Vaccinating Data against Abuse - DataVaccinator.com
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
DataVaccinator.com
Vaccinating Data against Abuse
01 2021 vaccinate your data against abuse 1
Risks of Managing Data are on the Rise
Data Breach
Intentional or unintentional release of private
or confidential information to an untrusted
environment
Regulation
Protection of data privacy and security (GDPR..)
Data Theft increase commercial risks (and fines). Complex
regulation in sectors and jurisdictions
Stealing data from a victim with the intent of
compromising privacy or obtaining confidential
information
Data-driven Business
The commercial value of data is on the rise (and
Data Hack so are associated risks) as businesses become
Breaking the security of a computing system to more and more data-driven
steal data, corrupt systems/files, commandeer
the environment or disrupt activities
BIG DATA Ecosystems
Collaborative data sharing and analytics across a
Data Leakage community of stakeholders generates new risks
The unauthorized transfer of classified for individual data owners
information from a computer or data center to
the outside world
01 2021 vaccinate your data against abuse 2
Traditional versus Innovative Applications
Traditional Application Innovative Application
Sensitive data is managed in Sensitive data is managed in
one database making it a high independent databases making
risk operation it a low risk operation
PII/PID + Contents PII/PID Contents
Personal identifiable inf./data
High Value Data
01 2021 vaccinate your data against abuse 3
Mitigating Data Risks with DataVaccinator
DataVaccinator enabled applications Data Breach
manage PID and Contents separately,
Damage control: Breach of low value data
in realtime and in a secure and
industrialised manner. Data Theft
Damage control: Theft of low value data
PII/PID Contents
Personal identifiable inf./data
Data Hack
(IoT: Machine identifiable data) Damage control: Hack of low value data
Data Leakage
Damage of leak limited to low value data
Regulation
Built in compliance to satisfy regulation
Data-driven Business
Enabled with built-in pseudonymisation
BIG DATA Ecosystems
Facilitated with industrialised pseudonymisation
01 2021 vaccinate your data against abuse 4
Pseudonymisation upon data generation
• Today’s tools focus on “after the fact” pseudonymisation
(pseudonymisation as post-processing before sharing)
https://www.g2.com/categories/data-de-identification-pseudonymity?order=popular#product-list
• DataVaccinator “vaccinates data” in real time
• Separates PID and Contents upon data generation
• Eliminates vulnerabilities at the root and right from the start
• Keeps PID and Contents separated during lifetime,
re-unites on demand in applications
• DataVaccinator – integral part of applications “DV inside”
• Enable new applications
• Re-engineer existing applications
01 2021 vaccinate your data against abuse 5
DataVaccinator for ubiquitous pseudonymisation
• Today, pseudonymisation is at version 1.0
• Expensive custom development at low rate of reusability
• Inefficient, costly projects at varying levels of quality
• Existing model is unable to shift from mere post-processing to
realtime pseudonymisation in scale
• Tomorrow, pseudonymisation will be ubiquitous
• Urgency for data privacy and security everywhere
• High reusability with ease of integration and minimal footprint
• Affordability, even in the light of zillions of apps (e.g. IoT)
• DataVaccinator: the community product free of license fees
• Ready-to-use software, maintenance and services
• Industrial approach saves time and cost
• High quality through reusability and minimal footprint
• Open Source Licenses: AGPL (server), MIT (client)
01 2021 vaccinate your data against abuse 6
Use Cases E-Commerce, E-Finance, E-Health…
Pseudonymisation is the foundation for any data-sensitive application
• E-Finance: Loyalty programs, Payment transactions, Credit lending, Consumer credit rating involving multiple parties, online
banking, online insurance
• E-Media, Smart home, E-Commerce: Tracking and tracing of users and their behaviour ...
• E-Commerce: Consumer profile-based business, Interest-based and location-based advertising, targeting
• Data Monetization (any sector) while respecting compliance (GDPR…)
• Smart home, smart buildings, smart city based on IoT data collection and processing
• Industry 4.0, supply chain data exchanges, ecosystem collaboration
• E-mobility: Location-based traffic flow management and analytics, Autonomous driving assistance
• E-health apps, from doctors online to clinical studies
• E-Energy: smart metering, profile-based pricing
• Open Data initiatives (e.g. public services)
• …
DataVaccinator – for any data-sensitive application
01 2021 vaccinate your data against abuse 7
Flexible Support of Key Scenarios
DataVaccinator
Source: https://www.enisa.europa.eu/publications/pseudonymisation-techniques-and-best-practices
01 2021 vaccinate your data against abuse 8
DataVaccinator – Flexible Operation Model
The DataVaccinator service may be operated by
third parties which can offer their services to
multiple other parties (globally and at high SLAs).
Organisations such as hospitals, universities,
banks, insurers, retailers or manufacturers may
want to operate their own private or public
instances of the DataVaccinator service.
01 2021 vaccinate your data against abuse 9
DataVaccinator – for Local Applications
Create new car rental / local app
Name First Name Birth Date Address 1
Lisa Miller 1980.10.23 Riemann Str 42a…
Car to rent From
Ford Fiesta 2020.05.01
Licence Plate Until
M TT 2363 2020.05.02 Save
VID
e58244a6ebc160cbffa62f218b8
3
2
encrypted data
VID
Contents Database DataVaccinator Database
VID Vehicle Licence Plate Rental Date Until VID Name First Name Birth Date Address
e582..f218b8 Ford Fiesta M TT 2363 2020.05.01 2020.05.02 e582..f218b8 Miller Lisa 1980.10.23 Riemann Str 42a…
5fcc..a255cc Opel Corsa HH TA 4777 2020.05.01 2020.05.05 5fcc..a255cc Stern Claus 1983.05.02 Kreuzallee 12…
Figure: use case car rental (local app example)
01 2021 vaccinate your data against abuse 10DataVaccinator – for Web Applications
Create new car rental / web-browser Service provider
Name First Name Birth Date Address Contents Database
Lisa Miller 1980.10.23 Riemann Str 42a… VID Vehicle Licence Plate Rental Date Until
3
e582..f218b8 Ford Fiesta M TT 2363 2020.05.01 2020.05.02
Car to rent From
Ford Fiesta 2020.05.01 5fcc..a255cc Opel Corsa HH TA 4777 2020.05.01 2020.05.05
Licence Plate Until
M TT 2363 2020.05.02
VID Service provider application
e58244a6ebc160cbffa62f218b8
Save
1
2
The service provider (SP) acts as a validating
and enriching proxy for DataVaccinator encrypted data
communication. As the user data is encrypted VID
with the unknown secret of the end user, the
SP is not able to read the user data. DataVaccinator Database
VID Name First Name Birth Date Address
e582..f218b8 Miller Lisa 1980.10.23 Riemann Str 42a…
5fcc..a255cc Stern Claus 1983.05.02 Kreuzallee 12…
Figure: use case car rental (web app example)
01 2021 vaccinate your data against abuse 11DataVaccinator – Efficient Processing
Typical workflow for accessing data using DataVaccinator
Search Retrieve VIDs Request user Display
data
• End user • Application is • Application is • Application
enters name or requesting a using the displays user
partial names list of retrieved VIDs data and
to search for. matching VIDs to request user allows end
• Multiple from information user selection
entries are DataVaccinator from or assignment
linked with service. DataVaccinator to payload
AND. service (using data.
local cache).
Online searching within encrypted data for specific and partial tokens
Broad applicability as key tasks are enabled without compromising security.
01 2021 vaccinate your data against abuse 12DataVaccinator – Easy Integration
Example use of the JavaScript class: storing new user data The JavaScript class takes care of
encryption (AES256), generation of
secure SearchHashes, server
communication incl. authentication
and local caching (using IndexedDB
database).
The JavaScript class allows full
asynchronous usage and is
compatible with web browsers and
also node.js.
Modules and libraries for other
environments are in preparation.
Full working JavaScript example uploading a sample user dataset to the
DataVaccinator service.
01 2021 vaccinate your data against abuse 13DataVaccinator - IT Environment • DataVaccinator is a web service. It can be hosted in any LAMP* environment. • Integration of DataVaccinator functionality, e.g. via DataVaccinator JavaScript-Client component in a Node.js or web-browser based application. • The service provider may provide basic proxy functionality (e.g. in case of a web application) *) LAMP = Linux, Apache, MySQL, PHP 01 2021 vaccinate your data against abuse 14
DataVaccinator
Vaccinate your
data!
Thank you and keep in touch.
info@datavaccinator.com
01 2021 vaccinate your data against abuse 15You can also read
