Securing memcache

20
Securing memcache or, Tales from Encryption

TAGS:

description

Slides from Todd Ouska's presentation on Secure Memcache at OSCON 2010. To learn more about secure memcache or the CyaSSL embedded SSL library, visit www.yassl.com.

Transcript of Securing memcache

Page 1: Securing memcache

Securing memcache or, Tales from Encryption

Page 2: Securing memcache

What's memcache?

Page 3: Securing memcache

Who’s big idea?

Page 4: Securing memcache

Why secure memcache?

•  SASL authenticates •  yaSSL also encrypts

Page 5: Securing memcache

Who cares?

•  Policy enforcement •  Sensitive Data •  Masking Data behind firewall

Page 6: Securing memcache

The Cloud Cares

Page 7: Securing memcache

How do I use it?

-T

Page 8: Securing memcache

When is it available?

•  Beta now

Page 9: Securing memcache

How it works

Tcp/ip

CyaSSL

N Clients N Servers

Tcp/IP

CyaSSL

memcache client Encrypted via streaming cipher

Tcp/IP

memcached

Page 10: Securing memcache

What's the Cost?

Page 11: Securing memcache

Database Performance

Page 12: Securing memcache

memcache Performance

Page 13: Securing memcache

AES-256 Performance

Page 14: Securing memcache

Stream RC4 Performance

Page 15: Securing memcache

HC-128 Performance

Page 16: Securing memcache

MD5 HC-128 Performance

Page 17: Securing memcache

Future Performance Directions

AES-NI

Hardware offloading

Page 18: Securing memcache

Alice

Bob

Page 19: Securing memcache
Page 20: Securing memcache

Thanks!

Todd Ouska [email protected] www.yassl.com Open Source Embedded SSL Libraries


Chapter 8: Securing Switched LANs · 2 8: Securing Switched LANs 3 Chapter Roadmap Securing Switched Ethernet LANs Securing the MAC self-learning process Securing DHCP and ARP Securing

Chapter 8: Securing Switched LANs · 2 8: Securing Switched LANs 3 Chapter Roadmap Securing Switched Ethernet LANs Securing the MAC self-learning process Securing DHCP and ARP Securing

Securing Wireless Systems - TechTargetmedia.techtarget.com/.../downloads/Greg_sec_lab1_c09.pdf292 Chapter 9 Securing Wireless Systems numbers, passwords, or other information. Securing

Securing Wireless Systems - TechTargetmedia.techtarget.com/.../downloads/Greg_sec_lab1_c09.pdf292 Chapter 9 Securing Wireless Systems numbers, passwords, or other information. Securing

Securing Your User Profiles Against Abuse Securing Your User ...

Securing Your User Profiles Against Abuse Securing Your User ...

Securing memcache or, Tales from Encryption

Securing memcache or, Tales from Encryption

Memcached, the Better Memcache Interface

Memcached, the Better Memcache Interface

Module 4: Securing the Web Server 1. Overview Securing IIS Securing Apache 2.

Module 4: Securing the Web Server 1. Overview Securing IIS Securing Apache 2.

Google App Engine MemCache ae-09-session .

Google App Engine MemCache ae-09-session .

Memcache basics on google app engine

Memcache basics on google app engine

AUDITING AND SECURING SAP TRAINING WEEK - …mistiemea.ungerboeck.com/brochures/TW Auditing and Securing SAP... · AUDITING AND SECURING SAP TRAINING WEEK Auditing and Securing SAP

AUDITING AND SECURING SAP TRAINING WEEK - …mistiemea.ungerboeck.com/brochures/TW Auditing and Securing SAP... · AUDITING AND SECURING SAP TRAINING WEEK Auditing and Securing SAP

Securing Corp: Securing-Corporateorate ApplicationsandData on PersonalDevices Final

Securing Corp: Securing-Corporateorate ApplicationsandData on PersonalDevices Final

Securing Buy-in Step 5: Securing Buy-in. Securing Buy-in Securing Buy-in Our Roadmap.

Securing Buy-in Step 5: Securing Buy-in. Securing Buy-in Securing Buy-in Our Roadmap.

Securing IS

Securing IS

Scaling Memcache at Facebook By

Scaling Memcache at Facebook By

Securing Rails

Securing Rails

2019 - Securing the Future | ManTech Securing the Future

2019 - Securing the Future | ManTech Securing the Future

Securing small Securing small business business

Securing small Securing small business business

Securing Financially Sensitive Environments with OpenBSD · Securing Financially Sensitive Environments with OpenBSD ... Securing Financially Sensitive Environments with OpenBSD ...

Securing Financially Sensitive Environments with OpenBSD · Securing Financially Sensitive Environments with OpenBSD ... Securing Financially Sensitive Environments with OpenBSD ...

Memcache Injection (Hacktrick'15)

Memcache Injection (Hacktrick'15)

CACHE ME IF YOU CAN!boncode.net/downloads/AmazonElasticache.pdf · •Augment database tier (using Redis) •Technical Benefits •Highly reliable •Engine Compatibility (Memcache

CACHE ME IF YOU CAN!boncode.net/downloads/AmazonElasticache.pdf · •Augment database tier (using Redis) •Technical Benefits •Highly reliable •Engine Compatibility (Memcache

Memcache @ Facebook

Memcache @ Facebook