Encryption Without Magic, Risk Management Without Pain

Encryption Without Magic, Risk Management Without Pain

#security #crypto #databases #notmobile #trust #infrastructures #separation-of-duties #echelonization

1. What is attack surface, how cryptography helps to narrow it.
2. Simple crypto-systems, but significant downsides.
3. Middleware-side encryption: protecting data in web-based infrastructures.
4. Client-side encryption: trust to mobile apps and code execution. E2EE. ZKA. ZKP.
5. Echelonization, and traditional techniques.

--------------------------------------

If you can't tap on the link inside slides, please open as pdf (button on the right).

--------------------------------------

In-depth technical inquiry about cryptography in a wider context: how it helps to narrow more significant risks to controlled attack surfaces, enables managing the risk efficiently and elegantly, how tools and algorithms sit in a broader context of managing infrastructure-wide risks associated with handling sensitive data.

--------------------------------------

Links to follow:

12 and 1 ideas how to enhance backend data security
https://medium.com/@cossacklabs/12-and-1-ideas-how-to-enhance-backend-data-security-4b8ceb5ccb88

Explain Like I’m 5: Zero Knowledge Proof
https://hackernoon.com/eli5-zero-knowledge-proof-78a276db9eff

DevOps and security: from trenches to command centers
https://medium.com/@9gunpi/devops-and-security-from-trenches-to-command-centers-466dfb58fe5b

GDPR for engineers
https://www.cossacklabs.com/blog/gdpr-for-engineers.html

042b7c0e45c53de46667f07de2fb2614?s=128

vixentael

March 04, 2018
Tweet