List of Promising Concepts EA6: BIG DATA

Transcription

1 List of Promising Concepts EA6: BIG DATA Project acronym Project title Project number Starting date 01/10/2013 Duration in months 24 Call identifier FP7-ICT CAPITAL security research Agenda for PrIvacy challenges

2 EA6: BIG DATA Item name Preserving Data Mining Item No. 102 Abstraction Low High & for The potential are companies that store valuable sensitive information. Nowadays, users store a large number of information into the. Sometimes, two parties owning confidential information may require to perform a data mining algorithm on the union of these databases without leaking sensitive information. preserving data mining is a technique developed for this task. For using this mechanism, sensitive data such as name or addresses should be erased any kind of sensitive knowledge should be excluded too. However, selective data modification sanitation is a NP-Hard problem [1]. Many heuristics have been provided to solve this problem they are summarized in [1]. Lindell Pinkas [2] have proposed a mechanism which uses decision trees the ID3 algorithm. Agrawal Srikant [3] propose another mechanism they include a quantitative measure to evaluate the privacy offered by the method. The regulations of some countries might prevent the use of sensitive data with this technique applied. Users might be opposed to the mixing of database information due to privacy concerns, even when their privacy is maintained. [1] Verykios, Vassilios S., et al. "State-of-the-art in privacy preserving data

3 mining."acm Sigmod Record 33.1 (2004): [2] Lindell, Yehuda, Benny Pinkas. " preserving data mining." Advances in Cryptology CRYPTO Springer Berlin Heidelberg, [3] Agrawal, Rakesh, Ramakrishnan Srikant. "-preserving data mining."acm Sigmod Record. Vol. 29. No. 2. ACM, 2000.

4 Item name Anonymization De-identification techniques Item No. 104 & for Governments companies are being subject of anonymous attacks. Anonymity is the impossibility to identify a particular subject within a set of subjects [1]. Most of the attacks in the are performed using anonymous networks. In this way, attackers can preserve their identity it becomes difficult to track the origin of the attack. Nowadays, several anonymous networks exist. The TOR network the I2P network are two well-known examples. The Tor network is the most used widely deployed anonymous system. It was originally proposed by Dingledine at al.[2] it is based on the Onion Routing Design. Another project widely used to be anonymized is the Invisible internet Project (I2P)[1]. Governments may impose restrictions on anonymization solutions in the next years. [1] Timpanaro, Juan Pablo. Hybrid Anonymous File-Sharing Environments: Architecture Characterisation. Diss. Université de Lorraine, [2] Dingledine, Roger, Nick Mathewson, Paul Syverson. Tor: The secondgeneration onion router. Naval Research Lab Washington DC, 2004.

5 Item name On-the-fly encryption Item No. 106 & for Stakeholders: citizens, enterprises, cloud providers. Market: citizens, enterprises cloud providers. On-The-Fly encryption (OTFE) is a way to ensure that data is encrypted without caring about its storage location. It is also known as real-time encryption transparent encryption. There exists many utilities to create virtual drives to which anything written is automatically previously encrypted. Among these utilities, we can find DoxBox for MS Windows or FileVault for Mac OS X. For big data, it is necessary to decrypt huge amounts of data before encrypt after processing. Additionally, data might originate from manifold sources. Problems of incompatibility between infrastructures. Most of the enterprises have limited knowledge on this technology. The commercial risk factor involves the education of the society about the importance of privacy the leaking of information. Users are more sensible to data without this type of information.

6 Item name Secure protocols for big data processing Item No. 128 & for Stakeholders: citizens, enterprises, cloud providers. Market: citizens, enterprises cloud providers. Big data processing requires the exchange of large amounts of data. There is a need to establish secure protocols for the exchange of these data. These protocols have to be fast flexible enough to support big data needs.

7 Item name Provenance of big data Item No. 129 & for Stakeholders: citizens, enterprises, cloud providers. Market: citizens, enterprises cloud providers. Big data is an approach to deduce new information out of huge amounts of rather boring data. If the created information might lead to major decisions, the provenance of the underlying data is important to verify the results of big data processing.

8 Item name Protection against internal external data theft Item No. 130 & for Stakeholders: citizens, enterprises, cloud providers. Market: citizens, enterprises cloud providers. If big data is processes, it has to be stored as well. The more data is stored, the bigger is the risk that data might be stolen. Hence, big data has especially to cope with internal external data theft.