M. Azraoui, M. Önen, R. Molva, “Framework for Searchable Encryption with SQL Databases”, Conference CLOSER 2018, 19-21 March 2018, Medeira, Portugal. [Conference website http://closer.scitevents.org/]
Who is CLARUS designed for?
- Information security professionals, especially security managers. They can use CLARUS to implement privacy-by design, ensuring users of cloud services are in the driving seat when it comes to controlling their data.
- Open source developers, tech integrators and service providers. They can support the CLARUS proxy solution and also come up with new, secure-by-design services for their customers. This is important as the cloud market moves closer to security-as-a-service. CLARUS helps not only move critical applications to the cloud but also enables migration from a private cloud service to a public cloud, thus increasing customer benefits.
The CLARUS software is composed of a set of tools and libraries that support the protection of data before storing it in third-party data storage providers. The complete suite of software is composed of two packages, each one containing complimentary parts of the software:
- CLARUS Proxy: This package contains the main proxy software and the libraries that implement the supported protocols and protection modules. In the version 1.0.1, this package is composed of:
o The proxy software, which implements the principal executable module
o The PostgreSQL protocol module, allowing the protection of Potgres-based databases.
o The Encryption protection module, supporting the encryption of the data using AES-ciphers.
o The Anonymization protection module, which supports the obfuscation of personal data before storing it in the cloud.
o The Splitting protection module, allowing the data to be split among multiple cloud servers.
- CLARUS Tools: This package contains complimentary tools that support the configuration of the complete CLARUS Proxy and the edition of the security policies that specify how to protect the data. In summary, this package contains three tools:
o CLARUS Security Policy Manager: This tool allows editing new security policies and registering them in the CLARUS policy server.
o CLARUS Acces Rights Management: This tool is intended to be used by the System administrator to grant and deny the access to the datasets for each registered user.
o CLARUS Security Administrator: this tool allows the administration of modules of the CLARUS proxy, as well as the remote cloud servers to store the protected data.
The data owning CLARUS proxy manages the data access for all external CLARUS proxies in the Inter-proxy communication module. For each external CLARUS proxy a key is used to encrypt the requested data with, so that the external proxy can decrypt the data. The policy management defines the access levels for external CLARUS proxies analogue to the intra-proxy policies. The Inter-proxy communication module creates access policies for external CLARUS proxies and stores them in the Access Policy DB.
The first Proxy 1 forwards the user requests to the Proxy 2 by changing the identity of the user to a technical user and forwards later the answer of Proxy 2 to the user like a classical proxy. Notice that the proxy 1 has a security policy that does not protect any confidential data. All the protection mechanism is supported by Proxy 2.
Notice that the communication between the two proxies is done through a secure channel such as VPN so that this communication also satisfies all requirements for secure communication. The proxy 1 is running with an “empty” security policy where all the data to be protected is empty (i.e. tag <data/>).
Load Balanced deployment
The CLARUS solution is designed as a microservice architecture which improves flexibility of the whole solution. Each CLARUS service is simple by design: one proxy provides one functionality (i.e splitting data or anonymizing data). Therefore, the CLARUS services are easier to integrate with the IT infrastructure (on baremetals or on VMs or in containers) and to deploy with continuous delivery tools. In the same way, the CLARUS services are easier to scale with the IT infrastructure and with orchestration tools (physical or virtual load balancers, cloud orchestration tools, container orchestration tools). See deliverable D5.4 for more details.
The following deployment architectures show how scalability could be implemented for a specific CLARUS service:
Protect one data storage/processing service:
Several CLARUS proxies are deployed behind a load balancer:
Since the protocols supported by CLARUS rely on TCP, the load balancer must be configured to achieve server-affinity (e.g. using sticky sessions).