Open data handling in SSC

4 Open data handling in SSC

4.1 Barriers and Constraints in Open data

If appropriate security is not given, falsifying attacks damage data by illegal overwriting, deletion, and wiping.

Data provider should provide the information on its data protection and security level before making it available.. In some cases, they will provide additional backups or options of security to meet their requirements. If it is not considered, slow recovery or imperfect data recovery may occur more serious than they expected.

Those who provide privacy data require a clear expression of the data, such as management status, number or type of applications, and number or type of users or the providing data.

Data guarantee services and insurance services providers require to know the status of data management of smart sustainable city. If the status is not clear or missing, the cost of providing services will be increased. From the application viewpoints, these problems and risks may bring serious compromises by paralyzing infrastructures in smart sustainable city.

As described above, the infrastructure of SSC has to give a way to express the status of data management, the format of data contents, management information, authorization, and certification.

On that basis, the way to distribute data and to keep consistency of distributed data is required as a part of data infrastructure of SSC. According to the data distribution, hierarchical multi-grain network architecture for smart community is proposed by IEEE Standards Association²². Every service on a smart sustainable city should select the layer of the hierarchical network where a service is provided and processed. The consistency of the data is also managed by a distributed database in a hierarchical network architecture. This means discussion of locality and latency is the key to data consistency in the SSC. CAP theorem in theoretical computer science states consistency, availability, and partition tolerance cannot be guaranteed simultaneously, and one of them has to be omitted in designing systems. A model, which guarantees consistency and availability, supports hard real-time services with data consistency. In applications of SSC, the model is applicable to traffic signal control and power grid management of power stabilization service in a local area. However, single point of failure lurks in a system using the model because it does not guarantee partition-tolerance. A model, which guarantees availability and partition-tolerance, supports wide-area low-latency services such as naming rule service, sensor node management, and location services. In this model, consistency process becomes slower than other systems. A model, which guarantees consistency and partition-tolerance, supports wide-area lowlatency services such as trading, data broker service, and timing-critical data mining service. In this model, failure may degrade the functionality of separated subsystems. Some application will require the combination systems of two or more models.

These modes can be used at the same time. For example, a system locally guarantees consistency and availability and widely guarantees availability and partition-tolerance. Each service and application of SSC defines the marginal type of different models. Moreover, the service and application defines the service providing points in the hierarchical network structure, namely where the service and application are provided. The information infrastructure of SSC should have enough flexibility to manage all these model combinations and service providing points.

4.2 Security Protection and Privacy Preservation of Open Data

According to the preservation of privacy, Privacy-Preserving Data Mining (PPDM)²³²⁴ and Privacy-Preserving Data Publishing (PPDP)²⁵²⁶ are well-known techniques. These techniques can mine or publish the data without personally identifiable information, thereby protecting the privacy. Anonymization is a practical technology that supports privacy protection. Anonymization technology can adjust to different privacy protection levels, thus providing flexible privacy protection. A considerable variety of studies on this technique have been performed owing to its high versatility. It is one of the most preeminent privacy protection technologies in current use. Generalization and deletion of the data are necessary to prevent privacy infringements. However, they reduce the value of the data. As a result, there is a trade-off relationship between privacy protection and the utilization of the data.

Although techniques such as PPDM and PPDP have been investigated in numerous studies, a method of securely publishing the data to enable secondary use has not been definitively established. This secondary use is the essential way of data to make interaction between different infrastructures. As shown in IEEE SMART GIRD VISION FOR VEHICULAR TECHNOLOGY: 2030 AND BEYOND, the future infrastructure exchanges data to use for inter-infrastructure smart services. PPDM and PPDP are an indispensable technique to maximize the distribution range of data. The anonymization method is the key of PPDM and PPDP. Anonymization enables the publication of private data by changing public data by omitting sensitive information.

However, from the viewpoint of security of anonymization, there is a possibility of privacy leak. After calculating and publishing anonymized data from a data source, another anonymized data set, calculated and published from the same source may cause a privacy information leak if an unauthorized person can access both sets of anonymized data. When calculating and publishing anonymized data, it is necessary to consider all of the previously published data from the same source. This leak will become larger when the data transaction in smart sustainable city becomes more active. To provide a way to protect the leak, new architecture of data management is required.

Considering these issues, it is crucial to establish a clear suggestion of technological guidance, an infrastructure, and a technical standard of protocols for the secondary use of data. The development of the protocol and infrastructure is especially important for the data infrastructure of smart sustainable city. It will facilitate collaboration between organizations that produce the data and the companies that require the data for secondary use, and thus increase their data publishing activity. It will develop new service and market for secondary uses of data in conjunction with advanced services such as market research, estimation of a route of infection, and traffic pattern analysis. Moreover, it will reduce the utilization costs for both providers and consumers of secondary use data, owing to the unification of data processing procedures.