Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Three pillars for building a Smart Data Ecosystem: Trust, Security and Privacy

44 visualizaciones

Publicado el

Today’s data marketplaces are large, closed ecosystems that are in the hands of few established players or a consortium that decide on the rules, policies, etc.

Yet, the main barrier of the European data economy is the fact that current data spaces and marketplaces are “siloes”, without support for data exchange across their boundaries.

This webinar reveals how these boundaries can be overcome through the i3-MARKET “backplane”, which is an infrastructure able to connect all the stakeholders providing the suitable level of trust (consensus-based self-governing, auditability, reliability, verifiable credentials), security (P2P encryption, cryptographic proofs) and privacy (self-sovereign identity, zero-knowledge proof, explicit user consent).

Publicado en: Datos y análisis
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

Three pillars for building a Smart Data Ecosystem: Trust, Security and Privacy

  1. 1. Three pillars for building a Smart Data Ecosystem: Trust, Security and Privacy 27/10/20201 Marketplaces Semantics Security, Privacy and Trust i3-MARKET Webinar https://www.i3-market.eu/
  2. 2. + Agenda 2 27/10/2020  The i3-Market Project: A brief introduction  TRUST: Everything under control  SECURITY: Unlock data with a key  PRIVACY: Meet and overcome GDPR  Q&A
  3. 3. i3Market Project A brief introduction 3 27/10/2020
  4. 4. + i3-Market Project 4 27/10/2020 i3-market leverages the blockchain technologies to build a trusted, secure, interoperable and decentralised Backplane paying special attention in regulatory aspects around sensitive data assets i3-market aims to connect Data Marketplaces from different countries and businesses as the initial step towards a smart data economy
  5. 5. + From Big Data to Smart Data 5 27/10/2020
  6. 6. TRUST Everything Under Control 6 27/10/2020
  7. 7. + When we trust someone/something? 7 27/10/2020
  8. 8. + What should we trust? 8 27/10/2020 Consensus-based Governance Tamper-proof Ledger Non-repudiation protocol Verifiable Credentials Transactions Identity Accounting Governance
  9. 9. + Blockchain technologies 9 27/10/2020 Consensus-based Governance Changes to the system must be approved by all the nodes Tamper-proof Ledger Transactions are recorded in a chain of related block and a malicious attack would broken chain integrity Cryptographic keys All transaction are signed with Cryptographic keys which provide security and reliablility Verifiable credentials All stakeholders are identified by tamper-evident credentials that has authorship that can be cryptographically verified. Non-repudiation protocol Data exchanges and payments are made through a P2P communication protocol with cryptographically signed proofs
  10. 10. + Verifiable Credentials 10 27/10/2020 Issuer: did:eth:0xk7bhac37c498d8e2386.... Role: Data Consumer Country: Italy Business: Automotive Verifiable Data Registry id: did:eth:0xk7bhac37c498d8e2386.... Public Key: H3C2AVvLMv6gmMNa... Role: Data Marketplace Country: Spain Business: Automotive id: did:eth:0xt3noiz45c744.... Public Key: did:eth:0xt3noi.... Role: Data Marketplace Country: Germany Business: Health ISSUE ISSUE PRESENT VERIFY VERIFY Issuer: did:eth:0xt3noiz45c744.... Role: Data Provider Country: Italy Business: Health
  11. 11. + Non-repudiation protocol 11 27/10/2020 id: #X, src: ProviderId, dst: ConsumerId, timestamp: TSo, dataDescription: description, dataCommitment: hash(data), SCommitment: hash(secret), encryptedData: C Proof of Origin (PoO) Proof of Reception (PoR) id: #X, src: ProviderId, dst: ConsumerId, timestamp: TSr, dataDescription: description, dataCommitment: hash(data), SCommitment: hash(secret), encryptedData: C Auditable Accounting Registry VERIFY ACCOUNT VALIDATE VALIDATE id, PoO, PoR, PoS id, secret id: #X, src: ProviderId, dst: ConsumerId, timestamp: TSs, encryptedData: S Proof of Secret (PoS) VERIFY Public Blockchain
  12. 12. SECURITY Unlock the data with a key 12 27/10/2020
  13. 13. + Blockchain Basics 13 27/10/2020 Nodes Check validity of transactions towards their version of the ledger. Form new blocks. “users”: transactions events “ledger” Produce transactions. Send them to the network. Ownership of assets is proven by a cryptographic signature   Blocks are validated as honest or rejected. Miners agree on the ledger through a consensus mechanism. network
  14. 14. + Security 14 27/10/2020
  15. 15. + Security 15 27/10/2020
  16. 16. + Security 16 27/10/2020
  17. 17. + Hardware wallet  Secure Element (tamper-resistant hardware platform)  Common Criteria security evaluation EAL5+  Capable of  Securely host applications and keys (against software and hardware attacks)  Provides cryptographic functionalities 17 27/10/2020
  18. 18. + Hardware wallet  Blockchain compatible  Support blockchain’s cryptographic algorithms  Support Hierarchical Deterministic Wallet (HD Wallet) application (BIP32, BIP44) 18 27/10/2020
  19. 19. + Form factors 19 27/10/2020 Tap & Sign Your SIM is your Key
  20. 20. + Cherry on the cake 20 27/10/2020 Unlock your key with your biometry
  21. 21. PRIVACY Meet and overcome GDPR 21 27/10/2020
  22. 22. + Data minimization User consent Accountability Privacy by design Secure Data Transfers GDPR Technology Requirements 27/10/2020 Self-Sovereign Identities: •Decentralized Identifiers •Verifiable Credentials •Selective Disclosure Explicit User Consent Auditable Accounting i3-market Privacy Pillars GDPR blockchain 22
  23. 23. + How many identities do we have? Who has control over them?  People have many online personas at many organizations  Federated auth. (OAuth2, OIDC) partially solves the problem  IdPs manage user identities  censorship  surveillance → bad for privacy! 23 27/10/2020 I have to update my email account everywhere Lots of sites to hack!  Users must have a stable identifier created by themselves  They must manage (verified) claims about their identity  They must manage what information to share at every interaction Give control back to users
  24. 24. + Self sovereign identity 24 27/10/2020 Issuer: did:eth:0xk7bhac37c498d8e2386.... Subject: did:eth:0xf3beacff02a498d93f79a.... Role: Car Owner Name: Mario Surname: Rossi Country: Italy Age: 58 id: did:eth:0xf3beacff02a498d93f79a.... Public Key: 0xf3beacff02a498d93f79a... Claim Holder Credential Issuer Local Storage id: did:eth:0xk7bhac37c498d8e2386.... Public Key: H3C2AVvLMv6gmMNa... Role: Data Marketplace Country: Spain Business: Automotive Verifiable credentials
  25. 25. + Selective disclosure 25 27/10/2020 Issuer: did:eth:0xk7bhac37c498d8e2386.... Subject: did:eth:0xf3beacff02a498d93f79a.... Role: Data Owner Name: Mario Surname: Rossi Country: Italy Age: 58 id: did:eth:0xf3beacff02a498d93f79a.... Public Key: 0xf3beacff02a498d93f79a... Data Owner Data Marketplace Data Provider Issuer: did:eth:0xk7bh.... Role: Data Owner Country: Italy Age: >18 Issuer: did:eth:0xk7bh.... Role: Data Owner role? role, age, country? id: did:eth:0xt3noiz45c744.... Public Key: did:eth:0xt3noi.... Role: Data Marketplace Country: Germany Business: Health Issuer: did:eth:0xt3noiz45c744.... Role: Data Provider Country: Italy Business: Health
  26. 26. GDPR: Data Minimization • personal data must be “collected for specified, explicit and legitimate purposes” and it must be “adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed”. Art. 6.1 Dir. 95/46/EC and Art. 4.1 Reg. EC 45/2001 Data minimization Less sensitive information stored Reduced impact of data leaks Less interest for attackers Reduced security-level compliance required Less cost 27/10/202026
  27. 27. + Explicit user consent i3-market solution:  Explicit user consent is issued by the data subject in the form of a verifiable credential (W3C VC).  The consent can be easily verified but cannot be faked or mangled  i3-market operation will prevent the data exchange without the proper consents  The data subject can withdraw his or her consent at any time 27 27/10/2020 • The controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data. • The data subject shall have the right to withdraw his or her consent at any time. GDPR Article 7
  28. 28. + Auditable Accounting  Accounting of selected operations:  Access, modification, deletion of sensitive data  Payment data  Contractual agreements  Reliable, privacy-guaranteed proofs of data exchange will support any future claim regarding a data trade  Proofs cannot be repudiated by the involved stake holders  Backed up by a public blockchain the accounting cannot can not be faked or tampered Data Owner Data Consumer Data Provider blockchain signed actions 27/10/202028
  29. 29. + 29

×