CSA Congress November 6, 2012 Overview Big Data Working Group Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org.
Download ReportTranscript CSA Congress November 6, 2012 Overview Big Data Working Group Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org.
CSA Congress November 6, 2012 Overview Big Data Working Group Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org The ‘freshman’ of the CSA working groups Lots of press & attention Leadership team: Chair - Sree Rajan, Fujitsu Co-chair - Neel Sundaresan, Ebay Co-Chair - Wilco van Ginkel, Verizon Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org Lead to crystallization of best practices for security and privacy in big data Support industry and government on adoption of best practices Establish liaisons with other organizations in order to coordinate the development of big data security and privacy standards Accelerate the adoption of novel research aimed to address security and privacy issues Identify scalable techniques for datacentric security and privacy problems Top 10 Big Data Security & Privacy Challenges developed for CSA Congress Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org Data analytics for security Privacy preserving/enhancing technologies Big data-scale crypto Cloud Attack Surface Reduction 60+ members Policy and Governance Framework and Taxonomy Top 10 Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org 1) Secure computations in distributed programming frameworks 2) Security best practices for non-relational data stores 3) Secure data storage and transactions logs 4) End-point input validation/filtering Big Data Top-10 5) Real-time security/compliance monitoring 6) Scalable and composable privacy-preserving analytics 7) Crypto-enforced access control and secure communication 8) Granular access control 9) Granular audits 10)Data provenance Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org Data analytics for security Privacy preserving/enhancing technologies Big data-scale crypto Cloud Attack Surface Reduction Policy and Governance Framework and Taxonomy Top 10 How to apply big data in security analytics To describe: Definitions, techniques Best Practices Use Cases Confirmed contributions from other orgs, like: AT&T, Fujitsu, HP, IBM, SumoLogic, University of California at Berkeley, and University of Luxembourg Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org Data analytics for security Privacy preserving/enhancing technologies Big data-scale crypto Cloud Attack Surface Reduction Policy and Governance PET is a term for a set of computer tools and applications which when integrated with online services allow online users to protect the privacy of their personally identifiable information. The PET Team seeks to address significant problems around PET & Big Data Framework and Taxonomy Top 10 Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org How to apply crypto-scale techniques in the Big Data era. Topics to be discussed, amongst others: Data analytics for security Privacy preserving/enhancing technologies Big data-scale crypto Cloud Attack Surface Reduction Policy and Governance Framework and Taxonomy Top 10 Best Practices Use Cases Communication protocols Data-centric security Big data privacy Key management Data integrity and poisoning concerns Searching / filtering encrypted data Secure data collection/aggregation Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org Data analytics for security Privacy preserving/enhancing technologies Big data-scale crypto Cloud Attack Surface Reduction Policy and Governance Cloud provides the compute & storage engine for Big Data and has to be inherently secure. Topics to be discussed are: What additional (security) challenges does big data present in addition to general cloud computing? Does, and if so, how does cloud deployment change other than scale? Framework and Taxonomy Use cases Top 10 Best Practices Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org Data analytics for security Privacy preserving/enhancing technologies Big data-scale crypto Cloud Attack Surface Reduction Policy and Governance Framework and Taxonomy Top 10 To address data governance challenges and contribute to development of standards in the areas of security and governance in big data technologies. Define Big Data Framework & Taxonomy to (i) get a common understanding of Big Data terms & definitions and (ii) act as a structure to which all the Big Data Initiatives can be linked. Two separate initiatives now, but may become one. Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org CSA Big Data Working Group Site https://cloudsecurityalliance.org/research/big-data/ CSA, Big Data LinkedIn http://www.linkedin.com/groups?home=&gid=4458215&trk=anet_ug_hm Basecamp Project Collaboration Site Request Form https://cloudsecurityalliance.org/research/basecamp/ For any questions/remarks/feedback, please contact either: Who How Sreeranga (Sree) Rajan (Fujitsu) [email protected] Neel Sundaresan (eBay) [email protected] Wilco van Ginkel (Verizon) [email protected] Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org For more info about CSA CloudBytes: Top Challenges for Big Data https://cloudsecurityalliance.org/research/big-data/ [email protected] (through 10/27/2012) Help Us Secure Cloud Computing www.cloudsecurityalliance.org [email protected] LinkedIn: www.linkedin.com/groups?gid=1864210 Twitter: @cloudsa, @CSAResearchGuy Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org Most of our Research Projects are ideas from professionals like you Do you have an idea for a research project on a cloud security topic? If so, please take the time to describe your concept by filling out the our online form. This form is monitored by the CSA research team, who will review your proposal and respond to you with feedback. Copyright©©2012 2011Cloud CloudSecurity SecurityAlliance Alliance Copyright Copyright © 2012 Cloud Security Alliance www.cloudsecurityalliance.org www.cloudsecurityalliance.org Learn how you can participate in Cloud Security Alliance's goals to promote the use of best practices for providing security assurance within Cloud Computing http://www.linkedin.com/groups?gid=1864210 https://cloudsecurityalliance.org/get-involved/ Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org Help Us Secure Cloud Computing www.cloudsecurityalliance.org [email protected] LinkedIn: www.linkedin.com/groups?gid=1864210 Twitter: @cloudsa, @CSAResearchGuy Copyright © 2012 2011 Cloud Security Alliance www.cloudsecurityalliance.org Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org