Data Security and Privacy Simon Foley Insight Centre for Data Analytics Department of Computer Science University College Cork.

Slides:

Advertisements

Similar presentations

WCSWeb Hearing Link Data System and User Training Protocol Marcia Fort, Au.D., CCC-A Kathy Gajan, M.A., CCC-SLP Jason Guetgemann, M.S., CCC-SLP Jerry Ramsey,

Advertisements

Privacy By Design Sample Use Case

Protecting Cyber-TA Contributors: Risks and Challenges Vitaly Shmatikov The University of Texas at Austin.

Databanks and biobanks created through health research: Should their content be anonymized? A reflection… Emmanuelle Lévesque, LL.M., lawyer Research Associate,

The Veterans Affairs Central Biorepository and MVP Highlights Mary T

KATE SASAMOTO EDUCATION COORDINATOR IRBMED SEMINAR SERIES MAY 21, 2014 IRBMED Quick Tips.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

Design Fest 2004 Data Collection TerraSense Arbor XT Cristiano, Giuliano, Pedro, Nélson, Lene, Henning, Fábio.

#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

John Howie Big Data: Answering Questions and Solving Society’s Problems, but at What Cost?

Cloud Enabled Healthcare Presented by: Ron Parker and Stanley Ratajczak Emerging Technology Group Canada Health Infoway Inc. May 28, 2013Copyright © 2013.

A Wanderer’s Guide to the Data Network Navigating Our Connected World Garrett Shields, GISP, CFM.

Social Networking and On-Line Communities: Classification and Research Trends Maria Ioannidou, Eugenia Raptotasiou, Ioannis Anagnostopoulos.

1 Social Engineering By Dan LoPresto. 2 An ounce of data on Dan…  Dan LoPresto owns/operates PitViper Industries - Technology Solutions.  CISSP Certification.

DATA GOVERNANCE Presentation to CSG September 27, 2007 Mary Weisse Manager, MIT Data & Reporting Services

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.

8 October 2004 Review of IT Offshore Outsourcing Issues Helen M. Carothers Gerhard Steinke REVIEW OF IT OFFSHORE OUTSOURCING ISSUES Helen M. Carothers.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS Business Plug-In 7.

Kevin Casady Hanna Short BJ Rollinson.  Centralized and Structured collection of data stored in a computer system  An electronic filing system  Easy.

Stephen Slawter. What is WHS 1 ?  Digital memories and media stored and organized in a central location  Home computers backed up daily, automatically.

Dr. A. J. Kenyon & Dr. E. H. Wood Background to Research Ethics Aim To provide foundational information regarding the rights of the participant, before,

Participatory Sensing in Commerce: Using Mobile Phones to Track Market Price Dispersion Nirupama Bulusu (Portland State University) Chun Tung Chou, Salil.

Science and Environment Area of Impact.  UK Citizens  Citizens that had exposed their biological data (DNA) with the scientists in one way or another.

Systems Analysis Lecture 3 Business and ICT ICT Systems & Business Systems 1 BTEC HNC Systems Support Castle College 2007/8.

Meng Yan. Introduction In fact, your online actions may be monitored by unauthorized parties logged and preserved for future access years later.

Exam 1 Terminology Review MIS Question 1 Information that describes a specific operational aspect of an organization: A. External B. Internal C.

Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012.

Electronic Money. What is Electronic Money? Scrip or money that is exchanged only through electronically is referred to as electronic money. Electronic.

Enterprise Survey/Assessment Tool Administrative Computing Working Group October 25,

IT Security Policy Framework ● Policies ● Standards ● Procedures ● Guidelines.

Is IRB Review or an OHSRP Determination Required?.

M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized Trust Management. In Proc. of the 17 th Symposium on Security and Privacy, pages IEEE Computer.

Proposed Privacy Taxonomy for IOT Scott Shorter, Electrosoft, These slides are based on work contributed to the IDESG Use Case AHG in January.

Policy and Implementation Plan for Public Access to Scientific Publications and Digital Data from VA-Funded Research Tom Puglisi, PhD, ORO Executive Director.

Digital Planet: Tomorrow’s Technology and You Chapter 7 Database Applications and Privacy Implications Copyright © 2012 Pearson Education, Inc. publishing.

1 Privacy Aware Incentive Mechanism to Collect Mobile Data While Preventing Duplication Junggab Son*, Donghyun Kim*, Rasheed Hussain**, Sung-Sik Kwon*,

1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.

The EigenTrust Algorithm for Reputation Management in P2P Networks Sepandar D.Kamvar Mario T.Schlosser Hector Garcia-Molina.

Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.

WHAT IS CYBER SECURITY? Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great.

Harnessing P2P Power in the Classroom Julita Vassileva Department of Computer Science University of Saskatchewan, Canada.

Big Data Analytics Are we at risk? Dr. Csilla Farkas Director Center for Information Assurance Engineering (CIAE) Department of Computer Science and Engineering.

Social Impacts of Data Mining 2004/12/30. Outline Is data mining a hype or a persistent growing business? Is data mining merely managers’ business or.

By Hajira Fatima Safa Mohammed Zaheer Abid Ali. Cloud computing is a result of evolving and adopting existing technologies. The goal of cloud computing.

1. Scope of Application 2. Use Case Actors Data Flows Touch Points Initial PI 3. PI - at Touch Points In Internal Out 4. PI - Operational Privacy Policies.

Fast Times at SQL Server High Data Management Inside a NASCAR Race Team Andy Korczynski - Red Bull Racing.

By: Haytham Abdel-Qader. Topics in Data Management include: I. Data analysis II. Database management system III. Data modeling IV. Database administration.

Unlinking Private Data

“Enterprise Network Design and Implementation for Airports” Master’s Thesis - Ashraf Ali Department of Computing and Information Sciences This project.

TUF: Secure Software Updates Justin Cappos NYU Poly Computer Science and Engineering.

Independent Centre for Privacy Protection Schleswig-Holstein

Searchable Encryption in Cloud

Transforming learning through analytics

DBMS & TPS Barbara Russell MBA 624.

Rosalyn Moran CSDAN May 2017

UNIT 2 – CHAPTER 2 – LESSON 7 Introduction to Data.

State of e-Authentication in Higher Education Bernie Gleason

Blockchain Adrian Zaragoza.

The University of Adelaide, School of Computer Science

Pilot project training

Chapter 1 Database Systems

To start the presentation, click on this button in the lower right corner of your screen. The presentation will begin after the screen changes and you.

Database Systems Design, Implementation, and Management Coronel | Morris 11e ©2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or.

Chapter 1 Database Systems

Online Data Collection: Ethics

Data Warehousing Data Mining Privacy

UPortal Meets Campus-wide Login at UBC Paul Zablosky ITServices The University of British Columbia Slide 1.

Provenance for Decision Making in Business

Decision Making Process

Presentation transcript:

Data Security and Privacy Simon Foley Insight Centre for Data Analytics Department of Computer Science University College Cork

Shannon’s Maxim “The enemy knows the system”

Security Mechanisms Modeling and building security mechanisms Assurance: system upholds security property. Security Criteria: Rainbow series, Common Criteria. Even for simple systems its hard to get it right.

[ww.cvedetails.com]

Enterprise Security Regard security as a risk to be managed; Identify risk, select mechanism, track efficacy; Assurance: system follows best practices. Security criteria: PCI-DSS, HIPPA,..; easy to over-emphasize checkboxes. Even for small systems its hard to get it right.

[Informationisbeautiful.net]

Data Privacy Systems that store identifiable personal data. Large centralized systems make attractive targets to outsiders and insiders. Who collects, shares, accesses personal data? Is AUP informed consent? Hard to get right, even for a tech-user.

Data Privacy and Anonymity Systems store de-identified personal data. Pseudonymization of identity is non-trivial. Queries and linked data may reveal identity PETs are complex and not widely adopted

Conclusion Getting security and privacy right is hard. If a system knows about people then the people need to know about the system. Reinterpret Shannon’s Maxim: “everyone knows the system”