Institut Mines-Télécom “Digital Safe Client via HTML5 ” Mayssa JEMEL Ahmed SERHROUCHNI Journée: Cloud Coffre Fort Numérique 26 Février 2015.

Slides:



Advertisements
Similar presentations
Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Advertisements

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Protection of SCORM-compliant Content Magda Mourad T.J. Watson Research Center
Database Administration and Security Transparencies 1.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Google Bigtable A Distributed Storage System for Structured Data Hadi Salimi, Distributed Systems Laboratory, School of Computer Engineering, Iran University.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.
Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.
SaaS, PaaS & TaaS By: Raza Usmani
Secure storage for your data in the Internet! If you have any question, you can contact us on: om.
MNO Cloud Use Case 2 Source: Rogers Wireless Contact: Ed O’Leary George Babut 3GPP/SA3-LI#43Tdoc SA3LI11_115.
MetaSync File Synchronization Across Multiple Untrusted Storage Services Seungyeop Han Haichen Shen, Taesoo Kim*, Arvind Krishnamurthy,
Introduction to Cyberspace
CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.
Your storage on the ground; Your files in the cloud.
Cloud Computing and its Implementation ELYSIUM TECHNOLOGIES PRIVATE LIMITED Madurai | Trichy | Coimbatore | Kollam | Cochin | Tirunelveli T. Udhaya Shankar,
Construction of efficient PDP scheme for Distributed Cloud Storage. By Manognya Reddy Kondam.
By Mihir Joshi Nikhil Dixit Limaye Pallavi Bhide Payal Godse.
Week 9 Objectives Securing Files and Folders Protecting Shared Files and Folders by Using Shadow Copies Configuring Network Printing.
1. 2 introductions Nicholas Fischio Development Manager Kelvin Smith Library of Case Western Reserve University Benjamin Bykowski Tech Lead and Senior.
File-Mate 1500 Design Review II
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
MODULE – 8 OBJECT-BASED AND UNIFIED STORAGE
Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.
SODA Archiving October 2013
1 Configurable Security for Scavenged Storage Systems NetSysLab The University of British Columbia Abdullah Gharaibeh with: Samer Al-Kiswany, Matei Ripeanu.
Cloud Storage - A Paradigm Shift in IT Jim Zierick – President & CEO Nirvanix.
Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”)
Electronic Records Management: A Checklist for Success Jesse Wilkins April 15, 2009.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
File-Mate 1500 Design Review III Keven Abbott Tyler Crouse Kiana Delventhal Liam Westby.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.
Experiment Management System CSE 423 Aaron Kloc Jordan Harstad Robert Sorensen Robert Trevino Nicolas Tjioe Status Report Presentation Industry Mentor:
Security fundamentals Topic 5 Using a Public Key Infrastructure.
The Future of Mobile E-Health Application Development Exploring HTML5 for Context-aware Diabetes Monitoring Speaker: Nishant Chettri.
1 Objectives Discuss File Services in Windows Server 2008 Install the Distributed File System in Windows Server 2008 Discuss and create shared file resources.
Copyright © 2012 Cleversafe, Inc. All rights reserved. 1 Combining the Power of Hadoop with Object-Based Dispersed Storage.
What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.
Bigtable: A Distributed Storage System for Structured Data
AFS/OSD Project R.Belloni, L.Giammarino, A.Maslennikov, G.Palumbo, H.Reuter, R.Toebbicke.
Rights Management for Shared Collections Storage Resource Broker Reagan W. Moore
Cloud Archive By: Kimberly Nolan. What it is?  The goal of a cloud archiving service is to provide a data storage (ex. Google drive and SkyDrive) as.
VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.
Implementation of Simple Cloud-based Distributed File System Group ID: 4 Baolin Wu, Liushan Yang, Pengyu Ji.
Distributed File System. Outline Basic Concepts Current project Hadoop Distributed File System Future work Reference.
Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.
1 LM 6 Database Applications Dr. Lei Li. Learning Objectives Explain three components of a client-server system Describe differences between a 2-tiered.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
CloudBerry Explorer for S3. CB Explorer Free to use Browse and manage files PowerShell functions Open and edit files  CloudBerry Explorer is an easy.
THE FUTURE IS HERE: APPLICATION- AWARE CACHING BY ASHOK ANAND.
Security Policy and Key Management Centrally Manage Encryption Keys - Oracle TDE, SQL Server TDE and Vormetric. Tina Stewart, Vice President.
Redmond Protocols Plugfest 2016 Ron Starr, Paul Bartos, Hagit Galatzer, Stephen Guty New and Modified Windows Protocol Documents.
Course: Cluster, grid and cloud computing systems Course author: Prof
BUILD SECURE PRODUCTS AND SERVICES
By: Raza Usmani SaaS, PaaS & TaaS By: Raza Usmani
Geographically distributed storage over multiple universities
Azure Enables Mobility, Easy Sync and Share, and Allows Companies to Retain Data Control MINI-CASE STUDY “Azure provides the full stack of technology that.
HTML5 and Local Storage.
Unit# 5: Internet and Worldwide Web
Introduction to Cyberspace
Iserve – Bulk Cash Deposit Kiosk
Presentation transcript:

Institut Mines-Télécom “Digital Safe Client via HTML5 ” Mayssa JEMEL Ahmed SERHROUCHNI Journée: Cloud Coffre Fort Numérique 26 Février 2015

Institut Mines-Télécom HTML5: Web Revolution HTML5: Local Storage APIs Local Digital Safe Conclusion Plan

Institut Mines-Télécom HTML5: Web Revolution

Institut Mines-Télécom 3 HTML5: Web Revolution Bypassing the proprietary environment Reducing the gap between Web 2.0 services and underlying technologies Standardized by: W3C: World Wide Web Consortium WHATWG: Web Hypertext Application Technology Working Group

Institut Mines-Télécom 4 HTML5: APIs classification

Institut Mines-Télécom HTML5: Local Storage APIs

Institut Mines-Télécom 5 IndexedDB: Replacing the relational databases. Storing data in an indexed database pair data in the browser FileSystem API: Simulating a virtual file system to enable web application managing files and folders HTML5: Local Storage APIs Indexed WebStorage API Storing key/value pair data in the browser Key Browser’s architecture with the Local Data Storage

Institut Mines-Télécom 6 HTML5: Local Storage APIs WebStorage API Storing key/value pair data in the browser Key Browser’s architecture with the Local Data Storage

Institut Mines-Télécom WebStorage API 7 Indexed

Institut Mines-Télécom 8 FileSystem API: Simulating a virtual file system to enable web application managing files and folders HTML5: Local Storage APIs WebStorage API Storing key/value pair data in the browser Key Browser’s architecture with the Local Data Storage

Institut Mines-Télécom 9 FileSystem API

Institut Mines-Télécom 10 IndexedDB: Replacing the relational databases. Storing data in an indexed database pair data in the browser FileSystem API: Simulating a virtual file system to enable web application managing files and folders HTML5: Local Storage APIs Indexed WebStorage API Storing key/value pair data in the browser Key Browser’s architecture with the Local Data Storage

Institut Mines-Télécom 11 IndexedDB API Key

Institut Mines-Télécom Local Digital Safe

Institut Mines-Télécom HTML5 Local Storage APIs Decreasing the physical storage maintained by the web site operator Avoiding the loss of user’s data in case of vulnerability in web application Reducing the server load and improving the service scalability Replacing the proprietary solution such as Google Gears, LSO, etc. Lack of security in data storage as data are stored in clear Lack of web application continuity across the user’s machine Using Offline application when the device is disconnected Giving to the Local Storage the specification of the digital safe as it is defined by Afnor Ensuring the synchronization between the Client Digital Safe and the Cloud Digital Safe Local Digital Safe 13

Institut Mines-Télécom Local Digital Safe Network Architecture Local CCFN: - Preserving a copy of the digital objects with their metadata in the user device (considering the offline cases) Cloud CCFN - Archiving digital information in the Cloud - Ensuring their integrity over the long time - Storing ON and their metadata in the Cloud Metadata server: - Storing information about files stored in the digital safe Sychronization server: - handling the different synchronization request and response - Handling conflict resolution - Interact with the blocks stored in the Digital Safe Metada Server: - Storing the metadata of each file - Handling the access control Third Party - Prove the data archiving 14

Institut Mines-Télécom Local Digital Safe [1] [1]: L113_gsafe_Dossier-Architecture-et-des-technologies Deployment Architecture 14

Institut Mines-Télécom Standard NF Z42-020Specification of the FileSystem API with NF Z42020 Drop Put the ON into the CCFN- dirEntry.getDirectory(path, {create:true}, opt_successCallback, opt_errorCallback); - fileEntry.createWriter(successCallback, opt_errorCallback); Read Get a copy of the ON already stored in the CCFN-fileEntry.file(successCallback, opt_errorCallback); Read Metadata Get the metadata of the ON already stored in the CCFN fileEntry.GetXMLMetadata Control Verify the integrity of the ON already stored in the CCFN fileEntry.VerifyIntegrity Read log Get all the traces of an ON fileEntry.GetLog List Get a list of unique identifier of each ON- fileEntry.getMetadata Count Get the total number of ON stored in the CCFN- fileEntry.getMetadata Standardization on FileSystem APIs 15 NF Z on FileSystem APIs

Institut Mines-Télécom Considered modifications In the browser Adding the new specifications (GetIntegrity, VerifyIntegrity, GetLog) into the FileSystem API Implementing the metadata of each ON Securing the data stored by the HTML5 Local storage API Encrypting the titles of the files that manage the storage of the different storage APIs to avoid metadata tampering 16

Institut Mines-Télécom 17 Direved Key= PBKDF2 (SMP, Salt, C, dklength) Where: SMP: Single Master Password Salt: The salt used for the derivation. This value must be generated randomly C: Number of intern iteration for the derivation dkLen: Derivation Key length -PBKDF2 to encrypt APIs data -Ensure the data integrity -Ensure the metadata integrity Work carried on WebStorage API Securing data of WebStorage API User integration in the management of local storage

Institut Mines-Télécom 18 Implementation in Chromium Chromium’s DomStorage Architecture with the HTML5 data protection

Institut Mines-Télécom 19 Implementation in chromium Ensuring the confidentiality and integrity of data stored by the HTML5 WebStorage API comes at a cost Performance degradation is lower when compared with the encryption of Dojox Storage Toolkit Faced with the great data protection interest, the minor performance degradation can be tolerable Performance evaluation for the SetItem operation Performance evaluation for the GetItem operation

Institut Mines-Télécom Conclusion

Institut Mines-Télécom Conclusion We presented the HTML5 in general and the interest of the different HTML5 Local Storage APIs We proposed a Digital Safe client based on the HTML5 Local Storage APIs The Storage Client has the specification the Digital safe On going extension to this proposition includes a synchronization algorithm that takes into consideration the Digital Safe standards 20

Institut Mines-Télécom Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.