(Big) Data? - Cloud Security Alliance
Transcription
(Big) Data? - Cloud Security Alliance
Big Data & Cloud Security/Privacy? P. A. Subrahmanyam (“Subra”) Stanford/CyberKnowledge 1 CyberKnowledge © & Confidential Agenda What is Big Data? What is involved? Where is it useful? Challenges? Cloud Security Alliance (CSA) Big Data Working Group (BDWG) initiatives 2 CyberKnowledge © & Confidential What is Big Data? (Wikipedia) Big data Data sets so large or complex that traditional data processing applications/infrastructure are inadequate. Challenges include analysis, capture, curation, search, sharing, storage, transfer, visualization, and information privacy. The term often refers simply to the use of predictive analytics or other certain advanced methods to extract value from data, and seldom to a particular size of data set. 3 CyberKnowledge © & Confidential So… What is (Big) Data? Traditional Data Transaction Data Hadoop Streaming Data Data Warehouse Structured Enterprise Wide Integration Unstructured Social data IoT, M2M, RFID, sensors OLTP System Data ERP data Web logs, URLs Text Data, Video, Audio, Internal App Data Mainframe Data “Newer” Data Traditional Sources New Sources Network data 4 4 Applications for Big Data Analytics Smarter Healthcare Multi-channel sales Finance Log Analysis Homeland Security Traffic Control Telecom Search Quality Fraud and Risk Retail: Churn, NBO Manufacturing Trading Analytics The CSA Big Data WG Big Data Working Group (BDWG) Identifying scalable techniques for datacentric security and privacy problems. Goals: Crystallize best practices for security and privacy in big data, Help industry and government in the adoption of best practices, Establish liaisons with Standards Development Organizations (SDOs) to influence big data security and privacy standards Accelerate the adoption of novel research aimed to address security and privacy issues. Cloud Security Alliance (CSA) Big Data Working Group (BDWG) Initiatives 1: Data analytics for security 2: Cryptography and Privacy preserving/enhancing technologies Big Data Working Group 5: Framework and Taxonomy 140+ members 6: Top 10 3: Big data Infrastructure security (Attack Surface Analysis and Reduction) 4: Policy, Governance, and Legal issues https://basecamp.com/1825565/projects/511355-big-data-working Top 10 Challenges Identified by CSA BDWG 1) Secure computations in distributed programming frameworks 2) Security best practices for non-relational datastores 3) Secure data storage and transactions logs 4) End-point input validation/filtering 5) Real time security monitoring 6) Scalable and composable privacypreserving data mining and analytics 7) Cryptographically enforced access control and secure communication 8) Granular access control 9) Granular audits 10) Data provenance Infrastructure security Integrity and Reactive Security 4, 8, 9 1, 3, 5, 6, 7, 8, 9, 10 Data Security & Privacy Data Management 10 4, 10 2, 3, 5, 8, 9 Data Storage Public/Private/Hybrid Cloud 5, 7, 8, 9 8