Page 168 - Big data - Concept and application for telecommunications
P. 168
4 Big data - Concept and application for telecommunications
When cryptographic techniques are used, they may be combined with "handshaking" protocols to protect
against replay (i.e., to ensure liveness).
The choices of security technologies, which are used to realize authentication, will depend upon the
circumstances in which they need to be used for example:
– time stamping and synchronized clocks;
– two- and three-way handshakes (for unilateral and mutual authentication respectively); and
– non-repudiation functions achieved by digital signature or notarization mechanisms.
11.3 Digital signature
The digital signature function defines the following two processes:
– signing data; and
– verifying the signed data.
The first process uses information that is private (i.e., unique and confidential) to the signatory. The second
process uses procedures and information which are publicly available but from which the signatory's private
information cannot be deduced.
The signing process involves either an encipherment of the data or the production of a cryptographic check
value of the data, using the signatory's private information as a private key.
The verification process involves the use of public procedures and information to determine whether the
signature was produced correctly with the signatory's private information.
The essential characteristic of the signature function is the fact that the signature can only be produced using
the signatory's private information. Thus, when the signature is verified, it can subsequently be proven to a
third party (e.g., a judge or arbitrator) at any time that only the unique holder of the private information
could have produced the signature.
Due to the diversity of the applications and the services explored in mobile Internet services, the digital
signature algorithms may be different when this function is implemented.
11.4 Encipherment
The encipherment function can ensure the confidentiality of either communication data or stored data.
Encipherment algorithms may be reversible or irreversible. There are two general classifications of reversible
encipherment algorithms:
a) symmetric (i.e., secret key) encipherment, in which knowledge of the encipherment key implies
knowledge of the decipherment key and vice versa; and
b) asymmetric (e.g., public key) encipherment, in which knowledge of the encipherment key does not
imply knowledge of the decipherment key, or vice versa. The two keys of such a system are
sometimes referred to as the "public key" and the "private key".
Irreversible encipherment algorithms may or may not use a key. When they use a key, this key may be public
or secret. In the big data analysis in mobile Internet services scenarios, the choice of encipherment algorithms
may be flexible.
11.5 Event detection
Security-relevant event detection includes the detection of apparent violations of security and may also
include detection of "normal" events, such as a successful access (or log on). Security-relevant events may
be detected by entities within open systems interconnection (OSI) including security mechanisms. The
specification of what constitutes an event is maintained by event handling management. Detection of various
security-relevant events may, for example, cause one or more of the following actions:
160 Security, privacy and data protection
