grau dataspace features and functions

GRAU Data Space 2.0 –The Secure Communication Platform forBusinesses and Organizations

YOUR DATA. YOUR CONTROL

7. Dez 2013

Introduction

● WebAttached Drive and WebAttached Backup have been introduced to the market in 2000 by GRAU DATA in Germany

● Data Space 2.0 can be deployed in house leveraging existing infrastructures

● Customer specific development is possible (open API)

● Customer specific branding without programming

● Product of the month January 2013 in SearchStorage magazine

Usage scenarios

● Encrypted and secure file sharing (internal or external)

● Reducing the load on e-mail system (attachments)

● Replacement of FTP or proprietary solutions

● Eliminates security holes in file sharing processes

● Multilevel access control

● Solution for reception of mission critical corporate files

● Secure mobile access to enterprise data

● Synchronization of files on different devices

● Replacement of local file server

● Synchronization between branch offices

Features (1)● Easy to use file sharing for internal, external and anonymous users

● File sharing via public up- and download links

● Expiration date for up-/download links, users, folders and files

● Flexible right management

– Rightsmanagement on folder level

– Roles, Groups, optional ACLs

● Platform-independent access via

– WebGUI

– WebDAV (Windows, MacOSX, Linux)

– Mobile Apps (iOS, Android, BB10)

– Desktop Sync für Windows, Linux, MacOSX (CMIS)

– Interoperability with OwnCloud clients via gateway

– CIFS protocol

Features (2)● IT compliance:

– Compliance with German and European data-protection and data-security regulations (official certification in progress)

– Audit-proof logging of all activities (optional)

– Automated versioning of all file objects– World-wide unique identification of all objects– Integration with existing identity management (AD, SAML, OAUTH2)

● IT security:– Encrypted file transfer

– Integration with BoxCryptor (group level encryption)– Implementation of private or hybrid clouds possible

– Master/master replication between sites (folder level)

● Flexible storage backends:

– SQL-DB, filesystem, object store, NAS (CIFS)

Features (3)

Innovative cloud oriented solution for secure file sharing - designed for global

enterprises and organizations

● Groupware systems● Portals● Provisioning systems● CMS systems

● Easy integration of existing IT systems

● Online marketplaces● CRM/ERP systems● DMS/ECM systems● Accounting-/Billing systems

Security & Compliance

● Architecture

– Statically typed language on server-side (stability & security)

– Vendor independence (storage, operating System, database, clients)

– Scalability through shared-nothing architecture (no single point of failure)

● Compliance

– Separated between user and administrative access (confidentiality)

– Versioning and unique identification of objects (consistency)

– Logging of all events (configurable)

– Classification of objects (e.g.level of confidentiality)

– WORM functionality on objects (long-time archiving)

● Security

– On-/Off premise deployment (distributable)

– End-to-end encryption (BoxCryptor)

– Plugin infrastructure for server side encryption

Open interfaces

● Open standard interfaces– WebDAV

– JSON/SOAP core API

– CIFS

● Gateways

– OwnCloud

– CMIS 1.1 (SOAP, AtomPub, JSON)

– LDAP/AD

● Source code access– Based on a variety of open source components

– Source code access for customers

Technologies used● GDS core

– Java

– JBOSS, Enterprise Java Beans

● Interfaces

– JSON (Jersey)

– CMIS (OpenCMIS)

● WebGUI

– ExtJS/Sencha Touch

● Desktop Clients

– C# (.net/mono)

● Data Persistence

– Data bases: DB/2, MS-SQL, MySQL, Oracle, Postgres

– Object stores: Caringo, S3, SWIFT

● Metadata Persistence

– DB/2, MS-SQL, MySQL, Oracle, Postgres

Architecture (1)

GDS core

CaringoS3

SWIFT

GAMNAS

DB/2OracleMySQL

Postgres

GDS2 API (JSON)

CMIS GW

Object-Store FS/CIFS SQL SQL/HA

Storage Backend Meta data

WebGUI

WebDAV

ownCloudGWGUI GW Admin GW

Admin GUI

DB/2OracleMySQL

Postgres

CIFS

Architecture (2)

GDS core

CaringoRADOS

SWIFT/S3

ext4XFS

DB/2OracleMySQL

Postgres

Filesystem SQL

Storage Backend

CIFSObject store

NASGAM/Archive

Chunking (e.g. 512kB)

MirroringHashing(optional)

Crypto (sym.)

Architecture (3)

GDS core

Storage Metadata

GDS2 API (JSON)

GDS core

Storage Metadata

GDS2 API (JSON)

ReplicationData

Metadata

GDS2 API (JSON)

Load Balancer Load Balancer

GDS (Session) Director GDS (Session) Director

Architecture (4)

GDS core

MD Data

GDS2 API (JSON)

Load Balancer Load Balancer

GDS (Session) Director GDS (Session) Director

MetadataReplication

CMIS Cache

GDS core

GDS2 API (JSON)

GDS core

GDS2 API (JSON)

DataData

Objectstore / Cluster filesystem

MD MD MetadataReplication

CMIS Cache CMIS Cache CMIS Cache

Architecture (5)

ProvisioningGateway

Storage Backend Metadata

WebGUI

Admin GW

Admin GUI

GDS2 API (JSON)

GDS core

AuthenticationGateway

LDAP/AD

LDAP/AD

SAML

RADIUS

SAML

SQL

Distributed Data Space

FW

Internet

CIFS

LAN

CIFS

GDS2

JSON

HTTPSFW

CIFS

LAN

CIFS

GDS2

JSON

HTTPS

FW

CIFS

LAN

CIFSGDS2

JSON

HTTPSHTTPSLAN

CIFS

FW

CIFS

GDS2

JSON

Site A Site B

Site C Site D

Corporate CDN

CIFS GDSCMIS

HTTPS

HTTPS

Site A

Site C

GDS

GDS

GDS

CM

IS C

ache

SD

CM

IS C

ache

CM

IS C

ache

OS

SD

WebDAV

CIFS

CMIS

WebDAV

CIFS

CMIS

WebDAV

HT

TP

S

Site B

GDS

GDS

OS

OS

CIFS GDSCMIS

Site B1

WebDAV

CIFS

CMIS

WebDAV

Site B2

GDS

HTTPS

HTTPS

GRAU Data Space 2.0 –USABILITY AND USER INTERFACE

Web GUI (1.0)

Web GUI (1.1)

Mobile Clients (iOS)

Mobile Clients (Android)

Desktop Sync

WWW: HTTP://WWW.GRAUDATA.COM/DATASPACE

E-MAIL: THOMAS.UHL@GRAUDATA.COM

CEL: +49 172 7277920

TWITTER: @graudata

YOUR DATA. YOUR CONTROL.