Upload
others
View
10
Download
0
Embed Size (px)
Citation preview
Big Data & Cloud Security/Privacy?
P. A. Subrahmanyam (“Subra”)
Stanford/CyberKnowledge
1 CyberKnowledge © & Confidential
Agenda
What is Big Data?
What is involved?
Where is it useful?
Challenges?
Cloud Security Alliance (CSA)
Big Data Working Group (BDWG) initiatives
2 CyberKnowledge © & Confidential
What is Big Data? (Wikipedia)
Big data
Data sets so large or complex that traditional data processing applications/infrastructure are inadequate.
Challenges
include analysis, capture, curation, search, sharing, storage, transfer, visualization, and information privacy.
The term often refers simply to the use of predictive analytics or other certain advanced methods to extract value from data,
and seldom to a particular size of data set.
3 CyberKnowledge © & Confidential
So… What is (Big) Data?
4 4
Hadoop
Streaming
Data
New
Sources
Unstructured
Structured
Data
Warehouse
Traditional
Sources
Traditional Data
“Newer” Data
Enterprise
Wide
Integration
Web logs, URLs
Social data
Text Data, Video, Audio,
IoT, M2M, RFID, sensors
Network data
Internal App Data
Transaction Data
ERP data
Mainframe Data
OLTP System Data
Applications for Big Data Analytics
Homeland Security
Finance Smarter Healthcare Multi-channel sales
Telecom
Manufacturing
Traffic Control
Trading Analytics Fraud and Risk
Log Analysis
Search Quality
Retail: Churn, NBO
The CSA Big Data WG Big Data Working Group (BDWG)
Identifying scalable techniques for data-centric security and privacy problems.
Goals:
Crystallize best practices for security and privacy in big data,
Help industry and government in the adoption of best practices,
Establish liaisons with Standards Development Organizations (SDOs) to influence big data security and privacy standards
Accelerate the adoption of novel research aimed to address security and privacy issues.
Cloud Security Alliance (CSA) Big Data Working Group (BDWG) Initiatives
Big Data Working Group
140+ members
1: Data analytics for
security
2: Cryptography and Privacy preserving/enhancing
technologies
3: Big data Infrastructure security (Attack Surface Analysis and Reduction)
5: Framework and Taxonomy
4: Policy, Governance, and
Legal issues
6: Top 10
https://basecamp.com/1825565/projects/511355-big-data-working
8
Top 10 Challenges Identified by CSA BDWG
Public/Private/Hybrid Cloud
5, 7, 8, 9
1, 3, 5, 6, 7, 8, 9, 10
4, 8, 9
4, 1010
2, 3, 5, 8, 9
Data Storage
1) Secure computations in distributed programming frameworks
2) Security best practices for non-relational datastores
3) Secure data storage and transactions logs
4) End-point input validation/filtering
5) Real time security monitoring
6) Scalable and composable privacy-preserving data mining and analytics
7) Cryptographically enforced access control and secure communication
8) Granular access control
9) Granular audits
10) Data provenance
Infrastructure security
Data Security & Privacy
Integrity and Reactive Security
Data Management