100%(1)1 out of 1 people found this document helpful
This preview shows page 1 - 14 out of 54 pages.
BIG DATA PRIVACY AND GOVERNANCECSIT 6000DSPRING 2017
BIG DATA SECURITY RELATED CHALLENGESBig data privacyThe protection of personal privacy, personal interests, habits and body properties, etc. of users may be more easily acquired, of which the user may not be awarePersonal privacy data may be leaked during storage, transmission, and usageData QualityBig data safety mechanismData encryption in large scale and high varietyBig data application in information securityOpportunities for the development of information security mechanisms
BIG DATA SECURITY CHALLENGESSource: CLOUD SECURITY ALLIANCE (CSA). “Expanded Top Ten Big Data Security and Privacy Challenges”. April 2013
PRIVACY ISSUESBig data is brining a new level of scale and capability not foreseen before on privacyUsers have an inadequate understanding of how privacy violations impact individuals and social behaviorA lack of transparency regarding privacy policies or predictive analytics applied to usersA lack of data due process of lawUnplanned disclosures of dataFalse data or false analytic results shared, and difficult to make amends through a data due processIt is possible to predict private traits using Big Data analytics
PRIVACY ISSUESA mismatch of provider’s claimed policies and the actual controls available to usersEconomic incentive to disclose users’ dataPolicing incentive to use advanced surveillance techniques to gather dataTechnical limitations to some of the most advanced techniques revised to allow analytics on private dataCentralization of information tilts the gain-loss trade-off in favor of potential attackers and intrudersInformation privacy laws are out of paceGovernment investigative agencies have a tendency to violate reasonable expectation of privacy
PERSONALLY IDENTIFIABLE INFORMATIONPersonally identifiable information (PII)A legal concept“Information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context”Used in U.S. privacy laws
MODELS OF PRIVACY PROTECTIONComprehensive lawsAdopted by European Union, Canada,AustraliaSectoral lawsAdopted by USFinancial privacy, protected health informationLack of legal protections for individual’s privacy on the InternetSelf-regulationCompanies and industry bodies establish codes of practicePrivacy enhancing technologies
PRIVACY ENHANCING TECHNIQUES•Numerous privacy-enhancing techniques have been proposed ranging from cryptographic techniques to data anonymization•Such techniques either do not scale for large datasets and/or do not address the problem of reconciling security with privacy.