Page 164 - Big data - Concept and application for telecommunications
P. 164
4 Big data - Concept and application for telecommunications
Table 1 – Relationship of security threats to entities
Entities
The data collection The data pre- The data analysis The data
entity processing entity entity application entity
Threats
Over analysis Y
Trojan and viruses Y
Unauthorized access Y Y Y Y
Unauthorized analysis Y
Unauthorized analytical Y Y
application
9 Security requirements
9.1 Analysis algorithm(s) check
The accuracy and integrity of the analysis algorithm(s) is required to be checked.
9.2 Authentication
Authentication is required to confirm the identities of the entities. Authentication ensures the validity of the
claimed identities of the entities participating in big data analysis and provides assurance that an entity is not
attempting to masquerade as an authorized entity. Authentication techniques may be required as part of the
authorization process, and can be augmented by single sign on capabilities.
9.3 Authorization
Authorization capabilities are required to ensure that only authorized users or entities are allowed to access
the original data or the results of big data analysis.
9.4 Data minimization
The categories of data that are subject to collection are required to be strictly limited to those that are
necessary to fulfil the stated purpose of use of the system. This purpose of use must be disclosed to the user
in the course of obtaining consent.
9.5 Data retention limits
Stored data, including outputs of big data analysis, are required to be subject to clearly defined retention
periods that include maximum limits. These periods must be set according to the purpose of use. The data
retention period should be disclosed to users in the course of obtaining consent.
9.6 Data source check
The data source is required to be identified, to ensure that the data analysis entity has the proper privilege
to analyse it.
9.7 Incident response for malware
Incident response process for malware detection is required to pre-deploy security mechanisms in response
to and to deal with an attack in a timely manner.
156 Security, privacy and data protection