Archiving Sensitive Data

•

0 j'aime•558 vues

June 29th presentation at the session "Extending DSpace" of the Open Repositories conference 2017. The presentation covers the Metadata Based Access control feature, publicly available in the following codebase: https://github.com/milieuinfo/dspace54-atmire The talk gives general insights in how the probability and impact can be assessed on two examples of risk: unauthorized access and losing all your data.

Technologie

www.atmire.com
Bram Luyten
Tom Desair
Open Repositories 2017
Archiving Sensitive Data

Unfortunately
Not all repository content is equally open

Overview
Metadata based access control
Strategies for dealing with sensitive data
Actionable takeaways

Question
How many authorization groups are there in your
DSpace?

Metadata based access control
Using EPerson characteristics and Item
characteristics to determine whether the
EPerson is entitled to access the item.
Example:
An exact match between a social security
number or an email address on the EPerson
and on the metadata of the item.

Advantages
Scale
No identified limits on number of EPeople, items or
groups
Performance
No identified limits on search or item access volumes
Can be managed outside of DSpace
Both EPerson and Item metadata can be sourced
externally
Configurable

Configuration example
<group-policy groupName="Autenticated_eID_Users">
<exact-match-policy>
<itemField>dc.contributor.socialsecurity</itemField>
<epersonField>eperson.acl.socialsecurity</epersonField> 
<epersonValueExtractor></epersonValueExtractor>
</exact-match-policy>
</group-policy>

Disadvantages
Edit metadata = Edit authorizations
Be very careful of who or what has rights to edit metadata
Your metadata becomes even more sensitive
The impact of unauthorized access to item metadata may
become more severe

Severity is driven by
probability and impact

Example 1: Unauthorized access
Impact
 
High if you're dealing with sensitive data
Low if you're dealing with public/non-sensitive data 
Probability
 
The harder it is for people to access your system, the lower
The longer you wait with security updates, the higher

Example 2: Losing all your data
Impact
 
High if you're dealing with data that only exists in one place
Low(er) if data exists in multiple places 
Probability
 
What does "losing" mean?
What does "all" mean?

Actionable takeaways
Code available on  
https://github.com/milieuinfo/dspace54-atmire/
Feel free to (re)use what you want
Assess the severity of your risks by thinking about
the associated probability and impact.

Credits
Images
Keys https://www.flickr.com/photos/bohman/
Tsunami https://www.flickr.com/photos/groovyanddreamy/
Pick it https://www.flickr.com/photos/shanepope/

Contenu connexe

Similaire à Archiving Sensitive Data

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “The Role of Taxonomy and Ontology in Semantic Layers” at a webinar hosted by Progress Semaphore on April 16, 2024. Taxonomies at their core enable effective tagging and retrieval of content, and combined with ontologies they extend to the management and understanding of related data. There are even greater benefits of taxonomies and ontologies to enhance your enterprise information architecture when applying them to a semantic layer. A survey by DBP-Institute found that enterprises using a semantic layer see their business outcomes improve by four times, while reducing their data and analytics costs. Extending taxonomies to a semantic layer can be a game-changing solution, allowing you to connect information silos, alleviate knowledge gaps, and derive new insights. Hedden, who specializes in taxonomy design and implementation, presented how the value of taxonomies shouldn’t reside in silos but be integrated with ontologies into a semantic layer. Learn about: - The essence and purpose of taxonomies and ontologies in information and knowledge management; - Advantages of semantic layers leveraging organizational taxonomies; and - Components and approaches to creating a semantic layer, including the integration of taxonomies and ontologies

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Enterprise Knowledge

The Research Data Alliance (RDA) has developed a Catalogue of Metadata standards and tools aimed at researchers and those who support them. In its new version, the Metadata Standards Catalog will provide much greater detail about metadata standards and tools, and through its new API - it will be usable within other applications. It will also provide a platform for furthering the work of the RDA Metadata Interest Group, which is seeking to improve the interoperability of metadata in different standards by working towards semi-automatically generated converters.

Metadata as Standard: improving Interoperability through the Research Data Al...

AIMS (Agricultural Information Management Standards)

How can your organization benefit from the world’s first next-generation classification engine? Attend this session to find out. You’ll discover how the new Veritas Integrated Classification Engine—which is infinitely scalable, policy enriched, and fueled by artificial intelligence—enriches your data with intelligence and eliminates the scourge of dark data. You’ll also learn how your organization can quickly deploy the Integrated Classification Engine across your existing Veritas stack to align with your needs and instantly produce a wide range of governance, risk, and compliance benefits.

Exploring the Benefits of an Integrated Classification Engine: Lessons in Eli...

Veritas Technologies LLC

Ferraz Itp368 Optmizing Information Security

mferraz

In the healthcare sector, data security, governance, and quality are crucial for maintaining patient privacy and ensuring the highest standards of care. At Florida Blue, the leading health insurer of Florida serving over five million members, there is a multifaceted network of care providers, business users, sales agents, and other divisions relying on the same datasets to derive critical information for multiple applications across the enterprise. However, maintaining consistent data governance and security for protected health information and other extended data attributes has always been a complex challenge that did not easily accommodate the wide range of needs for Florida Blue’s many business units. Using Apache Ranger, we developed a federated Identity & Access Management (IAM) approach that allows each tenant to have their own IAM mechanism. All user groups and roles are propagated across the federation in order to determine users’ data entitlement and access authorization; this applies to all stages of the system, from the broadest tenant levels down to specific data rows and columns. We also enabled audit attributes to ensure data quality by documenting data sources, reasons for data collection, date and time of data collection, and more. In this discussion, we will outline our implementation approach, review the results, and highlight our “lessons learned.”

Security Framework for Multitenant Architecture

DataWorks Summit

Security Access Models

Kylie Dunn

Catégorisation automatisée de contenus documentaires : la ...

butest

Data Mining

SHIKHA GAUTAM

Classification, Tagging & Search

James Melzer

Just when you think you have your Kafka and Hadoop clusters set up and humming and you’re well on your path to democratizing data, you realize that you now have a very different set of challenges to solve. You want to provide unfettered access to data to your data scientists, but at the same time, you need to preserve the privacy of your members, who have entrusted you with their data. Shirshanka Das and Tushar Shanbhag outline the path LinkedIn has taken to protect member privacy in its scalable distributed data ecosystem built around Kafka and Hadoop. They also discuss three foundational building blocks for scalable data management that can meet data compliance regulations: a centralized metadata system, a standardized data lifecycle management platform, and a unified data access layer. Some of these systems are open source and can be of use to companies that are in a similar situation. Along the way, they also look to the future—specifically, to the General Data Protection Regulation, which comes into effect in 2018—and outline LinkedIn’s plans for addressing those requirements. But technology is just part of the solution. Shirshanka and Tushar also share the culture and process change they’ve seen happen at the company and the lessons they’ve learned about sustainable process and governance.

Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...

Shirshanka Das

Tamingthecompliancebeast stratanyc-171001162525

Charan Sai

Tamingthecompliancebeast stratanyc-171001162525

ljiljaani

data mining presentation power point for the study

anjanishah774

lect1.ppt

ssuserb26f53

lect1lect1lect1lect1lect1lect1lect1lect1.ppt

DEEPAK948083

Slides used to introduce the technical aspects of DSpace-CRIS to the technical staff of the Hamburg University of Technology. Main topics: The DSpace-CRIS data model: additional entities, interactions with the DSpace data model (authority framework), enhanced metadata, inverse relationship ORCID integration & technical details: available features & use cases (authentication, authorization, profile claiming, profile synchronization push & pull, registry lookup), configuration, API-KEY, use of the sandbox, metadata mapping

DSpace-CRIS technical level introduction

4Science

Data Loss Prevention and Compliance in Microsoft 365 Safeguarding Your Tenant...

ArethaSimons

Lec 2

alaa223

Chest TermSet GDPR ScanR Presentation

Jenny Carroll

IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.

Classification on multi label dataset using rule mining technique

eSAT Publishing House

Similaire à Archiving Sensitive Data (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Metadata as Standard: improving Interoperability through the Research Data Al...

Exploring the Benefits of an Integrated Classification Engine: Lessons in Eli...

Ferraz Itp368 Optmizing Information Security

Security Framework for Multitenant Architecture

Security Access Models

Catégorisation automatisée de contenus documentaires : la ...

Data Mining

Classification, Tagging & Search

Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...

Tamingthecompliancebeast stratanyc-171001162525

data mining presentation power point for the study

lect1.ppt

lect1lect1lect1lect1lect1lect1lect1lect1.ppt

DSpace-CRIS technical level introduction

Data Loss Prevention and Compliance in Microsoft 365 Safeguarding Your Tenant...

Lec 2

Chest TermSet GDPR ScanR Presentation

Classification on multi label dataset using rule mining technique

Plus de Bram Luyten

Update on DSpace 7

Bram Luyten

DSpace 5.7 and 6.1 Preview

Bram Luyten

Working for Atmire

Bram Luyten

DSpace repositories today and tomorrow

Bram Luyten

DSpace UI prototype dsember

Bram Luyten

The DSpace infrastructure for logging page-views and downloads has been limited to aggregations on communities, collections and items. While this already provides a wealth of aggregated information that is impossible to retrieve using Google Analytics, it still does not assist a repository manager in addressing questions such as: “How many downloads did Professor X get through Google Scholar last month?” Because authors are represented as metadata on items, tackling this challenge effectively means opening the potential to aggregate pageview and download statistics on any metadata field in the repository. By the time of the conference, functionality that addresses this need will be available as part of @mire’s Content and Usage analysis module. The metadata based usage statistics were realized in co-development with the World Bank. Presentation created by Lieven Droogmans, Art Lowel and Ignace Deroost. Presented at Open Repositories 2015 by Ignace Deroost.

Metadata based statistics for DSpace

Bram Luyten

The hierarchical DSpace datamodel has long been recognized as a limiting factor for using DSpace in contexts other than typical institutional repository services. This proposal presents a new contribution to the DSpace 6 development facilitating the creation of durable item relations in DSpace. The contribution allows repository managers to break away from the tightly defined hierarchical structure and enables a variety of new use cases for the DSpace platform. Unlike past proposal with similar ambitions, including the DSpace 2 prototype work, the proposed approach and contribution has been fully developed and is operational today. The functionality was established in such a way that backwards compatibility with the standard DSpace datamodel has been preserved. As a result, the inclusion of the work into the DSpace codebase does not present the community with new constraints or limitations that would hinder adoption. These developments have been undertaken by the Flemish Government Department of Environment, Nature and Energy. The main motivation for these developments was the need for representing complex objects in DSpace, while preserving the possibility to apply granular access controls on items and bitstreams.

Durable Item Relations for DSpace

Bram Luyten

Email deposit

Bram Luyten

In the past year, the major groundwork has been laid for repository systems to support ORCID identifiers. DSpace, Hydra, and EPrints all have support for storing and managing ORCIDs. However, we are still in the early stages of ORCID adoption. Only a small fraction of repository content is annotated with ORCIDs, and most end-users have not yet realized any benefit from the features based on ORCID. This panel will bring together representatives of major repository systems to relate the current status of ORCID implementations, discuss plans for future work, and identify shared goals and challenges. The panelists will discuss how ORCID support provides practical benefits both to repository staff and end-users, with a focus on features that exist now or will exist in the next year. Rick Johnson (1), Hardy Pottinger (2), Ryan Scherle (3), Peter West (4), Bram Luyten (5) (1) University of Notre Dame; (2) University of Missouri System; (3) Dryad Digital Repository; (4) Digital Repository Services Ltd; (5) @mire

So we all have ORCID integrations, now what?

Bram Luyten

Git and Github - a 90 Minute interactive workshop

Bram Luyten

DSpace Today and Tomorrow

Bram Luyten

Three years after the original contribution of the Mirage theme to DSpace 1.7, @mire is currently developing Mirage 2 for DSpace 4. This theme for the DSpace "Manakin" XML User Interface was built on modern web technologies including Bootstrap, SASS/Compass and Grunt. Mirage 2 adds support for devices in all shapes and sizes, an updated look & feel and an entire range of optimizations behind the scenes.

Mirage 2: A responsive user interface for DSpace

Bram Luyten

La plateforme au code source libre DSpace est surtout connue pour l'utilisation d’archive ouverte auprès des institutions de recherche comme MIT, INIST-CNRS et Harvard University. Grâce à de nouvelles fonctionnalités, sa popularité s’accroît dans le domaine de collections spéciales et des dépôts de data. Cette présentation examinera différents modes d'utilisation pour DSpace, permettant à l'audience de comparer les fonctionnalités de DSpace avec les besoins propres aux institutions.

Dépôts institutionnels et collections spéciales en DSpace

Bram Luyten

Learn how your DSpace repository submissions can be easier for you and your content contributors. By modifying your submission configuration you can use these not-so-obvious hints to improve the quality of information in your repository as well as minimizing the time it takes to complete a submission. Topics: Collection templates: pre-filling certain metadata fields on a per collection basis. Reviewer only fields: option to qualify fields in input forms to have them only visible for reviewers in the workflow Type based submission: inclusion of certain metadata fields in the form, based on a selected submission type Modifying your lists of dropdown values (the lists that are included at the bottom of input-forms.xml) Working with hierarchical controlled vocabularies (the XML based subject categories) Enabling LC Name authority control for author values Collection based Input forms: duplicating an input-forms configuration & showing the match between an input-forms config and a collection Simple embargo & private item state

Secrets of the DSpace Submission Form

Bram Luyten

ELAG 2013 Workshop on customizing the DSpace XMLUI Mirage interface. The workshop first explores what can be changed in CSS, exploring the different functions of the style.css, base.css and reset.css files. It then highlights where all of these files can be found and where you need to deploy your own customizations. Digging down an additional layer, it is explained how XSL can be modified to remove or change entire blocks of functionality on a page. The key learning here is that you can alter the representation of whatever comes in through the DSpace DRI using XSL. However, if you need to include additional data or other DSpace info, you have to make sure that it appears in the DRI first, before you can start transforming it with XSL.

Introduction to XMLUI and Mirage Theming for DSpace 3

Bram Luyten

What's in Store for DSpace 4?

Bram Luyten

ORCID for DSpace

Bram Luyten

In May 2012, DSpace migrated from the centralized source code management system SVN to Github. While many participants in the community still regard this migration as a technical “under the hood” evolution, it comes with important benefits for repository managers and developers. This workshop presentation features: • General, non-DSpace related Github basics • How DSpace repository managers and committers use github • A few must know details about the underlying Git protocol The bulk of the workshop will be spent in guiding the participants with hands-on parts: • Creating a Github account • Forking their own DSpace repository • Installing Git on their local laptops • Using the Github Windows or Mac client for moving changes from their local machine back to Github Participant Profile This workshop is suited for both repository managers and developers. No prior programming or version control management is required. As a consequences, this workshop will not bring anything new to seasoned developers if they are already experienced working with Git and Github. Format The ideal format would be a one hour session with around 20-50 attendees in a room where they can work on their own laptops. However, the content can be tuned to fit any format.

Using Github for DSpace development

Bram Luyten

Workshop: Google Analytics for DSpace

Bram Luyten

DSpace in Belgium and beyond

Bram Luyten

Plus de Bram Luyten (20)

Update on DSpace 7

DSpace 5.7 and 6.1 Preview

Working for Atmire

DSpace repositories today and tomorrow

DSpace UI prototype dsember

Metadata based statistics for DSpace

Durable Item Relations for DSpace

Email deposit

So we all have ORCID integrations, now what?

Git and Github - a 90 Minute interactive workshop

DSpace Today and Tomorrow

Mirage 2: A responsive user interface for DSpace

Dépôts institutionnels et collections spéciales en DSpace

Secrets of the DSpace Submission Form

Introduction to XMLUI and Mirage Theming for DSpace 3

What's in Store for DSpace 4?

ORCID for DSpace

Using Github for DSpace development

Workshop: Google Analytics for DSpace

DSpace in Belgium and beyond

Dernier

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

🐬 The future of MySQL is Postgres 🐘

RTylerCroy

Manulife - Insurer Innovation Award 2024

The Digital Insurer

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Increase engagement and revenue with Muvi Live Paywall! In this presentation, we will explore the five key benefits of using Muvi Live Paywall to monetize your live streams. You'll learn how Muvi Live Paywall can help you: Monetize your live content easily: Set up pay-per-view access to your live streams and start generating revenue from your content. Increase audience engagement: Provide exclusive, premium content behind the paywall to keep your viewers engaged. Gain valuable viewer insights: Track viewer data and analytics to better understand your audience and tailor your content accordingly. Reduce content piracy: Muvi Live Paywall's security features help protect your content from unauthorized distribution. Streamline your workflow: The all-in-one platform simplifies the process of managing and monetizing your live streams. With Muvi Live Paywall, you can take control of your live stream monetization and create a sustainable business model for your content. Learn more about Muvi Live Paywall and start generating revenue from your live streams today!

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Roshan Dwivedi

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

This presentation explores the impact of HTML injection attacks on web applications, detailing how attackers exploit vulnerabilities to inject malicious code into web pages. Learn about the potential consequences of such attacks and discover effective mitigation strategies to protect your web applications from HTML injection vulnerabilities. for more information visit https://bostoninstituteofanalytics.org/category/cyber-security-ethical-hacking/

HTML Injection Attacks: Impact and Mitigation Strategies

Boston Institute of Analytics

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Dernier (20)

How to Troubleshoot Apps for the Modern Connected Worker

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

🐬 The future of MySQL is Postgres 🐘

Manulife - Insurer Innovation Award 2024

Artificial Intelligence Chap.5 : Uncertainty

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Tata AIG General Insurance Company - Insurer Innovation Award 2024

Powerful Google developer tools for immediate impact! (2023-24 C)

A Year of the Servo Reboot: Where Are We Now?

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Exploring the Future Potential of AI-Enabled Smartphone Processors

HTML Injection Attacks: Impact and Mitigation Strategies

Data Cloud, More than a CDP by Matt Robison

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Boost Fertility New Invention Ups Success Rates.pdf

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Archiving Sensitive Data

1. www.atmire.com Bram Luyten Tom Desair Open Repositories 2017 Archiving Sensitive Data

2. Unfortunately Not all repository content is equally open

3. Overview Metadata based access control Strategies for dealing with sensitive data Actionable takeaways

4. Question How many authorization groups are there in your DSpace?

6. Metadata based access control Using EPerson characteristics and Item characteristics to determine whether the EPerson is entitled to access the item. Example: An exact match between a social security number or an email address on the EPerson and on the metadata of the item.

7. Advantages Scale No identified limits on number of EPeople, items or groups Performance No identified limits on search or item access volumes Can be managed outside of DSpace Both EPerson and Item metadata can be sourced externally Configurable

8. Configuration example <group-policy groupName="Autenticated_eID_Users"> <exact-match-policy> <itemField>dc.contributor.socialsecurity</itemField> <epersonField>eperson.acl.socialsecurity</epersonField>  <epersonValueExtractor></epersonValueExtractor> </exact-match-policy> </group-policy>

9. Disadvantages Edit metadata = Edit authorizations Be very careful of who or what has rights to edit metadata Your metadata becomes even more sensitive The impact of unauthorized access to item metadata may become more severe

10. Dealing with sensitive data Strategies

11.

12. Severity is driven by probability and impact

13.

14. Example 1: Unauthorized access Impact   High if you're dealing with sensitive data Low if you're dealing with public/non-sensitive data  Probability   The harder it is for people to access your system, the lower The longer you wait with security updates, the higher

15.

16. Example 2: Losing all your data Impact   High if you're dealing with data that only exists in one place Low(er) if data exists in multiple places  Probability   What does "losing" mean? What does "all" mean?

17. Actionable takeaways Code available on   https://github.com/milieuinfo/dspace54-atmire/ Feel free to (re)use what you want Assess the severity of your risks by thinking about the associated probability and impact. 

18. Credits Images Keys https://www.flickr.com/photos/bohman/ Tsunami https://www.flickr.com/photos/groovyanddreamy/ Pick it https://www.flickr.com/photos/shanepope/

Archiving Sensitive Data

Recommandé

Recommandé

Contenu connexe

Similaire à Archiving Sensitive Data

Similaire à Archiving Sensitive Data (20)

Plus de Bram Luyten

Plus de Bram Luyten (20)

Dernier

Dernier (20)

Archiving Sensitive Data