Big Data - Security with Privacy

Similar documents
Big Data - Security and Privacy

Privacy Challenges in Big Data and Industry 4.0

Fujitsu World Tour 2018

WORKSHOP REPORT BIG DATA SECURITY AND PRIVACY Sponsored by the National Science Foundation September 16-17, 2014 The University of Texas at Dallas

IT Privacy Certification Outline of the Body of Knowledge (BOK) for the Certified Information Privacy Technologist (CIPT)

GDPR How to Comply in an HPE NonStop Environment. Steve Tcherchian GTUG Mai 2018

IT Privacy Certification Outline of the Body of Knowledge (BOK) for the Certified Information Privacy Technologist (CIPT)

DOTNET Projects. DotNet Projects IEEE I. DOTNET based CLOUD COMPUTING. DOTNET based ARTIFICIAL INTELLIGENCE

Cybersecurity for Product Lifecycle Management A Research Roadmap

Brian Russell, Chair Secure IoT WG & Chief Engineer Cyber Security Solutions, Leidos

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Smart City, Internet of Things, Security and Privacy

Incident Response Table Tops

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Connected Medical Devices

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

How to Prepare a Response to Cyber Attack for a Multinational Company.

IT Privacy Certification Outline of the Body of Knowledge (BOK) for the Certified Information Privacy Technologist (CIPT)

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations. Christopher S. Yoo University of Pennsylvania July 12, 2018

CIS 444: Computer. Networking. Courses X X X X X X X X X

2017 INVESTMENT MANAGEMENT CONFERENCE NEW YORK Big Data: Risks and Rewards for Investment Management

Automated Threat Management - in Real Time. Vectra Networks

Strategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare

An Overview of Smart Sustainable Cities and the Role of Information and Communication Technologies (ICTs)

Security Operations & Analytics Services

AT&T Labs Research Bell Labs/Lucent Technologies Princeton University Rensselaer Polytechnic Institute Rutgers, the State University of New Jersey

a publication of the health care compliance association MARCH 2018

locuz.com SOC Services

Take Risks in Life, Not with Your Security

standards and so the text is not to be used for commercial purposes, gain or as a source of profit. Any changes to the slides or incorporation in

2017 THALES DATA THREAT REPORT

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Achilles System Certification (ASC) from GE Digital

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Department of Defense Cybersecurity Requirements: What Businesses Need to Know?

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Medical Device Vulnerability Management

Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015

General Data Protection Regulation Frequently Asked Questions (FAQ) General Questions

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

CYBER SECURITY OPERATION CENTER

Altitude Software. Data Protection Heading 2018

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Implementing Executive Order and Presidential Policy Directive 21

THALES DATA THREAT REPORT

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Innovation policy for Industry 4.0

Run the business. Not the risks.

E-guide CISSP Prep: 4 Steps to Achieve Your Certification

Four Grand Challenges in Trustworthy Computing

Systemic Analyser in Network Threats

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

Cyber Security Technologies

Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.

Security+ SY0-501 Study Guide Table of Contents

Cybersecurity Auditing in an Unsecure World

Cloud Computing Lectures. Cloud Security

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Supercharge Your SIEM: How Domain Intelligence Enhances Situational Awareness

Is your privacy secure? HIPAA Compliance Workshop September Presented by: Andrés Castañeda, Senior Manager Steve Nouss, Partner

Preserving Data Privacy in the IoT World

VERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT

Internet of Things. Internet of Everything. Presented By: Louis McNeil Tom Costin

Executive Order & Presidential Policy Directive 21. Ed Goff, Duke Energy Melanie Seader, EEI

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

Artificial Intelligence Drives the next Generation of Internet Security

CCISO Blueprint v1. EC-Council

BSIT 1 Technology Skills: Apply current technical tools and methodologies to solve problems.

Identity Management: Setting Context

The Big Happy Family of System Architecture Approaches. Chris Phillips 14 Jun 2018

Department of Homeland Security Science & Technology

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Case Study Vitality Justin Skinner Group Chief Risk Officer

Healthcare HIPAA and Cybersecurity Update

Swarm at the Edge of the Cloud. John Kubiatowicz UC Berkeley Swarm Lab September 29 th, 2013

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Trusted Computing Today: Benefits and Solutions

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

HIPAA Security and Privacy Policies & Procedures

RSA Fraud & Risk Intelligence Solutions

Security Challenges and

Information Governance, the Next Evolution of Privacy and Security

The NIS Directive and Cybersecurity in

Mapping BeyondTrust Solutions to

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Built-in functionality of CYBERQUEST

Overview of Information Security

Securing Digital Transformation

Healthcare Security Success Story

Security analytics: From data to action Visual and analytical approaches to detecting modern adversaries

Managing Born- Digital Documents.

The GenCyber Program. By Chris Ralph

The NIST Cybersecurity Framework

Applying Auto-Data Classification Techniques for Large Data Sets

ICT Policy Perspective for APEC. Ministry of Internal Affairs and Communications March 2015

Featured Articles II Security Research and Development Research and Development of Advanced Security Technology

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Transcription:

Big Data - Security with Privacy Elisa Bertino CS Department, Cyber Center, and CERIAS Purdue University Cyber Center

Today we have technologies for Acquiring and sensing data Transmitting data Storing, managing and aggregating data data Performing analytics on data Department of Computer Science IoT Big Data Data from EveryWhere and from EveryThing

Cyber Security Security information and event management (SIEM) Authentication (biometrics, federated digital identity management, continuous data authentication) Access control (e.g. attribute-based, location-based and contextbased access control) Insider threat (anomaly detection) and user monitoring Homeland Protection Identification of links and relationships among individuals in social networks Prediction of attacks Management of emergence and disasters Healthcare Monitoring and prevention of disease spreading Evidence-based healthcare Use of Data for Security

Privacy Risks Exchange and integration of data across multiple sources Data becomes available to multiple parties Re-identification of anonymized user data becomes easier Security tasks such as authentication and access control may require detailed information about users For example, location-based access control requires information about user location and may lead to collecting data about user mobility Continuous authentication requires collecting information such as typing speed, browsing habits, mouse movements

Can security and privacy be reconciled? And if so which are the methods and techniques that make this reconciliation possible?

Research Agenda For which domains security with privacy is critical? Which are the policy issues related to the use of data for security? Ethical use of data Ownership of data perhaps we need to move from the notion of data owner to that of data stakeholder Is control by users something which is possible in all domains? Which research advances are needed to make it possible to reconcile security with privacy? On small devices? Efficient techniques for performing computations on encrypted data Privacy-preserving data mining techniques Privacy-aware software engineering How do we balance personal privacy with collective security? Could a risk-based approach to this problem work? Partially based on results of the NSF Workshop on Big Data Security and Privacy, Dallas, TX, Sept. 16 th -17 th, 2014, http://csi.utdallas.edu/events/nsf/nsf%20papers%202014.htm

Research Agenda (con t) Privacy techniques for small devices: How to prevent devices from collecting data depending on contexts and situations? Access control for big data techniques for: Automatically merging, and evolving large number of heterogeneous access control policies Automatic authorization administration Enforcing access control policies on heterogeneous multimedia data Privacy-preserving data correlation techniques Techniques to control what is extracted from multiple correlated datasets and to check that what is extracted can be shared and/or used Approaches for data services monetization If data is considered as a good to be sold, are there regulations concerning contracts for buying/selling data? Can these contracts include privacy clauses be incorporated requiring for example that users to whom this data pertains to have been notified? Privacy implications on data quality

Thank You! Questions? Elisa Bertino bertino@cs.purdue.edu

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback