Securing INSPIREdgeodata cloud services with CLARUS · AKKA Researchroadmap 5 CLOUDS CLARUS private...

Securing INSPIREd geodatacloud services with CLARUS

INSPIRE conference 2016 (Barcelona)

Why cloud computing ?

Increase flexibilityon‐demandelasticityubiquitous access

Reduce costsshared resourcespay as you usemetering

Reduce riskshigher availability

Securing INSPIREd geodata cloud services with CLARUS 2

The main barriersto cloud adoption

3

Geodata providers are often reluctant to move to the cloud

Data security Loss of control Data location

Securing INSPIREd geodata cloud services with CLARUS

4

PrivateCloud

CloudAccessSecurity Broker

Solutions ?

on‐premises or cloud‐hosted

software that acts as a control point to support threat protection and

security for cloud services

a type of cloud computing that delivers similar

advantages to public cloud but

implemented within the corporate infrastructure


AKKA Research roadmap

5

CLOUDS CLARUS

privatecloud

cloud security

demonstrate the feasibility of employing a cloud‐based infrastructure to provide

seamless access to geospatial public sector information


EuropeanCommission

H2020programme

INSPIRE in the cloud security issues

some geospatial data are sensitive for public security matters for commercial reasons

their exploitation in the cloud raises security issuesthe mission of European geosurvey organisations

includes the management of sensitive environmental data (e.g. drinking water collection points)

beside the legal obligations to share public data to a large audience

6Securing INSPIREd geodata cloud services with CLARUS

The CLARUS solution

7

in the context of honest‐but‐curious cloud service providers (CSP)


The « honest‐but‐curious » threat model

8

Secure the transport

Secure the access

Trust the service provider

Secure communication

HTTPSSFTPSSH

Access controlAuthenticationAuthorization

?


The « honest‐but‐curious » threat model

9

Secure the transport

Secure the access

Trust the service provider

HONEST

butCURIOUS


10

data set

Cloud Service Provider

UNTRUSTEDZONE

TRUSTED ZONE


11

data set

search query

data set

transformedsearch

obfuscatedresults

clearresults

2

3

4 5

61

Cloud Service Provider

UNTRUSTEDZONE

TRUSTED ZONE

Proxy


Application cases considered


Data operations

13

data anonym. encryption

data splitting

searchableencryption

data coarsening

homo‐morphic

encryption

clear data protected dataProxy


Encryption techniques

14


data splitting


data coarsening

homo‐morphic

encryption

Proxy protected dataclear data


Privacy‐preserving techniques

15


data splitting


data coarsening

homo‐morphic

encryption



Data anonymisation

16


data splitting


data coarsening

homo‐morphic

encryption


Sensitive data are made indistiguishable

in order to avoidreidentification

and confidential data disclosure


Data coarsening

17


data splitting


data coarsening

homo‐morphic

encryption


Data are generalized in order to lower their level

of details and thus avoid disclosure


Data splitting

18


data splitting


data coarsening

homo‐morphic

encryption


Data are fragmented into different cloud providers so that individual pieces do

not cause disclosure


19

Data coarsening

20

Data anonymization

21

Data splitting

What about encryption ?


The challenges of encryption

Full encryption is advised(Partial encryption reveals search patterns to the CSP that can be used to deriveinformation about the protected data)

…. but ….How to fully encrypt without breaking functionality ?

For vector datasets stored in a spatial DB, it is not possible


Combining techniques

24


data splitting


data coarsening

homo‐morphic

encryption

clear data protected dataProxy

USE CASEKriging computation

(geoprocessing)

Measurements (z) are encrypted and

outsourced to one cloud

Outsourced coordinates (x,y) are split

(latitude/longitude) in different clouds

Kriging computation on protected data is

possible


Searchable encryptionfor geo‐referenced data

25


data splitting


data coarsening

homo‐morphic

encryption


RESEARCH PAPER


Homomorphic encryption for secure geoprocessing

26


data splitting


data coarsening

homo‐morphic

encryption


RESEARCH PAPER


Proxy

under the magnifying glass

27

clear data protected data

data protection

ANON.

COARS.

SPLIT.

ENCRYP

S.E.

H.E.

sensitive dataidentification

PGSQL

WFS WPSWFST

S3

+PLUGINS

protocol parsing request /responseprocessing

STREAMING

BUFFERING SECURITYPOLICY


28

Geospatial datasetsfor CLARUS

containgeographicalcoordinates

contain scientificattributes

(measurements)

require a certain level of security

(confidential)

relating to one of the INSPIRE thematic groups held by public

authorities or third-parties

conforming to standards (OGC, ISO)


INSPIRE use cases for CLARUS

29

groundwaterboreholes

energy supplynetworks

geology(kriging)

any

storage geo publication

geoprocessing

geocollaboration


INSPIRE use cases for CLARUS

30

storage geopublication

geoprocessing

geocollaboration

WFS WPS WFST

PGSQLS3


Other (possible) applications

Health geostatisticsprivacy‐preserving statistics and geography

Location privacyprivacy‐preserving location based services (LBS)for smart cities, smart phones, connected cars

Satellite imageryprotect high resolution products


THANK YOUThierry Chevallier

(AKKA Technologies)

www.clarussecure.eu | [email protected] | @Clarusecure CLARUS has received funding from the European Union's Horizon 2020 programme ‐ DG CONNECT Software & Services, Cloud. Contract No. 644024

Securing INSPIREdgeodata cloud services with CLARUS · AKKA Researchroadmap 5 CLOUDS CLARUS private...

Documents

Transcript of Securing INSPIREdgeodata cloud services with CLARUS · AKKA Researchroadmap 5 CLOUDS CLARUS private...