SlideShare uma empresa Scribd logo

AxonIQ GDPR Module Overview - Feb 2018

•
•
Frans van Buul
Frans van Buul

This presentation contains an overview of the challenges that the GDPR's right-to-erasure poses for systems using Event Sourcing. Various solutions are discussed, and AxonIQ's crypto-erasure approach is explained.

Software
1 de 31
Baixar para ler offline
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Event sourcing, GDPR Article 17, and the AxonIQ GDPR Module Frans van Buul Evangelist, AxonIQ
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Event-driven architecture “a software architecture pattern promoting the production, detection, consumption of, and reaction to events” https://en.wikipedia.org/wiki/Event-driven_architecture
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Event sourced persistence A mechanism to store and retrieve data from a program’s working memory into something more permanent, like a database.
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Traditional persistence Event sourced persistence • Store the current state directly to database • CRUD operations
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Traditional persistence Event Sourcing Event sourced persistence • Store the current state directly to database • CRUD operations • All state change through events. • Events are distributed and persisted to an event store. • To access current state, replay events. • Events are immutable and undeletable.
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Traditional persistence Example Event Sourcing Order customer: Frans 1 pizza 1 soda OrderCreated(customer Frans) ProductAdded(pizza) ProductAdded(icecream) ProductAdded(soda) ProductRemoved(icecream) OrderConfirmed
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Business reasons Technical reasons Why use event sourcing? • Auditing / compliance / transparency • Data mining, analytics: value from data • Guaranteed completeness of raised events • Single source of truth • Concurrency / conflict resolution • Facilitates debugging • Replay into new read models (CQRS) • Easily capturing intent
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Article 17 GDPR Right to erasure (‘right to be forgotten’) 1. The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies: ……
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul GDPR vs Event Sourcing • Generally, very good match because of transparency • There’s also a challenge Erasure is sometimes mandatory Events are immutable and undeletable ? GDPR Event Sourcing Let’s have a look at some ideas!
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Deleting/modifying events • Delete events anyhow Reconciling mandatory erasure and the immutable event store
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Problems Deleting/modifying events • Delete events anyhow • Modify events anyhow, e.g. by overwriting field values • Difficult/expensive to implement consistently • Expensive to execute, especially on a true append- only event store. • Diminishes value/reliability of event store Reconciling mandatory erasure and the immutable event store
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Re-interpret the law Reconciling mandatory erasure and the immutable event store • “The law only requires deletion from operational storage, so that’s read models in CQRS. An event store is like a back-up and that’s excluded from the law.” • “Data needed for legal claims is excluded from art 17 (by 17.3.c). I intend to use my events to support legal claims. Therefore my event store is excluded.”
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Problems Re-interpret the law • No. That violates the minimization principle. Reconciling mandatory erasure and the immutable event store • No. There’s simply nothing like that in the law. • “The law only requires deletion from operational storage, so that’s read models in CQRS. An event store is like a back-up and that’s excluded from the law. ” • “Data needed for legal claims is excluded from art 17 (by 17.3.c). I intend to use my events to support legal claims. Therefore my event store is excluded.”
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Separate contexts • Store non-personal data in an event sourced context. • Store personal data in an non-event sourced context. • Bring them together when needed in read-model projections. Reconciling mandatory erasure and the immutable event store
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Problems Separate contexts • Store non-personal data in an event sourced context. • Store personal data in an non-event sourced context. • Bring them together when needed in read-model projections. • Lots of complexity to keep the mapping in place. • Huge refactoring in existing applications. • Leads to unnatural domain models in many situations. • Loses all ES benefits for personal data. Reconciling mandatory erasure and the immutable event store
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul GDPR vs Event Sourcing • Generally, very good match because of transparency • There’s also a challenge Erasure is sometimes mandatory Events are immutable and undeletable ? GDPR Event Sourcing Existing ideas have major downsides
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul AxonIQ GDPR Module
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Cryptographic erasure Core idea: • Store data in encrypted form • To delete the data, throw away the key A.k.a. “crypto erase”, “crypto- shredding”, “digital shredding”
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Not a novel idea! By Evan-Amos - Own work, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=27940250 As data sanitization strategy: • Built into “Self Encrypting Drives” and enterprise-grade storage arrays. • Supported by storage security standards: • ISO/IEC 27040 • NIST SP 800-88 Rev 1
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul GDPR Module design goals Implement crypto-erasure on the application level, for Java • Easily usable. No changes to business logic. Integration with Axon. • Generally usable: • With Axon 3, Axon 2 or without Axon at all. • Independent of serialization and event store choices. • Fine grained control. Decide what you want encrypted/erased. • Highest possible, long-term security.
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul uses as delegate API Overview <<class>> FieldEncrypter void encrypt(Object obj) void decrypt(Object obj) <<interface>> CryptoEngine SecretKey getOrCreateKey(String id) SecretKey getKey(String id) Cipher getCipher(SecretKey key) void deleteKey(String id) uses Implementations: • In memory • JPA-backed • JKS • PKCS#11 <<class>> FieldEncryptingSerializer <<interface>> Serializer implements uses Driven by annotations on the object’s fields Enables seamless Axon Framework integration. Three versions: axon3, axon2, core.
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Common questions • Today's encryption may be hacked in the future – how can you guarantee security? • Is this allowed under GDPR? • How about key management? Are keys secured? • Is this open source?
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Long-term security • There are big difference in crypto algorithms here: we use the symmetric AES algorithm, which is very different from e.g. RSA • We recommend and default to using 256-bit keysize • Best known cryptanalysis attack (Biclique) reduces this to 254.4 bits • This will withstand any classic brute-force attack (given size of keyspace). • This will also withstand the best known quantum attack (Grover's algorithm) This provides the long-term security that is the basis for current use for disk sanitization and its inclusion in NIST and ISO standards.
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Is this allowed under GDPR? • GDPR is explicitly "technology neutral" • Is doesn't define "erasure" This gives room to different technical implementations of erasure. • The strengths and weaknesses of crypto erasure should be compared against other practices. • Regular SQL DELETE doesn't event delete data from disk Crypto erasure is at least as strong as traditional DELETE and therefore a reasonable technical implementation of "erasure".
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Are keys secured? • The module offers various options to store your keys, including in a database (with regular database security) or a HSM. You can also define your own by implementing an interface. • But, from a risk analysis point of view, these crypto-erasure keys are much like regular data!
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Without cryptoerasure With cryptoerasure Are keys secured? Cleartext event data record Encrypted event data record Key Get access to this, and you have the event data Get access to this, and you have the event data
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Is the GDPR Module open source? • No, it's a commercial, closed source offering. • Flexible pricing scheme with both enterprise-wide licenses as well as single project licenses on offer. Contact us to discuss. • We are 100% transparent about what the module does. • The cryptographic scheme that we use is fully described in the documentation and may e.g. be provided to your security auditors. • The scheme is not patented and may be implemented by others. Free as in beer: No Open and transparent: Yes
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Example scheme documentation SecureRandom pre_iv (int) big-endian enc. pre_iv (byte[]) MD5 AES/CBC/PKCS#5 cleartext byte[] encrypted byte[] MD5 digest byte[] AES key first 8 big-end dec AES/ECB/NoPad first 8 iv data key data key 1 2 big-end dec EncryptedFieldData int32 version = 11 fixed32 pre_iv= 2 bytes encrypted_value=3 fixed64 digest= 4 fixed64 enc_digest=5 bytes partial_value=6 ReplacementValueProvider #partialValueForStorage Protobuf 3 encoding encrypted byte[]
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Where does this fit? Part of a strategy to deal with mandatory erasure (driven by GDPR or otherwise) Easy to implement solution for the erasure vs. immutability problem Request for deletion Valid? Yes Raise specific deletion event Delete from event store Delete from read models Inform 3rd parties Keystore Readmodel database AxonIQ GDPR Module Request for deletion Inform data subject Deletion acknowledge- ment
Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Finally Please contact me directly in case you have any questions after this webinar frans.vanbuul@axoniq.io Want to learn about more about Axon Framework? • We offer training: https://axoniq.io/services/axon-training.html On September 21th, we'll have our annual conference: https://www.eventbrite.com/o/axoniq-15996042943 • Visit https://axoniq.io and subscribe to newsletter.

Recomendados

Social network with microservices
Social network with microservicesSocial network with microservices
Social network with microservices
Viet Tran
 
Deep Dive on ClickHouse Sharding and Replication-2202-09-22.pdf
Deep Dive on ClickHouse Sharding and Replication-2202-09-22.pdfDeep Dive on ClickHouse Sharding and Replication-2202-09-22.pdf
Deep Dive on ClickHouse Sharding and Replication-2202-09-22.pdf
Altinity Ltd
 
[Effective Kotlin 讀書會] 第八章 Efficient collection processing 導讀
[Effective Kotlin 讀書會] 第八章 Efficient collection processing 導讀[Effective Kotlin 讀書會] 第八章 Efficient collection processing 導讀
[Effective Kotlin 讀書會] 第八章 Efficient collection processing 導讀
Shengyou Fan
 
JS7 JobScheduler プレビュー
JS7 JobScheduler プレビューJS7 JobScheduler プレビュー
JS7 JobScheduler プレビュー
OSSラボ株式会社
 
ClickHouse in Real Life. Case Studies and Best Practices, by Alexander Zaitsev
ClickHouse in Real Life. Case Studies and Best Practices, by Alexander ZaitsevClickHouse in Real Life. Case Studies and Best Practices, by Alexander Zaitsev
ClickHouse in Real Life. Case Studies and Best Practices, by Alexander Zaitsev
Altinity Ltd
 
ClickHouse tips and tricks. Webinar slides. By Robert Hodges, Altinity CEO
ClickHouse tips and tricks. Webinar slides. By Robert Hodges, Altinity CEOClickHouse tips and tricks. Webinar slides. By Robert Hodges, Altinity CEO
ClickHouse tips and tricks. Webinar slides. By Robert Hodges, Altinity CEO
Altinity Ltd
 
Introduction to the Mysteries of ClickHouse Replication, By Robert Hodges and...
Introduction to the Mysteries of ClickHouse Replication, By Robert Hodges and...Introduction to the Mysteries of ClickHouse Replication, By Robert Hodges and...
Introduction to the Mysteries of ClickHouse Replication, By Robert Hodges and...
Altinity Ltd
 
Migration to ClickHouse. Practical guide, by Alexander Zaitsev
Migration to ClickHouse. Practical guide, by Alexander ZaitsevMigration to ClickHouse. Practical guide, by Alexander Zaitsev
Migration to ClickHouse. Practical guide, by Alexander Zaitsev
Altinity Ltd
 

Recomendados

Social network with microservices
Social network with microservicesSocial network with microservices
Social network with microservices
Viet Tran
 
Deep Dive on ClickHouse Sharding and Replication-2202-09-22.pdf
Deep Dive on ClickHouse Sharding and Replication-2202-09-22.pdfDeep Dive on ClickHouse Sharding and Replication-2202-09-22.pdf
Deep Dive on ClickHouse Sharding and Replication-2202-09-22.pdf
Altinity Ltd
 
[Effective Kotlin 讀書會] 第八章 Efficient collection processing 導讀
[Effective Kotlin 讀書會] 第八章 Efficient collection processing 導讀[Effective Kotlin 讀書會] 第八章 Efficient collection processing 導讀
[Effective Kotlin 讀書會] 第八章 Efficient collection processing 導讀
Shengyou Fan
 
JS7 JobScheduler プレビュー
JS7 JobScheduler プレビューJS7 JobScheduler プレビュー
JS7 JobScheduler プレビュー
OSSラボ株式会社
 
ClickHouse in Real Life. Case Studies and Best Practices, by Alexander Zaitsev
ClickHouse in Real Life. Case Studies and Best Practices, by Alexander ZaitsevClickHouse in Real Life. Case Studies and Best Practices, by Alexander Zaitsev
ClickHouse in Real Life. Case Studies and Best Practices, by Alexander Zaitsev
Altinity Ltd
 
ClickHouse tips and tricks. Webinar slides. By Robert Hodges, Altinity CEO
ClickHouse tips and tricks. Webinar slides. By Robert Hodges, Altinity CEOClickHouse tips and tricks. Webinar slides. By Robert Hodges, Altinity CEO
ClickHouse tips and tricks. Webinar slides. By Robert Hodges, Altinity CEO
Altinity Ltd
 
Introduction to the Mysteries of ClickHouse Replication, By Robert Hodges and...
Introduction to the Mysteries of ClickHouse Replication, By Robert Hodges and...Introduction to the Mysteries of ClickHouse Replication, By Robert Hodges and...
Introduction to the Mysteries of ClickHouse Replication, By Robert Hodges and...
Altinity Ltd
 
Migration to ClickHouse. Practical guide, by Alexander Zaitsev
Migration to ClickHouse. Practical guide, by Alexander ZaitsevMigration to ClickHouse. Practical guide, by Alexander Zaitsev
Migration to ClickHouse. Practical guide, by Alexander Zaitsev
Altinity Ltd
 
ClickHouse Deep Dive, by Aleksei Milovidov
ClickHouse Deep Dive, by Aleksei MilovidovClickHouse Deep Dive, by Aleksei Milovidov
ClickHouse Deep Dive, by Aleksei Milovidov
Altinity Ltd
 
All about Zookeeper and ClickHouse Keeper.pdf
All about Zookeeper and ClickHouse Keeper.pdfAll about Zookeeper and ClickHouse Keeper.pdf
All about Zookeeper and ClickHouse Keeper.pdf
Altinity Ltd
 
事件風暴-領域建模
事件風暴-領域建模事件風暴-領域建模
事件風暴-領域建模
國昭 張
 
Rest ful api設計入門
Rest ful api設計入門Rest ful api設計入門
Rest ful api設計入門
Monstar Lab Inc.
 
HTTP Analytics for 6M requests per second using ClickHouse, by Alexander Boc...
HTTP Analytics for 6M requests per second using ClickHouse, by Alexander Boc...HTTP Analytics for 6M requests per second using ClickHouse, by Alexander Boc...
HTTP Analytics for 6M requests per second using ClickHouse, by Alexander Boc...
Altinity Ltd
 
ヤフー社内でやってるMySQLチューニングセミナー大公開
ヤフー社内でやってるMySQLチューニングセミナー大公開ヤフー社内でやってるMySQLチューニングセミナー大公開
ヤフー社内でやってるMySQLチューニングセミナー大公開
Yahoo!デベロッパーネットワーク
 
Delta Architecture
Delta ArchitectureDelta Architecture
Delta Architecture
Paulo Gutierrez
 
ClickHouse Keeper
ClickHouse KeeperClickHouse Keeper
ClickHouse Keeper
Altinity Ltd
 
Creating Beautiful Dashboards with Grafana and ClickHouse
Creating Beautiful Dashboards with Grafana and ClickHouseCreating Beautiful Dashboards with Grafana and ClickHouse
Creating Beautiful Dashboards with Grafana and ClickHouse
Altinity Ltd
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティKubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティ
NGINX, Inc.
 
Windows Registered I/O (RIO) vs IOCP
Windows Registered I/O (RIO) vs IOCPWindows Registered I/O (RIO) vs IOCP
Windows Registered I/O (RIO) vs IOCP
Seungmo Koo
 
GitHubにバグ報告して賞金$500を頂いた話
GitHubにバグ報告して賞金$500を頂いた話GitHubにバグ報告して賞金$500を頂いた話
GitHubにバグ報告して賞金$500を頂いた話
Yoshio Hanawa
 
Windowsコンテナ入門
Windowsコンテナ入門Windowsコンテナ入門
Windowsコンテナ入門
Kyohei Mizumoto
 
Delta: Building Merge on Read
Delta: Building Merge on ReadDelta: Building Merge on Read
Delta: Building Merge on Read
Databricks
 
BuildKitによる高速でセキュアなイメージビルド
BuildKitによる高速でセキュアなイメージビルドBuildKitによる高速でセキュアなイメージビルド
BuildKitによる高速でセキュアなイメージビルド
Akihiro Suda
 
Altinity Quickstart for ClickHouse
Altinity Quickstart for ClickHouseAltinity Quickstart for ClickHouse
Altinity Quickstart for ClickHouse
Altinity Ltd
 
10 Good Reasons to Use ClickHouse
10 Good Reasons to Use ClickHouse10 Good Reasons to Use ClickHouse
10 Good Reasons to Use ClickHouse
rpolat
 
High Performance, High Reliability Data Loading on ClickHouse
High Performance, High Reliability Data Loading on ClickHouseHigh Performance, High Reliability Data Loading on ClickHouse
High Performance, High Reliability Data Loading on ClickHouse
Altinity Ltd
 
WebIDLを見てみる
WebIDLを見てみるWebIDLを見てみる
WebIDLを見てみる
takenspc
 
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
Andrew Wu
 
AxonIQ GDPR Module webinar - 18 april 2018
AxonIQ GDPR Module webinar - 18 april 2018AxonIQ GDPR Module webinar - 18 april 2018
AxonIQ GDPR Module webinar - 18 april 2018
Frans van Buul
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
Claus Cramon Houmann
 

Mais conteĂşdo relacionado

Mais procurados

Kubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティKubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティ
NGINX, Inc.
 
BuildKitによる高速でセキュアなイメージビルド
BuildKitによる高速でセキュアなイメージビルドBuildKitによる高速でセキュアなイメージビルド
BuildKitによる高速でセキュアなイメージビルド
Akihiro Suda
 
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
Andrew Wu
 

Mais procurados (20)

ClickHouse Deep Dive, by Aleksei Milovidov
ClickHouse Deep Dive, by Aleksei MilovidovClickHouse Deep Dive, by Aleksei Milovidov
ClickHouse Deep Dive, by Aleksei Milovidov
 
All about Zookeeper and ClickHouse Keeper.pdf
All about Zookeeper and ClickHouse Keeper.pdfAll about Zookeeper and ClickHouse Keeper.pdf
All about Zookeeper and ClickHouse Keeper.pdf
 
事件風暴-領域建模
事件風暴-領域建模事件風暴-領域建模
事件風暴-領域建模
 
Rest ful api設計入門
Rest ful api設計入門Rest ful api設計入門
Rest ful api設計入門
 
HTTP Analytics for 6M requests per second using ClickHouse, by Alexander Boc...
HTTP Analytics for 6M requests per second using ClickHouse, by Alexander Boc...HTTP Analytics for 6M requests per second using ClickHouse, by Alexander Boc...
HTTP Analytics for 6M requests per second using ClickHouse, by Alexander Boc...
 
ヤフー社内でやってるMySQLチューニングセミナー大公開
ヤフー社内でやってるMySQLチューニングセミナー大公開ヤフー社内でやってるMySQLチューニングセミナー大公開
ヤフー社内でやってるMySQLチューニングセミナー大公開
 
Delta Architecture
Delta ArchitectureDelta Architecture
Delta Architecture
 
ClickHouse Keeper
ClickHouse KeeperClickHouse Keeper
ClickHouse Keeper
 
Creating Beautiful Dashboards with Grafana and ClickHouse
Creating Beautiful Dashboards with Grafana and ClickHouseCreating Beautiful Dashboards with Grafana and ClickHouse
Creating Beautiful Dashboards with Grafana and ClickHouse
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティKubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティ
 
Windows Registered I/O (RIO) vs IOCP
Windows Registered I/O (RIO) vs IOCPWindows Registered I/O (RIO) vs IOCP
Windows Registered I/O (RIO) vs IOCP
 
GitHubにバグ報告して賞金$500を頂いた話
GitHubにバグ報告して賞金$500を頂いた話GitHubにバグ報告して賞金$500を頂いた話
GitHubにバグ報告して賞金$500を頂いた話
 
Windowsコンテナ入門
Windowsコンテナ入門Windowsコンテナ入門
Windowsコンテナ入門
 
Delta: Building Merge on Read
Delta: Building Merge on ReadDelta: Building Merge on Read
Delta: Building Merge on Read
 
BuildKitによる高速でセキュアなイメージビルド
BuildKitによる高速でセキュアなイメージビルドBuildKitによる高速でセキュアなイメージビルド
BuildKitによる高速でセキュアなイメージビルド
 
Altinity Quickstart for ClickHouse
Altinity Quickstart for ClickHouseAltinity Quickstart for ClickHouse
Altinity Quickstart for ClickHouse
 
10 Good Reasons to Use ClickHouse
10 Good Reasons to Use ClickHouse10 Good Reasons to Use ClickHouse
10 Good Reasons to Use ClickHouse
 
High Performance, High Reliability Data Loading on ClickHouse
High Performance, High Reliability Data Loading on ClickHouseHigh Performance, High Reliability Data Loading on ClickHouse
High Performance, High Reliability Data Loading on ClickHouse
 
WebIDLを見てみる
WebIDLを見てみるWebIDLを見てみる
WebIDLを見てみる
 
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
微服務資料管理的天堂路 - CQRS / Event Sourcing 的應用與實踐
 

Semelhante a AxonIQ GDPR Module Overview - Feb 2018

Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to execution
AlgoSec
 
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionA Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
Amazon Web Services
 

Semelhante a AxonIQ GDPR Module Overview - Feb 2018 (20)

AxonIQ GDPR Module webinar - 18 april 2018
AxonIQ GDPR Module webinar - 18 april 2018AxonIQ GDPR Module webinar - 18 april 2018
AxonIQ GDPR Module webinar - 18 april 2018
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
 
Building on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsBuilding on quicksand microservices indicthreads
Building on quicksand microservices indicthreads
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015
 
Eventsourcing you-are-doing-it-wrong-vxdparis
Eventsourcing you-are-doing-it-wrong-vxdparisEventsourcing you-are-doing-it-wrong-vxdparis
Eventsourcing you-are-doing-it-wrong-vxdparis
 
2024 Kernelcon Attack and Defense of AI.pdf
2024 Kernelcon Attack and Defense of AI.pdf2024 Kernelcon Attack and Defense of AI.pdf
2024 Kernelcon Attack and Defense of AI.pdf
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to execution
 
AxonDB Product Release Presentation
AxonDB Product Release PresentationAxonDB Product Release Presentation
AxonDB Product Release Presentation
 
Yow connected developing secure i os applications
Yow connected developing secure i os applicationsYow connected developing secure i os applications
Yow connected developing secure i os applications
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdf
 
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
 
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionA Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021
 
Picos, CloudOS, and Connecting Things
Picos, CloudOS, and Connecting ThingsPicos, CloudOS, and Connecting Things
Picos, CloudOS, and Connecting Things
 
Event sourcing and CQRS: Lessons from the trenches
Event sourcing and CQRS: Lessons from the trenchesEvent sourcing and CQRS: Lessons from the trenches
Event sourcing and CQRS: Lessons from the trenches
 
Disaster Planning What Organizations Need To Know To Protect Their Tech
Disaster Planning What Organizations Need To Know To Protect Their TechDisaster Planning What Organizations Need To Know To Protect Their Tech
Disaster Planning What Organizations Need To Know To Protect Their Tech
 
data-mesh-101.pptx
data-mesh-101.pptxdata-mesh-101.pptx
data-mesh-101.pptx
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2
 

Último

%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Bert Jan Schrijver
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp KrisztiĂĄn
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 

Último (20)

%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 

AxonIQ GDPR Module Overview - Feb 2018

  • 1. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Event sourcing, GDPR Article 17, and the AxonIQ GDPR Module Frans van Buul Evangelist, AxonIQ
  • 2. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Event-driven architecture “a software architecture pattern promoting the production, detection, consumption of, and reaction to events” https://en.wikipedia.org/wiki/Event-driven_architecture
  • 3. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Event sourced persistence A mechanism to store and retrieve data from a program’s working memory into something more permanent, like a database.
  • 4. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Traditional persistence Event sourced persistence • Store the current state directly to database • CRUD operations
  • 5. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Traditional persistence Event Sourcing Event sourced persistence • Store the current state directly to database • CRUD operations • All state change through events. • Events are distributed and persisted to an event store. • To access current state, replay events. • Events are immutable and undeletable.
  • 6. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Traditional persistence Example Event Sourcing Order customer: Frans 1 pizza 1 soda OrderCreated(customer Frans) ProductAdded(pizza) ProductAdded(icecream) ProductAdded(soda) ProductRemoved(icecream) OrderConfirmed
  • 7. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Business reasons Technical reasons Why use event sourcing? • Auditing / compliance / transparency • Data mining, analytics: value from data • Guaranteed completeness of raised events • Single source of truth • Concurrency / conflict resolution • Facilitates debugging • Replay into new read models (CQRS) • Easily capturing intent
  • 8. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Article 17 GDPR Right to erasure (‘right to be forgotten’) 1. The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies: ……
  • 9. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul GDPR vs Event Sourcing • Generally, very good match because of transparency • There’s also a challenge Erasure is sometimes mandatory Events are immutable and undeletable ? GDPR Event Sourcing Let’s have a look at some ideas!
  • 10. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Deleting/modifying events • Delete events anyhow Reconciling mandatory erasure and the immutable event store
  • 11. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Problems Deleting/modifying events • Delete events anyhow • Modify events anyhow, e.g. by overwriting field values • Difficult/expensive to implement consistently • Expensive to execute, especially on a true append- only event store. • Diminishes value/reliability of event store Reconciling mandatory erasure and the immutable event store
  • 12. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Re-interpret the law Reconciling mandatory erasure and the immutable event store • “The law only requires deletion from operational storage, so that’s read models in CQRS. An event store is like a back-up and that’s excluded from the law.” • “Data needed for legal claims is excluded from art 17 (by 17.3.c). I intend to use my events to support legal claims. Therefore my event store is excluded.”
  • 13. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Problems Re-interpret the law • No. That violates the minimization principle. Reconciling mandatory erasure and the immutable event store • No. There’s simply nothing like that in the law. • “The law only requires deletion from operational storage, so that’s read models in CQRS. An event store is like a back-up and that’s excluded from the law. ” • “Data needed for legal claims is excluded from art 17 (by 17.3.c). I intend to use my events to support legal claims. Therefore my event store is excluded.”
  • 14. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Separate contexts • Store non-personal data in an event sourced context. • Store personal data in an non-event sourced context. • Bring them together when needed in read-model projections. Reconciling mandatory erasure and the immutable event store
  • 15. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Idea Problems Separate contexts • Store non-personal data in an event sourced context. • Store personal data in an non-event sourced context. • Bring them together when needed in read-model projections. • Lots of complexity to keep the mapping in place. • Huge refactoring in existing applications. • Leads to unnatural domain models in many situations. • Loses all ES benefits for personal data. Reconciling mandatory erasure and the immutable event store
  • 16. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul GDPR vs Event Sourcing • Generally, very good match because of transparency • There’s also a challenge Erasure is sometimes mandatory Events are immutable and undeletable ? GDPR Event Sourcing Existing ideas have major downsides
  • 17. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul AxonIQ GDPR Module
  • 18. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Cryptographic erasure Core idea: • Store data in encrypted form • To delete the data, throw away the key A.k.a. “crypto erase”, “crypto- shredding”, “digital shredding”
  • 19. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Not a novel idea! By Evan-Amos - Own work, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=27940250 As data sanitization strategy: • Built into “Self Encrypting Drives” and enterprise-grade storage arrays. • Supported by storage security standards: • ISO/IEC 27040 • NIST SP 800-88 Rev 1
  • 20. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul GDPR Module design goals Implement crypto-erasure on the application level, for Java • Easily usable. No changes to business logic. Integration with Axon. • Generally usable: • With Axon 3, Axon 2 or without Axon at all. • Independent of serialization and event store choices. • Fine grained control. Decide what you want encrypted/erased. • Highest possible, long-term security.
  • 21. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul uses as delegate API Overview <<class>> FieldEncrypter void encrypt(Object obj) void decrypt(Object obj) <<interface>> CryptoEngine SecretKey getOrCreateKey(String id) SecretKey getKey(String id) Cipher getCipher(SecretKey key) void deleteKey(String id) uses Implementations: • In memory • JPA-backed • JKS • PKCS#11 <<class>> FieldEncryptingSerializer <<interface>> Serializer implements uses Driven by annotations on the object’s fields Enables seamless Axon Framework integration. Three versions: axon3, axon2, core.
  • 22. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul
  • 23. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Common questions • Today's encryption may be hacked in the future – how can you guarantee security? • Is this allowed under GDPR? • How about key management? Are keys secured? • Is this open source?
  • 24. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Long-term security • There are big difference in crypto algorithms here: we use the symmetric AES algorithm, which is very different from e.g. RSA • We recommend and default to using 256-bit keysize • Best known cryptanalysis attack (Biclique) reduces this to 254.4 bits • This will withstand any classic brute-force attack (given size of keyspace). • This will also withstand the best known quantum attack (Grover's algorithm) This provides the long-term security that is the basis for current use for disk sanitization and its inclusion in NIST and ISO standards.
  • 25. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Is this allowed under GDPR? • GDPR is explicitly "technology neutral" • Is doesn't define "erasure" This gives room to different technical implementations of erasure. • The strengths and weaknesses of crypto erasure should be compared against other practices. • Regular SQL DELETE doesn't event delete data from disk Crypto erasure is at least as strong as traditional DELETE and therefore a reasonable technical implementation of "erasure".
  • 26. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Are keys secured? • The module offers various options to store your keys, including in a database (with regular database security) or a HSM. You can also define your own by implementing an interface. • But, from a risk analysis point of view, these crypto-erasure keys are much like regular data!
  • 27. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Without cryptoerasure With cryptoerasure Are keys secured? Cleartext event data record Encrypted event data record Key Get access to this, and you have the event data Get access to this, and you have the event data
  • 28. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Is the GDPR Module open source? • No, it's a commercial, closed source offering. • Flexible pricing scheme with both enterprise-wide licenses as well as single project licenses on offer. Contact us to discuss. • We are 100% transparent about what the module does. • The cryptographic scheme that we use is fully described in the documentation and may e.g. be provided to your security auditors. • The scheme is not patented and may be implemented by others. Free as in beer: No Open and transparent: Yes
  • 29. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Example scheme documentation SecureRandom pre_iv (int) big-endian enc. pre_iv (byte[]) MD5 AES/CBC/PKCS#5 cleartext byte[] encrypted byte[] MD5 digest byte[] AES key first 8 big-end dec AES/ECB/NoPad first 8 iv data key data key 1 2 big-end dec EncryptedFieldData int32 version = 11 fixed32 pre_iv= 2 bytes encrypted_value=3 fixed64 digest= 4 fixed64 enc_digest=5 bytes partial_value=6 ReplacementValueProvider #partialValueForStorage Protobuf 3 encoding encrypted byte[]
  • 30. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Where does this fit? Part of a strategy to deal with mandatory erasure (driven by GDPR or otherwise) Easy to implement solution for the erasure vs. immutability problem Request for deletion Valid? Yes Raise specific deletion event Delete from event store Delete from read models Inform 3rd parties Keystore Readmodel database AxonIQ GDPR Module Request for deletion Inform data subject Deletion acknowledge- ment
  • 31. Contact me: frans.vanbuul@axoniq.io Follow me: @Frans_vanBuul Finally Please contact me directly in case you have any questions after this webinar frans.vanbuul@axoniq.io Want to learn about more about Axon Framework? • We offer training: https://axoniq.io/services/axon-training.html On September 21th, we'll have our annual conference: https://www.eventbrite.com/o/axoniq-15996042943 • Visit https://axoniq.io and subscribe to newsletter.