European Workshop on Trust & Identity

In cooperation with GeantLogo184x80

EIW 2013 Wed Session 5A

Biobank Cloud Security

Summary:

BiobankCloud is a new approach to solve the storage limitation issues of the genetic data produced by the next generation sequencing machines. We discussed the security issues related to authentication and authorization in the cloud such as PKI, SAML, Shibboleth, OpenID, OAuth, Moonshot, Kerberos.

  • BiobankCloud require strong authentication e.g. two factor authentication using PKI and smart cards.
  • RBAC authorization has restrications for such model, BTG Authz also might be interesting to look.
  • Also Argus EGEE provides an interesting solution for Authz.
  • Protectv also provides interesting solutions for VM protection.


Convener: Ali Ghalami

Authentication with?
- PKI
- Shibboleth
- SAML
- SCIM
- OpenID
- Kerberos
- OpenLDAP
- OAuth
- OATH

Use of RBAC

Requesits:
- Strong Authentication
- Fine grain auth


Problems:
- Genetic Data in cloud
- Programs in cloud
- Manage groups
- Roles
- Access control

Cloud governance: PaaS

Tools suggest:
- Implement mecanisms of audit
- Authorization models like "break the glass" http://www.dcc.fc.up.pt/~lfa/baccm.pdf(external link)
- Use of HSM's to protect the keys
- Moonshot
- PAM modules to SAML