SlideShare a Scribd company logo

WhoHasTheData

Emil Lupu
Emil Lupu

This document discusses key challenges around distributed data security and privacy. It notes that sensory data is continuously captured and aggregated across devices and applications, and data is frequently exchanged between intermediaries with different access rights. The goals are to retain control over how data is used once shared, through access control, obligations, and policies. Lessons from other domains suggest protecting data at source, allowing policies to partially follow data based on context, and establishing data sharing agreements between parties. The document introduces the PRiMMA framework for enforcing privacy policies on devices and learning policies from user behavior.

Technology
1 of 10
! Who has the data? ... and will breach the duty of confidence! Emil Lupu Imperial College London Panel: Key Challenges in Distributed Security 22nd IFIP WG 11.3 Working Conference on Data and Applications Security
Body Area Networks for eHealth Home Appliance Control Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Body Area Networks Policies
Ad-hoc collaborations
Pervasive Spaces Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Policies PAN Control Autonomous 
 Vehicles Personal Area Networks Home Appliance Control Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Policies Intelligent Home Networks Pervasive Environments
Observations • Sensory data is continuously captured and aggregated. • Data is frequently exchanged at device level, at application level and at institutional level. • Data is often exchanged through intermediaries which may themselves have rights to access the data (and aggregate or modify it) and is stored at multiple locations. • Rights to access data are often determined by context which changes dynamically (in addition to longer lived attributes e.g., role, competency,...) • Decisions have to be made with intermittent network access, on devices with limited computational capabilities and based on incomplete information.
Goals • Retaining control over data usage once data has been exchanged remains an elusive goal that appears in many application scenarios with varying threats. • Different research topics aim to address variations of the problem: Document Protection Models, Privacy, UCON, DCON, DRM, ERM, Policy. • It’s not just about Access Control but includes obligations (both imperative and deontic), information filtering and/or transformation, monitored conditions, association between policy and data. • Access Control models such as RBAC do not easily distribute, scale down or combine with other concepts such as obligations.
Some lessons from elsewhere (non-security) • Data processing and device management must be done as close to the origin as possible. Protection? • (Constrained) Programmability is the most efficient way of achieving adaptation. • Agreements (Contracts) are often desired by all parties. • This would imply: • Protect data at source. Add layers e.g. when crossing domain boundaries • Policies (rules) follow data. Partially? enforced by the recepient; context. • Establish and enforce Data Sharing Agreements.
Consequence Data Sharing 
 Agreement Refinement Analysis
PRiMMA • Enforcing privacy policies on small devices • Learning privacy policies from user behaviour
Thank you!

Recommended

Autonomous Pervasive Systems and the Policy Challenges of a Small World!
Autonomous Pervasive Systems and the Policy Challenges of a Small World!Autonomous Pervasive Systems and the Policy Challenges of a Small World!
Autonomous Pervasive Systems and the Policy Challenges of a Small World!Emil Lupu
 
WSN Security Research Directions
WSN Security Research DirectionsWSN Security Research Directions
WSN Security Research DirectionsEmil Lupu
 
Goal Decomposition and Abductive Reasoning for Policy Analysis and Refinement
Goal Decomposition and Abductive Reasoning for Policy Analysis and RefinementGoal Decomposition and Abductive Reasoning for Policy Analysis and Refinement
Goal Decomposition and Abductive Reasoning for Policy Analysis and RefinementEmil Lupu
 
Poster nci 2010
Poster nci 2010Poster nci 2010
Poster nci 2010bdemchak
 
Ann
AnnAnn
AnnHassan khan
 
Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012Joseph Hennawy
 
Mobile Computing - Research Survey May 05 2012
Mobile Computing - Research Survey May 05 2012Mobile Computing - Research Survey May 05 2012
Mobile Computing - Research Survey May 05 2012Joseph Hennawy
 
00 what is_msit223(information technology)
00 what is_msit223(information technology)00 what is_msit223(information technology)
00 what is_msit223(information technology)jenrefamonte
 

Recommended

Autonomous Pervasive Systems and the Policy Challenges of a Small World!
Autonomous Pervasive Systems and the Policy Challenges of a Small World!Autonomous Pervasive Systems and the Policy Challenges of a Small World!
Autonomous Pervasive Systems and the Policy Challenges of a Small World!Emil Lupu
 
WSN Security Research Directions
WSN Security Research DirectionsWSN Security Research Directions
WSN Security Research DirectionsEmil Lupu
 
Goal Decomposition and Abductive Reasoning for Policy Analysis and Refinement
Goal Decomposition and Abductive Reasoning for Policy Analysis and RefinementGoal Decomposition and Abductive Reasoning for Policy Analysis and Refinement
Goal Decomposition and Abductive Reasoning for Policy Analysis and RefinementEmil Lupu
 
Poster nci 2010
Poster nci 2010Poster nci 2010
Poster nci 2010bdemchak
 
Ann
AnnAnn
AnnHassan khan
 
Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012Cyber Security Architecture - A Systems Approach December 05 2012
Cyber Security Architecture - A Systems Approach December 05 2012Joseph Hennawy
 
Mobile Computing - Research Survey May 05 2012
Mobile Computing - Research Survey May 05 2012Mobile Computing - Research Survey May 05 2012
Mobile Computing - Research Survey May 05 2012Joseph Hennawy
 
00 what is_msit223(information technology)
00 what is_msit223(information technology)00 what is_msit223(information technology)
00 what is_msit223(information technology)jenrefamonte
 
Interface interoperability
Interface interoperabilityInterface interoperability
Interface interoperabilitymsdanij
 
PERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES_FP7
 
IDS / IPS Survey
IDS / IPS SurveyIDS / IPS Survey
IDS / IPS SurveyDeris Stiawan
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
 
Framework architecture for improving
Framework architecture for improvingFramework architecture for improving
Framework architecture for improvingIJMIT JOURNAL
 
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Global Risk Forum GRFDavos
 
PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES_FP7
 
Expert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverExpert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverEagle Genomics
 
06 styles and_greenfield_design
06 styles and_greenfield_design06 styles and_greenfield_design
06 styles and_greenfield_designMajong DevJfu
 
Finding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for NetworkFinding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for Networkijircee
 
Challenges in SE: Knowledge reuse
Challenges in SE: Knowledge reuseChallenges in SE: Knowledge reuse
Challenges in SE: Knowledge reuseNetworked Research Lab, UK
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsInspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsJulie Greensmith
 
Inter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationInter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationSociotechnical Roundtable
 
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES_FP7
 
Study of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxStudy of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Final Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxFinal Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven DesignKiran Kumar Chittoori
 

More Related Content

What's hot

Interface interoperability
Interface interoperabilityInterface interoperability
Interface interoperabilitymsdanij
 
PERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES_FP7
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
 
Framework architecture for improving
Framework architecture for improvingFramework architecture for improving
Framework architecture for improvingIJMIT JOURNAL
 
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Global Risk Forum GRFDavos
 
PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES_FP7
 
Expert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverExpert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverEagle Genomics
 
06 styles and_greenfield_design
06 styles and_greenfield_design06 styles and_greenfield_design
06 styles and_greenfield_designMajong DevJfu
 
Finding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for NetworkFinding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for Networkijircee
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsInspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsJulie Greensmith
 
Inter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationInter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationSociotechnical Roundtable
 
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES_FP7
 

What's hot (16)

Interface interoperability
Interface interoperabilityInterface interoperability
Interface interoperability
 
PERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem ModelPERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
PERICLES workshop (London 15 October 2015) - Digital Ecosystem Model
 
IDS / IPS Survey
IDS / IPS SurveyIDS / IPS Survey
IDS / IPS Survey
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
 
Framework architecture for improving
Framework architecture for improvingFramework architecture for improving
Framework architecture for improving
 
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
 
PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016
 
Expert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with UnileverExpert panel on industrialising microbiomics - with Unilever
Expert panel on industrialising microbiomics - with Unilever
 
06 styles and_greenfield_design
06 styles and_greenfield_design06 styles and_greenfield_design
06 styles and_greenfield_design
 
Finding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for NetworkFinding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for Network
 
Challenges in SE: Knowledge reuse
Challenges in SE: Knowledge reuseChallenges in SE: Knowledge reuse
Challenges in SE: Knowledge reuse
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsInspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune Systems
 
Inter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable PresentationInter-organisational Production Systems - 2012 STS Roundtable Presentation
Inter-organisational Production Systems - 2012 STS Roundtable Presentation
 
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
PERICLES Ecosystem Modelling (NCDD use case) - Acting on Change 2016
 

Similar to WhoHasTheData

Study of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxStudy of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Final Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxFinal Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxHasibAhmadKhaliqi1
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxdotco
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxTechnocracy2
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxLokNathRegmi1
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Stephen Abram
 
Data protection within development
Data protection within developmentData protection within development
Data protection within developmentowaspsuffolk
 
Mobile database security threats
Mobile database security threatsMobile database security threats
Mobile database security threatsAkhil Kumar
 
Information security
Information securityInformation security
Information securitySanjay Tiwari
 
Ahearn Cloud Presentation
Ahearn Cloud PresentationAhearn Cloud Presentation
Ahearn Cloud Presentationjohnjamesahearn
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestJay McLaughlin
 

Similar to WhoHasTheData (20)

Study of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptxStudy of Security functionality in Distributed Database.pptx
Study of Security functionality in Distributed Database.pptx
 
Final Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptxFinal Study of Security functionality in Distributed Database.pptx
Final Study of Security functionality in Distributed Database.pptx
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of Interest
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & Netskope
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven Design
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptx
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptx
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptx
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)
 
Data protection within development
Data protection within developmentData protection within development
Data protection within development
 
Mobile database security threats
Mobile database security threatsMobile database security threats
Mobile database security threats
 
Information security
Information securityInformation security
Information security
 
Ahearn Cloud Presentation
Ahearn Cloud PresentationAhearn Cloud Presentation
Ahearn Cloud Presentation
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptx
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
 

Recently uploaded

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 

Recently uploaded (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 

WhoHasTheData

  • 1. ! Who has the data? ... and will breach the duty of confidence! Emil Lupu Imperial College London Panel: Key Challenges in Distributed Security 22nd IFIP WG 11.3 Working Conference on Data and Applications Security
  • 2. Body Area Networks for eHealth Home Appliance Control Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Body Area Networks Policies
  • 4. Pervasive Spaces Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Policies PAN Control Autonomous 
 Vehicles Personal Area Networks Home Appliance Control Events Monitor Events Manager Agent Managed Objects Control actions Decisions Policies New functionality Policies Intelligent Home Networks Pervasive Environments
  • 5. Observations • Sensory data is continuously captured and aggregated. • Data is frequently exchanged at device level, at application level and at institutional level. • Data is often exchanged through intermediaries which may themselves have rights to access the data (and aggregate or modify it) and is stored at multiple locations. • Rights to access data are often determined by context which changes dynamically (in addition to longer lived attributes e.g., role, competency,...) • Decisions have to be made with intermittent network access, on devices with limited computational capabilities and based on incomplete information.
  • 6. Goals • Retaining control over data usage once data has been exchanged remains an elusive goal that appears in many application scenarios with varying threats. • Different research topics aim to address variations of the problem: Document Protection Models, Privacy, UCON, DCON, DRM, ERM, Policy. • It’s not just about Access Control but includes obligations (both imperative and deontic), information filtering and/or transformation, monitored conditions, association between policy and data. • Access Control models such as RBAC do not easily distribute, scale down or combine with other concepts such as obligations.
  • 7. Some lessons from elsewhere (non-security) • Data processing and device management must be done as close to the origin as possible. Protection? • (Constrained) Programmability is the most efficient way of achieving adaptation. • Agreements (Contracts) are often desired by all parties. • This would imply: • Protect data at source. Add layers e.g. when crossing domain boundaries • Policies (rules) follow data. Partially? enforced by the recepient; context. • Establish and enforce Data Sharing Agreements.
  • 9. PRiMMA • Enforcing privacy policies on small devices • Learning privacy policies from user behaviour