Trust and Internet Identity Meeting Europe
2013 - 2020: Workshops and Unconference

TIIME 2013 Wednesday Session 5: Biobank Cloud Security

Summary:

BiobankCloud is a new approach to solve the storage limitation issues of the genetic data produced by the next generation sequencing machines. We discussed the security issues related to authentication and authorization in the cloud such as PKI, SAML, Shibboleth, OpenID, OAuth, Moonshot, Kerberos.

  • BiobankCloud require strong authentication e.g. two factor authentication using PKI and smart cards.
  • RBAC authorization has restrications for such model, BTG Authz also might be interesting to look.
  • Also Argus EGEE provides an interesting solution for Authz.
  • Protectv also provides interesting solutions for VM protection.


Convener: Ali Ghalami

Authentication with?
- PKI
- Shibboleth
- SAML
- SCIM
- OpenID
- Kerberos
- OpenLDAP
- OAuth
- OATH

Use of RBAC

Requesits:
- Strong Authentication
- Fine grain auth


Problems:
- Genetic Data in cloud
- Programs in cloud
- Manage groups
- Roles
- Access control

Cloud governance: PaaS

Tools suggest:
- Implement mecanisms of audit
- Authorization models like "break the glass" http://www.dcc.fc.up.pt/~lfa/baccm.pdf
- Use of HSM's to protect the keys
- Moonshot
- PAM modules to SAML