Trust and Internet Identity Meeting Europe
2013 - 2020: Workshops and Unconference

TIIME 2013 Wednesday Session 5: Biobank Cloud Security


BiobankCloud is a new approach to solve the storage limitation issues of the genetic data produced by the next generation sequencing machines. We discussed the security issues related to authentication and authorization in the cloud such as PKI, SAML, Shibboleth, OpenID, OAuth, Moonshot, Kerberos.

  • BiobankCloud require strong authentication e.g. two factor authentication using PKI and smart cards.
  • RBAC authorization has restrications for such model, BTG Authz also might be interesting to look.
  • Also Argus EGEE provides an interesting solution for Authz.
  • Protectv also provides interesting solutions for VM protection.

Convener: Ali Ghalami

Authentication with?
- Shibboleth
- OpenID
- Kerberos
- OpenLDAP
- OAuth

Use of RBAC

- Strong Authentication
- Fine grain auth

- Genetic Data in cloud
- Programs in cloud
- Manage groups
- Roles
- Access control

Cloud governance: PaaS

Tools suggest:
- Implement mecanisms of audit
- Authorization models like "break the glass"
- Use of HSM's to protect the keys
- Moonshot
- PAM modules to SAML