Data as a New Security Boundary - Cryptography and Supporting Controls

Data as a New Security Boundary - Cryptography and Supporting Controls

OWASP Foundation via YouTube Direct link

Application-level encryption (ALE)

8 of 19

8 of 19

Application-level encryption (ALE)

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Data as a New Security Boundary - Cryptography and Supporting Controls

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Things we won't talk about
  3. 3 Data security depends on a data flow
  4. 4 Data security 101
  5. 5 Encryption is an ultimate data security measure
  6. 6 A02:2021-Cryptographic Failures. Focused mostly on crypto usage and implementation.
  7. 7 A04:2021-Insecure Design. Focused on design, missing or wrong security controls.
  8. 8 Application-level encryption (ALE)
  9. 9 End-to-end encryption
  10. 10 Zero Trust / Zero Trust Architecture
  11. 11 Zero Knowledge Architecture (ZKA) - system where no one has access to unencrypted data, except the user (node, service, person). Also known as No Knowledge Systems
  12. 12 Other exciting crypto terms Privacy enhancing cryptography: SMPC, PSI, PIR, FHE, PAKE, OPAQUE.
  13. 13 Security controls to support crypto
  14. 14 Pros & Cons
  15. 15 Proxy-side field-level encryption Acra
  16. 16 Key hierarchy Database
  17. 17 ALE for NoCode platform
  18. 18 Crypto + supporting controls 1. Key management, separate key per customer (BYOK). 2. Full compartmentalization: customer's data is located in different DBs, encrypted by different key, each app uses …
  19. 19 ALE for fintech platform

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.