SlideShare una empresa de Scribd logo

Sqrrl November Webinar: Encryption and Security in Accumulo

Sqrrl
Sqrrl

Tightening Your Trusted Zone: Encryption for Accumulo. In this webinar we will provide a technical deep dive into the NoSQL database Apache Accumulo. Some of the topics that will be covered include: encryption in motion, encryption at rest, trust boundaries.

Datos y análisisTecnología
1 de 42
Descargar para leer sin conexión
Securely explore your data ENCRYPTION AND SECURITY IN ACCUMULO AND SQRRL Michael Allen Security Architect Sqrrl Data, Inc. michael@sqrrl.com
ISN’T ACCUMULO ALREADY SECURE? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
I MEAN, THESE SMART GALS AND GUYS MADE IT… © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential (Undisclosed location) Source:wikipedia.org.Publicdomain
CELL-LEVEL SECURITY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
CELL-LEVEL SECURITY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
CELL-LEVEL SECURITY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
WHAT’S THE THREAT? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
A TYPICAL DEPLOYMENT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
A TYPICAL DEPLOYMENT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential (…ignoring master nodes, name nodes, garbage collectors, other ephemera…)
A TYPICAL CAST © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
THREATS INSIDE AND OUT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
WHO CAN WE PUSH OUT? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
HOW? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
ENCRYPTION © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
IN MOTION AND AT REST © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
IT’S NOT… © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential Source:http://bit.ly/HqScSr.CreativeCommons, Attribution.
FUNDAMENTAL QUESTIONS What are you encrypting? How are you encrypting it? How are you protecting the key? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
ACCUMULO 1.6 SSL for Accumulo Clients Encrypting data within HDFS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
SSL AND ACCUMULO © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential ACCUMULO-1009 Patch that adds configuring and using SSL certificates
MAKE YOUR CERTS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
CONFIGURE YOUR SERVERS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
CONFIGURE YOUR SERVERS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
DISTRIBUTE YOUR CERTS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
DISTRIBUTE YOUR ROOTS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
ENJOY YOUR SSL © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
ENCRYPTION AT REST © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential ACCUMULO-998 Patch that adds encryption for Rfiles and WAL
ENCRYPTION AT REST © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential Uses Java Cryptography Extensions (JCE) for encryption interface / engine (Guess what? It’s pluggable.)
BEHIND THE SCENES © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
BEHIND THE SCENES © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
BEHIND THE SCENES © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
BEHIND THE SCENES © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
WHERE DOES THAT KEY GO? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
WHERE DOES THAT KEY GO? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
WHERE DOES THAT KEY GO? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
PLUGGABLE STRATEGY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential •  Java class that mediates access to KEK •  Encrypts and decrypts per-file keys •  Passes back to callers opaque ID to identify KEK used to do encryption •  Callers should store opaque ID along with encrypted key
PLUGGABLE STRATEGY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
PLUGGABLE STRATEGY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
CONFIGURATION OPTIONS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential Property Name “Usual” Value Meaning !"#$%&'(&)*+,'!+-../ &"0'-$-!1,'-!!*(*+&'/ !&",'.,!*"2%#'!"#$%&'/ 3,4-*+%5"#$%&6&)*+,/ The class that creates encrypting and decrypting data streams !"#$%&'!2$1,"'.*2%, 789:5;<:=>59?=-))2@0/ Encryption algorithm spec !"#$%&'!2$1,"'A,#'+,@0%1 BCD/ Key length !"#$%&'(&)*+,'!+-../ &"0'-$-!1,'-!!*(*+&'/ !&",'.,!*"2%#'!"#$%&'/ 3,4-*+%9,!",%E >,#8@!"#$%2&@9%"-%,0#/ Class that mediates access to KEK
REDUCED THREAT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
REDUCED THREAT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
TOWARDS THE FUTURE © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
© 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential THANKS! michael@sqrrl.com

Recomendados

Accumulo Summit 2014: Past and Future Threats: Encryption and Security in Acc...
Accumulo Summit 2014: Past and Future Threats: Encryption and Security in Acc...Accumulo Summit 2014: Past and Future Threats: Encryption and Security in Acc...
Accumulo Summit 2014: Past and Future Threats: Encryption and Security in Acc...Accumulo Summit
 
Secure your Hadoop clusters with BlueTalon SecureAccess for WebHDFS
Secure your Hadoop clusters with BlueTalon SecureAccess for WebHDFSSecure your Hadoop clusters with BlueTalon SecureAccess for WebHDFS
Secure your Hadoop clusters with BlueTalon SecureAccess for WebHDFSIsabelle Dumont
 
User And Physical Security
User And Physical SecurityUser And Physical Security
User And Physical Securityguest648519
 
What Every Software Engineer Should Know About Security and Encryption
What Every Software Engineer Should Know About Security and EncryptionWhat Every Software Engineer Should Know About Security and Encryption
What Every Software Engineer Should Know About Security and EncryptionAll Things Open
 
Storage Visibility for Operations - A Ceph Story
Storage Visibility for Operations - A Ceph StoryStorage Visibility for Operations - A Ceph Story
Storage Visibility for Operations - A Ceph StoryDebojyoti Dutta
 
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & InformationDDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Informationjenkoon
 
Global Efforts to Secure Cloud Computing
Global Efforts to Secure Cloud Computing Global Efforts to Secure Cloud Computing
Global Efforts to Secure Cloud Computing InnoTech
 
Accumulo Summit 2014: Accumulo Visibility Labels and Pluggable Authorization ...
Accumulo Summit 2014: Accumulo Visibility Labels and Pluggable Authorization ...Accumulo Summit 2014: Accumulo Visibility Labels and Pluggable Authorization ...
Accumulo Summit 2014: Accumulo Visibility Labels and Pluggable Authorization ...Accumulo Summit
 

Recomendados

Accumulo Summit 2014: Past and Future Threats: Encryption and Security in Acc...
Accumulo Summit 2014: Past and Future Threats: Encryption and Security in Acc...Accumulo Summit 2014: Past and Future Threats: Encryption and Security in Acc...
Accumulo Summit 2014: Past and Future Threats: Encryption and Security in Acc...Accumulo Summit
 
Secure your Hadoop clusters with BlueTalon SecureAccess for WebHDFS
Secure your Hadoop clusters with BlueTalon SecureAccess for WebHDFSSecure your Hadoop clusters with BlueTalon SecureAccess for WebHDFS
Secure your Hadoop clusters with BlueTalon SecureAccess for WebHDFSIsabelle Dumont
 
User And Physical Security
User And Physical SecurityUser And Physical Security
User And Physical Securityguest648519
 
What Every Software Engineer Should Know About Security and Encryption
What Every Software Engineer Should Know About Security and EncryptionWhat Every Software Engineer Should Know About Security and Encryption
What Every Software Engineer Should Know About Security and EncryptionAll Things Open
 
Storage Visibility for Operations - A Ceph Story
Storage Visibility for Operations - A Ceph StoryStorage Visibility for Operations - A Ceph Story
Storage Visibility for Operations - A Ceph StoryDebojyoti Dutta
 
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & InformationDDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Informationjenkoon
 
Global Efforts to Secure Cloud Computing
Global Efforts to Secure Cloud Computing Global Efforts to Secure Cloud Computing
Global Efforts to Secure Cloud Computing InnoTech
 
Accumulo Summit 2014: Accumulo Visibility Labels and Pluggable Authorization ...
Accumulo Summit 2014: Accumulo Visibility Labels and Pluggable Authorization ...Accumulo Summit 2014: Accumulo Visibility Labels and Pluggable Authorization ...
Accumulo Summit 2014: Accumulo Visibility Labels and Pluggable Authorization ...Accumulo Summit
 
Sqrrl June Webinar: An Accumulo Love Story
Sqrrl June Webinar: An Accumulo Love StorySqrrl June Webinar: An Accumulo Love Story
Sqrrl June Webinar: An Accumulo Love StorySqrrl
 
Clear pass access management basics zach jennings
Clear pass access management basics zach jenningsClear pass access management basics zach jennings
Clear pass access management basics zach jenningsAruba, a Hewlett Packard Enterprise company
 
CipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud
 
Encryption authentication access_control_jon green
Encryption authentication access_control_jon greenEncryption authentication access_control_jon green
Encryption authentication access_control_jon greenAruba, a Hewlett Packard Enterprise company
 
Sqrrl May Webinar: Data-Centric Security
Sqrrl May Webinar: Data-Centric SecuritySqrrl May Webinar: Data-Centric Security
Sqrrl May Webinar: Data-Centric SecuritySqrrl
 
Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7SalmenHAJJI1
 
Cloud onboarding and Application Onboarding on AURO Canadian Cloud Computing
Cloud onboarding and Application Onboarding on AURO Canadian Cloud ComputingCloud onboarding and Application Onboarding on AURO Canadian Cloud Computing
Cloud onboarding and Application Onboarding on AURO Canadian Cloud ComputingMatthew McKinney
 
iPerceptions - Customer Support API example
iPerceptions - Customer Support API exampleiPerceptions - Customer Support API example
iPerceptions - Customer Support API exampleiperceptions
 
Unveiling the Monetization Opportunities for Carrier Wi-Fi
Unveiling the Monetization Opportunities for Carrier Wi-FiUnveiling the Monetization Opportunities for Carrier Wi-Fi
Unveiling the Monetization Opportunities for Carrier Wi-FiCisco Service Provider Mobility
 
ABCs of Digital Marketing for Higher Education
ABCs of Digital Marketing for Higher EducationABCs of Digital Marketing for Higher Education
ABCs of Digital Marketing for Higher EducationMarilyn (Rupp) Cox, PMP
 
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...CloudIDSummit
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowNowSecure
 
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...Aruba, a Hewlett Packard Enterprise company
 
CipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud
 
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?Digiday
 
Drone for the Future
Drone for the FutureDrone for the Future
Drone for the FutureKeyideas Infotech Private Limited
 
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...SOASTA
 
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...SOASTA
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud
 
Trustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTrustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTWD Industries AG
 
Transitioning Government Technology
Transitioning Government TechnologyTransitioning Government Technology
Transitioning Government TechnologySqrrl
 
Leveraging Threat Intelligence to Guide Your Hunts
Leveraging Threat Intelligence to Guide Your HuntsLeveraging Threat Intelligence to Guide Your Hunts
Leveraging Threat Intelligence to Guide Your HuntsSqrrl
 

Más contenido relacionado

Similar a Sqrrl November Webinar: Encryption and Security in Accumulo

Sqrrl June Webinar: An Accumulo Love Story
Sqrrl June Webinar: An Accumulo Love StorySqrrl June Webinar: An Accumulo Love Story
Sqrrl June Webinar: An Accumulo Love StorySqrrl
 
CipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud
 
Sqrrl May Webinar: Data-Centric Security
Sqrrl May Webinar: Data-Centric SecuritySqrrl May Webinar: Data-Centric Security
Sqrrl May Webinar: Data-Centric SecuritySqrrl
 
Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7SalmenHAJJI1
 
Cloud onboarding and Application Onboarding on AURO Canadian Cloud Computing
Cloud onboarding and Application Onboarding on AURO Canadian Cloud ComputingCloud onboarding and Application Onboarding on AURO Canadian Cloud Computing
Cloud onboarding and Application Onboarding on AURO Canadian Cloud ComputingMatthew McKinney
 
iPerceptions - Customer Support API example
iPerceptions - Customer Support API exampleiPerceptions - Customer Support API example
iPerceptions - Customer Support API exampleiperceptions
 
Unveiling the Monetization Opportunities for Carrier Wi-Fi
Unveiling the Monetization Opportunities for Carrier Wi-FiUnveiling the Monetization Opportunities for Carrier Wi-Fi
Unveiling the Monetization Opportunities for Carrier Wi-FiCisco Service Provider Mobility
 
ABCs of Digital Marketing for Higher Education
ABCs of Digital Marketing for Higher EducationABCs of Digital Marketing for Higher Education
ABCs of Digital Marketing for Higher EducationMarilyn (Rupp) Cox, PMP
 
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...CloudIDSummit
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowNowSecure
 
CipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud
 
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?Digiday
 
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...SOASTA
 
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...SOASTA
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud
 
Trustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTrustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTWD Industries AG
 

Similar a Sqrrl November Webinar: Encryption and Security in Accumulo (20)

Sqrrl June Webinar: An Accumulo Love Story
Sqrrl June Webinar: An Accumulo Love StorySqrrl June Webinar: An Accumulo Love Story
Sqrrl June Webinar: An Accumulo Love Story
 
Clear pass access management basics zach jennings
Clear pass access management basics zach jenningsClear pass access management basics zach jennings
Clear pass access management basics zach jennings
 
CipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: Encryption
 
Encryption authentication access_control_jon green
Encryption authentication access_control_jon greenEncryption authentication access_control_jon green
Encryption authentication access_control_jon green
 
Sqrrl May Webinar: Data-Centric Security
Sqrrl May Webinar: Data-Centric SecuritySqrrl May Webinar: Data-Centric Security
Sqrrl May Webinar: Data-Centric Security
 
Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7
 
Cloud onboarding and Application Onboarding on AURO Canadian Cloud Computing
Cloud onboarding and Application Onboarding on AURO Canadian Cloud ComputingCloud onboarding and Application Onboarding on AURO Canadian Cloud Computing
Cloud onboarding and Application Onboarding on AURO Canadian Cloud Computing
 
iPerceptions - Customer Support API example
iPerceptions - Customer Support API exampleiPerceptions - Customer Support API example
iPerceptions - Customer Support API example
 
Unveiling the Monetization Opportunities for Carrier Wi-Fi
Unveiling the Monetization Opportunities for Carrier Wi-FiUnveiling the Monetization Opportunities for Carrier Wi-Fi
Unveiling the Monetization Opportunities for Carrier Wi-Fi
 
ABCs of Digital Marketing for Higher Education
ABCs of Digital Marketing for Higher EducationABCs of Digital Marketing for Higher Education
ABCs of Digital Marketing for Higher Education
 
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...
CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications an...
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to Know
 
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
Security intermediate practical cryptography_certs_and 802.1_x_rich langston...
 
CipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution OverviewCipherCloud for Salesforce - Solution Overview
CipherCloud for Salesforce - Solution Overview
 
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?
Dstillery at DES: Distillation of Behaviors: What Are My Customers Doing?
 
Drone for the Future
Drone for the FutureDrone for the Future
Drone for the Future
 
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
 
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
20,000 Hours in the Cloud - Top 5 Cloud Lessons Learned By Tom Lounibos, CEO ...
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101
 
Trustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTrustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable Security
 

Más de Sqrrl

Transitioning Government Technology
Transitioning Government TechnologyTransitioning Government Technology
Transitioning Government TechnologySqrrl
 
Leveraging Threat Intelligence to Guide Your Hunts
Leveraging Threat Intelligence to Guide Your HuntsLeveraging Threat Intelligence to Guide Your Hunts
Leveraging Threat Intelligence to Guide Your HuntsSqrrl
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkSqrrl
 
Machine Learning for Incident Detection: Getting Started
Machine Learning for Incident Detection: Getting StartedMachine Learning for Incident Detection: Getting Started
Machine Learning for Incident Detection: Getting StartedSqrrl
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior GraphUser and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior GraphSqrrl
 
Threat Hunting Platforms (Collaboration with SANS Institute)
Threat Hunting Platforms (Collaboration with SANS Institute)Threat Hunting Platforms (Collaboration with SANS Institute)
Threat Hunting Platforms (Collaboration with SANS Institute)Sqrrl
 
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl
 
Threat Hunting for Command and Control Activity
Threat Hunting for Command and Control ActivityThreat Hunting for Command and Control Activity
Threat Hunting for Command and Control ActivitySqrrl
 
Modernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingModernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingSqrrl
 
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together Sqrrl
 
Leveraging DNS to Surface Attacker Activity
Leveraging DNS to Surface Attacker ActivityLeveraging DNS to Surface Attacker Activity
Leveraging DNS to Surface Attacker ActivitySqrrl
 
The Art and Science of Alert Triage
The Art and Science of Alert TriageThe Art and Science of Alert Triage
The Art and Science of Alert TriageSqrrl
 
Reducing Mean Time to Know
Reducing Mean Time to KnowReducing Mean Time to Know
Reducing Mean Time to KnowSqrrl
 
Sqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl
 
The Linked Data Advantage
The Linked Data AdvantageThe Linked Data Advantage
The Linked Data AdvantageSqrrl
 
Sqrrl Enterprise: Integrate, Explore, Analyze
Sqrrl Enterprise: Integrate, Explore, AnalyzeSqrrl Enterprise: Integrate, Explore, Analyze
Sqrrl Enterprise: Integrate, Explore, AnalyzeSqrrl
 
Sqrrl Datasheet: Cyber Hunting
Sqrrl Datasheet: Cyber HuntingSqrrl Datasheet: Cyber Hunting
Sqrrl Datasheet: Cyber HuntingSqrrl
 
Benchmarking The Apache Accumulo Distributed Key–Value Store
Benchmarking The Apache Accumulo Distributed Key–Value StoreBenchmarking The Apache Accumulo Distributed Key–Value Store
Benchmarking The Apache Accumulo Distributed Key–Value StoreSqrrl
 
Scalable Graph Clustering with Pregel
Scalable Graph Clustering with PregelScalable Graph Clustering with Pregel
Scalable Graph Clustering with PregelSqrrl
 

Más de Sqrrl (20)

Transitioning Government Technology
Transitioning Government TechnologyTransitioning Government Technology
Transitioning Government Technology
 
Leveraging Threat Intelligence to Guide Your Hunts
Leveraging Threat Intelligence to Guide Your HuntsLeveraging Threat Intelligence to Guide Your Hunts
Leveraging Threat Intelligence to Guide Your Hunts
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your Network
 
Machine Learning for Incident Detection: Getting Started
Machine Learning for Incident Detection: Getting StartedMachine Learning for Incident Detection: Getting Started
Machine Learning for Incident Detection: Getting Started
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior GraphUser and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
 
Threat Hunting Platforms (Collaboration with SANS Institute)
Threat Hunting Platforms (Collaboration with SANS Institute)Threat Hunting Platforms (Collaboration with SANS Institute)
Threat Hunting Platforms (Collaboration with SANS Institute)
 
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar Users
 
Threat Hunting for Command and Control Activity
Threat Hunting for Command and Control ActivityThreat Hunting for Command and Control Activity
Threat Hunting for Command and Control Activity
 
Modernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingModernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led Training
 
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
 
Leveraging DNS to Surface Attacker Activity
Leveraging DNS to Surface Attacker ActivityLeveraging DNS to Surface Attacker Activity
Leveraging DNS to Surface Attacker Activity
 
The Art and Science of Alert Triage
The Art and Science of Alert TriageThe Art and Science of Alert Triage
The Art and Science of Alert Triage
 
Reducing Mean Time to Know
Reducing Mean Time to KnowReducing Mean Time to Know
Reducing Mean Time to Know
 
Sqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl Enterprise: Big Data Security Analytics Use Case
Sqrrl Enterprise: Big Data Security Analytics Use Case
 
The Linked Data Advantage
The Linked Data AdvantageThe Linked Data Advantage
The Linked Data Advantage
 
Sqrrl Enterprise: Integrate, Explore, Analyze
Sqrrl Enterprise: Integrate, Explore, AnalyzeSqrrl Enterprise: Integrate, Explore, Analyze
Sqrrl Enterprise: Integrate, Explore, Analyze
 
Sqrrl Datasheet: Cyber Hunting
Sqrrl Datasheet: Cyber HuntingSqrrl Datasheet: Cyber Hunting
Sqrrl Datasheet: Cyber Hunting
 
Benchmarking The Apache Accumulo Distributed Key–Value Store
Benchmarking The Apache Accumulo Distributed Key–Value StoreBenchmarking The Apache Accumulo Distributed Key–Value Store
Benchmarking The Apache Accumulo Distributed Key–Value Store
 
Scalable Graph Clustering with Pregel
Scalable Graph Clustering with PregelScalable Graph Clustering with Pregel
Scalable Graph Clustering with Pregel
 

Último

꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Callshivangimorya083
 
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls DubaiDubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls Dubaihf8803863
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationshipsccctableauusergroup
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusTimothy Spann
 
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service AmravatiVIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service AmravatiSuhani Kapoor
 
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptxEMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptxthyngster
 
Ukraine War presentation: KNOW THE BASICS
Ukraine War presentation: KNOW THE BASICSUkraine War presentation: KNOW THE BASICS
Ukraine War presentation: KNOW THE BASICSAishani27
 
VidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxVidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxolyaivanovalion
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxolyaivanovalion
 
BigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxBigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxolyaivanovalion
 
Beautiful Sapna Vip Call Girls Hauz Khas 9711199012 Call /Whatsapps
Beautiful Sapna Vip Call Girls Hauz Khas 9711199012 Call /WhatsappsBeautiful Sapna Vip Call Girls Hauz Khas 9711199012 Call /Whatsapps
Beautiful Sapna Vip Call Girls Hauz Khas 9711199012 Call /Whatsappssapnasaifi408
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAroojKhan71
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysismanisha194592
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptxAnupama Kate
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxolyaivanovalion
 
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service BhilaiLow Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service BhilaiSuhani Kapoor
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxolyaivanovalion
 
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdfKantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdfSocial Samosa
 

Último (20)

꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
 
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls DubaiDubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and Milvus
 
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service AmravatiVIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
VIP Call Girls in Amravati Aarohi 8250192130 Independent Escort Service Amravati
 
VIP Call Girls Service Charbagh { Lucknow Call Girls Service 9548273370 } Boo...
VIP Call Girls Service Charbagh { Lucknow Call Girls Service 9548273370 } Boo...VIP Call Girls Service Charbagh { Lucknow Call Girls Service 9548273370 } Boo...
VIP Call Girls Service Charbagh { Lucknow Call Girls Service 9548273370 } Boo...
 
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptxEMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
 
Ukraine War presentation: KNOW THE BASICS
Ukraine War presentation: KNOW THE BASICSUkraine War presentation: KNOW THE BASICS
Ukraine War presentation: KNOW THE BASICS
 
VidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxVidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptx
 
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in KishangarhDelhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFx
 
BigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxBigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptx
 
Beautiful Sapna Vip Call Girls Hauz Khas 9711199012 Call /Whatsapps
Beautiful Sapna Vip Call Girls Hauz Khas 9711199012 Call /WhatsappsBeautiful Sapna Vip Call Girls Hauz Khas 9711199012 Call /Whatsapps
Beautiful Sapna Vip Call Girls Hauz Khas 9711199012 Call /Whatsapps
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptx
 
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service BhilaiLow Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
 
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdfKantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
Kantar AI Summit- Under Embargo till Wednesday, 24th April 2024, 4 PM, IST.pdf
 

Sqrrl November Webinar: Encryption and Security in Accumulo

  • 1. Securely explore your data ENCRYPTION AND SECURITY IN ACCUMULO AND SQRRL Michael Allen Security Architect Sqrrl Data, Inc. michael@sqrrl.com
  • 2. ISN’T ACCUMULO ALREADY SECURE? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 3. I MEAN, THESE SMART GALS AND GUYS MADE IT… © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential (Undisclosed location) Source:wikipedia.org.Publicdomain
  • 4. CELL-LEVEL SECURITY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 5. CELL-LEVEL SECURITY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 6. CELL-LEVEL SECURITY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 7. WHAT’S THE THREAT? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 8. A TYPICAL DEPLOYMENT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 9. A TYPICAL DEPLOYMENT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential (…ignoring master nodes, name nodes, garbage collectors, other ephemera…)
  • 10. A TYPICAL CAST © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 11. THREATS INSIDE AND OUT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 12. WHO CAN WE PUSH OUT? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 13. HOW? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 14. ENCRYPTION © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 15. IN MOTION AND AT REST © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 16. IT’S NOT… © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential Source:http://bit.ly/HqScSr.CreativeCommons, Attribution.
  • 17. FUNDAMENTAL QUESTIONS What are you encrypting? How are you encrypting it? How are you protecting the key? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 18. ACCUMULO 1.6 SSL for Accumulo Clients Encrypting data within HDFS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 19. SSL AND ACCUMULO © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential ACCUMULO-1009 Patch that adds configuring and using SSL certificates
  • 20. MAKE YOUR CERTS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 21. CONFIGURE YOUR SERVERS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 22. CONFIGURE YOUR SERVERS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 23. DISTRIBUTE YOUR CERTS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 24. DISTRIBUTE YOUR ROOTS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 25. ENJOY YOUR SSL © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 26. ENCRYPTION AT REST © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential ACCUMULO-998 Patch that adds encryption for Rfiles and WAL
  • 27. ENCRYPTION AT REST © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential Uses Java Cryptography Extensions (JCE) for encryption interface / engine (Guess what? It’s pluggable.)
  • 28. BEHIND THE SCENES © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 29. BEHIND THE SCENES © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 30. BEHIND THE SCENES © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 31. BEHIND THE SCENES © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 32. WHERE DOES THAT KEY GO? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 33. WHERE DOES THAT KEY GO? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 34. WHERE DOES THAT KEY GO? © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 35. PLUGGABLE STRATEGY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential •  Java class that mediates access to KEK •  Encrypts and decrypts per-file keys •  Passes back to callers opaque ID to identify KEK used to do encryption •  Callers should store opaque ID along with encrypted key
  • 36. PLUGGABLE STRATEGY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 37. PLUGGABLE STRATEGY © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 38. CONFIGURATION OPTIONS © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential Property Name “Usual” Value Meaning !"#$%&'(&)*+,'!+-../ &"0'-$-!1,'-!!*(*+&'/ !&",'.,!*"2%#'!"#$%&'/ 3,4-*+%5"#$%&6&)*+,/ The class that creates encrypting and decrypting data streams !"#$%&'!2$1,"'.*2%, 789:5;<:=>59?=-))2@0/ Encryption algorithm spec !"#$%&'!2$1,"'A,#'+,@0%1 BCD/ Key length !"#$%&'(&)*+,'!+-../ &"0'-$-!1,'-!!*(*+&'/ !&",'.,!*"2%#'!"#$%&'/ 3,4-*+%9,!",%E >,#8@!"#$%2&@9%"-%,0#/ Class that mediates access to KEK
  • 39. REDUCED THREAT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 40. REDUCED THREAT © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 41. TOWARDS THE FUTURE © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential
  • 42. © 2013 Sqrrl | All Rights Reserved | Proprietary and Confidential THANKS! michael@sqrrl.com