Nist special Publication XXX-XXX draft nist big Data Interoperability Framework: Volume 4, Security and Privacy
Yüklə 317,65 Kb.
|
- Bu səhifədəki naviqasiya:
- DRAFT NIST Big Data Interoperability Framework: Volume 4, Security and Privacy Version 1
- Comments on this publication may be submitted to
- National Institute of Standards and Technology Special Publication XXX-series
- Table of Contents Executive Summary 10 1Introduction 12
- 2Big Data Security and Privacy 16
- 4Example Use Cases for Security and Privacy 22
- 5Taxonomy of Security and Privacy Topics 32
- 6Security and Privacy Fabric 44
- 7Mapping Use Cases to NBDRA 50
- Appendix A: Candidate Security and Privacy Topics for Big Data Adaptation 66 Appendix B: Internal Security Considerations within Cloud Ecosystems 72
- Executive Summary
 NIST Special Publication XXX-XXX DRAFT NIST Big Data Interoperability Framework: Volume 4, Security and Privacy NIST Big Data Public Working Group Security and Privacy Subgroup Draft Version 1 January 16, 2015 http://dx.doi.org/10.6028/NIST.SP.XXX 
NIST Special Publication xxx-xxx Information Technology Laboratory
NIST Big Data Public Working Group (NBD-PWG) Security and Privacy Subgroup National Institute of Standards and Technology Gaithersburg, MD 20899 November 2014 
U. S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Dr. Willie E. May, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by National Institute of Standards and Technology (NIST) to further its statutory responsibilities … Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies …. Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose. There may be references in this publication to other publications currently under development by NIST in accordance with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies, may be used by Federal agencies even before the completion of such companion publications. Thus, until each publication is completed, current requirements, guidelines, and procedures, where they exist, remain operative. For planning and transition purposes, Federal agencies may wish to closely follow the development of these new publications by NIST. Organizations are encouraged to review all draft publications during public comment periods and provide feedback to NIST. All NIST Information Technology Laboratory publications, other than the ones noted above, are available at http://www.nist.gov/publication-portal.cfm. Comments on this publication may be submitted to: National Institute of Standards and Technology Attn: Information Technology Laboratory 100 Bureau Drive (Mail Stop 8900) Gaithersburg, MD 20899-8930 Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at NIST promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL’s responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of other than national security-related information in Federal information systems. This document reports on ITL’s research, guidance, and outreach efforts in Information Technology and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication XXX-series
xxx pages (June 2, 2014) Acknowledgements This document reflects the contributions and discussions by the membership of the NIST Big Data Public Working Group (NBD-PWG), co-chaired by Wo Chang of the NIST Information Technology Laboratory, Robert Marcus of ET-Strategies, and Chaitanya Baru, University of California San Diego Supercomputer Center. The document contains input from members of the NBD-PWG: Security and Privacy Subgroup, led by Arnab Roy (Fujitsu), Mark Underwood (Krypton Brothers), and Akhil Manchanda (GE); and the Reference Architecture Subgroup, led by Orit Levin (Microsoft), Don Krapohl (Augmented Intelligence), and James Ketner (AT&T). NIST SP xxx-series, Version 1 has been collaboratively authored by the NBD-PWG. As of the date of this publication, there are over six hundred NBD-PWG participants from industry, academia, and government. Federal agency participants include the National Archives and Records Administration (NARA), National Aeronautics and Space Administration (NASA), National Science Foundation (NSF), and the U.S. Departments of Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, Transportation, Treasury, and Veterans Affairs. NIST would like to acknowledge the specific contributions to this volume by the following NBD-PWG members:
The editors for this document were Arnab Roy, Mark Underwood, and Wo Chang. Table of Contents Executive Summary 10 1Introduction 12 1.1Background 12 1.2Scope and Objectives of the Security and Privacy Subgroup 13 1.3Report Production 14 1.4Report Structure 14 1.5Future Work of this Volume 15 2Big Data Security and Privacy 16 2.1Overview 16 2.2Effects of Big Data Characteristics on Security and Privacy 18
2.3Relation to Cloud 20 4Example Use Cases for Security and Privacy 22 4.1Retail/Marketing 22 4.1.1Consumer Digital Media Usage 22 4.1.2Nielsen Homescan: Project Apollo 23 4.1.3Web Traffic Analytics 23 4.2Healthcare 24 4.2.1Health Information Exchange 24 4.2.2Genetic Privacy 25 4.2.3Pharma Clinical Trial Data Sharing 26 4.3Cybersecurity 27 4.3.1 Network Protection 27 4.4Government 28 4.4.1Military: Unmanned Vehicle Sensor Data 28 4.4.2Education: Common Core Student Performance Reporting 28 4.5Industrial: Aviation 29 4.5.1Sensor Data Storage and Analytics 29 4.6Transportation 30 4.6.1Cargo Shipping 30 5Taxonomy of Security and Privacy Topics 32 5.1Conceptual Taxonomy of Security and Privacy Topics 32 5.1.1Privacy 32 5.1.2Provenance 33 5.1.3System Health and Resilience 34 5.2Operational Taxonomy of Security and Privacy Topics 34 5.2.1Registration, Security Model, and Policy Enforcement 35 5.2.2Identity and Access Management 36 5.2.3Data Governance 37 5.2.4Visibility and Infrastructure Management 38 5.2.5Risk and Accountability 39 5.3Roles Taxonomy of Security and Privacy Topics 39 5.3.1Infrastructure Management 39 5.3.2GRC 40 5.3.3Information Worker 40 5.4Relationships Between Security and Privacy Concepts and Roles 41 5.4.1Data Privacy 41 5.4.2Data Veracity (Provenance) 41 5.4.3System Health 42 5.5Uncategorized Topics 42 5.5.1Provisioning, Metering, and Billing 42 5.5.2Data Syndication 43 6Security and Privacy Fabric 44 6.1Interface of Data Providers Big Data Application Provider 46 6.2Interface of Big Data Application Provider Data Consumer 47 6.3Interface of Application Provider Big Data Framework Provider 47 6.4Internal to Big Data Framework Provider 47 6.5System Orchestrator 47 6.6Privacy by Design 47 6.7General Considerations 48 6.8Relation of the Big Data Security Operational Taxonomy to the NBDRA 48
7.1Consumer Digital Media Use 50 7.2Nielsen Homescan: Project Apollo 51 7.3Web Traffic Analytics 52 7.4Health Information Exchange (HIE) 54 7.5Genetic Privacy 56 7.6Pharma Clinical Trial Data Sharing 57 7.7Network Protection 58 7.8Military: Unmanned Vehicle Sensor Data 60 7.9Education: Common Core Student Performance Reporting 61 7.10Sensor Data Storage and Analytics 62 7.11Cargo Shipping 63 Appendix A: Candidate Security and Privacy Topics for Big Data Adaptation 66 Appendix B: Internal Security Considerations within Cloud Ecosystems 72 Appendix C: Big Data Actors and Roles: Adaptation to Big Data Scenarios 78 Appendix D: Acronyms 80 Appendix E: References 82 Figures Tables
Executive Summary This NIST Big Data Interoperability Framework: Volume 4, Security and Privacy document was prepared by the NIST Big Data Public Working Group (NBD-PWG) Security and Privacy Subgroup to identify security and privacy issues particular to Big Data. Big Data application domains include health care, drug discovery, finance and many others from both the private and public sectors. Among the scenarios within these application domains are health exchanges, clinical trials, mergers and acquisitions, device telemetry, and international anti-piracy. Security technology domains include identity, authorization, audit, network and device security, and federation across trust boundaries. Clearly, the advent of Big Data has necessitated paradigm shifts in the understanding and enforcement of security and privacy requirements. Significant changes are evolving, notably in scaling existing solutions to meet the volume, variety, and velocity of Big Data, and retargeting security solutions amid shifts in technology infrastructure, e.g., distributed computing systems and non-relational data storage. In addition, as diverse datasets become ever-easier to access, many are increasingly personal in nature. Thus, a whole new set of emerging issues must be addressed, including balancing privacy and utility, enabling analytics and governance on encrypted data, and reconciling authentication and anonymity. With the key Big Data characteristics of variety, volume, and velocity in mind, the subgroup gathered use cases from volunteers, developed a consensus security and privacy taxonomy and reference architecture, and validated it by mapping the use cases to the reference architecture. The NIST Big Data Interoperability Framework consists of seven volumes, each of which addresses a specific key topic, resulting from the work of the NBD-PWG. In addition to this volume, the other volumes are as follows:
The authors emphasize that the information in these volumes represents a work in progress and will evolve in the future and with the availability of additional perspectives. Yüklə 317,65 Kb. Dostları ilə paylaş:
|