Télécom Standard NF Z42-020Specification of the FileSystem API with NF Z42020 Drop Put the ON into the CCFN- dirEntry.getDirectory(path, {create:true}, opt_successCallback, opt_errorCallback); - fileEntry.createWriter(successCallback, opt_errorCallback); Read Get a copy of the ON already stored in the CCFN-fileEntry.file(successCallback, opt_errorCallback); Read Metadata Get the metadata of the ON already stored in the CCFN fileEntry.GetXMLMetadata Control Verify the integrity of the ON already stored in the CCFN fileEntry.VerifyIntegrity Read log Get all the traces of an ON fileEntry.GetLog List Get a list of unique identifier of each ON- fileEntry.getMetadata Count Get the total number of ON stored in the CCFN- fileEntry.getMetadata Standardization on FileSystem APIs 15 NF Z42-020 on FileSystem APIs

19 Institut Mines-Télécom Considered modifications In the browser Adding the new specifications (GetIntegrity, VerifyIntegrity, GetLog) into the FileSystem API Implementing the metadata of each ON Securing the data stored by the HTML5 Local storage API Encrypting the titles of the files that manage the storage of the different storage APIs to avoid metadata tampering 16

20 Institut Mines-Télécom 17 Direved Key= PBKDF2 (SMP, Salt, C, dklength) Where: SMP: Single Master Password Salt: The salt used for the derivation. This value must be generated randomly C: Number of intern iteration for the derivation dkLen: Derivation Key length -PBKDF2 to encrypt APIs data -Ensure the data integrity -Ensure the metadata integrity Work carried on WebStorage API Securing data of WebStorage API User integration in the management of local storage

21 Institut Mines-Télécom 18 Implementation in Chromium Chromium’s DomStorage Architecture with the HTML5 data protection

22 Institut Mines-Télécom 19 Implementation in chromium Ensuring the confidentiality and integrity of data stored by the HTML5 WebStorage API comes at a cost Performance degradation is lower when compared with the encryption of Dojox Storage Toolkit Faced with the great data protection interest, the minor performance degradation can be tolerable Performance evaluation for the SetItem operation Performance evaluation for the GetItem operation

23 Institut Mines-Télécom Conclusion

24 Institut Mines-Télécom Conclusion We presented the HTML5 in general and the interest of the different HTML5 Local Storage APIs We proposed a Digital Safe client based on the HTML5 Local Storage APIs The Storage Client has the specification the Digital safe On going extension to this proposition includes a synchronization algorithm that takes into consideration the Digital Safe standards 20

25 Institut Mines-Télécom Thank you

Download ppt "Institut Mines-Télécom “Digital Safe Client via HTML5 ” Mayssa JEMEL Ahmed SERHROUCHNI Journée: Cloud Coffre Fort Numérique 26 Février 2015."

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Protection of SCORM-compliant Content Magda Mourad T.J. Watson Research Center

Protection of SCORM-compliant Content Magda Mourad T.J. Watson Research Center
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.

Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Google Bigtable A Distributed Storage System for Structured Data Hadi Salimi, Distributed Systems Laboratory, School of Computer Engineering, Iran University.

Google Bigtable A Distributed Storage System for Structured Data Hadi Salimi, Distributed Systems Laboratory, School of Computer Engineering, Iran University.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.

Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.
Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.

Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.
SaaS, PaaS & TaaS By: Raza Usmani

SaaS, PaaS & TaaS By: Raza Usmani
Secure storage for your data in the Internet! If you have any question, you can contact us on: om.

Secure storage for your data in the Internet! If you have any question, you can contact us on: om.
MNO Cloud Use Case 2 Source: Rogers Wireless Contact: Ed O’Leary George Babut 3GPP/SA3-LI#43Tdoc SA3LI11_115.

MNO Cloud Use Case 2 Source: Rogers Wireless Contact: Ed O’Leary George Babut 3GPP/SA3-LI#43Tdoc SA3LI11_115.
MetaSync File Synchronization Across Multiple Untrusted Storage Services Seungyeop Han Haichen Shen, Taesoo Kim*, Arvind Krishnamurthy,

MetaSync File Synchronization Across Multiple Untrusted Storage Services Seungyeop Han Haichen Shen, Taesoo Kim*, Arvind Krishnamurthy,

Similar presentations

Ads by Google