NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,

Slides:



Advertisements
Similar presentations
HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.
Advertisements

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved.
ASCR Data Science Centers Infrastructure Demonstration S. Canon, N. Desai, M. Ernst, K. Kleese-Van Dam, G. Shipman, B. Tierney.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
IEEE BigData Overview October NIST Big Data Public Working Group NBD-PWG Based on September 30, 2013 Presentations at one day workshop at NIST Leaders.
4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.
Reference Architecture Subgroup NIST Big Data Public Working Group Reference Architecture Subgroup September 30, 2013 Co-chairs: Orit LevinMicrosoft James.
Security Controls – What Works
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Unified Logs and Reporting for Hybrid Centralized Management
Semantic Web and Web Mining: Networking with Industry and Academia İsmail Hakkı Toroslu IST EVENT 2006.
Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.
Applied Cryptography for Network Security
Cloud Usability Framework
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Secure Knowledge Management: and.
NIST Big Data Public Working Group Reference Architecture Subgroup September 30, 2013 Co-chairs: Orit LevinMicrosoft James KetnerAT&T Don KrapohlAugmented.
NIST BIG DATA WG Reference Architecture Subgroup Meeting Agenda Co-chairs: Orit Levin (Microsoft) James Ketner (AT&T) Don Krapohl (Augmented Intelligence)
8/15/2013NIST Big Data WG / Ref Arch Subgroup1 NIST Big Data Program Alignment: Roadmap & Reference Architecture Version 1.3 Roadmap Subgroup NIST Big.
A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality
Cloud Computing Cloud Security– an overview Keke Chen.
VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
Management Information Systems
Cryptography and Network Security
Joseph Ferracin Director IT Security Solutions Managing Security.
K E Y : SW Service Use Big Data Information Flow SW Tools and Algorithms Transfer Application Provider Visualization Access Analytics Curation Collection.
WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Identity and Privacy: the.
Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.
X-Road – Estonian Interoperability Platform
Un peu de recherche…. 2 LIRIS/DCS/DRIM 3 Nostalgia: an overview of the past 10 years Some contributions to the management of data in grids Some contributions.
NIST BIG DATA WG Reference Architecture Subgroup Draft Co-chairs: Orit Levin (Microsoft) James Ketner (AT&T) Don Krapohl (Augmented Intelligence) August.
Session ID: Session Classification: Dr. Michael Willett OASIS and WillettWorks DSP-R35A General Interest OASIS Privacy Management Reference Model (PMRM)
Electronic Health Records: Healthcare System’s Common Trends Based on Cloud Computing Group 2: OU Jin FANG Ting
Privacy Communication Privacy Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic.
February 8, 2005IHE Europe Educational Event 1 Integrating the Healthcare Enterprise Basic Security Robert Horn Agfa Healthcare.
Secure Sensor Data/Information Management and Mining Bhavani Thuraisingham The University of Texas at Dallas October 2005.
NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,
Data Warehousing Data Mining Privacy. Reading Bhavani Thuraisingham, Murat Kantarcioglu, and Srinivasan Iyer Extended RBAC-design and implementation.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
Securing Data in Transit and Storage Sanjay Beri Co-Founder & Senior Director of Product Management Ingrian Networks.
Ali Alhamdan, PhD National Information Center Ministry of Interior
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.
NIST BIG DATA WG Reference Architecture Subgroup Agenda for the Subgroup Call Co-chairs: Orit Levin (Microsoft) James Ketner (AT&T) Don Krapohl (Augmented.
NIST BIG DATA WG Reference Architecture Subgroup Intermediate Report Co-chairs: Orit Levin (Microsoft) James Ketner (AT&T) Don Krapohl (Augmented Intelligence)
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
K E Y : SW Service Use Big Data Information Flow SW Tools and Algorithms Transfer Transformation Provider Visualization Access Analytics Curation Collection.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
8/20/2013NIST Big Data WG / Roadmap Subgroup1 Architecture Storage Architecture Processing Architecture Resource Managers Architecture Infrastructure Architecture.
NIST BIG DATA WG Reference Architecture Subgroup Draft Co-chairs: Orit Levin (Microsoft) James Ketner (AT&T) Don Krapohl (Augmented Intelligence) August.
© Cloud Security Alliance, 2015 Wilco van Ginkel, Co-Chair BDWG.
The ERA of API in the World of IoT Jing Zhang-Lee November, 2015.
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
Picturex Secures and Scales Event-Photo Sharing for Enterprise and Private Customers by Relying on the Powerful, Scalable Microsoft Azure Platform MICROSOFT.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
K E Y : DATA SW Service Use Big Data Information Flow SW Tools and Algorithms Transfer Hardware (Storage, Networking, etc.) Big Data Framework Scalable.
Role Activity Sub-role Functional Components Control Data Software.
Basic Security Cor Loef Philips Medical Systems Co-Chair IHE Radiology Technical Committee.
ACGT Architecture and Grid Infrastructure Juliusz Pukacki ‏ EGEE Conference Budapest, 4 October 2007.
Big Data Security Issues in Cloud Management. BDWG Big Data Working Group Researchers 1: Data analytics for security 2: Privacy preserving 3: Big data-scale.
CMSC 818J: Privacy enhancing technologies Lecture 2.
Cloud Security– an overview Keke Chen
Federated IdM Across Heterogeneous Clouding Environment
Joseph JaJa, Mike Smorul, and Sangchul Song
Survey on Security and Energy Efficiency in the Cloud Computing Environment Wei Wu.
PLUG-N-HARVEST ID: H2020-EU
Blockchain technology at Change Healthcare
IS4680 Security Auditing for Compliance
Computer Science and Engineering
Data Warehousing Data Mining Privacy
Security Mechanisms Network Security.
Presentation transcript:

NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville, University of MD

Security and Privacy Overview 2 Process Taxonomy Use Cases Security Reference Architecture Mapping Next Steps

Security and Privacy Process 3 The CSA Big Data Working Group Top 10 S&P Challenges Googledoc with initial set of topics and solicitation of use cases Taxonomy of topics Input from Reference Architecture Group Security Reference Architecture overlaid on RA Mapping use cases to the SRA Editorial phase Current Working Draft (M0110)

Security and Privacy CSA BDWG: Top Ten Big Data Security and Privacy Challenges10 Challenges Identified by CSA BDWG 4 1)Secure computations in distributed programming frameworks 2)Security best practices for non- relational datastores 3)Secure data storage and transactions logs 4)End-point input validation/filtering 5)Real time security monitoring 6)Scalable and composable privacy- preserving data mining and analytics 7)Cryptographically enforced access control and secure communication 8)Granular access control 9)Granular audits 10)Data provenance

Security and Privacy Top 10 S&P Challenges: Classification 5 Infrastructure security Secure Computations in Distributed Programming Frameworks Security Best Practices for Non- Relational Data Stores Data Privacy Privacy Preserving Data Mining and Analytics Cryptographically Enforced Data Centric Security Granular Access Control Data Management Secure Data Storage and Transaction Logs Granular AuditsData Provenance Integrity and Reactive Security End-point validation and filtering Real time Security Monitoring

Security and Privacy Privacy Communication Privacy Data Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic Encryption Secure Data Aggregation Key Management Provenance End-point Input Validation Syntactic Validation Semantic Validation Communication Integrity Authenticated Computations on Data Trusted Platforms Crypto Enforced Granular Audits Control of Valuable Assets Lifecycle Management Retention, Disposition, Hold Digital Rights Management System Health Security against DoS Construction of cryptographic protocols proactively resistant to DoS Big Data for Security Analytics for Security Intelligence Data-driven Abuse Detection Event Detection Forensics Taxonomy

Security and Privacy Use Cases 7 Retail/Marketing –Modern Day Consumerism –Nielsen Homescan –Web Traffic Analysis Healthcare –Health Information Exchange –Genetic Privacy –Pharma Clinical Trial Data Sharing Cyber-security Government –Military –Education

Security and Privacy Management Security & Privacy 8 Big Data Application Provider Visualization Access Analytics Curation Collection System Orchestrator DATA SW DATA SW INFORMATION VALUE CHAIN IT VALUE CHAIN Data Consumer Data Provider Horizontally Scalable (VM clusters) Vertically Scalable Horizontally Scalable Vertically Scalable Horizontally Scalable Vertically Scalable Big Data Framework Provider Processing Frameworks (analytic tools, etc.) Platforms (databases, etc.) Infrastructures Physical and Virtual Resources (networking, computing, etc.) DATA SW

Security and Privacy Big Data Security Reference Architecture

Security and Privacy Interface of Data Providers -> BD App Provider 10 Big Data Application Provider Visualization Access Analytics Curation Collection Data Provider

Security and Privacy Interface of BD App Provider -> Data Consumer 11 Big Data Application Provider Visualization Access Analytics Curation Collection Data Consumer

Security and Privacy Interface of BD App Provider -> BD Framework Provider 12 Big Data Application Provider Visualization Access Analytics Curation Collection Big Data Framework Provider: Processing, Platform, Infrastructure, Resources

Security and Privacy Internal to BD Framework Provider 13 Big Data Framework Provider: Processing, Platform, Infrastructure, Resources

Security and Privacy Next Steps 14 Streamline content internally –Consistent vocabulary –Fill up missing content –Discuss new content –Streamline flow across sections Synchronize terminology with D&T and RA subgroups

Security and Privacy Big Data Security: Key Points 15 1.Big Data may be gathered from diverse end-points. There may be more types of actors than just Provider and Consumers – viz. Data Owners: e.g., mobile users, social network users. 2.Data aggregation and dissemination have to be made securely and inside the context of a formal, understandable framework. This could be made part of a contract with Data Owners. 3.Availability of data to Data Consumers is often an important aspect in Big Data, possibly leading to public portals and ombudsman-like roles for data at rest. 4.Data Search and Selection can lead to privacy or security policy concerns. What capabilities are provided by the Provider in this respect? 5.Privacy-preserving mechanisms are needed, although they add to system complexity or hinder certain types of analytics. What is the privacy attribute of derived data? 6.Since there may be disparate processing steps between Data Owner, Provider and Data Consumer, the integrity of data coming from end-points must be ensured. End- to-end information assurance practices for Big Data, e.g., for verifiability, are not dissimilar from other systems, but must be designed on a larger scale.

Security and Privacy Thank you! 16 Please join us for the Security and Privacy Subgroup Break Out Session (Lecture Room D)

Backup 17

Big Data Application Provider Data Consumer Data Provider Big Data Framework Provider Securing Data Storage and Transaction logs Key Management Security Best Practices for non-relational data stores Security against DoS attacks Data Provenance

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.