Overview
Explore a conference talk from AppSecEU 2015 in Amsterdam that delves into implementing a user-centric datastore with privacy-aware access control for cloud-based data platforms. Learn about the OpenEye OpenID Platform, Cloudless Framework, and key objectives in creating a secure data storage solution. Discover the challenges faced and the implementation details, including components like data access, aggregators, JSON Web Tokens, and session tokens. Understand the Cloudless Type Builder, permissions management, and user dashboard functionalities. Examine use cases, data types, and the permissions dialogue process. Gain insights into the analytics engine and witness a live demo showcasing the login process, demo area, trust establishment, offline access, and type duplication. Conclude with an exploration of changing data types in this comprehensive presentation on privacy-focused data management.
Syllabus
Introduction
OpenEye
OpenID Platform
Cloudless Framework
Objectives
Challenges
Implementation
Components
Data Access
Aggregator
JSON Web Tokens
Session Tokens
Cloudless
Type Builder
Permissions
User Dashboard
Use Case
Data Types
Permissions Dialogue
Permissions Dashboard
Analytics Engine
Live Demo
Login Process
Demo Area
Trust
Offline Access
Type Duplication
Changing Data Types
Taught by
OWASP Foundation