SlideShare a Scribd company logo

SYDO - Secure Your Data by Obscurity

Download as PPT, PDF
Avădănei Andrei, profile picture
Avădănei Andrei

SYDO is a tool that aims to protect data stored in SQL databases from threats like SQL injection, server hijacking, and data theft. It works by encrypting data using AES 128 keys that are stored remotely in a SYDO Hash Center. When a SQL query is made, SYDO generates an identification key stub to identify the query in a way that prevents SQL injection. Data is then encrypted and decrypted through a RESTful encrypted API between the client and the SYDO Hash Center. The tool provides features like support for multiple SQL interfaces and databases, API statistics, and management of multiple websites through the centralized Hash Center.

Technology
1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
SYDO – Secure Your Data by Obscurity Andrei Avădănei Web Developer, Security enthusiast, Blogger www.worldit.info @AndreiAvadanei +AndreiAvadanei
Let's make some research :-)
Before that, what problems do we have? mistrust in hosting provider aims security problems data stealing using SQL Injections … or after server was hijacked etc. etc.
“ Information” one the most dangerous weapons you have it, you rule ...money, women and finally the world take a look at Google, Facebook, M$ etc.
We should be more careful!
But we are lazy...
We introduce SYDO aims to protect your data stored in SQL databases a built-in interface for SQL functions based on client/server API help you to store and manage your data
How it works?
The problem divided in layers Low Level processing (SQL Interfaces) SYDO Medium Level processing (here we can add patches over SQL queries) High-level processing (WAFs, htaccess etc.) Post-processing (client side)
Solution data (rows/tables/databases) encrypted with AES 128 keys stored in SYDO Hash Center (remote - server) unique identification key + AES keys related SQL Query identification by generating a key stub(Anti-SQLI) RESTful encrypted API protocol between Client and server
Demo
Features support over multiple SQL interfaces API statistics multiple website management for SYDO Hash Center P2P Hash Center Service (lower latency) cache over SYDO Hash Center (even lower latency) Anti-DOS for SYDO Hash Center
Project Status available on GitHub v.01 Alpha http://bit.ly/o6qzjn soon update!
Important SYDO is not bullet proof but is a better solution!
Questions?
 

More Related Content

PPT
SYDO - Secure Your Data by Obscurity
DefCamp
 
PPT
How you can become a hacker with no security experience
Avădănei Andrei
 
PDF
Honeypots - The Art of Building Secure Systems by Making them Vulnerable
Avădănei Andrei
 
ODP
Wordpress Plugins Scanner
Avădănei Andrei
 
PPT
DefCamp 2012 @Bucharest
Avădănei Andrei
 
ODP
A journey through an INFOSEC labyrinth
Avădănei Andrei
 
ODP
Polish the Wheel
Avădănei Andrei
 
PPT
Virtual Anonimity – What? Why? When? How?
Avădănei Andrei
 
SYDO - Secure Your Data by Obscurity
DefCamp
 
How you can become a hacker with no security experience
Avădănei Andrei
 
Honeypots - The Art of Building Secure Systems by Making them Vulnerable
Avădănei Andrei
 
Wordpress Plugins Scanner
Avădănei Andrei
 
DefCamp 2012 @Bucharest
Avădănei Andrei
 
A journey through an INFOSEC labyrinth
Avădănei Andrei
 
Polish the Wheel
Avădănei Andrei
 
Virtual Anonimity – What? Why? When? How?
Avădănei Andrei
 

Recently uploaded (20)

PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PDF
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPTX
observCloud-Native Containerability and monitoring.pptx
anupsingh76937
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PDF
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
What is a Computer? Input Devices /output devices
GulJan8
 
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
observCloud-Native Containerability and monitoring.pptx
anupsingh76937
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Ad

Featured (20)

PDF
2024 Trend Updates: What Really Works In SEO & Content Marketing
Search Engine Journal
 
PDF
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta
 
PDF
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
 
PDF
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
SocialHRCamp
 
PDF
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
PDF
Everything You Need To Know About ChatGPT
Expeed Software
 
PDF
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
PDF
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
PDF
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
PDF
Skeleton Culture Code
Skeleton Technologies
 
PDF
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
PDF
Content Methodology: A Best Practices Report (Webinar)
contently
 
PPTX
How to Prepare For a Successful Job Search for 2024
Albert Qian
 
PDF
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
PDF
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
PDF
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
PDF
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
 
PDF
Getting into the tech field. what next
Tessa Mero
 
PDF
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
 
PDF
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
 
2024 Trend Updates: What Really Works In SEO & Content Marketing
Search Engine Journal
 
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
 
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
SocialHRCamp
 
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
contently
 
How to Prepare For a Successful Job Search for 2024
Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
 
Getting into the tech field. what next
Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
 
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
 
Ad

SYDO - Secure Your Data by Obscurity

  • 1. SYDO – Secure Your Data by Obscurity Andrei Avădănei Web Developer, Security enthusiast, Blogger www.worldit.info @AndreiAvadanei +AndreiAvadanei
  • 2. Let's make some research :-)
  • 3. Before that, what problems do we have? mistrust in hosting provider aims security problems data stealing using SQL Injections … or after server was hijacked etc. etc.
  • 4. “ Information” one the most dangerous weapons you have it, you rule ...money, women and finally the world take a look at Google, Facebook, M$ etc.
  • 5. We should be more careful!
  • 6. But we are lazy...
  • 7. We introduce SYDO aims to protect your data stored in SQL databases a built-in interface for SQL functions based on client/server API help you to store and manage your data
  • 9. The problem divided in layers Low Level processing (SQL Interfaces) SYDO Medium Level processing (here we can add patches over SQL queries) High-level processing (WAFs, htaccess etc.) Post-processing (client side)
  • 10. Solution data (rows/tables/databases) encrypted with AES 128 keys stored in SYDO Hash Center (remote - server) unique identification key + AES keys related SQL Query identification by generating a key stub(Anti-SQLI) RESTful encrypted API protocol between Client and server
  • 11. Demo
  • 12. Features support over multiple SQL interfaces API statistics multiple website management for SYDO Hash Center P2P Hash Center Service (lower latency) cache over SYDO Hash Center (even lower latency) Anti-DOS for SYDO Hash Center
  • 13. Project Status available on GitHub v.01 Alpha http://bit.ly/o6qzjn soon update!
  • 14. Important SYDO is not bullet proof but is a better solution!
  • 16.