IDC Research Paper Looks at Ensuring and Proving Big Data is Tamper-Free


Published on

"Data Integrity in the Big Data Digital Age" gives data its proof in court.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

IDC Research Paper Looks at Ensuring and Proving Big Data is Tamper-Free

  1. 1. IDC Research Paper Looks at Ensuring and Proving Big Data is Tamper-Free"Data Integrity in the Big Data Digital Age" gives data its proof in court.San Francisco, CA (USA), Wednesday - April 18th, 2012 -- A new executive brief published byIDC examines one of the major obstacles organizations face when committing resources andapplications to cloud computing. At stake is the issue of validating the integrity and authenticity ofdata within a cloud environment."When the data is hosted onsite, this process of data integrity can certainly be a challenge.However, when data is not hosted within the traditional internal IT data center environment, thereneeds to be a method of ensuring indisputable data integrity," cites the report.Titled "Data Integrity in the Big Data Digital Age", the research paper ties the current Big Dataphenomenon with cloud computing, making a case for how organizations must grapple withanalyzing and basing decisions on petabytes of unstructured data, yet rarely questioning theauthenticity of this data.Questions the report seeks to answer include: Has my data been tampered with? Is the datasource legitimate? How can indisputable proof be offered that data integrity remains intact? Andin cases that involve the legal system, how to bring documents, log files, or audio files to the levelwhere they can be admitted as irrefutable evidence?These questions take the data integrity argument well beyond the premise and perimeter of ITsecurity matters. Few options exist today that can achieve tamper-proof data security outside ofthe reliance on third-party certification authorities, or the unwieldy management of a public keyinfrastructure. What’s required is a way to validate, verify, and self-authenticate the dataindependently of any third-party agency.Sponsored by GuardTime ( ), the executive brief details a compellingcase for the adoption of Keyless Signatures, explaining how the mathematically-driven systemworks. The Keyless Signature technology is used to provide indisputable proof of time, origin, andintegrity for electronic data."The goal of the keyless signature technology is to provide mass-scale, non-expiring datavalidation while eliminating the need for secrets or other forms of trust, thereby reducing or eveneliminating the need for more complex certificate-based solutions, as these are ripe withcertificate management issues, including expiration and revocation," the paper explains."A keyless signature provides an alternative method to key-based technologies by providing proofand non-repudiation of electronic data using only hash functions for verification. Theimplementation of keyless signature is done via a globally distributed machine, taking hashvalues of data as inputs and returning keyless signatures that prove the time, integrity, and origin(machine, organization, individual) of the input data.""Any client using the keyless signature service can make a request to sign any data item it hasaccess to; a log file, XML file, office document, database record, SWIFT transaction, FPMLmessage, eDiscovery productions, etc. In return, the client will receive a keyless signature whichcan be stored along side the signed data, within the signed data, or in a repository separate fromthe signed data for backup and archival purposes."By signing the data using GuardTime’s Keyless Signatures ( ), anorganization can automatically detect when and where the data was created or transferred, and ifthe data has been tampered with or not. An alert is sent to the customer when an abnormal statusis detected.
  2. 2. In this manner, organizations can assure the integrity of data and confirm the location where dataexists, providing a full audit trail of data usage and storage in the Cloud.The report concludes with "The keyless nature of this technology helps reduce the footprint byremoving the need for cipher keys and passwords, which arguably can also be lost or mislaid,and since the integrity can be validated by the document owners, the ability to leverage the cloudcomputing platform places it well for future adoption."The full report can be found here: GuardTime:GuardTime was founded with the goal of solving one of the biggest problems in computing: howto be sure electronic data is authentic. GuardTimes Keyless Signatures provide proof of originand that not a single bit of the data has changed since a specific point in time. The verification ofthe signatures can be done offline without reliance on keys, secrets, or the existence of a trustedthird party. GuardTimes mission is to change the world to one in which Keyless Signatures areubiquitous and a natural part of the everyday data lifecycle, whether on disk, in transit, or in theCloud. The company was recently selected as co-winner of the Innotribe $100K Start-UpChallenge, honoring the company as one of the worlds most promising financial technology start-ups. Visit for more information about using Keyless Signatures forsigning your data.Press & Media Contact:Victor Cruz, IncSan Francisco, CA - USA+1 978-594-4134vcruz@mediapr.net