Building blocks for success: criteria for trusted institutional repositories
The Building Blocks for Trusted Internet Services: Openness, Privacy, Security
-
Upload
open-xchange -
Category
Software
-
view
439 -
download
0
Transcript of The Building Blocks for Trusted Internet Services: Openness, Privacy, Security
![Page 1: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/1.jpg)
The Building Blocks
for Trusted Internet Services
Openness, Privacy and Security
Neil Cook, Bert Hubert Open-XchangeMarch 15, 2016
![Page 2: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/2.jpg)
2 | Trusted Internet Services Building Blocks
Trusted and integrated solutions Open-Xchange: Who are we?
• 3.5M mail Server installations globally• 68% worldwide market share • Superior scalability & cost efficiency• Full control back to Service Provider • Fully secure (MAAWG / secure email standard)• Storage backend agnostic (S3, object storage)
• EU market leader Domain Name Services (50%)• Authoritative DNS a must for high performance• Best in class DDoS support • Leading DNSSEC >75% of hosted domains• Excellent scalability• Maximum impact on Retention & Performance
OX App Suite – communication and collaboration suite: Engage more customers.OX-as-a-Service – secure, hosted stack from App Suite through to secure storage: Cloud GTM 2.0.
180M sold seats22 countries
17 languagesTrusted Email Services
![Page 3: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/3.jpg)
The Battle for End-Users: Previously
3
Free Free/Subscription
Great Features
Open-Source
OK FeaturesUS-based Based anywhere
![Page 4: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/4.jpg)
4
Free Free/Subscription
The Battle for End-Users: Now
Great Features Great FeaturesUS-based Based anywhere
![Page 5: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/5.jpg)
The Next Battleground: Trust
• Mass Surveillance• Hackers and Foreign
Governments• Hosters and Service Providers
targeted5 | Trusted Internet Services Building Blocks
![Page 6: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/6.jpg)
Why should I trust you?How can I
trust you?
Do I rely on your word?“Don’t be Evil”
“At Apple, your trust means everything to us.”
6 | Trusted Internet Services Building Blocks
![Page 7: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/7.jpg)
Open Source == Trust
• Open Source Software means transparency
• OSS means Open-Standards
• Trust the Openness not the company
7 | Trusted Internet Services Building Blocks
![Page 8: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/8.jpg)
8 | Trusted Internet Services Building Blocks
Hard to migrate your own dataProprietary means Lock-In
Proprietary Cloud Service
My Data
Other Cloud Service
In-House Data-Centre or Software
Migrate Data
![Page 9: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/9.jpg)
9 | Trusted Internet Services Building Blocks
Freedom to choose the right business modelOpen Source means Flexibility
open standards
Run & Host Yourself
Run & Host for others
Use 3rd party service
![Page 10: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/10.jpg)
Security also a new Battleground
Security is an important building block of trust
If I don’t feel secure, how can I trust your services?
Internet security standards make the internet safer
Internet security standards make your users safer
![Page 11: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/11.jpg)
But Google is going big on Security!
![Page 12: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/12.jpg)
DNSSEC
Anything they do… you should do better
DANEOpenPGP/TES
![Page 13: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/13.jpg)
Click on symbol to add a full bleed screenshot
13 | Trusted Internet Services Building Blocks
![Page 14: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/14.jpg)
% pdnsutil secure-zone mydomain.com
But DNSSEC is Hard isn’t it?
14 | Trusted Internet Services Building Blocks
![Page 15: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/15.jpg)
• Securely Authenticate TLS Certs in DNS• Removes reliance on CAs• Even allows self-signed Certs
• Provides “real security” for any services with optional TLS (STARTTLS)• Prevents MITM Attacks• Prevents DNS Spoofing
• Builds on DNSSEC• Way more secure Google’s Red Padlock• Join Trusted Email Services Initiative
(TES) for more
DANE
Sending MTA
Receiving MTA
EHLO foobar.com
MITM
EHLO foobar.com250 STARTTLS250 example.net
CLEARTEXT CLEARTEXT
15 | Trusted Internet Services Building Blocks
![Page 16: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/16.jpg)
OpenPGP and HKP: Real E2E EncryptionI’d like to send an
encrypted message to [email protected]
Mail Client (WebMail, App,
MTA)
DNS
HKP Server for example.com
Query: SRV _hkp._tcp.example.com?
Answer: hkp.example.com:11371
Public Key: [email protected]?Answer: -----BEGIN PGP PUBLIC KEY BLOCK
16 | Trusted Internet Services Building Blocks
![Page 17: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/17.jpg)
17 | Trusted Internet Services Building Blocks
![Page 18: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/18.jpg)
How do you compete with Free?21st Century Business Model:
“We give you service, you give us your privacy”
![Page 19: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/19.jpg)
Difficult for “Free” to tailor their services
Higher Security
Stricter Privacy
Regulatory Requirements
Locality
Encryption
Special-Needs
Customer Service
![Page 20: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/20.jpg)
People will pay for differentiated services
No need to compromise privacyCan develop relationship with customer
Open and Honest Contract leads to Trust
Can tailor service to customer requirements
![Page 21: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/21.jpg)
Internet Services Building Blocks
21 | Trusted Internet Services Building Blocks
Features
Trusted Internet Service
Open Source & Open Standards
Privacy & Security
Tailored and Differentiated
![Page 22: The Building Blocks for Trusted Internet Services: Openness, Privacy, Security](https://reader035.fdocuments.in/reader035/viewer/2022062522/5873138a1a28ab673e8b4911/html5/thumbnails/22.jpg)