Vaccinating Data against Abuse - DataVaccinator.com
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Risks of Managing Data are on the Rise Data Breach Intentional or unintentional release of private or confidential information to an untrusted environment Regulation Protection of data privacy and security (GDPR..) Data Theft increase commercial risks (and fines). Complex regulation in sectors and jurisdictions Stealing data from a victim with the intent of compromising privacy or obtaining confidential information Data-driven Business The commercial value of data is on the rise (and Data Hack so are associated risks) as businesses become Breaking the security of a computing system to more and more data-driven steal data, corrupt systems/files, commandeer the environment or disrupt activities BIG DATA Ecosystems Collaborative data sharing and analytics across a Data Leakage community of stakeholders generates new risks The unauthorized transfer of classified for individual data owners information from a computer or data center to the outside world 01 2021 vaccinate your data against abuse 2
Traditional versus Innovative Applications Traditional Application Innovative Application Sensitive data is managed in Sensitive data is managed in one database making it a high independent databases making risk operation it a low risk operation PII/PID + Contents PII/PID Contents Personal identifiable inf./data High Value Data 01 2021 vaccinate your data against abuse 3
Mitigating Data Risks with DataVaccinator DataVaccinator enabled applications Data Breach manage PID and Contents separately, Damage control: Breach of low value data in realtime and in a secure and industrialised manner. Data Theft Damage control: Theft of low value data PII/PID Contents Personal identifiable inf./data Data Hack (IoT: Machine identifiable data) Damage control: Hack of low value data Data Leakage Damage of leak limited to low value data Regulation Built in compliance to satisfy regulation Data-driven Business Enabled with built-in pseudonymisation BIG DATA Ecosystems Facilitated with industrialised pseudonymisation 01 2021 vaccinate your data against abuse 4
Pseudonymisation upon data generation • Today’s tools focus on “after the fact” pseudonymisation (pseudonymisation as post-processing before sharing) https://www.g2.com/categories/data-de-identification-pseudonymity?order=popular#product-list • DataVaccinator “vaccinates data” in real time • Separates PID and Contents upon data generation • Eliminates vulnerabilities at the root and right from the start • Keeps PID and Contents separated during lifetime, re-unites on demand in applications • DataVaccinator – integral part of applications “DV inside” • Enable new applications • Re-engineer existing applications 01 2021 vaccinate your data against abuse 5
DataVaccinator for ubiquitous pseudonymisation • Today, pseudonymisation is at version 1.0 • Expensive custom development at low rate of reusability • Inefficient, costly projects at varying levels of quality • Existing model is unable to shift from mere post-processing to realtime pseudonymisation in scale • Tomorrow, pseudonymisation will be ubiquitous • Urgency for data privacy and security everywhere • High reusability with ease of integration and minimal footprint • Affordability, even in the light of zillions of apps (e.g. IoT) • DataVaccinator: the community product free of license fees • Ready-to-use software, maintenance and services • Industrial approach saves time and cost • High quality through reusability and minimal footprint • Open Source Licenses: AGPL (server), MIT (client) 01 2021 vaccinate your data against abuse 6
Use Cases E-Commerce, E-Finance, E-Health… Pseudonymisation is the foundation for any data-sensitive application • E-Finance: Loyalty programs, Payment transactions, Credit lending, Consumer credit rating involving multiple parties, online banking, online insurance • E-Media, Smart home, E-Commerce: Tracking and tracing of users and their behaviour ... • E-Commerce: Consumer profile-based business, Interest-based and location-based advertising, targeting • Data Monetization (any sector) while respecting compliance (GDPR…) • Smart home, smart buildings, smart city based on IoT data collection and processing • Industry 4.0, supply chain data exchanges, ecosystem collaboration • E-mobility: Location-based traffic flow management and analytics, Autonomous driving assistance • E-health apps, from doctors online to clinical studies • E-Energy: smart metering, profile-based pricing • Open Data initiatives (e.g. public services) • … DataVaccinator – for any data-sensitive application 01 2021 vaccinate your data against abuse 7
Flexible Support of Key Scenarios DataVaccinator Source: https://www.enisa.europa.eu/publications/pseudonymisation-techniques-and-best-practices 01 2021 vaccinate your data against abuse 8
DataVaccinator – Flexible Operation Model The DataVaccinator service may be operated by third parties which can offer their services to multiple other parties (globally and at high SLAs). Organisations such as hospitals, universities, banks, insurers, retailers or manufacturers may want to operate their own private or public instances of the DataVaccinator service. 01 2021 vaccinate your data against abuse 9
DataVaccinator – for Local Applications Create new car rental / local app Name First Name Birth Date Address 1 Lisa Miller 1980.10.23 Riemann Str 42a… Car to rent From Ford Fiesta 2020.05.01 Licence Plate Until M TT 2363 2020.05.02 Save VID e58244a6ebc160cbffa62f218b8 3 2 encrypted data VID Contents Database DataVaccinator Database VID Vehicle Licence Plate Rental Date Until VID Name First Name Birth Date Address e582..f218b8 Ford Fiesta M TT 2363 2020.05.01 2020.05.02 e582..f218b8 Miller Lisa 1980.10.23 Riemann Str 42a… 5fcc..a255cc Opel Corsa HH TA 4777 2020.05.01 2020.05.05 5fcc..a255cc Stern Claus 1983.05.02 Kreuzallee 12… Figure: use case car rental (local app example) 01 2021 vaccinate your data against abuse 10
DataVaccinator – for Web Applications Create new car rental / web-browser Service provider Name First Name Birth Date Address Contents Database Lisa Miller 1980.10.23 Riemann Str 42a… VID Vehicle Licence Plate Rental Date Until 3 e582..f218b8 Ford Fiesta M TT 2363 2020.05.01 2020.05.02 Car to rent From Ford Fiesta 2020.05.01 5fcc..a255cc Opel Corsa HH TA 4777 2020.05.01 2020.05.05 Licence Plate Until M TT 2363 2020.05.02 VID Service provider application e58244a6ebc160cbffa62f218b8 Save 1 2 The service provider (SP) acts as a validating and enriching proxy for DataVaccinator encrypted data communication. As the user data is encrypted VID with the unknown secret of the end user, the SP is not able to read the user data. DataVaccinator Database VID Name First Name Birth Date Address e582..f218b8 Miller Lisa 1980.10.23 Riemann Str 42a… 5fcc..a255cc Stern Claus 1983.05.02 Kreuzallee 12… Figure: use case car rental (web app example) 01 2021 vaccinate your data against abuse 11
DataVaccinator – Efficient Processing Typical workflow for accessing data using DataVaccinator Search Retrieve VIDs Request user Display data • End user • Application is • Application is • Application enters name or requesting a using the displays user partial names list of retrieved VIDs data and to search for. matching VIDs to request user allows end • Multiple from information user selection entries are DataVaccinator from or assignment linked with service. DataVaccinator to payload AND. service (using data. local cache). Online searching within encrypted data for specific and partial tokens Broad applicability as key tasks are enabled without compromising security. 01 2021 vaccinate your data against abuse 12
DataVaccinator – Easy Integration Example use of the JavaScript class: storing new user data The JavaScript class takes care of encryption (AES256), generation of secure SearchHashes, server communication incl. authentication and local caching (using IndexedDB database). The JavaScript class allows full asynchronous usage and is compatible with web browsers and also node.js. Modules and libraries for other environments are in preparation. Full working JavaScript example uploading a sample user dataset to the DataVaccinator service. 01 2021 vaccinate your data against abuse 13
DataVaccinator - IT Environment • DataVaccinator is a web service. It can be hosted in any LAMP* environment. • Integration of DataVaccinator functionality, e.g. via DataVaccinator JavaScript-Client component in a Node.js or web-browser based application. • The service provider may provide basic proxy functionality (e.g. in case of a web application) *) LAMP = Linux, Apache, MySQL, PHP 01 2021 vaccinate your data against abuse 14
DataVaccinator Vaccinate your data! Thank you and keep in touch. info@datavaccinator.com 01 2021 vaccinate your data against abuse 15
You can also read