Digital Identity Risk in the Era of Information Explosion
-
Upload
professor-dr-ali-m-al-khouri -
Category
Technology
-
view
1.029 -
download
1
description
Transcript of Digital Identity Risk in the Era of Information Explosion
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
P a r t n e r s i n B u i l d i n g U A E ' s S e c u r i t y & E c o n o m y
Our Vision: Provide an integrated and advanced personal identity management system that contribute to the transformation of the government and the economy and promotes security and global competitiveness of the UAE.
Digital Identity Risk in the era of Information Explosion
I-SAFE 2013 Conference Organised by: Information Systems Audit & Control Association (ISACA) 30 – 31 October 2013 |Atlantis The Palm| Dubai | UAE.
Presented by Dr. Ali M. Al-Khouri
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
• Introduction
• Big Data and Privacy Concerns
• Modern Identity Management Infrastructure
• Concluding Remarks
Agenda
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Agenda • Introduction
• Big Data and Privacy Concerns
• Modern Identity Management Infrastructure
• Concluding Remarks
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
The BIG BANG era!
• Everything around us today seems to follow the BIG BANG approach.
• Pace of technological development & data explosion is faster than ever..
• Opportunities & Challenges
MIT Center for Digital Business,
data-driven practices,
and use big data to guide decision
making, will have output and
productivity that is 5 to 6 percent higher
than what would be expected given their
other investments and information
technology uses.
http://www.microsof-t.com/en
20us/news/features/-02/13/feb13
bigdata.aspx11
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Content Generation - Every Minute?
Visualization of Twitter social connections. Image courtesy Marc Smith, via Flickr (CC:BY)
571 new websites
2 million search queries
100,000 tweets
200,000,000 email messages
48 hours of uploaded video
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Digital Universe 2005 - 2020
Digital universe will about double every two years..
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
IDC Report 2007
IDC Report 2012
Information Chaos
• information burst is no less than being chaotic!
• gazillions of data, only 10% is structured.
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Value Creation in Information Chaos Interesting Facts
1. 75% of data generated by individuals.
2. Persons create content 3 times more than what others do about him/her.
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Value Creation in Information Chaos Interesting Facts
1. 75% of data generated by individuals.
2. Persons create content 3 times more than what others do about him/her.
Quantum of static data: 1 Gigabyte of data generates 10E7 (ten million)
Gigabyte; viewership information is transient in nature..
10E7 which means 10×10 to the power7
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Opportunities …
• Data-driven practices and guided-decisions, have significant potential.. (MIT Centre for Digital Business)
• Hold the key to breakthroughs and a completely new world..
• Change the way governments, organizations, and academic institutions conduct business and make discoveries, and its likely to change how everyone lives their day-to-day lives!
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Agenda • Introduction
• Big Data and Privacy Concerns
• Modern Identity Management Infrastructure
• Concluding Remarks
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Market is Eager to Exploit Big Data but what about individuals privacy rights?
Big Data is “[L]ike the explosive thrust blowing out of a rocket nozzle,” and “how to maximize its value remains a mystery to most of us.”
John Thielens
Article Source: http://www.forbes.com/sites/ciocentral/2012/02/23/big-data-wizardry-pay-attention-to-whats-behind-the-curtain/
In: Big Data Wizardry: Pay Attention To What’s Behind The Curtain
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
The Real Challenge?
• among zillions of data, less than a third of this is protected or has some minimal protection
• Alarmingly, less than 50% of information that needs to be protected is protected!
Quantity of global digital data based on the International Data Corporation (IDC) Digital
Universe Study,, Dec 2012
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Growing Connectivity
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Connected Devices and Data Generated Risks? Sources? Do we know them?
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Risk in the Digital Universe - IDC Study: classifies
unstructured information security into five categories
such as emails that might be discoverable in litigation or subject to retention rules.
information requiring the highest security, such as financial transactions, personnel files, medical records, military intelligence, etc.
“information the originator wants to protect, such
as trade secrets, customer lists,
confidential memos, etc”
account information, a breach of which
could lead to or aid in identity theft
such as an email address on a
YouTube upload
Privacy only — such as an email address on a YouTube upload
Compliance driven — such as emails that might be discoverable in litigation or subject
to retention rules Custodial — account information, a breach of
which could lead to or aid in identity theft Confidential — information the originator
wants to protect, such as trade secrets, customer lists, confidential memos, etc.
Lockdown — information requiring the highest security, such as financial
transactions, personnel files, medical records, military intelligence, etc.
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Trust in Digital Universe
The frightening realization is that the amount of
information that needs to be secured is growing faster
than our ability to secure.. So ….?
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Growth in Storage Capacity: Analog and Digital Data
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Identity Management
Digital explosion that has brought in a paradigm shift to
Information and Knowledge is in a State of Paradox.
• only 5% of the zillions of bytes of data is considered useful constituting Information.
• expected to grow to a staggering 33% by 2020.
• 33% of 40,000 Exabytes as compared to 5% of the current mere 988 Exabytes.
• As more and more data gets converted to information, it is by default on account of the association with Identities.
• challenge that needs to be tackled and managed
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Identity Management
• As more and more data gets converted to information, it is by default on account of the association with Identities.
• Challenge that needs to be tackled and managed.
of the zillions of bytes of data is considered
useful constituting Information
33% expected growth of useful data by 2020.
5% of current 988 Exabytes
data is considered useful
of the zillions of bytes of
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Personal and Digital Behaviour
• Datasets in digital data left in transactions..
• Interactions sought to be analysed..
• Issues governing privacy..
patterns of digital interactions and individual
behavior constructed
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Agenda • Introduction
• Big Data and Privacy Concerns
• Modern Identity Management Infrastructure
• Concluding Remarks
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
UAE National Identity Management Infrastructure
• Role of Government Issued Personal Identity
• Secure ID encourage users to be engaged
• Reduce uncertainty
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Security Management
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Multi-factor Authentication Capabilities
Digital Identity Profile consisting
of Biometric Data- Fingerprints and ICAO compliant
photograph, and Digital Certificates
issued for Identification and Signatures issued as a Secure Smart
Card.
UAE National ID Card is designed to provide multi factor authentication.
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Citizen on Cloud
Multi-factor credentials
Service Provider
Citizen Request for service
Authorization
E-government, e-Commerce, e-Business
Use of Zero-knowledge proofing for user authentication without disclosing its identifier.
Anonymous Identification
Validation Request
National Validation
Gateway
Validation & Authenticated
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Trusted Digital Operations
The Emirates ID Authority provides the necessary
. Service Providers are accorded with
Verification and Authentication Services enabling secure remote transactions
Technical and Technology Solutions are employed to enforce
Authentication without
disclosing identifying information
(digital credentials
on web transactions).
Ability to securely use online
service while on an
untrusted host
Minimal disclosure
and minimized
risk of disclosure
during communication between
user and service provider
(Man in the Middle, Side Channel and Correlation
Attacks) (credential verification
on web, without
sharing data)
Service Seekers remain
anonymous on the web since only
Digital Certificates or Biometrics
would be used to establish
credential verification.
All data treated as personally identifiable
and subjected to regulatory framework to ensure identity
protection.
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Digital Identity Profile Components Ability to verify users and further authenticated for access
OTP as per OATH Standards.
NFC enabled authentication methods
using the GSM mobile phones
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Federated Identity Management
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Agenda • Introduction
• Big Data and Privacy Concerns
• Modern Identity Management Infrastructure
• Concluding Remarks
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Government-owned Modern Identity Management systems: Significant Potentials
• Higher value services enabled by stronger authentication
• Enabling innovation and fostering new business and service models
• Cost reduction for public services
• Enhanced public participation & engagement
• Enhanced trust in Internet economy
Higher value services enabled by stronger authentication
Enabling innovation and fostering new business and service models
Cost reduction for public services
Enhanced public participation & engagement
Enhanced trust in Internet economy
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Conclusion
Modern identity management infrastructures have a considerable potential to address the challenges of today’s digital world.
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Identity Management and ISACA
• Identity Management seems to be addressed in an obscure manner- hidden among the different control layers of COBIT.
• Identity Management is addressed as a mere control objective – DS 5.3 in COBIT 5 !
• More holistic approach is needed.
DS5.3 - Identity
Management
COBIT Control
Objective DS5.3 –
Identity Management
is contained within
Process Ensure
Systems Security.
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
UAE Validation Gateway: Your opportunity to explore http://vg.emiratesid.ae
www.emiratesid.ae © 2013 Emirates Identity Authority. All rights reserved
Thank you Dr. Ali M. Al-Khouri
Director General | Emirates Identity Authority | UAE www.emiratesid.ae | [email protected] |
Read our recent research from: http://www.emiratesid.gov.ae/ar/media-center/publications.aspx
@DrAliAlKhouri