Date post: | 15-Feb-2017 |
Category: |
Internet |
Upload: | sven-wohlgemuth |
View: | 137 times |
Download: | 0 times |
A Toolset for Usable Security with ICT Service Networks
Dr. Sven WOHLGEMUTH Dr. Kazuo TAKARAGI
Resilience and Secondary Use of Personal Data
Safety Problem for Security as a Personalized Service
Continuous Multilateral Information Security Management
Let‘s work together on creating a sustainable smart society!
ICT Support for Resilience• Resilience: Personal predictive risk management• Internet of Things: Observe and control physical environments• Cloud Computing: Scalable secondary use of personal data• Artificial Intelligence: Knowledge creation for decision-support• Open Data: Ground Truth for IT Governance and innovation
The ultimate aim is sustainability
But: What about reliable information processing for resilience?
Contact: Dr. Kazuo TAKARAGI, Information Technology Research Institute (ITRI), National Institute of Advanced Industrial Science and Technology (AIST), JapanEmail: [email protected] WWW: http://www.itri.aist.go.jp
• Resilience: By sharing authentic information on security vulnerabilities and incidents
• Regulations: Compliance by risk management with personal accountability
• Safety: Users can’t access data without authorization by the ’data owner’
• State-of-the-art: Access control with a type-safe security policy
Turing Machine: Safety with access control is in general undecidable
User-Centric Information Flows
Smart Society
Multilateral Security
Data Controller(e.g. Government)
Open Information Accountability(As Part of Security/Privacy Controls)
Open Datasec d, d*
sec d, d*
sec d, d *…
Privacy
by Design
Plan-Do-Check-Act(Risk and Life Cycle Management)
Secure Delegationof Rights
Data ProvenanceIT Risk Controls
Policy Toolbox
Active strategies Passive strategies
Riskavoidance
Riskreduction
Risk provision
Risk transfer
IT Risk Analytics
HelperRefugee
Physical
Cyber
Cloud Computing with PKI and Marketplace (e.g. SINET)
Ground Truth 5
Courtesy of Tsukuba Univ.
Kostadinka Bizheva, et al., J. of Biomedical Optics, July/ 2004 Vol.9 No.4
Petra Wilder-Smith, et al. J. of Biomedical Optics Sep/ 2005 Vol.10 No.5
BrainEye
Tooth
Oral
Skin
Z.P.Chen, et al.,Opt. Express, Aug/ 2007 Vol. 15 No. 16
Esophagus
Alexander Popp, et al., J. of Biomedical Optics, Jan/ 2004 Vol.11 No.1
Lung
Guillermo J. Tearney, et al. J. of Biomedical Optics Mar/ 2006 Vol.11 No.2
CardiovascularPancreas
Pier Alberto, et al. J Pancreas (Online)
2007 Vol.8 No.2 Cervix
Ilya V. Turchin, et al., J. of Biomedical Optics, Nov/ 2005 Vol.10 No.6
Blood flow
Bradley A. Bower., J. of Biomedical Optics, Jul/ 2007 Vol.12 No.4
Stomach
Yonghong He, et al. J. of Biomedical Optics
Jan/ 2004 Vol.9 No.1
Trachea
Matthew Brenner, et al., J. of Biomedical Optics, Sep/ 2007 Vol.12 No.5
Cochlea
Fangyi Chen, et al., J. of Biomedical Optics, Mar/ 2007 Vol.12 No.2
Bladder
Ying T. Pan, et al. J. of Biomedical Optics
Sep/ 2007 Vol.12 No.5
Colon
Alexandre R. Tumlinson, et al., J. of Biomedical Optics, Nov/ 2006 Vol.11 No.6
Kidney
Yu Chen, et al. J. of Biomedical Optics
Sep/ 2007 Vol.12 No.3
Bone
santec confidential SS-OCT System Inner Vision 16Application to Biometrics:Non-invasive measurement of iris, retina, fingerprint, vascular image under skin.
OCT(Optical Coherence Tomography)
図:santec株式会社提供資料より
o1 = d o2 = d* …s1 own, r, w ? own, r, w ?s2 r, w own, r, ws3 ? r, w ? r…
......
d
Dataprovider/consumer
Dataconsumer
Dataconsumer/provider
Dataprovider
d,d*?
General security system
Enforcement
Providing
• Privacy Enhanced
• Transparency• Compliance
Block chain
• Make correction to his/her own data
• Grant and revoke consent on the use of the data
• Be informed ondata breach
Problem for resilience: Loss of control on personal information on exception handling beyond expectations