Nist special Publication 1500-4 draft: nist big Data Interoperability Framework: Volume 4, Security and Privacy


Consent Management: Domain-Specific Big Data Security and Privacy



Download 495.67 Kb.
Page18/21
Date07.08.2017
Size495.67 Kb.
1   ...   13   14   15   16   17   18   19   20   21

13.33Consent Management: Domain-Specific Big Data Security and Privacy


Subsection Scope: To illustrate domain-specific workflow, consider the healthcare HL7 FHIR example.

13.33.1Consent Management in Health Care


Subsection Scope: Need text

Relation to smart contracts


Subsection Scope: Need text

13.34Smart Building Domain Security


Subsection Scope: Discuss ISO standard here in one or two paragraphs.

Provenance


Provenance in Big Data encompasses people and systems.

13.35IoT Provenance


Subsection Scope: Need text

13.35.1Traceability


Subsection Scope: Discuss big data traceability, especially for data sent to data lakes, or with automatically appended metadata. What relation to traditional data warehouse? Forensics (see NIST reference).

Representing a big data



      1. Security/Privacy Reasoning Support

Subsection Scope: Need text

See Oasis STIX. SnP architectures which employ canonical security descriptions enable automated access to published vulnerabilities as well as emerging Security as a Service offerings. These are not defined in this document, but Big Data components from the RA are suggested for inclusion.


13.35.2Possible Roles for SnP Ontologies


Subsection Scope: New section. Insert Obrst discussion. Discuss relevance of continuous security and need for real time automated playbooks in response to insider threat and zero day scenarios.

13.35.3Domain-specific Provenance


Subsection Scope: New section. Explain why top conformance level integrates provenance that is mapped to a big data domain model.



Audit and Configuration Management


Auditing fabric topology, including configuration management (CM) changes (taxonomic issues with configuration change data vs. audit data)

Audit and CM across organizational entities is only lightly covered in other standards. Planning for cross-organizational data transport is a big data concern, in particular:



  • Private enterprise -> government

  • Government agency -> government agency

  • Government (e.g., open data resource) -> private enterprise

  • Private enterprise -> external private enterprise

13.35.4Packet-Level Traceability / Reproducibility


Subsection Scope: Packet-by-packet dump / restore capability is one approach to developing a Big Data SnP resource. TODO Flesh out

13.35.5Audit


Subsection Scope: Text could be enhanced.

Security Intelligence Event Management (SIEM) applications increasingly rely on extensive log data for analytics. Similarly, log data is essential for many aspects of forensic analysis. Log data itself is increasingly Big Data. In a 2015 presentation, an Amazon Web Services representative stated that its largest application at the time was its self-monitoring data used for management and billing support (insert briefing reference from Amazon []).

In recommendations released in 2006, NIST provided a set of recommendations for managing computer logs in order to preserve their integrity (Kent & Souppaya, 2006). Big Data presents additional challenges. []

In 2006, NIST also provided guidelines for “Integrating Forensic Techniques into Incident Response” (Kent, Chevalier, Grance, & Dang, 2006). Incident response for Big Data [].


13.35.6Big Data Audit and Monitoring


Subsection Scope: New section. Discuss suggestions from recent texts on Big Data monitoring in the Apache stack. Design challenges in building big data alert systems that follow good HCI principles and supports visualization where that can be shown to be efficacious.



Workflow Models


Section Scope: Describe the workflow models. Opening paragraph to define what a workflow model is, list the workflow models to be discussed, and how they fit into the NBDRA.

Tools such as RunDeck []

Connect some aspects of orchestration to workflow a la BPMN, SysML.

Orchestration can encompass policy automation, such as identifying need-to-know defaults within the application domain model.

New text.

[] Walk through how workflow works in CloudMesh


13.36Baseline Levels


Subsection Scope: Text needed

In Version 1, no distinction was made between high and low compliance levels.

Facilitate scientific and engineering big data (generally low privacy risk without external data)

See NIST 800-53 Rev 4 (three levels) and/or an approach based on treaties


Standards, Best Practices and Gaps


Section Scope: Discussion of standards related to the topics previously discussed in this document. Either the existing standards or the lack of a standard (i.e., gap) will be will be mentioned for a topic/technology/issue. To show what standards available addressing SnP and what standards NOT available from emerging technologies such as DevOps, etc.

13.37NIST Cybersecurity Framework


Sometime in 2017, NIST plans an “minor” update to the 2014 Cybersecurity Framework (Eric Chabrow, 2016). Since its introduction in 2014, the framework (NIST National Institute of Standards, 2014) has seen considerable de facto adoption and mention across a variety of industries. In addition to its appearance in the DHS Critical Infrastructure Cyber Community C³ Voluntary Program (US Dept of Homeland Security, 2015), NCF appears in numerous published HR position descriptions. Its appearance in cybersecurity hiring actions, as well as adaptation for other standards such as SAFSA SENC (Efrain Gonzalez, 2015) further reflect its importance.

13.38SABSA and Zachman Framework


Subsection Scope: Needs text.

[] Overview of implications for BDRA




Download 495.67 Kb.

Share with your friends:
1   ...   13   14   15   16   17   18   19   20   21




The database is protected by copyright ©ininet.org 2020
send message

    Main page