security in the era of big m2m data

0 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic

Security in the Era of Big M2M DataGlen Koskela Big Data & Security sessionCTO Nordic ECT Forum, October 2nd, 2013, Helsinki


By 9.10 AM This Morning…Our every activity is

being catalogued, analyzed, and

leveraged through innovative new

technologies.

Business data. Public data. Social data.

Machine data.

Ability to deliver tangible insights and competitive advantages.


A New Way of Doing Business

Economically extract value from very large

volumes of a wide variety of data, by

enabling high-velocity capture, discovery,

and/or analysis.

First 5 kilobytes are the hardest…

The focus will shift from small math to big math sensing, discovery, reasoning, and decision.


http://www.flickr.com/photos/streamishmc/6865511263/

M2M is Big Part of Big DataMachines are

exceedingly discreet, melting into the fabric of our daily lives to go

unnoticed.

All sorts of machinery, devices and objects –literally anywhere and

everywhere.

Game changing.

Future M2M deployments will reach deeper into business operations.


Insights We Can’t Even Imagine Today

Initially will have a huge impact on level

playing fields.

Later with openness and share-ability

allows more common good through

nonprofits and civic organizations.

Utility of data is limited by our ability to interpret and use it.

http://www.flickr.com/photos/mattgrommes/2665277890/


Mobile And GPS Data Logs…Your phone knows

more about you than you about it –

and with that so does your operator. Qualitative POI analysis

can determine place of residence, place of work, social status, family life and routine…


Data Without Data Entry

Created data. Provoked data.

Transacted data. Compiled data.

Experimental data.Captured data.

User-generated data.

Not Entered.Not Yours.Not Big.Not Data.


Continuous Screening And ProfilingAs we go about our everyday lives, we leave

behind digital footprints that, when combined, could denote unique aspects about ourselves.

Define exact meaning of ”ethics” in ”convenience”, ”commerce”, ”care”, and ”control”.


Invisible Algorithmic Editing of the Web?Glen (Finland)”killed the mammoth” Matsuyama (Japan)

”nature”

Markus (Germany)”stop climate change”

Richard (US)”nonsense”

Alex (US)”extreme weather”

We are all actors, we just don’t know what the play is about.


Semi-public Corners of the Internethttp://www.flickr.com/photos/jhansensnaps/4394321300/

Data brokers are running their data through

advanced algorithms that can make “alarmingly personal predictions

about our health, financial status, interests,

sexual orientation, religious beliefs, politics

and habits.”

Scientific apps are commonly generalizations. Managerial apps lean toward particularization.


Anonymized? Maybe. Maybe It Isn’t.

The technological limitations that

define ‘‘personally identifying

information’’ are constantly changing. Social ”me” accepts

significant control-loss.


Who Are You? What Are You Worth?Age, Gender, Zip, Household Income, Marital Status, Presence of Children, Home Owner Status, Home Market Value, Length of Residence, High Net Worth, Occupation, Education, Arts & Crafts, Blogging, Books, Business, Health & Wellness, News & Current Events, Automotive, Baby Product Buyer, Beauty, Charitable Donor, Cooking, Discount Shopper, High-End Brand Buyer, Home & Garden, Home Improvement, Luxury Goods & Jewelry, Magazine Buyer, Outdoor & Adventure, Pets, Sports, Technology, Travel,… only giving a person’s email address!

“We observe deep anonymization practices…”

“The great threat to individual liberty in the digital age comes from companies that use our data to enrich themselves — buying and selling our most intimate details for their own corporate benefit.” -Viviane Reding, European Commissioner for Justice, Fundamental Rights and Citizenship


http://www.flickr.com/photos/vfsdigitaldesign/6077020797/

Data Repurposed For Other Uses

The worst sort of bad data: data

that gets you in hot water.

Service denial may become increasingly

apparent in many contexts

What information can be held against you?


External Threats

http://www.flickr.com/photos/nicholassmale/4770819852/

Biggest security challenges of M2M are remote management of M2M devices and data transmission in

the absence of direct human-machine interaction.

If your laptop crashes you’ll have a bad day, but if your car crashes…


Let Me Introduce You To A Few Black HatsCompromising Industrial Facilities From 40 Miles Away.

Energy Fraud and Orchestrated Blackouts.Implantable Medical Devices: Hacking Humans.

Breaking and Fixing Critical Infrastructure.What Google Know About You & How Hackers Can Control Traffic.

Inside vehicle networks. Home Invasion v2.0.


Safeguarding Big Datahttp://www.flickr.com/photos/42931449@N07/5397530925/

De-identification

Generalization

Suppression

Sub-sampling

Cryptography

Access control

Secure data stores

Efficient audits

Privacy preserving data algorithms

Real time security monitoring


Very Real Security And Privacy Challengeshttp://www.flickr.com/photos/38446022@N00/4589969792/

Big data can expose hidden patterns to support decision making in areas ranging from social services to homeland security, and help solve scientific problems from climatology to nanotechnology.

While big data can yield extremely useful information, it also presents new challenges with respect to how much data to store

and whether the data will be secure.