Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG 1

Security Analytics Crypto and Privacy Technologies Infrastructure Security 60+ members Framework and Taxonomy Chair - Sree Rajan, Fujitsu Co-chair - Neel Sundaresan, Ebay Co-Chair - Wilco van Ginkel, Verizon Privacy, Policy, Governance, and Legal Issues

The Big Data Working Group (BDWG) will be identifying scalable techniques for datacentric security and privacy problems: https://cloudsecurityalliance.org/research/big-data/ BDWG s investigation is expected to lead to Crystallization of best practices for security and privacy in big data, Help industry and government on adoption of best practices, Establish liaisons with SDOs to influence big data security and privacy standards Accelerate the adoption of novel research aimed to address security and privacy issues. Publish report on top 10 security and privacy challenges Publish report on taxonomy and attack surface Publish best practices on the top 10 issues May 2013 Mar 2014 Publish report on security analytics Publish top 10 crypto issues Establish Big Data benchmarkin g platform in collaboration with NIST

1) Secure computations in distributed programming frameworks 2) Security best practices for nonrelational datastores 3) Secure data storage and transactions logs 4) End-point input validation/filtering 5) Real time security monitoring 6) Scalable and composable privacypreserving data mining and analytics 7) Cryptographically enforced access control and secure communication 8) Granular access control 9) Granular audits 10) Data provenance 4

Infrastructure security Data Privacy Data Management Integrity and Reactive Security Secure Computations in Distributed Programming Frameworks Privacy Preserving Data Mining and Analytics Secure Data Storage and Transaction Logs End-point validation and filtering Security Best Practices for Non-Relational Data Stores Cryptographically Enforced Data Centric Security Granular Audits Real time Security Monitoring Granular Access Control Data Provenance 5

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Malfunctioning compute worker nodes Trust establishment: initiation, periodic trust update Application Computation Infrastructure Access to sensitive data Mandatory access control Privacy of output information Privacy preserving transformations 6

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Data from Diverse Appliances and Sensors Lack of stringent authentication and authorization mechanisms Enforcement through middleware layer Passwords should never be held in clear Encrypted data at rest Lack of secure communication between compute nodes Protect communication using SSL/TLS 7

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Consumer Data Archive Data Confidentiality and Integrity Availability Consistency Collusion Encryption and Signatures Proof of data possession Periodic audit and hash chains Policy based encryption 8

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Adversary may tamper with device or software Tamper-proof Software Data Poisoning Adversary may clone fake devices Adversary may directly control source of data Trust Certificate and Trusted Devices Analytics to detect outliers Adversary may compromise data in transmission Cryptographic Protocols 9

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Fraud Detection Security of the infrastructure Security of the monitoring code itself Security of the input sources Adversary may cause data poisoning Discussed before Secure coding practices Discussed before Analytics to detect outliers 10

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Exploiting vulnerability at host Encryption of data at rest, access control and authorization mechanisms Consumer Data Privacy Insider threat Outsourcing analytics to untrusted partners Unintended leakage through sharing of data Separation of duty principles, clear policy for logging access to datasets Awareness of re-identification issues, differential privacy 11

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Enforcing access control Identity and Attribute-based encryptions Data Integrity and Privacy Search and filter Outsourcing of computation Encryption techniques supporting search and filter Fully Homomorphic Encryption Integrity of data and preservation of anonymity Group signatures with trusted third parties 12

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Keeping track of secrecy requirements of individual data elements Pick right level of granularity: row level, column level, cell level Data Privacy Maintaining access labels across analytical transformations At the minimum, conform to lattice of access restrictions. More sophisticated data transforms are being considered in active research Keeping track of roles and authorities of users Authentication, authorization, mandatory access control 13

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Completeness of audit information Audit of usage, pricing, billing Timely access to audit information Integrity of audit information Authorized access to audit information Infrastructure solutions as discussed before. Scaling of SIEM tools. 14

Smartgrid Scenario: Threats/Challenges: Current Mitigations: Secure collection of data Authentication techniques Keeping track of ownership of data pricing, audit Consistency of data and metadata Message digests Insider threats Access Control through systems and cryptography 15

Communication protocols in progress Access policy based encryption Big data privacy in progress Key management first draft completed [Roy P. D Souza, AlephCloud Systems] Data integrity and poisoning concerns Searching / filtering encrypted data Secure data collection/aggregation Secure collaboration Proof of data storage Secure outsourcing of computation in progress

PK Filtering Token SK Encrypter Decrypter Conjunctive, subset, and range queries on encrypted data by Dan Boneh and Brent Waters, 2007

How to make collection of data private as well as authenticated? Can verify signature came from a group member Cannot infer which member In case of dispute, a trusted third party can trace the signature to an individual

The technical problem is to make group signatures efficient and short Short Group Signatures by Boneh, Boyen and Shacham, 2004

Private Searching on Streaming Data Ostrovsky and Skeith, CRYPTO 2005 Problem Scenario: The intelligence gathering community needs to collect a useful subset of huge streaming sources of data The criteria for being useful may be classified private criteria Most of the streaming data is useless and storing it all may be impractical filter at source How de we keep the filtering criteria secret even if it is executing at the source? Solution: Obfuscate the filtration code Even if the source falls into enemy hands, it cannot figure out the criteria

Blogs Net Traffic Garbled Filter Secret Criteria Obfuscate Garbled Filter Cloud News Feed Encrypted Filtered Data Decrypt Filtered Data

Computing on Authenticated Data A signature scheme such that it is possible to derive signatures on related data from a signature on the original document For example, deriving signatures on a redacted version of a document, without knowing the signing key Computing on Authenticated Data by Jae Hyun Ahn, Dan Boneh, Jan Camenisch, Susan Hohenberger, abhi shelat and Brent Waters.

N = pq f = F mod φ(n) File F; N random g F g F mod N Check if g f = g F mod N PORs: Proofs of Retrievability for Large Files by Juels and Kaliski Compact Proofs of Retrievability by Shacham and Waters

Functional Encryption Identitybased encryption Attributebased encryption Richer policies Disjunction, Conjunction Polynomials Threshold Predicates Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products - Jonathan Katz, Amit Sahai and Brent Waters.

Looking for contributors Please send a mail to: Arnab Roy aroy@us.fujitsu.com Fujitsu Laboratories of America

Interact https://interact.cloudsecurityalliance.org/ Transparency and accessibility to the Big Data Working Group allowing all to view and comment on the latest research - Live working documents during development - Seeking your contribution - Your contribution will be acknowledged Choose your Initiative» Submit Feedback» Make a Difference!

CSA Big Data Working Group Site https://cloudsecurityalliance.org/research/big-data/ CSA, Big Data LinkedIn http://www.linkedin.com/groups?home=&gid=4458215&trk=anet_ug_hm Basecamp Project Collaboration Site Request Form https://cloudsecurityalliance.org/research/basecamp/ For any questions/remarks/feedback, please contact either: Who Sreeranga (Sree) Rajan (Fujitsu) Neel Sundaresan (ebay) Wilco van Ginkel (Verizon) How sree@us.fujitsu.com nsundaresan@ebay.com wilco.vanginkel@verizon.com

Thank You 28