opera/on globally • High mobility on investments, enterprise resources, financial assets, informa/on processing, and human resources. • Knowledge based economy
• Process reuse with economic efficiency • Handling “money” • Parallel process to manage many devices • “Business Enabler” – Implement their business model on informa/on systems. • Because informa/on systems are now managing all the business process in any enterprises. – Direct improvement on economic efficiency through integra/on and interconnec/on of the systems. – New style of “value crea/on”
chains. • Automakers use “SCM” 1990’s • Financial services and Foreign Direct Investment • Global Banking System 2000’s • Various services over the Internet • E-‐commerce for end consumers • a.k.a. “Cloud” 2010’s • Knowledge (Intelligence) from “Big Data”
chains. • Automakers use “SCM” 1990’s • Financial services and Foreign Direct Investment • Global Banking System 2000’s • Various services over the Internet • E-‐commerce for end consumers • a.k.a. “Cloud” 2010’s • Knowledge (Intelligence) from “Big Data” Goods! Money Expertise Data
discarding. Each process requires its specific security management. ! We need risk assessment and threat analysis for each phase in this life-cycle. Access control Encryption , access control, backup Right to do Dedicated software Right to do Rating Data life-‐cycle
use of electricity at home among energy feed, solar power genera/on, storing in EV, use in home, using HEMS (Home Energy Management System) and Smart meters. • Mixture of management system, running on internet plaSorm, for net-‐enabled home appliances including HEMS.
data is a key. – Of course, system protec/on is important, and data transferred over home network is the subject of security management of home networks. – Data is shared and used for management. • Various system involved – Many non PC device – Various protocol standardiza/on • Echonet for HEMS (IS)) • IoT & M2M (BBF etc.) • ITU-‐T, ISO/IEC, etc. • Security func/ons are vital, but s/ll in forest…
traveling needs security management. The idea “data life-‐cycle” gives many hints for designing the systems. • System protec/on is not making best fit for data protec/on. In many cases, the specific data protec/on schemes are required. • Risk is diversified, but malicious ac/vity is a part of everything. Human errors and non-‐inten/onal troubles are major por/on of security incidents. • No security, no service.
– Encryp/on on transfer, storing, and use. • Key management • Decryp/on code has to be implemented smart. • hips is not enough in some cases. – Storage protec/on and backups • File • Database • File system – Good processing model
– Bas/on host – Strong server implementa/on – Protec/on of data in backyard server. • Main storage for data • Clear pipe model is good enough? – Some/mes we need end-‐point authen/ca/on. – Powerful enough, PKI?
for service systems. – Scaling up to million users is now easy to go, buy it’s so tough on security management. – Monitoring & analysis are its boile-‐necked process. We need its good performance. But how? – Distributed management system.
Mainly on backyard servers. – Clear pipe (hips) only is not enough. – Data is valuable component for both users and aiackers. • Recent advanced scheme should be employed. – Encryp/on on data processing. – Any phases in data life-‐cycle. • Scalability is highly required for systems. – Million users level is tough for security management. – Distributed management
owaspjapan
jonrohan
ammeep
katarinadahlin
tapps
rasmusluckow
pwiseman
jonoalderson
minecr
stuffmc
nmsamuel
skoyamalab
marcduiker
