• No results found

Securing the Big Data Ecosystem

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Securing the Big Data Ecosystem"

Copied!
34
0
0

Loading.... (view fulltext now)

Download now ( 34 Page )

Full text

(1)

SESSION ID:

Securing the Big Data Ecosystem

STU-T07A

Davi Ottenheimer

Senior Director of Trust, EMC @daviottenheimer

(2)

#RSAC

2

“COWS NOT PETS”

(__) (xx) /---\/ / | || * ||----|| ^^ ^^

Easily Identified

Routine Treatment

Minimum Judgment

Systematic Treatment of Illness

1. Identify Sick Cattle ASAP 2. Keep Adequate Records 3. Evaluate Daily Sick Cattle

(3)

#RSAC

#RSAC 2012 PRESENTATION

3 http://www.flyingpenguin.com/?p=18259 Source Observation

1854: London Cholera Death Polygons

1854: London Cholera Death Scale 2012: Data Breach Investigations

2010: Rinderpest 2013: AIDS

(4)

#RSAC

4

DATA

(5)

#RSAC

5

BIG

DATA

(6)

#RSAC

OBSTACLES TO BIG DATA

6

Slow Ingest and Process Time

Untapped Sources

(7)

#RSAC

PATHS TO BIG DATA

7

Speedy Ingest and Process Time

Access to Sources

(8)

#RSAC

CIO SURVEY: TOP CONCERNS

8

Sources: Barclays September 2013 CIO Survey, KPMG January 2014 CIO/CFO Survey

54% What to Collect 85% How to Analyze

(9)

#RSAC

9

NEW ERA OF DATA INDUSTRIALIZATION

54% What to Collect

 Data Streams to Data Lakes

 “Save Everything” (Lake Conservation)

Indirect Communications - Internet of Things

85% How to Analyze

 No Two Anomalies Alike

 Indicators of Leaks, Tampering or Loss

(10)

WHY TYPICAL

SOLUTIONS

DON’T FIT

(11)

#RSAC

CONTROLS AND DE-IDENTIFICATION

ANONYMOUS IDENTIFIABLE LOCATION NAME UNIQUE ID# DATE

 Role-Based Access Controls (AAA)  Encryption / Secure-Erase  In-Memory Processing CONTROL  Scrubbing / Substitution  k-Anonymity  Limits (Classification) DE-IDENTIFICATION >STATE NO NAME TEMP ID YEAR

(12)

#RSAC

DE-IDENTIFICATION HURDLES

“FEW CHARACTERISTICS NEEDED” – Latanya Sweeney, 2000

 87.1% of U.S. IDs Unique by Zip+Sex+DOB

 53% of U.S. IDs Unique by City+Sex+DOB

 Voter Reg. Compared To Group Insurance Commission (GIC) Data

12

State / Year

Advised Minimums

Birth Date Gender Zipcode

C am br idg e V ot er s GIC C us tom er s http://dataprivacylab.org/projects/identifiability/index.html http://www.uclalawreview.org/?p=1353 http://www.zeit.de/2014/07/harald-martenstein-datenschutz

2000: MA Governor Identity for $20 2014: “Neighbor” Identity for $22

(13)

#RSAC

gal/day

Chicago

1.5B

Meta, Ripples, Tails, Exhausts, Shadows, etc.

• Environment

• Disease

• Drugs

?

13

EXAMPLE: WASTEWATER ANALYSIS

#RSAC http://phys.org/news/2012-03-wastewater-clues-illicit-drug.html

Know estimated numbers of people served by

each waste water treatment plant

Can back-calculate daily [drug] loads

(14)

#RSAC

14

EXAMPLE: WASTEWATER ANALYSIS

http://gizmodo.com/meth-in-london-heroin-in-zagreb-the-answer-is-found-i-1508209127 Italy London Finland Croatia Oregon Canada

(15)

#RSAC

ON THE OTHER HAND: CONTROLS

Authentication

Authorization

Caveats

 All or Nothing (Security Required to Communicate)  Rolling Upgrades Impossible

(16)

#RSAC

DATA CONTROL DESIGN

16 

Brakes

Suspension

Horn

Mirrors

Seatbelts

(17)

#RSAC

BIG DATA CONTROL DESIGN

17 

Brakes

Suspension

Horn

Mirrors

Seatbelts

Threat

Avoidance

Checklists

(Rapid Repairs)

TRUST

REDEFINED

(18)

#RSAC 18 http://www.mdjonline.com/view/full_story/9738998/article-Father-trains-son--to-fly-helicopters-with-night-vision http://www.dvidshub.net/image/962244/oklahoma-national-guard-pilots-train-war-time-standard

INTELLIGENT

ANALYSIS

PCI DSS Requirement 2.1:

Always change

vendor-supplied

defaults

before installing…

(19)

#RSAC

BINARY

THREAT ANALYSIS MATURITY SCALE

19

RANKED

MEANING

ZERO

POINT

EXACT

INTELLIGENCE

ERROR MARGIN

(20)

#RSAC

INTELLIGENCE

RE

DEFINES CONTROLS

20 Long-Term Devices Networks Investigate & Analyze Visualize Respond Alert & Report

Record Sort Collect

Real-Time API <NOUN>  Users  Apps  Content <ADJ>  Time  Alias  Property GRC

(21)

#RSAC

21

Annual Savings

33 Years of Time

US$8,000,000

27 Fuel Tanker Trucks

http://rhythmtraffic.com/insyncs-performance/

(22)

ARCHITECTURE

AND USE CASES

(23)

#RSAC

NEW WAVES OF BIG DATA TECHNOLOGY

23

Business

Objectives

Reporting Analytics Mahout R SPSS SAS Behavior Sentiment Predictive Network Simulation Data Hadoop MapReduce Pivotal Hive Hawq Pig Sqoop

(24)

#RSAC

INTERFACES (REPORTING)

TYPICAL ARCHITECTURE AND CONTROL

24

Data Shared

Nodes Distributed

Clients Unauthenticated

Access Controls Open

Web Services Open

Networks Open

PROCESSING PIG (PROCEDURAL) HIVE (DECLARATIVE) SQOOP (DB SYNC) HBASE (RANDOM R/W) MAP-REDUCE (PROGRAMMING MODEL)

(25)

#RSAC

Client

PROCESSING ROLES

25

Client

Job Tracker Name Node Name Node

(checkpoint)

Data Node & Task Tracker Data Node & Task Tracker

Data Node & Task Tracker Data Node & Task Tracker

Data Node & Task Tracker Data Node & Task Tracker

Slaves

Masters

HDFS MapReduce 2nd

(26)

#RSAC

PROCESSING AUTOMATION CLUSTER

26

switch switch

name node

job tracker name node client A

Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker

Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker

Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker

Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker

switch

Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker Data Node & Task Tracker

Rack 1 Rack 2 Rack 3 Rack 4 Rack n

2nd switch switch 1 Admin : 30,000+ Nodes A1 A2 A3 B1 B2 B3 (0.5 PB) client B

(27)

#RSAC RE DUCE MAP

PROCESSING PATHS

27 Output Files Data Node Task Tracker HDFS Block Data Node Task Tracker HDFS Block Data Node Task Tracker Data Node Task Tracker Data Node Task Tracker HDFS Block HDFS Block HDFS Block Output File Splits Splits

Split Splits Splits Split Splits Splits Split

Task Job Tracker JSON RPC Read Data NameNode

(28)

#RSAC

TRUST DELEGATION VS. BEHAVIOR

28

“Runaway Job! Kill -9”

Job Tracker Name Node

Task Tracker

(29)

NEW AND

DIFFERENT WAYS

TO MANAGE RISK

(30)

#RSAC 30

DATA

IS THE NEW

CENTER OF GRAVITY

SOCIAL CLOUD MOBILE

DATA

(31)

#RSAC 31

TRUST

RE

DFINED:

SPACE-TIME BENDS

BECAUSE GRAVITY

#RSAC

(32)

#RSAC

TRUSTED ARCHITECTURE

32 HDFS HBase Pig, Hive Mahout Map Reduce Sqoop Flume Resource Management & Workflow Yarn Zookeeper Apache Non-Apache Command Center  Configure  Deploy  Monitor  Manage

Hadoop Virtualization (HVE)

DataLoader Xtension Framework Catalog Services Query Optimizer Dynamic Pipeline ANSI SQL + Analytics Enhanced DB Services

(33)

#RSAC

33

EASY, ROUTINE &

MINIMUM JUDGMENT

INTELLIGENCE-DRIVEN

SECURITY

http://images.fineartamerica.com/images-medium-large/the-cow-jumped-over-the-moon-wingsdomain-art-and-photography.jpg

(34)

SESSION ID:

Securing the Big Data

Ecosystem

STU-T07A

Davi Ottenheimer

Senior Director of Trust, EMC @daviottenheimer

2/25/14 (Tuesday) 1:20 PM - West|3012

THANK

YOU!

References

Download now ( PDF - 34 Page - 8.04 MB )

Related documents

3 Vorticity, Circulation and Potential Vorticity.

The vortex stretching and tilting terms arise from the fact that, although the circulation around the closed curve C is constant, the vorticity is not due to the tilting and

The. and. Duke University March 2013

Our country-level analysis based on international trade data shows that economic upgrading, measured by export share growth and unit value increase, took place in a relatively

Summary of a proposal submitted for the ESA M4 Mission Programme January 15, 2015 ASTROGAM

Francesco Longo (Univ. and INFN Trieste, Italy) Martino Marisaldi (INAF-IASF Bologna, Italy) Sandro Mereghetti (INAF-IASF, Milano, Italy) Kazuhiro Nakazawa

Social Media Communication by Local Governments and Its Implications for Urban Planning

Then, each Facebook post and Twitter tweet were interpreted and classified into 13 general categories of planning topics, including transportation, infrastructure,

SHIP EMISSION INFLUENCE ON CLOUDS: A STUDY USING SATELLITE RETRIEVED CLOUD PROPERTIES

The statistical analysis of satellite retrieved cloud- and aerosol properties does not reveal a depictable effect of ship emissions on the either or the other.. We propose that this

Supporting Schools Developing Communities

community during evenings, weekends and school holidays; whether you are new to lettings or have existing lettings programmes.. We are the UK’s number one provider of a

Shocks Pass-Through to Prices in U.S. and Canada: Evidence from Oil and Exchange Rate Markets

Based on the numbers in Table 1 7, the immediate effect of a structural one standard deviation shock of exchange rate shock to import prices is about 0.22 increase in