SlideShare a Scribd company logo

Who has the data ... and will breach the duty of confidence

Emil Lupu
Emil Lupu

This document discusses key challenges around distributed data security and privacy. It notes that sensory data is continuously captured and aggregated across devices and applications, and data is frequently exchanged between intermediaries with different access rights. The goals are to retain control over how data is used once shared, through access control, obligations, and policies. Lessons from other domains suggest protecting data at source, allowing policies to partially follow data based on context, and establishing data sharing agreements between parties. The document introduces the PRiMMA framework for enforcing privacy policies on devices and learning policies from user behavior.

Technology
1 of 10
! Who has the data? ... and will breach the duty of confidence! Emil Lupu Imperial College London Panel: Key Challenges in Distributed Security 22nd IFIP WG 11.3 Working Conference on Data and Applications Security
Body Area Networks for eHealth Home Appliance Control Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Body Area Networks Policies
Ad-hoc collaborations
Pervasive Spaces Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Policies PAN Control Autonomous 
 Vehicles Personal Area Networks Home Appliance Control Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Policies Intelligent Home Networks Pervasive Environments
Observations • Sensory data is continuously captured and aggregated. • Data is frequently exchanged at device level, at application level and at institutional level. • Data is often exchanged through intermediaries which may themselves have rights to access the data (and aggregate or modify it) and is stored at multiple locations. • Rights to access data are often determined by context which changes dynamically (in addition to longer lived attributes e.g., role, competency,...) • Decisions have to be made with intermittent network access, on devices with limited computational capabilities and based on incomplete information.
Goals • Retaining control over data usage once data has been exchanged remains an elusive goal that appears in many application scenarios with varying threats. • Different research topics aim to address variations of the problem: Document Protection Models, Privacy, UCON, DCON, DRM, ERM, Policy. • It’s not just about Access Control but includes obligations (both imperative and deontic), information filtering and/or transformation, monitored conditions, association between policy and data. • Access Control models such as RBAC do not easily distribute, scale down or combine with other concepts such as obligations.
Some lessons from elsewhere (non-security) • Data processing and device management must be done as close to the origin as possible. Protection? • (Constrained) Programmability is the most efficient way of achieving adaptation. • Agreements (Contracts) are often desired by all parties. • This would imply: • Protect data at source. Add layers e.g. when crossing domain boundaries • Policies (rules) follow data. Partially? enforced by the recepient; context. • Establish and enforce Data Sharing Agreements.
Consequence Data Sharing 
 Agreement Refinement Analysis
PRiMMA • Enforcing privacy policies on small devices • Learning privacy policies from user behaviour
Thank you!

Recommended

Autonomous Pervasive Systems and the Policy Challenges of a Small World!
Autonomous Pervasive Systems and the Policy Challenges of a Small World!Autonomous Pervasive Systems and the Policy Challenges of a Small World!
Autonomous Pervasive Systems and the Policy Challenges of a Small World!Emil Lupu
 
WSN Security Research Directions
WSN Security Research DirectionsWSN Security Research Directions
WSN Security Research DirectionsEmil Lupu
 
Goal Decomposition and Abductive Reasoning for Policy Analysis and Refinement
Goal Decomposition and Abductive Reasoning for Policy Analysis and RefinementGoal Decomposition and Abductive Reasoning for Policy Analysis and Refinement
Goal Decomposition and Abductive Reasoning for Policy Analysis and RefinementEmil Lupu
 
Poster nci 2010
Poster nci 2010Poster nci 2010
Poster nci 2010bdemchak
 
Ann
AnnAnn
AnnHassan khan
 
Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012Joseph Hennawy
 
Mobile Computing - Research Survey May 05 2012
Mobile Computing - Research Survey May 05 2012Mobile Computing - Research Survey May 05 2012
Mobile Computing - Research Survey May 05 2012Joseph Hennawy
 
00 what is_msit223(information technology)
00 what is_msit223(information technology)00 what is_msit223(information technology)
00 what is_msit223(information technology)jenrefamonte
 

Recommended

Autonomous Pervasive Systems and the Policy Challenges of a Small World!
Autonomous Pervasive Systems and the Policy Challenges of a Small World!Autonomous Pervasive Systems and the Policy Challenges of a Small World!
Autonomous Pervasive Systems and the Policy Challenges of a Small World!Emil Lupu
 
WSN Security Research Directions
WSN Security Research DirectionsWSN Security Research Directions
WSN Security Research DirectionsEmil Lupu
 
Goal Decomposition and Abductive Reasoning for Policy Analysis and Refinement
Goal Decomposition and Abductive Reasoning for Policy Analysis and RefinementGoal Decomposition and Abductive Reasoning for Policy Analysis and Refinement
Goal Decomposition and Abductive Reasoning for Policy Analysis and RefinementEmil Lupu
 
Poster nci 2010
Poster nci 2010Poster nci 2010
Poster nci 2010bdemchak
 
Ann
AnnAnn
AnnHassan khan
 
Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012Joseph Hennawy
 
Mobile Computing - Research Survey May 05 2012
Mobile Computing - Research Survey May 05 2012Mobile Computing - Research Survey May 05 2012
Mobile Computing - Research Survey May 05 2012Joseph Hennawy
 
00 what is_msit223(information technology)
00 what is_msit223(information technology)00 what is_msit223(information technology)
00 what is_msit223(information technology)jenrefamonte
 
Interface interoperability
Interface interoperabilityInterface interoperability
Interface interoperabilitymsdanij
 
PERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES_FP7
 
IDS / IPS Survey
IDS / IPS SurveyIDS / IPS Survey
IDS / IPS SurveyDeris Stiawan
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
 
Framework architecture for improving
Framework architecture for improvingFramework architecture for improving
Framework architecture for improvingIJMIT JOURNAL
 
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Global Risk Forum GRFDavos
 
PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES_FP7
 
Expert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverExpert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverEagle Genomics
 
06 styles and_greenfield_design
06 styles and_greenfield_design06 styles and_greenfield_design
06 styles and_greenfield_designMajong DevJfu
 
Finding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for NetworkFinding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for Networkijircee
 
Challenges in SE: Knowledge reuse
Challenges in SE: Knowledge reuseChallenges in SE: Knowledge reuse
Challenges in SE: Knowledge reuseNetworked Research Lab, UK
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsInspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsJulie Greensmith
 
Inter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationInter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationSociotechnical Roundtable
 
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES_FP7
 
Study of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxStudy of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Final Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxFinal Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven DesignKiran Kumar Chittoori
 

More Related Content

What's hot

Interface interoperability
Interface interoperabilityInterface interoperability
Interface interoperabilitymsdanij
 
PERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES_FP7
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
 
Framework architecture for improving
Framework architecture for improvingFramework architecture for improving
Framework architecture for improvingIJMIT JOURNAL
 
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Global Risk Forum GRFDavos
 
PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES_FP7
 
Expert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverExpert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverEagle Genomics
 
06 styles and_greenfield_design
06 styles and_greenfield_design06 styles and_greenfield_design
06 styles and_greenfield_designMajong DevJfu
 
Finding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for NetworkFinding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for Networkijircee
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsInspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsJulie Greensmith
 
Inter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationInter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationSociotechnical Roundtable
 
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES_FP7
 

What's hot (16)

Interface interoperability
Interface interoperabilityInterface interoperability
Interface interoperability
 
PERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
 
IDS / IPS Survey
IDS / IPS SurveyIDS / IPS Survey
IDS / IPS Survey
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
 
Framework architecture for improving
Framework architecture for improvingFramework architecture for improving
Framework architecture for improving
 
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
 
PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016
 
Expert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverExpert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with Unilever
 
06 styles and_greenfield_design
06 styles and_greenfield_design06 styles and_greenfield_design
06 styles and_greenfield_design
 
Finding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for NetworkFinding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for Network
 
Challenges in SE: Knowledge reuse
Challenges in SE: Knowledge reuseChallenges in SE: Knowledge reuse
Challenges in SE: Knowledge reuse
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsInspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune Systems
 
Inter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationInter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable Presentation
 
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
 

Similar to Who has the data ... and will breach the duty of confidence

Study of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxStudy of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Final Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxFinal Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxdotco
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxTechnocracy2
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxLokNathRegmi1
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Stephen Abram
 
Data protection within development
Data protection within developmentData protection within development
Data protection within developmentowaspsuffolk
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaAchSulav
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaAchSulav
 
Mobile database security threats
Mobile database security threatsMobile database security threats
Mobile database security threatsAkhil Kumar
 
Information security
Information securityInformation security
Information securitySanjay Tiwari
 
Ahearn Cloud Presentation
Ahearn Cloud PresentationAhearn Cloud Presentation
Ahearn Cloud Presentationjohnjamesahearn
 

Similar to Who has the data ... and will breach the duty of confidence (20)

Study of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxStudy of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptx
 
Final Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxFinal Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptx
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of Interest
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & Netskope
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven Design
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptx
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptx
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptx
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)
 
Data protection within development
Data protection within developmentData protection within development
Data protection within development
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Mobile database security threats
Mobile database security threatsMobile database security threats
Mobile database security threats
 
Information security
Information securityInformation security
Information security
 
Ahearn Cloud Presentation
Ahearn Cloud PresentationAhearn Cloud Presentation
Ahearn Cloud Presentation
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

Who has the data ... and will breach the duty of confidence

  • 1. ! Who has the data? ... and will breach the duty of confidence! Emil Lupu Imperial College London Panel: Key Challenges in Distributed Security 22nd IFIP WG 11.3 Working Conference on Data and Applications Security
  • 2. Body Area Networks for eHealth Home Appliance Control Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Body Area Networks Policies
  • 4. Pervasive Spaces Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Policies PAN Control Autonomous 
 Vehicles Personal Area Networks Home Appliance Control Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Policies Intelligent Home Networks Pervasive Environments
  • 5. Observations • Sensory data is continuously captured and aggregated. • Data is frequently exchanged at device level, at application level and at institutional level. • Data is often exchanged through intermediaries which may themselves have rights to access the data (and aggregate or modify it) and is stored at multiple locations. • Rights to access data are often determined by context which changes dynamically (in addition to longer lived attributes e.g., role, competency,...) • Decisions have to be made with intermittent network access, on devices with limited computational capabilities and based on incomplete information.
  • 6. Goals • Retaining control over data usage once data has been exchanged remains an elusive goal that appears in many application scenarios with varying threats. • Different research topics aim to address variations of the problem: Document Protection Models, Privacy, UCON, DCON, DRM, ERM, Policy. • It’s not just about Access Control but includes obligations (both imperative and deontic), information filtering and/or transformation, monitored conditions, association between policy and data. • Access Control models such as RBAC do not easily distribute, scale down or combine with other concepts such as obligations.
  • 7. Some lessons from elsewhere (non-security) • Data processing and device management must be done as close to the origin as possible. Protection? • (Constrained) Programmability is the most efficient way of achieving adaptation. • Agreements (Contracts) are often desired by all parties. • This would imply: • Protect data at source. Add layers e.g. when crossing domain boundaries • Policies (rules) follow data. Partially? enforced by the recepient; context. • Establish and enforce Data Sharing Agreements.
  • 9. PRiMMA • Enforcing privacy policies on small devices • Learning privacy policies from user behaviour