DWS16 - Connected things forum - Luc Julia, Samsung Electronics
Le téléchargement de votre SlideShare est en cours.
×
Consultez-les par la suite
Suggestions
Plus De Contenu Connexe
Diaporamas pour vous (20)
Similaire à Three pillars for building a Smart Data Ecosystem: Trust, Security and Privacy (20)
Plus par Big Data Value Association (20)
Plus récents (20)
Three pillars for building a Smart Data Ecosystem: Trust, Security and Privacy
- 1. Three pillars for building a Smart Data Ecosystem: Trust, Security and Privacy 27/10/20201 Marketplaces Semantics Security, Privacy and Trust i3-MARKET Webinar https://www.i3-market.eu/
- 2. + Agenda 2 27/10/2020 The i3-Market Project: A brief introduction TRUST: Everything under control SECURITY: Unlock data with a key PRIVACY: Meet and overcome GDPR Q&A
- 3. i3Market Project A brief introduction 3 27/10/2020
- 4. + i3-Market Project 4 27/10/2020 i3-market leverages the blockchain technologies to build a trusted, secure, interoperable and decentralised Backplane paying special attention in regulatory aspects around sensitive data assets i3-market aims to connect Data Marketplaces from different countries and businesses as the initial step towards a smart data economy
- 5. + From Big Data to Smart Data 5 27/10/2020
- 6. TRUST Everything Under Control 6 27/10/2020
- 7. + When we trust someone/something? 7 27/10/2020
- 8. + What should we trust? 8 27/10/2020 Consensus-based Governance Tamper-proof Ledger Non-repudiation protocol Verifiable Credentials Transactions Identity Accounting Governance
- 9. + Blockchain technologies 9 27/10/2020 Consensus-based Governance Changes to the system must be approved by all the nodes Tamper-proof Ledger Transactions are recorded in a chain of related block and a malicious attack would broken chain integrity Cryptographic keys All transaction are signed with Cryptographic keys which provide security and reliablility Verifiable credentials All stakeholders are identified by tamper-evident credentials that has authorship that can be cryptographically verified. Non-repudiation protocol Data exchanges and payments are made through a P2P communication protocol with cryptographically signed proofs
- 10. + Verifiable Credentials 10 27/10/2020 Issuer: did:eth:0xk7bhac37c498d8e2386.... Role: Data Consumer Country: Italy Business: Automotive Verifiable Data Registry id: did:eth:0xk7bhac37c498d8e2386.... Public Key: H3C2AVvLMv6gmMNa... Role: Data Marketplace Country: Spain Business: Automotive id: did:eth:0xt3noiz45c744.... Public Key: did:eth:0xt3noi.... Role: Data Marketplace Country: Germany Business: Health ISSUE ISSUE PRESENT VERIFY VERIFY Issuer: did:eth:0xt3noiz45c744.... Role: Data Provider Country: Italy Business: Health
- 11. + Non-repudiation protocol 11 27/10/2020 id: #X, src: ProviderId, dst: ConsumerId, timestamp: TSo, dataDescription: description, dataCommitment: hash(data), SCommitment: hash(secret), encryptedData: C Proof of Origin (PoO) Proof of Reception (PoR) id: #X, src: ProviderId, dst: ConsumerId, timestamp: TSr, dataDescription: description, dataCommitment: hash(data), SCommitment: hash(secret), encryptedData: C Auditable Accounting Registry VERIFY ACCOUNT VALIDATE VALIDATE id, PoO, PoR, PoS id, secret id: #X, src: ProviderId, dst: ConsumerId, timestamp: TSs, encryptedData: S Proof of Secret (PoS) VERIFY Public Blockchain
- 12. SECURITY Unlock the data with a key 12 27/10/2020
- 13. + Blockchain Basics 13 27/10/2020 Nodes Check validity of transactions towards their version of the ledger. Form new blocks. “users”: transactions events “ledger” Produce transactions. Send them to the network. Ownership of assets is proven by a cryptographic signature Blocks are validated as honest or rejected. Miners agree on the ledger through a consensus mechanism. network
- 14. + Security 14 27/10/2020
- 15. + Security 15 27/10/2020
- 16. + Security 16 27/10/2020
- 17. + Hardware wallet Secure Element (tamper-resistant hardware platform) Common Criteria security evaluation EAL5+ Capable of Securely host applications and keys (against software and hardware attacks) Provides cryptographic functionalities 17 27/10/2020
- 18. + Hardware wallet Blockchain compatible Support blockchain’s cryptographic algorithms Support Hierarchical Deterministic Wallet (HD Wallet) application (BIP32, BIP44) 18 27/10/2020
- 19. + Form factors 19 27/10/2020 Tap & Sign Your SIM is your Key
- 20. + Cherry on the cake 20 27/10/2020 Unlock your key with your biometry
- 21. PRIVACY Meet and overcome GDPR 21 27/10/2020
- 22. + Data minimization User consent Accountability Privacy by design Secure Data Transfers GDPR Technology Requirements 27/10/2020 Self-Sovereign Identities: •Decentralized Identifiers •Verifiable Credentials •Selective Disclosure Explicit User Consent Auditable Accounting i3-market Privacy Pillars GDPR blockchain 22
- 23. + How many identities do we have? Who has control over them? People have many online personas at many organizations Federated auth. (OAuth2, OIDC) partially solves the problem IdPs manage user identities censorship surveillance → bad for privacy! 23 27/10/2020 I have to update my email account everywhere Lots of sites to hack! Users must have a stable identifier created by themselves They must manage (verified) claims about their identity They must manage what information to share at every interaction Give control back to users
- 24. + Self sovereign identity 24 27/10/2020 Issuer: did:eth:0xk7bhac37c498d8e2386.... Subject: did:eth:0xf3beacff02a498d93f79a.... Role: Car Owner Name: Mario Surname: Rossi Country: Italy Age: 58 id: did:eth:0xf3beacff02a498d93f79a.... Public Key: 0xf3beacff02a498d93f79a... Claim Holder Credential Issuer Local Storage id: did:eth:0xk7bhac37c498d8e2386.... Public Key: H3C2AVvLMv6gmMNa... Role: Data Marketplace Country: Spain Business: Automotive Verifiable credentials
- 25. + Selective disclosure 25 27/10/2020 Issuer: did:eth:0xk7bhac37c498d8e2386.... Subject: did:eth:0xf3beacff02a498d93f79a.... Role: Data Owner Name: Mario Surname: Rossi Country: Italy Age: 58 id: did:eth:0xf3beacff02a498d93f79a.... Public Key: 0xf3beacff02a498d93f79a... Data Owner Data Marketplace Data Provider Issuer: did:eth:0xk7bh.... Role: Data Owner Country: Italy Age: >18 Issuer: did:eth:0xk7bh.... Role: Data Owner role? role, age, country? id: did:eth:0xt3noiz45c744.... Public Key: did:eth:0xt3noi.... Role: Data Marketplace Country: Germany Business: Health Issuer: did:eth:0xt3noiz45c744.... Role: Data Provider Country: Italy Business: Health
- 26. GDPR: Data Minimization • personal data must be “collected for specified, explicit and legitimate purposes” and it must be “adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed”. Art. 6.1 Dir. 95/46/EC and Art. 4.1 Reg. EC 45/2001 Data minimization Less sensitive information stored Reduced impact of data leaks Less interest for attackers Reduced security-level compliance required Less cost 27/10/202026
- 27. + Explicit user consent i3-market solution: Explicit user consent is issued by the data subject in the form of a verifiable credential (W3C VC). The consent can be easily verified but cannot be faked or mangled i3-market operation will prevent the data exchange without the proper consents The data subject can withdraw his or her consent at any time 27 27/10/2020 • The controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data. • The data subject shall have the right to withdraw his or her consent at any time. GDPR Article 7
- 28. + Auditable Accounting Accounting of selected operations: Access, modification, deletion of sensitive data Payment data Contractual agreements Reliable, privacy-guaranteed proofs of data exchange will support any future claim regarding a data trade Proofs cannot be repudiated by the involved stake holders Backed up by a public blockchain the accounting cannot can not be faked or tampered Data Owner Data Consumer Data Provider blockchain signed actions 27/10/202028
- 29. + 29
