Saswata Basu Of Züs On Embedding Security in Product Design and Development

An Interview With David Leichner

Allow users to control their data on the app so that they have access to their data and complete transparency of their data location and how it is protected at all times. This way even if the app is hacked, the user data is protected and privacy assured. This also protects the app from any GDPR liability risks.

In the face of escalating threats from malicious AI, incorporating cybersecurity best practices into the design and development of products is more crucial than ever, especially for manufacturing companies. How do product security managers incorporate these principles from the ground up? What steps do they take to ensure security is a core facet of their products? As a part of this series, we had the pleasure of interviewing Saswata Basu.

is a blockchain expert and the founder and CEO of (formerly 0Chain). He is a visionary entrepreneur with 25 years of experience in privacy, decentralized storage, blockchain, data security, distributed systems, AI, IoT, cloud services, and wireless. At Züs, he is building a fast, scalable, and secure decentralized storage platform. He holds MS and PhD in EE from UCLA.

Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?

I had a childhood that spanned continents growing up in India, then Africa, and Canada before landing in the U.S. I pushed boundaries and conventions, dropping out of high school and going to University at an early age of 15, hungry for adventure and to explore the world. I studied Electromagnetics at UCLA, and took as many courses in different disciplines to broaden my perspective. After my PhD, finished early in 2 years, while publishing 6 papers, I pursued my career in wireless. I started with Intel and Harris on 5G, and then moved to new ventures that used different technologies such as hybrid power for cell sites, wireless charging for phones, and IOT applications involving wireless tech for agriculture. In 2017, while I was working with the largest almond manufacturer for an IOT application, a requirement came up to sell this data to anyone as a source of income for farmers, and it needed to be designed so that the cost would be minimal and trustless.

At that time, blockchains were slow, decentralized storage was non-existent, crypto equipment prices were expensive, and the security of crypto wallets was absent. We needed a blockchain capable of providing fast-finality, scalability, and with a high-performance storage service. Since such a platform didn’t exist, I teamed up with Tom Austin, a CS science professor, to build it from scratch. Five years later we built , a secure multi-cloud with no vendor lock-In. You can choose the best providers and switch anytime. Züs is decentralized, open source, and high-performance with high-security features such as immutability and proxy re-encryption. Züs is ideal for file sharing, backups, AI, data lakes, databases, and data visualization.

Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.

I was a victim of a SIM swap hack in 2018. The experience motivated me to develop a higher level of security to prevent this from happening to our users and protect their tokens for buying, selling, and staking on storage. It took us a year to develop a novel split key technology where the private key is used to generate two keys that are on separate devices, such as a phone and laptop in order for a transaction to go through. This solution is serverless and doesn’t require a 2FA server typically used by Google, Microsoft, Binance, and others, which is vulnerable to outages that prevent users from access. In addition, split-key is more secure and simple to use than a hardware wallet

Are you working on any exciting new projects now? How do you think that will help people?

We have been working for 6 years on our blockchain and storage technology that can revolutionize storage and disrupt a huge industry, enabling small businesses to flourish using Chimney to sell storage space in the same way Uber and Airbnb have helped create new markets within the sharing economy. For individuals, they can now have total control of their data and privacy with Vult, and enjoy sharing private data without any fear of breach. Businesses can have control of their uptime with designs of a hybrid and multi cloud architecture with a few clicks using Blimp rather than requiring a team to manage such infrastructure. Lastly, we have Chalk, empowering artists to have a high performance storage for their NFTs, allowing them to amplify their creation and market their NFT with sketches, drafts, and videos, and in the form of a beautiful ensemble that is linked to OpenSea.

How do emerging technologies like AI and machine learning influence the risk to the cybersecurity landscape?

Emerging technologies like AI & machine learning have seen massive growth in recent years and they are completely revolutionizing entire industries. However, there are serious data security and privacy risks which went ignored initially. The risk is on the input data since it influences the AI result even if the model is kept safe. So it’s important to safeguard this input data and store it securely.

One good solution is to store the data on a decentralized storage network which is inherently more secure than a traditional cloud because the data is distributed and fragmented over several independent storage providers and not vulnerable to attacks and breach. Decentralized storage such as Züs provides additional security features such as proxy re-encryption and immutability, which enables enterprises to have air tight security of their data. With encryption, the data cannot be deciphered unless the recipient has the associated proxy key. And immutability enables the user to prevent data from being deleted and changed even if the key of the content owner is compromised.

Ok, thank you. Let’s now move on to our main topic of Embedding Security in Product Design and Development. Can you share a few reasons why this is so critical in today’s cybersecurity threat environment?

In a SaaS (software as a service) product design, the data from the customer needs to be kept secure to ensure data integrity, else the service would malfunction if the data is manipulated or deleted. An example is if the shipping information is not protected, then someone can change the address of an user to have their orders sent elsewhere. The protection of data is more vulnerable when it is at rest rather than when it’s in transit or used by the app. If the data is stored in a traditional centralized cloud on a server, then it is vulnerable to a breach by employees of the cloud provider as they have admin access to the server.

However, if the data is stored on a decentralized cloud, it has inherent security because the data is fragmented on multiple servers and cannot be discerned as a whole even with a breach of some servers. Additionally, if the data is encrypted and also made immutable, then the data has the best protection where it cannot be accessed without permission, and cannot be changed or deleted. To be part of the product, the application needs to use a SDK (software development kit) to interface these protocols to store and retrieve data from decentralized storage. The such as the one from uses parallel threads to upload and download data in multiple chunks to provide better performance than traditional cloud, and even if the network is severed for some time, it can reconnect and continue where it left off. It also allows adding providers on the fly for increased redundancy and switching providers if the user is not happy with the price or performance of the provider. The SaaS product just needs to incorporate the GoSDK or JSSDK for their web, mobile, and desktop platforms.

“Security by Design” is a philosophy often mentioned in product development. Can you elaborate on this concept and explain its critical role in today’s manufacturing landscape?

“Security by Design” is a fundamental philosophy in product development, emphasizing the integration of security considerations for the product for live data, backup, archive, and analytics. In each case, the data resides today in different cloud services such as AWS EBS, EFS, S3, and Glacier, and since these are copies of the same data, they are vulnerable to breach and data manipulation. An alternative is to store the data in different decentralized storage allocation, some may have more shards than others. For example, to mimic EBS, the user can select fast storage colocated in a region to reduce latency, and select 8 data and 2 parity shards for their allocation to achieve top speeds. For S3, the user may desire more parity, and can be configured as 10 data and 5 parity shards spread over multiple regions. , a decentralized storage platform from Züs, provides a S3 server option for backups and copy of data that are on existing S3 buckets so enterprises and SaaS vendors can start to use decentralized storage today and make sure their design has built-in security since there is no code change needed and can be implemented in minutes. This would start the process of reducing risk and preventing potential breach costs in the future.

Moreover, by storing the data on blockchain storage, they automatically prevent a single point of failure and are not locked into one vendor since they can switch a provider in the future, or add a provider to increase redundancy. Hence, disaster recovery, data breach, server, network, and datacenter failure costs are all taken into consideration and averted, as well as privacy for customers in the overall design of the product

With the rise of IoT and connected devices, what challenges and opportunities do you foresee in ensuring security remains integral throughout the product development lifecycle?

There is a lot of data on IoT devices now compared to a decade ago. With the advent of electric cars and surveillance cameras, there is a lot of data that is sent to the cloud and privacy of such data is important. Imagine the data of all the trips your car has made in the past week or the data from the cameras in your house is hacked and accessed by a malicious entity and used as blackmail. The data could be manipulated by the IoT device itself since it is in the possession of the user. In order to provide a comprehensive security, each IoT device can be registered as an unique user on the blockchain with its own digital wallet. This setup allows the device to securely transmit data to decentralized storage. By encrypting this data access is restricted solely to the device, safeguarding it from unauthorized use. When the data needs to be used for analytics or other applications, a process called “proxy re-encryption” is employed. This technique allows data to be shared securely without exposing the original encryption keys, ensuring that the data remains inaccessible to unauthorized parties. Through this security approach, the blockchain maintains rigorous data integrity and privacy from the point of creation all the way through storage and use.

So in the design of IoT and connected devices, the use of GoSDK enables the system to be protected from data breach in the cloud and hack at the endpoints. The IoT files such as videos from surveillance cameras or data from cars can be visible on Blimp, a decentralized storage platform from Züs, which shows the content in its original high resolution, and is convenient to incorporate within the product as a file visualization plug-in, to view the images, videos, and PDF documents on a carousel of all the files in a folder.

Rapid prototyping is becoming the norm in product development. How do you maintain robust security standards during these accelerated design and testing phases?

Rapid prototyping is a norm in new product development and it is important to maintain the same security standards as for a regular product development, otherwise it would take longer to make the changes and be more expensive later with the security debt. The prototype could easily use the SDK or Blimp to store data on a dStorage platform, and leverage the data visualization aspect of the platform for images and videos. The visualization has a carousel feature for the viewer to sift through the files in a folder and view the image, video or a PDF document.

Given the complexities of the manufacturing supply chain, how do you ensure that security isn’t compromised, especially when integrating components from third-party vendors?

Ensuring security in the manufacturing supply chain is a challenge today. To eliminate security threats, the data integrity and security of the third party vendors or suppliers need to be manually checked by going through their processes and having tokenization, monitoring, and encryption to prevent hacks for data in transport or in use by the application. However, the data at rest is still vulnerable and it’s best to use a decentralized S3 platform to store this data, so that there is a single source of truth shared among vendors on the supply chain using the proxy re-encryption protocol. Each supplier encrypts their content with their private key and shares the unique proxy keys to access this data to other parties based on their public keys.

An example is an invoice which can be encrypted and seen by only one vendor as the manufacturing workflow goes through multiple suppliers. The supplier could make their storage allocation immutable and so every time they upload content it cannot be changed or deleted. This preserves the integrity of the supply chain with a common source of truth. Since the visualization piece is built into the Blimp platform, users can incorporate it as a plug-in to their SaaS manufacturing app.

As Industry 4.0 and smart factories gain traction, how are strategies and approaches evolving to embed security in products that align with these futuristic manufacturing trends?

Smart factories use IoT and AI to automate and gain efficiency in their processes to achieve a higher yield. In both cases as was discussed earlier they are vulnerable to security risks. In order to mitigate such, the user can use blockchain storage to monitor the changes of the files at the root level, and can use encryption and immutability as a way to thwart any hack attempt.

What are your “5 Best Practices For Embedding Security in Product Design and Development”?

1 . Safeguard the application and customer data by storing it on a blockchain storage network since if it’s set up properly, it is the most secure and resilient storage. Use GoSDK or JSSDK to fragment and store data on dStorage using examples of how a web and mobile app can incorporate the SDK in uploading, downloading, and sharing data.

2 . Protect the backup using Blimp for decentralized S3 storage (dS3). Since there is no code required, this can be set up in a few minutes and any organization should be able to do this basic step. This way in the event of a breach or disaster, there is always a place to restore the data and readily visualize its contents.

3 . Allow users to control their data on the app so that they have access to their data and complete transparency of their data location and how it is protected at all times. This way even if the app is hacked, the user data is protected and privacy assured. This also protects the app from any GDPR liability risks.

4 . If the app were to keep the data safe for the user, then it should encrypt it and allow the app to access it along with the content owner and whoever they want to share the data. This can be done easily by the use of proxy re-encryption protocol and the use of public encryption keys of the users.

5 . Make customer data immutable so that anything they upload cannot be changed or deleted. The app can maintain different versions of changes made to a file. This can be easily done by just setting the allocation immutable using GoSDK on dStorage.

The 5 best practices to safeguard your application and customers can be summarized as fragment, encrypt, and make your data immutable, backup in dS3, and let customers control their data.

How can our readers further follow your work online?

You can follow us on and keep a close eye on Network’s website to get the latest updates

This was very inspiring and informative. Thank you so much for the time you spent on this interview!

About The Interviewer: David Leichner is a veteran of the Israeli high-tech industry with significant experience in the areas of cyber and security, enterprise software and communications. At , a leading provider of Product Security Lifecycle Management, David is responsible for creating and executing the marketing strategy and managing the global marketing team that forms the foundation for Cybellum’s product and market penetration. Prior to Cybellum, David was CMO at SQream and VP Sales and Marketing at endpoint protection vendor, Cynet. David is a member of the Board of Trustees of the Jerusalem Technology College. He holds a BA in Information Systems Management and an MBA in International Business from the City University of New York.