security in the era of big m2m data
DESCRIPTION
TRANSCRIPT
0 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Security in the Era of Big M2M DataGlen Koskela Big Data & Security sessionCTO Nordic ECT Forum, October 2nd, 2013, Helsinki
1 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
By 9.10 AM This Morning…Our every activity is
being catalogued, analyzed, and
leveraged through innovative new
technologies.
Business data. Public data. Social data.
Machine data.
Ability to deliver tangible insights and competitive advantages.
2 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
A New Way of Doing Business
Economically extract value from very large
volumes of a wide variety of data, by
enabling high-velocity capture, discovery,
and/or analysis.
First 5 kilobytes are the hardest…
The focus will shift from small math to big math sensing, discovery, reasoning, and decision.
3 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
http://www.flickr.com/photos/streamishmc/6865511263/
M2M is Big Part of Big DataMachines are
exceedingly discreet, melting into the fabric of our daily lives to go
unnoticed.
All sorts of machinery, devices and objects –literally anywhere and
everywhere.
Game changing.
Future M2M deployments will reach deeper into business operations.
4 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Insights We Can’t Even Imagine Today
Initially will have a huge impact on level
playing fields.
Later with openness and share-ability
allows more common good through
nonprofits and civic organizations.
Utility of data is limited by our ability to interpret and use it.
http://www.flickr.com/photos/mattgrommes/2665277890/
5 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Mobile And GPS Data Logs…Your phone knows
more about you than you about it –
and with that so does your operator. Qualitative POI analysis
can determine place of residence, place of work, social status, family life and routine…
6 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Data Without Data Entry
Created data. Provoked data.
Transacted data. Compiled data.
Experimental data.Captured data.
User-generated data.
Not Entered.Not Yours.Not Big.Not Data.
7 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Continuous Screening And ProfilingAs we go about our everyday lives, we leave
behind digital footprints that, when combined, could denote unique aspects about ourselves.
Define exact meaning of ”ethics” in ”convenience”, ”commerce”, ”care”, and ”control”.
8 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Invisible Algorithmic Editing of the Web?Glen (Finland)”killed the mammoth” Matsuyama (Japan)
”nature”
Markus (Germany)”stop climate change”
Richard (US)”nonsense”
Alex (US)”extreme weather”
We are all actors, we just don’t know what the play is about.
9 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Semi-public Corners of the Internethttp://www.flickr.com/photos/jhansensnaps/4394321300/
Data brokers are running their data through
advanced algorithms that can make “alarmingly personal predictions
about our health, financial status, interests,
sexual orientation, religious beliefs, politics
and habits.”
Scientific apps are commonly generalizations. Managerial apps lean toward particularization.
10 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Anonymized? Maybe. Maybe It Isn’t.
The technological limitations that
define ‘‘personally identifying
information’’ are constantly changing. Social ”me” accepts
significant control-loss.
11 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Who Are You? What Are You Worth?Age, Gender, Zip, Household Income, Marital Status, Presence of Children, Home Owner Status, Home Market Value, Length of Residence, High Net Worth, Occupation, Education, Arts & Crafts, Blogging, Books, Business, Health & Wellness, News & Current Events, Automotive, Baby Product Buyer, Beauty, Charitable Donor, Cooking, Discount Shopper, High-End Brand Buyer, Home & Garden, Home Improvement, Luxury Goods & Jewelry, Magazine Buyer, Outdoor & Adventure, Pets, Sports, Technology, Travel,… only giving a person’s email address!
“We observe deep anonymization practices…”
“The great threat to individual liberty in the digital age comes from companies that use our data to enrich themselves — buying and selling our most intimate details for their own corporate benefit.” -Viviane Reding, European Commissioner for Justice, Fundamental Rights and Citizenship
12 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
http://www.flickr.com/photos/vfsdigitaldesign/6077020797/
Data Repurposed For Other Uses
The worst sort of bad data: data
that gets you in hot water.
Service denial may become increasingly
apparent in many contexts
What information can be held against you?
13 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
External Threats
http://www.flickr.com/photos/nicholassmale/4770819852/
Biggest security challenges of M2M are remote management of M2M devices and data transmission in
the absence of direct human-machine interaction.
If your laptop crashes you’ll have a bad day, but if your car crashes…
14 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Let Me Introduce You To A Few Black HatsCompromising Industrial Facilities From 40 Miles Away.
Energy Fraud and Orchestrated Blackouts.Implantable Medical Devices: Hacking Humans.
Breaking and Fixing Critical Infrastructure.What Google Know About You & How Hackers Can Control Traffic.
Inside vehicle networks. Home Invasion v2.0.
15 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Safeguarding Big Datahttp://www.flickr.com/photos/42931449@N07/5397530925/
De-identification
Generalization
Suppression
Sub-sampling
Cryptography
Access control
Secure data stores
Efficient audits
Privacy preserving data algorithms
Real time security monitoring
16 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic
Very Real Security And Privacy Challengeshttp://www.flickr.com/photos/38446022@N00/4589969792/
Big data can expose hidden patterns to support decision making in areas ranging from social services to homeland security, and help solve scientific problems from climatology to nanotechnology.
While big data can yield extremely useful information, it also presents new challenges with respect to how much data to store
and whether the data will be secure.
17 Copyright 2013 FUJITSUGlen Koskela, CTO Nordic