Edit menu and overview

Cosmian · Dec 14, 2023 · d89a2a5 · d89a2a5
1 parent 14b5a51
commit d89a2a5
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 47 deletions.
diff --git a/src/assets/table-all-attackers.drawio.svg b/src/assets/table-all-attackers.drawio.svg
diff --git a/src/assets/table-reduced-attackers.drawio.svg b/src/assets/table-reduced-attackers.drawio.svg
diff --git a/src/component/Layout.tsx b/src/component/Layout.tsx
@@ -46,7 +46,7 @@ const Layout = (): JSX.Element => {
             <CosmianLogo />
           </Link>
         }
-        title="Client-side Encryption – Interactive tutorial"
+        title="Interactive tutorial"
         userMenu={
           <div style={{ display: "flex", justifyContent: "center", alignItems: "center", gap: 16 }}>
             <ExternalLink link="https://docs.cosmian.com">Documentation</ExternalLink>

diff --git a/src/pages/OverView.tsx b/src/pages/OverView.tsx
@@ -1,63 +1,45 @@
 import { Link } from "react-router-dom";
-import Decryption from "../assets/client_side_decryption.drawio.svg";
-import Encryption from "../assets/client_side_encryption.drawio.svg";
+import TableAll from "../assets/table-all-attackers.drawio.svg";
+import TableReduced from "../assets/table-reduced-attackers.drawio.svg";
+
 import { ImageWrapper, SingleContent } from "../component/Layout";
 
 const OverView = (): JSX.Element => {
-  const origin = window.location.origin;
+  // const origin = window.location.origin;
 
   return (
     <SingleContent>
-      <h1>Cosmian Client-side Encryption</h1>
+      <h1>Architecture - Attackers, Threats and Solutions</h1>
       <p className="introduction">
-        Regain control of every byte of your data in the cloud, even during runtime. Cosmian brings a robust encryption for SaaS
-        applications, ensuring all data remains in the right hands, fortified with the latest advancements in post-quantum encryption.
+        The first step in understanding how to secure data and applications in a zero-trust environment is to look at potential attackers
+        and their threat model. We assume the application code is safe and that we do not need to protect against the software developer.
       </p>
-      <h2>Why use Cosmian Client-side Encryption?</h2>
+      <ImageWrapper maxWidth={1000}>
+        <img src={TableAll} alt="All attackers table" width="70%" />
+      </ImageWrapper>
+      <h2 style={{ marginTop: 50 }}>Protection against all attackers</h2>
       <p>
-        With minimal cipher expansion and latency, Cosmian’s encryption solution sets a new benchmark in enterprise-grade performance,
-        supporting even the most demanding production workloads.
+        Client-side encryption is the only ubiquitous solution that protects against all attackers because data is encrypted by the data
+        owner under its own key before it reaches any of these attackers. Enabling client-side encryption without loss of functionality
+        usually requires a modification to the application and the use of a few Cosmian products: Cosmian Covercrypt, Cosmian KMS and
+        possibly Cosmian VM and Cosmian Findex.
       </p>
       <p>
         With Cosmian’s Client-side Encryption, data remains encrypted in transit, at rest, and even during runtime. This breakthrough in
-        data protection provides the highest assurance of data privacy and security.
-      </p>
-      <h2>Cosmian solution</h2>
-      <p className="strong">
-        Cosmian provides code blocks, libraries and tools that make using its technologies to implement client-side encryption easy.
+        data protection provides the highest assurance of data privacy and security. We providecode blocks, libraries and tools that make
+        using its technologies to implement client-side encryption easy.
+        <div style={{ marginTop: 20 }}>
+          <Link to={origin + "/client-side-encryption/about-cse"}>→ Client-side encryption example</Link>
+        </div>
       </p>
+      <h2 style={{ marginTop: 50 }}>Protection against a reduced list of attackers</h2>
       <p>
-        With client-side encryption, content is encrypted from the customer's browser - or any API connector - before it is transmitted to
-        the cloud application servers. The customer manages the encryption keys in its Key Management Service (KMS). This approach
-        significantly reduces the attack surface, as the application and data layers within the zero-trust environment process only
-        encrypted data and have no clear text access to the decryption keys.
+        When the threat model is limited to a reduced list of attackers, other solutions may be used. The following table summarizes the
+        solutions that Cosmian provides to protect against each attacker.
       </p>
       <ImageWrapper maxWidth={1000}>
-        <img src={Encryption} alt="Cosmian Client-side Encryption" width="100%" />
-        <img src={Decryption} alt="Cosmian Client-side Decryption" width="100%" />
+        <img src={TableReduced} alt="Reduced attackers table" width="70%" />
       </ImageWrapper>
-      <h2>State-of-the-art post-quantum encryption with embedded access policies</h2>
-      <p>
-        To further enhance the security provided by application-level encryption, employing a robust encryption scheme like Covercrypt is
-        crucial. Covercrypt mitigates the risks associated with key leakage from the presentation layer and addresses potential security
-        risks such as rights escalation attacks and authorization misconfigurations. <br />
-        <Link to={origin + "/encrypt-with-access-policies/about-covercrypt"}>→ Cosmian Covercrypt overview</Link>
-      </p>
-      <h2>Search encrypted data</h2>
-      <p>
-        One of the drawbacks of using application-level encryption is that the storage layer cannot search for data, and most applications
-        rely on search features for data extraction. This is because the search engine cannot decrypt the data and, therefore, cannot index
-        it. To solve this issue, Cosmian provides Findex, a searchable encryption scheme that allows the building of encrypted indexes.
-        <br />
-        <Link to={origin + "/build-encrypted-indexes/about-findex"}>→ Cosmian Findex overview</Link>
-      </p>
-      <h2>Key distribution</h2>
-      <p>
-        Using Cosmian's Key Management Service (Cosmian KMS) and Public Key Infrastructure (PKI), users can safely share their keys via the
-        zero trust layer.
-        <br />
-        <Link to={origin + "/distibute-keys/about-pki"}>→ Cosmian PKI overview</Link>
-      </p>
     </SingleContent>
   );
 };

diff --git a/src/utils/navigationConfig.tsx b/src/utils/navigationConfig.tsx
@@ -62,7 +62,7 @@ export const navigationConfig: NavigationConfig = {
   },
   "build-encrypted-indexes": {
     key: 2,
-    label: "Build Encrypted Indexes",
+    label: "Search Encrypted Data",
     children: {
       "about-findex": {
         key: 0,
@@ -98,7 +98,7 @@ export const navigationConfig: NavigationConfig = {
   },
   "distibute-keys": {
     key: 3,
-    label: "Distribute keys between clients",
+    label: "Distribute keys",
     children: {
       "about-pki": {
         key: 0,
@@ -158,7 +158,7 @@ export const navigationConfig: NavigationConfig = {
   },
   "confidential-vm": {
     key: 4,
-    label: "Cosmian VM",
+    label: "Compute using Encrypted Code and Data",
     children: {
       "about-cosmian-vm": {
         key: 0,
@@ -200,7 +200,7 @@ export const navigationConfig: NavigationConfig = {
   },
   "client-side-encryption": {
     key: 4,
-    label: "Client-side Encryption example",
+    label: "Encrypt Client-Side",
     children: {
       "about-cse": {
         key: 0,