Download presentation
Presentation is loading. Please wait.
Published byStephon Selway Modified over 9 years ago
1
NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville, University of MD
2
Security and Privacy Overview 2 Process Taxonomy Use Cases Security Reference Architecture Mapping Next Steps
3
Security and Privacy Process 3 The CSA Big Data Working Group Top 10 S&P Challenges Googledoc with initial set of topics and solicitation of use cases Taxonomy of topics Input from Reference Architecture Group Security Reference Architecture overlaid on RA Mapping use cases to the SRA Editorial phase Current Working Draft (M0110)
4
Security and Privacy CSA BDWG: Top Ten Big Data Security and Privacy Challenges10 Challenges Identified by CSA BDWG 4 1)Secure computations in distributed programming frameworks 2)Security best practices for non- relational datastores 3)Secure data storage and transactions logs 4)End-point input validation/filtering 5)Real time security monitoring 6)Scalable and composable privacy- preserving data mining and analytics 7)Cryptographically enforced access control and secure communication 8)Granular access control 9)Granular audits 10)Data provenance
5
Security and Privacy Top 10 S&P Challenges: Classification 5 Infrastructure security Secure Computations in Distributed Programming Frameworks Security Best Practices for Non- Relational Data Stores Data Privacy Privacy Preserving Data Mining and Analytics Cryptographically Enforced Data Centric Security Granular Access Control Data Management Secure Data Storage and Transaction Logs Granular AuditsData Provenance Integrity and Reactive Security End-point validation and filtering Real time Security Monitoring
6
Security and Privacy Privacy Communication Privacy Data Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic Encryption Secure Data Aggregation Key Management Provenance End-point Input Validation Syntactic Validation Semantic Validation Communication Integrity Authenticated Computations on Data Trusted Platforms Crypto Enforced Granular Audits Control of Valuable Assets Lifecycle Management Retention, Disposition, Hold Digital Rights Management System Health Security against DoS Construction of cryptographic protocols proactively resistant to DoS Big Data for Security Analytics for Security Intelligence Data-driven Abuse Detection Event Detection Forensics Taxonomy
7
Security and Privacy Use Cases 7 Retail/Marketing –Modern Day Consumerism –Nielsen Homescan –Web Traffic Analysis Healthcare –Health Information Exchange –Genetic Privacy –Pharma Clinical Trial Data Sharing Cyber-security Government –Military –Education
8
Security and Privacy Management Security & Privacy 8 Big Data Application Provider Visualization Access Analytics Curation Collection System Orchestrator DATA SW DATA SW INFORMATION VALUE CHAIN IT VALUE CHAIN Data Consumer Data Provider Horizontally Scalable (VM clusters) Vertically Scalable Horizontally Scalable Vertically Scalable Horizontally Scalable Vertically Scalable Big Data Framework Provider Processing Frameworks (analytic tools, etc.) Platforms (databases, etc.) Infrastructures Physical and Virtual Resources (networking, computing, etc.) DATA SW
9
Security and Privacy Big Data Security Reference Architecture
10
Security and Privacy Interface of Data Providers -> BD App Provider 10 Big Data Application Provider Visualization Access Analytics Curation Collection Data Provider
11
Security and Privacy Interface of BD App Provider -> Data Consumer 11 Big Data Application Provider Visualization Access Analytics Curation Collection Data Consumer
12
Security and Privacy Interface of BD App Provider -> BD Framework Provider 12 Big Data Application Provider Visualization Access Analytics Curation Collection Big Data Framework Provider: Processing, Platform, Infrastructure, Resources
13
Security and Privacy Internal to BD Framework Provider 13 Big Data Framework Provider: Processing, Platform, Infrastructure, Resources
14
Security and Privacy Next Steps 14 Streamline content internally –Consistent vocabulary –Fill up missing content –Discuss new content –Streamline flow across sections Synchronize terminology with D&T and RA subgroups
15
Security and Privacy Big Data Security: Key Points 15 1.Big Data may be gathered from diverse end-points. There may be more types of actors than just Provider and Consumers – viz. Data Owners: e.g., mobile users, social network users. 2.Data aggregation and dissemination have to be made securely and inside the context of a formal, understandable framework. This could be made part of a contract with Data Owners. 3.Availability of data to Data Consumers is often an important aspect in Big Data, possibly leading to public portals and ombudsman-like roles for data at rest. 4.Data Search and Selection can lead to privacy or security policy concerns. What capabilities are provided by the Provider in this respect? 5.Privacy-preserving mechanisms are needed, although they add to system complexity or hinder certain types of analytics. What is the privacy attribute of derived data? 6.Since there may be disparate processing steps between Data Owner, Provider and Data Consumer, the integrity of data coming from end-points must be ensured. End- to-end information assurance practices for Big Data, e.g., for verifiability, are not dissimilar from other systems, but must be designed on a larger scale.
16
Security and Privacy Thank you! 16 Please join us for the Security and Privacy Subgroup Break Out Session (Lecture Room D)
17
Backup 17
18
Big Data Application Provider Data Consumer Data Provider Big Data Framework Provider Securing Data Storage and Transaction logs Key Management Security Best Practices for non-relational data stores Security against DoS attacks Data Provenance
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.