Vaccinating Data against Abuse - DataVaccinator.com

 
CONTINUE READING
Vaccinating Data against Abuse - DataVaccinator.com
DataVaccinator.com

          Vaccinating Data against Abuse

01 2021             vaccinate your data against abuse   1
Vaccinating Data against Abuse - DataVaccinator.com
Risks of Managing Data are on the Rise

             Data Breach
          Intentional or unintentional release of private
          or confidential information to an untrusted
          environment
                                                                                   Regulation
                                                                         Protection of data privacy and security (GDPR..)
             Data Theft                                                  increase commercial risks (and fines). Complex
                                                                         regulation in sectors and jurisdictions
          Stealing data from a victim with the intent of
          compromising privacy or obtaining confidential
          information
                                                                                   Data-driven Business
                                                                         The commercial value of data is on the rise (and
             Data Hack                                                   so are associated risks) as businesses become
          Breaking the security of a computing system to                 more and more data-driven
          steal data, corrupt systems/files, commandeer
          the environment or disrupt activities
                                                                                    BIG DATA Ecosystems
                                                                         Collaborative data sharing and analytics across a
                Data Leakage                                             community of stakeholders generates new risks
          The unauthorized transfer of classified                        for individual data owners
          information from a computer or data center to
          the outside world

01 2021                                        vaccinate your data against abuse                                      2
Vaccinating Data against Abuse - DataVaccinator.com
Traditional versus Innovative Applications

             Traditional Application                                        Innovative Application
           Sensitive data is managed in                                   Sensitive data is managed in
          one database making it a high                                 independent databases making
                   risk operation                                            it a low risk operation

          PII/PID + Contents                                                  PII/PID           Contents
                                                              Personal identifiable inf./data

            High Value Data

01 2021                                   vaccinate your data against abuse                              3
Vaccinating Data against Abuse - DataVaccinator.com
Mitigating Data Risks with DataVaccinator

          DataVaccinator enabled applications                           Data Breach
          manage PID and Contents separately,
                                                                   Damage control: Breach of low value data
            in realtime and in a secure and
                 industrialised manner.                                Data Theft
                                                                   Damage control: Theft of low value data
              PII/PID                 Contents
    Personal identifiable inf./data
                                                                        Data Hack
 (IoT: Machine identifiable data)                                  Damage control: Hack of low value data

                                                                             Data Leakage
                                                                   Damage of leak limited to low value data

                                                                             Regulation
                                                                  Built in compliance to satisfy regulation

                                                                         Data-driven Business
                                                                  Enabled with built-in pseudonymisation

                                                                              BIG DATA Ecosystems
                                                                  Facilitated with industrialised pseudonymisation

01 2021                                  vaccinate your data against abuse                                     4
Vaccinating Data against Abuse - DataVaccinator.com
Pseudonymisation upon data generation

•         Today’s tools focus on “after the fact” pseudonymisation
          (pseudonymisation as post-processing before sharing)
          https://www.g2.com/categories/data-de-identification-pseudonymity?order=popular#product-list

•         DataVaccinator “vaccinates data” in real time
            • Separates PID and Contents upon data generation
            • Eliminates vulnerabilities at the root and right from the start
            • Keeps PID and Contents separated during lifetime,
               re-unites on demand in applications

•         DataVaccinator – integral part of applications “DV inside”
            • Enable new applications
            • Re-engineer existing applications

01 2021                                    vaccinate your data against abuse                         5
Vaccinating Data against Abuse - DataVaccinator.com
DataVaccinator for ubiquitous pseudonymisation

•         Today, pseudonymisation is at version 1.0
            • Expensive custom development at low rate of reusability
            • Inefficient, costly projects at varying levels of quality
            • Existing model is unable to shift from mere post-processing to
                realtime pseudonymisation in scale

•         Tomorrow, pseudonymisation will be ubiquitous
            • Urgency for data privacy and security everywhere
            • High reusability with ease of integration and minimal footprint
            • Affordability, even in the light of zillions of apps (e.g. IoT)

•         DataVaccinator: the community product free of license fees
           •   Ready-to-use software, maintenance and services
           •   Industrial approach saves time and cost
           •   High quality through reusability and minimal footprint
           •   Open Source Licenses: AGPL (server), MIT (client)

01 2021                           vaccinate your data against abuse             6
Vaccinating Data against Abuse - DataVaccinator.com
Use Cases E-Commerce, E-Finance, E-Health…

Pseudonymisation is the foundation for any data-sensitive application

•         E-Finance: Loyalty programs, Payment transactions, Credit lending, Consumer credit rating involving multiple parties, online
          banking, online insurance

•         E-Media, Smart home, E-Commerce: Tracking and tracing of users and their behaviour ...

•         E-Commerce: Consumer profile-based business, Interest-based and location-based advertising, targeting

•         Data Monetization (any sector) while respecting compliance (GDPR…)

•         Smart home, smart buildings, smart city based on IoT data collection and processing

•         Industry 4.0, supply chain data exchanges, ecosystem collaboration

•         E-mobility: Location-based traffic flow management and analytics, Autonomous driving assistance

•         E-health apps, from doctors online to clinical studies

•         E-Energy: smart metering, profile-based pricing

•         Open Data initiatives (e.g. public services)

•         …

                              DataVaccinator – for any data-sensitive application

01 2021                                                  vaccinate your data against abuse                                               7
Vaccinating Data against Abuse - DataVaccinator.com
Flexible Support of Key Scenarios

                                               DataVaccinator

Source: https://www.enisa.europa.eu/publications/pseudonymisation-techniques-and-best-practices

01 2021                                                vaccinate your data against abuse          8
Vaccinating Data against Abuse - DataVaccinator.com
DataVaccinator – Flexible Operation Model

          The DataVaccinator service may be operated by
          third parties which can offer their services to
          multiple other parties (globally and at high SLAs).

          Organisations such as hospitals, universities,
          banks, insurers, retailers or manufacturers may
          want to operate their own private or public
          instances of the DataVaccinator service.

01 2021                   vaccinate your data against abuse   9
Vaccinating Data against Abuse - DataVaccinator.com
DataVaccinator – for Local Applications

 Create new car rental / local app
 Name              First Name      Birth Date       Address                            1
 Lisa               Miller          1980.10.23      Riemann Str 42a…

 Car to rent                       From
  Ford Fiesta                       2020.05.01
 Licence Plate                     Until
  M TT 2363                        2020.05.02                      Save
 VID
  e58244a6ebc160cbffa62f218b8

                                              3

                                                                                                   2
                                                                                                                                                    encrypted data
                                                                                             VID

   Contents Database                                                                           DataVaccinator Database
        VID           Vehicle       Licence Plate    Rental Date            Until                   VID        Name     First Name   Birth Date       Address
   e582..f218b8      Ford Fiesta     M TT 2363       2020.05.01           2020.05.02           e582..f218b8    Miller      Lisa      1980.10.23   Riemann Str 42a…
    5fcc..a255cc     Opel Corsa     HH TA 4777       2020.05.01           2020.05.05            5fcc..a255cc   Stern      Claus      1983.05.02    Kreuzallee 12…

Figure: use case car rental (local app example)

01 2021                                                               vaccinate your data against abuse                                                  10
DataVaccinator – for Web Applications

Create new car rental / web-browser                                            Service provider
Name            First Name     Birth Date    Address                              Contents Database
Lisa             Miller         1980.10.23   Riemann Str 42a…                            VID            Vehicle       Licence Plate    Rental Date        Until
                                                                          3
                                                                                    e582..f218b8       Ford Fiesta     M TT 2363       2020.05.01      2020.05.02
Car to rent                    From
 Ford Fiesta                    2020.05.01                                           5fcc..a255cc      Opel Corsa     HH TA 4777       2020.05.01      2020.05.05
Licence Plate                  Until
 M TT 2363                     2020.05.02
VID                                                                                                                  Service provider application
 e58244a6ebc160cbffa62f218b8

                                                        Save

                                                                                                           1
                                                                                           2
                  The service provider (SP) acts as a validating
                    and enriching proxy for DataVaccinator                                                                                                encrypted data
                 communication. As the user data is encrypted                        VID
                 with the unknown secret of the end user, the
                      SP is not able to read the user data.                            DataVaccinator Database
                                                                                            VID             Name          First Name      Birth Date       Address
                                                                                       e582..f218b8         Miller           Lisa         1980.10.23   Riemann Str 42a…
                                                                                        5fcc..a255cc        Stern           Claus         1983.05.02    Kreuzallee 12…

Figure: use case car rental (web app example)

01 2021                                                        vaccinate your data against abuse                                                                  11
DataVaccinator – Efficient Processing

 Typical workflow for accessing data using DataVaccinator

   Search                    Retrieve VIDs                      Request user             Display
                                                                data

          • End user             • Application is                    • Application is        • Application
            enters name or         requesting a                        using the               displays user
            partial names          list of                             retrieved VIDs          data and
            to search for.         matching VIDs                       to request user         allows end
          • Multiple               from                                information             user selection
            entries are            DataVaccinator                      from                    or assignment
            linked with            service.                            DataVaccinator          to payload
            AND.                                                       service (using          data.
                                                                       local cache).

 Online searching within encrypted data for specific and partial tokens
 Broad applicability as key tasks are enabled without compromising security.

01 2021                                  vaccinate your data against abuse                                      12
DataVaccinator – Easy Integration

   Example use of the JavaScript class: storing new user data                       The JavaScript class takes care of
                                                                                    encryption (AES256), generation of
                                                                                    secure SearchHashes, server
                                                                                    communication incl. authentication
                                                                                    and local caching (using IndexedDB
                                                                                    database).

                                                                                    The JavaScript class allows full
                                                                                    asynchronous usage and is
                                                                                    compatible with web browsers and
                                                                                    also node.js.

                                                                                    Modules and libraries for other
                                                                                    environments are in preparation.

    Full working JavaScript example uploading a sample user dataset to the
    DataVaccinator service.

01 2021                                         vaccinate your data against abuse                                        13
DataVaccinator - IT Environment

 • DataVaccinator is a web service. It can be hosted in
   any LAMP* environment.

 • Integration of DataVaccinator functionality, e.g. via
   DataVaccinator JavaScript-Client component in a
   Node.js or web-browser based application.

 • The service provider may provide basic proxy
   functionality (e.g. in case of a web application)

*) LAMP = Linux, Apache, MySQL, PHP

 01 2021                              vaccinate your data against abuse   14
DataVaccinator

                             Vaccinate your
                             data!
                             Thank you and keep in touch.
                             info@datavaccinator.com

01 2021          vaccinate your data against abuse      15
You can also read