Upload
infosecurity2010
View
491
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Can you keep a secret? Security in the Kolab Groupware
Citation preview
Can You Keep A Secret?Dr. Paul J. Adams
4 November, 2010
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
We All Have SecretsBut We Don’t All Have Secretaries
Someone to whom you share your secrets.
I You understand them
I You respect them
I You trust them
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
Jacqui Smith MPHome Secretary: June 2007 – June 2009
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
What About Software?Security Is Not A Feature
I Secure by design
I Avoid proprietary technology
I Use well-tested code
I Avoid creating a valuable target
I Privacy by design
I Layered defence
I Avoid single point of failure
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
My Name Is Paul...... And I Am Not A Security Expert
I COO of Kolab Systems
I PhD in SoftwareEngineering
I Member of KDE eV,Fellow of FSFE, MBCS,MIEEE
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
GroupwareSoftware For Supporting Groups
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
Groupware For PIMPersonal Information Management
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
Security By DesignA Whole Industry Can Be Born Of Design Decisions
Ask Yourself, “Why Do We Need...?”
I Norton
I Kaspersky
I Symantec
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
Proprietary TechnologyWhere Trust Becomes Faith
What Kolab Does...I Based upon Free
Software Components
I Developed As FreeSoftware
I No “Open Core”
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
Valuable TargetsOne Box Is Convenient For The Thieves, Too
What Kolab Does...I Distribute content over
many boxes
I Content on boxesrestricted to individualusers
I Root and physical accessrequired
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
No Single Point Of FailureNot Even Your Root User!
http://xkcd.com/538/
What Kolab DoesI Nothing unencrypted passes between clients if you don’t
want
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
PIM Isn’t What It Use To Be?So Neither Should Groupware Be
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
It Is Not Just Different DataIt Is Different Devices, Too
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
Moving Beyond GroupwareGiving You All Your Stuff. Now.
I Client-side cache of“stuff”
I “Usual” PIM dataI Also microblogging or
Jabber
I Fully indexed for fastsearch
I Free Softwareimplementation ofActiveSync
I Development:I Collaboration with
ZarafaI Funded by NLnet
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
And Finally...... What’s Next?
I Kolab 3.0 under discussion!I Things to talk about:
I Web clientI Web adminI LDAPI Chat
I Focus on creating awell-integrated experience frominstallation to usage
Get InvolvedI #kolab on freenode
I www.kolab.org
Can You KeepA Secret?
Dr. Paul J. Adams
Introduction
Keeping Secrets
Who Is This Guy?
What Is Kolab?
Perspectives
Security By Design
ProprietaryTechnology
Valuable Targets
No Single Point OfFailure
Beyond Groupware
The Challenges
The Solutions
What Next?
Paul Adams, Kolab Systems AGI [email protected]
I +41 43 501 66 91
I http://kolabsys.com