Security and Privacy for Big Data, Cloud Computing and Applications
2: University of Texas at San Antonio, San Antonio, TX, USA
3: Departament de Ciencies de la Computacio, Universitat Politecnica de Catalunya, Barcelona, Spain
As big data becomes increasingly pervasive and cloud computing utilization becomes the norm, the security and privacy of our systems and data becomes more critical with emerging security and privacy threats and challenges. This book presents a comprehensive view on how to advance security and privacy in big data, cloud computing, and their applications. Topics include cryptographic tools, SDN security, big data security in IoT, privacy preserving in big data, security architecture based on cyber kill chain, privacy-aware digital forensics, trustworthy computing, privacy verification based on machine learning, and chaos-based communication systems. This book is an essential reading for networking, computing, and communications professionals, researchers, students and engineers, working with big data and cloud computing.
Inspec keywords: social networking (online); authorisation; Big Data; Internet; telecommunication security; mobile radio; cryptography; cloud computing; data privacy
Other keywords: Internet; social networking (online); cryptography; cloud computing; security of data; data privacy; telecommunication security; Big Data; authorisation; mobile radio
Subjects: Data security; General and management topics; Internet software
- Book DOI: 10.1049/PBPC028E
- Chapter DOI: 10.1049/PBPC028E
- ISBN: 9781785617478
- e-ISBN: 9781785617485
- Page count: 330
- Format: PDF
-
Front Matter
- + Show details - Hide details
-
p.
(1)
-
1 Privacy preserving in big data
- + Show details - Hide details
-
p.
1
–25
(25)
Due to the rapid growth of computers and the technology that is capable of capturing data, the data is increasing exponentially; they are collected from the everyday interactions with digital products or services, including mobile devices, information sensing, social media and so on. Big data gives us unprecedented insights and opportunities, but the collected big data contains a large amount of personal or sensitive information, which raises big privacy concerns. This chapter provides an extensive literature review on privacy attack models, privacy-preserving technologies and privacy metrics. We systematically analysis how the data privacy can be disclosed, what kind of privacy technology has been developed and how to evaluate the privacy provided by the proposed privacy-preserving method.
-
2 Privacy-preserving analysis for big data using cryptographic tools
- + Show details - Hide details
-
p.
27
–45
(19)
We review the efforts to protect data privacy in the scenario of cloud computing and outsourcing computation. We pay special interest in the efficiency boost which is dedicated to properly handle the challenge of large data volume coming from the trend of big data. Differently from the previous chapter focusing on the technique of differential privacy, we discuss here the approaches for privacy -preserving data analysis using cryptographic tools.
-
3 Big data security in Internet of Things
- + Show details - Hide details
-
p.
47
–66
(20)
The Internet-of-Things (IoT) paradigm is an emerging twenty-first century technological revolution, a concept that facilitates to communicate with objects, devices, and machines at unprecedented scale. Nowadays, IoT is extensively applied to numerous applications such as intelligent transportation, smart security, smart grid, and smart home. Now, considering that in the near future, millions of devices will be interconnected and will be producing enormous data, the privacy and security of data going to be challenged and private information may leak at any time. This chapter presents an overview of the IoT and security concerns on big data while we discuss privacy and security approaches for big data with reference to infrastructure, application, and data.
-
4 A watermark-based in situ access-control model for image big data
- + Show details - Hide details
-
p.
67
–87
(21)
When large images are used for big data analysis, they impose new challenges in protecting image privacy. For example, a geographic image may consist of several sensitive areas or layers. When it is uploaded into servers, the image will be accessed by diverse subjects. Traditional access-control methods regulate access privileges to a single image, and their access-control strategies are stored in servers, which impose two shortcomings: (1) fine-grained access control is not guaranteed for areas/layers in a single image that needs to maintain secret for different roles and (2) accesscontrol policies that are stored in servers suffer from multiple attacks (e.g., transferring attacks). In this chapter, we propose a novel watermark-based access-control model in which access-control policies are associated with objects being accessed (called an in situ model). The proposed model integrates access-control policies as watermarks within images, without relying on the availability of servers or connecting networks. The access control for images is still maintained even though images are redistributed again to further subjects. Therefore, access-control policies can be delivered together with the big data of images. Moreover, we propose a hierarchical key-role-area model for fine-grained encryption, especially for large-sized images such as geographic maps. The extensive analysis justifies the security and performance of the proposed model.
-
5 Blockchain-based security and access control for BIM big data
- + Show details - Hide details
-
p.
89
–119
(31)
We analyzed the limitation in traditional role-based only access-control mechanism. As the number of mobile users is much larger than the number of roles, naive RBAC may not be suitable in BIM situations. We thus propose a context-aware fine-grained access control, called CaAC. We describe the functions of CaAC by formal method and present several illustrations on contexts via location-CaAC and the time-aware access control. CaAC can guarantee the access control within the same role by differentiating contexts, which is more fine-grained than current role-based only access control. We also present grouping algorithms of two models. By comparing the proposed models with traditional RBAC model, we analyze the security and feasibility. As a result of analysis, we conclude that the average efficiency is improved by 2n I (2n - p - q), and the time complexity of the proposed algorithm is 0(n).
-
6 Security of marine-information system
- + Show details - Hide details
-
p.
121
–134
(14)
This chapter starts from the security demand of marine-information system to emphatically introduce the main problems in the marine-information system, including wireless-communication security, secure sharing of information, big data security and military-civilian coordination, centers on the marine information security system to discuss the technology and method of guaranteeing the security of marine-information system from the aspects of communication network security, computing environment security, data and application security, security monitoring and forewarning and security support. In addition, it lays emphasis on analyzing and introducing the required key theories and technologies of the network space security for marine-information-system design.
-
7 A layered security architecture based on cyber kill chain against advanced persistent threats
- + Show details - Hide details
-
p.
135
–155
(21)
Inherently, static traditional defense mechanisms which mostly act successfully in detecting known attacks using techniques such as blacklisting and malware signature detection are insufficient in defending against dynamic and sophisticated advanced persistent threat (APT) cyberattacks. These attacks are usually conducted dynamically in several stages and may use different attack paths simultaneously to accomplish their commission. Cyber kill chain (CKC) framework provides a model for all stages of an intrusion from early reconnaissance to actions on objectives when the attacker's goal is met which could be stealing data, disrupting operations or destroying infrastructure. Achieving the final goal, an adversary must progress all stages successfully. Any disruption at any stage of the attack by the defender would mitigate or cease the intrusion campaign. In this chapter, we align 7D defense model with CKC steps to develop a layered architecture to detected APT actors tactics, techniques and procedures in each step of CKC. This model can be applied by defenders to plan resilient defense and mitigation strategies against prospective APT actors.
-
8 Privacy-aware digital forensics
- + Show details - Hide details
-
p.
157
–195
(39)
Digital forensics and privacy are the two naturally conflicting concepts. While privacy can be defined as the desire of people to decide for themselves when, how and to what extent their personal information is shared with others, digital forensics is aimed at acquiring and analysing relevant data from devices in the scope of digital forensic investigations, following a set of procedures to comply legal proceedings. Digital forensic investigations are usually carried out after seizing the devices from investigated suspects or third parties, who consequently lose control over the data being accessed by the investigator. Moreover, digital forensic tools are even capable of retrieving information which is apparently no longer present in the device because the user decided to delete it. These tools also have the ability of correlating information from different sources giving rise to new actors in the investigation whose privacy can be affected. Also, the lack of context to determine when and why the user intentionally deleted some of the contents may result in wrong accusations. All things considered, even when digital investigations are conducted by responsible professionals, the data collected from personal devices may result in dreadful invasions to individual privacy. Inevitably, this leads to a controversial debate on the need for strong privacy guarantees in the context of digital forensics. This chapter aims to shed some light into this imperative and highly demanded debate given the fundamental role that the user and his/her personal data play in current and future digital investigations.
-
9 A survey of trust, trustworthiness and trustworthy computing: concepts, models and challenges
- + Show details - Hide details
-
p.
197
–211
(15)
With the fast development of large-scale Internet-based systems and their penetration into every human life activity, trust, trustworthiness and trustworthy computing have become cross-cutting features of all such systems being business, e-commerce, social networking, collaborative systems, etc. Indeed, users'activity in Internet-based systems each time raises more concerns of trust while interacting through and with such systems. The expectations of users, clients, costumers as well as of the communication and collaboration at large scale are based on the premise of trust as a cornerstone of secure, reliable, privacy preserving and integrity of Internet-based systems. While trust and security go hand-by-hand, trust however is very much related to users' experiences and perceptions on system's performance, reliability and privacy. Unfortunately, many recent cases from development of large-scale systems, especially from social networking and from big corporates, have shown important breaches and vulnerabilities causing a devastating effect on users' trust. In this chapter, we survey most relevant concepts and models for trust, trustworthiness and trustworthy computing and discuss their various forms in business, e-commerce, social networking, etc. We identify main factors that determine trust, trustworthiness and trustworthy computing as well as major research challenges in the field. We also briefly discuss how Blockchain is shaping trust in new Internet-based systems. Current efforts by research community to address them are discussed and new research directions envisaged.
-
10 Software-defined mobile networks security
- + Show details - Hide details
-
p.
213
–237
(25)
As big data becomes increasingly pervasive and cloud computing utilization becomes the norm, the security and privacy of our systems and data becomes more critical with emerging security and privacy threats and challenges. This book presents a comprehensive view on how to advance security and privacy in big data, cloud computing, and their applications. Topics include cryptographic tools, SDN security, big data security in IoT, privacy preserving in big data, security architecture based on cyber kill chain, privacy-aware digital forensics, trustworthy computing, privacy verification based on machine learning, and chaos-based communication systems. This book is an essential reading for networking, computing, and communications professionals, researchers, students and engineers, working with big data and cloud computing.
-
11 Dynamic public opinion evolvement modeling and supervision in social networks
- + Show details - Hide details
-
p.
239
–262
(24)
With the booming of social networks, a large proportion of public opinion is expressed and transferred through social networks. With complex structure and varied evolving patterns, monitoring public opinion in social networks is not well solved for a long period. Motivated by the purpose of public opinion and social network evolvement rules, we developed a public opinion dynamic evolvement model and supervision mechanism in social networks. We assume our research target is a topic-based and opinion-driven social network that is the most popular one in studying public opinion. The background network of our model is a temporary social connection that we name as tornado-type social network (TTSN). In a TTSN, public opinion evolvement is decided by two basic factors: sentiment activity (SA) and opinion consistency (OC). Based on the observation of SA and OC, we have designed a model to supervise and optimize the public opinion express in social networks. Under the model, the public opinion supervision is regressed to an optimization problem. By solving the problem, both our deduction and simulation results show that public opinion in a social network tends to evolve from chaos to consistency, and SA follows approximately ideal normal distributions before a time limit T.
-
12 Privacy verification of PhotoDNA based on machine learning
- + Show details - Hide details
-
p.
263
–280
(18)
PhotoDNA is a perceptual fuzzy hash technology designed and developed by Microsoft. It is deployed by all major big data service providers to detect Indecent Images of Children (IIOC). Protecting the privacy of individuals is of paramount importance in such images. Microsoft claims that a PhotoDNA hash cannot be reverse engineered into the original image; therefore, it is not possible to identify individuals or objects depicted in the image. In this chapter, we evaluate the privacy protection capability of PhotoDNA by testing it against machine learning. Specifically, our aim is to detect the presence of any structural information that might be utilized to compromise the privacy of the individuals via classification. Due to the widespread usage of PhotoDNA as a deterrent to IIOC by big data companies, ensuring its ability to protect privacy would be crucial. In our experimentation, we achieved a classification accuracy of 57.20%. This result indicates that PhotoDNA is resistant to machine-learning-based classification attacks.
-
13 Chaos-based communication systems
- + Show details - Hide details
-
p.
281
–302
(22)
With the rapid development of optical communications and the increasing amount of data exchanged, it has become utterly important to provide effective architecture to protect sensitive data. The use of chaotic optoelectronic devices has already demonstrated great potential in terms of additional computational security at the physical layer of the optical network. Chaotic signals have been proposed as broadband information carriers with the potential of providing a high level of robustness and privacy in data transmission. An emerging discipline, chaos-based communication has been an important research topic in the past two decades. In this chapter, some several typical continuous chaotic systems for chaos are introduced, and optical chaos secure communication systems are discussed.
-
Back Matter
- + Show details - Hide details
-
p.
(1)