Mar 8, 2016 - Telemedicine. Insufficient information in real-time for response and recovery ... SINET 5: Cloud Computing with PKI and Marketplace.
Privacy with Secondary Use of Personal Information MKWI 2016 Sicherheit, Compliance und Verfügbarkeit von Geschäftsprozessen March 9, 2016, Ilmenau, Germany Dr. Sven Wohlgemuth (Visiting Researcher Goethe Universität Frankfurt, Germany) Dr. Kazuo Takaragi (National Institute of Advanced Industrial Science and Technology, Japan) Prof. Dr. Isao Echizen (National Institute of Informatics, Japan)
The Great East Japan Earthquake Insufficient information in real-time for response and recovery
Refugee
Helper
Physical Cyber SINET 4: Cloud-type services for > 700 organizations
National academic ICT infrastructure (SINET) was available 03.08.16
Privacy with Secondary Use of Personal Information
Telemedicine
2
Urushidani and Aoki 2011, JAISA 2015
Agenda I.
Resilience and Safety
• Lessons learned • Safety: A Zero-Knowledge Proof?
II. Towards Provable Safety
• Language-Based Information Flow Control • Language for ICT Resilience
III. Proof System for ICT Resilience
• Zero-Knowledge Proof with Open Data • Cryptographic Building Blocks
IV. Looking for Partners! 03.08.16
Privacy with Secondary Use of Personal Information
3
I. Resilience and Safety Resilience by predictive IT risk management with personal data
Helper
Refugee OCT(Optical Coherence Tomography) Eye
Oral
Physical Cyber
Esophagus
Brain
Trachea
Kostadinka Bizheva, et al., J. of Biomedical Optics, July/ 2004 Vol.9 No.4 Courtesy of Tsukuba Univ. Petra Wilder-Smith, et al. J. of Biomedical Optics Sep/ 2005 Vol.10 No.5
Cardiovascular
Tooth
Pancreas
Pier Alberto, et al. J Pancreas (Online) 2007 Vol.8 No.2
Guillermo J. Tearney, et al. J. of Biomedical Optics Mar/ 2006 Vol.11 No.2
Kidney
Z.P.Chen, et al., Opt. Express, Aug/ 2007 Vol. 15 No. 16
Alexander Popp, et al., J. of Biomedical Optics, Jan/ 2004 Vol.11 No.1
Cervix
Matthew Brenner, et al., J. of Biomedical Optics, Sep/ 2007 Vol.12 No.5
Cochlea
Fangyi Chen, et al., J. of Biomedical Optics, Mar/ 2007 Vol.12 No.2
Colon
Stomach Bladder Yonghong He, et al. J. of Biomedical Optics Jan/ 2004 Vol.9 No.1
Lung
Yu Chen, et al. J. of Biomedical Optics Sep/ 2007 Vol.12 No.3
Skin Ying T. Pan, et al. J. of Biomedical Optics Sep/ 2007 Vol.12 No.5
Ilya V. Turchin, et al., J. of Biomedical Optics, Nov/ 2005 Vol.10 No.6
Blood flow
Alexandre R. Tumlinson, et al., J. of Biomedical Optics, Nov/ 2006 Vol.11 No.6
Bone
Bradley A. Bower., J. of Biomedical Optics, Jul/ 2007 Vol.12 No.4
図:santec株式会社提供資料より
Ground Truth
santec confidential 16 Application to Biometrics:
SS-OCT System Inner Vision Non-invasive measurement of iris, retina, fingerprint, vascular image under skin.
5
SINET 5: Cloud Computing with PKI and Marketplace 03.08.16
Privacy with Secondary Use of Personal Information
Urushidani et al. 2015, JAISA 2015
4
Telemedicine
Requirements on Safety Personal Risk Management • Just-in-time scalable knowledge creation from data • Transaction-specific safety • Optimizing user’s risk with data minimization JAISA 2015
User-centric safety (Completeness)
User-centric safe information flow
Integrity of computation (Soundness)
Compliance • End-to-end security • Declassification • Adequate risk management with authentic reporting • Accountability and penalty HIPAA, (J-)SOX, KonTraG, EU GDPD, Japan Personal Information Protection Law
03.08.16
Privacy with Secondary Use of Personal Information
5
Safety: A Zero-Knowledge Proof? Primary use
Secondary use
...
... Data consumer
d Data provider /consumer
Data provider
d, d*
Data consumer /provider
• Multilateral security ⇒ User-centric safe information flow • Vulnerability in real-time by inevitable, hidden dependencies
03.08.16
Privacy with Secondary Use of Personal Information
6
Safety: A Zero-Knowledge Proof? Primary use
Secondary use
...
... Data consumer
d Data provider
Data provider
d, d*
Data consumer /provider
• Multilateral security ⇒ User-centric safe information flow • Vulnerability in real-time by inevitable, hidden dependencies
Safety by obscurity – No reliable statement on information 03.08.16
Privacy with Secondary Use of Personal Information
7
Safety: Decidability State-of-the-art: ISO 270xx, IETF AAA (access control) General security system
...
... Data consumer
Data provider
d
?
Data provider /consumer
d, d*
Data consumer /provider
Enforcement
o1 = d
o2 = d*
…
s1
own, r, w
? own, r, w ?
s2
r, w
own, r, w
s3
? r, w ?
r
…
Hamlen et al. 2006
Harrison et al. 1976
Decidability on safety in general ⇒ Halting problem of Turing Machine
Probability of a correct statement on safety in the future = 50% 03.08.16
Privacy with Secondary Use of Personal Information
8
Threat to Completeness • •
Information flow from different sources in real-time Aggregation of anonymized personal data Explicit/friendship Bob
David Implicitly assumed friendship
Sweeney 2002 Jernigan and Mistree, 2007
Loss of control on confidentiality (of honest prover) 03.08.16
Privacy with Secondary Use of Personal Information
9
classification error (7 vs 1)
structure of the optimal solution.
0.4 validation error testing error
Another direction for research is the simultaneous optimization of multi-point attacks, which we successfully 0.3 approached with sequential single-point attacks. The 0.25 first question is how to optimally perturb a subset of 0.2 the training data; that is, instead of individually opti0.15 mizing each attack point, one could derive simultaneous steps for every attack point to better optimize their 0.1 Knowledge creation from personal data by secondary use overall e↵ect. The second question is how to choose 0.05 “Faulty” data increases error probability of machine learning the best subset of points to use as a starting point 0 0 2 4 6 8 for the attack. Generally, the latter is a subset selec% of attack points in training data Supervised machine learning machinemay learning tionUnsupervised problem but heuristics allow for improved ap(e.g. SVM) (e.g. PCA) we demonstrate that even proximations. Regardless, Single Poisoning Period: Evadingstrategies PCA non-optimal multi-point attack significantly classification error (9 vs 8) 0.4 10 degrade the SVM’s performance. validation error 0.35
0.05 0
0
2 4 6 % of attack points in training data
classification error (4 vs 0)
0.4 0.35
03.08.16 0.3
0.25
8
0.8
1.0 0.8 0.6 0.4 0.2
0.1
Evasion success (average test FNR)
0.15
0.0
0.2
0.6
0.25
Uninformed Locally−informed Globally−informed
Bo
An important practical limitation of the proposed method is the assumption that the attacker controls the labels of the injected points. Such assumptions may not hold when the labels are only assigned by trusted sources such as humans. For instance, a spam filter uses its users’ labeling of messages as its ground truth. Thus, although an attacker can send arbitrary messages, he cannot guarantee that they will have the labels necessary for his attack. This imposes an ad10% 20%that 30% 40% 50% ditional0%requirement the attack data must satisfy0 Mean chaff volume certain side constraints to fool the labeling oracle. FurBiggio et al 2012; Huang et al 2011 ther work is needed to understand these potential side Figure 3: Effect of poisoning attacks on the PCA-based detector [36 constraints and under to incorporate themPeriod into attacks. relative chaff volume Single-Training poisoning attacks Evasion success (FNR)
0.3
0.4
testing error
0.2
0.35
0.0
• •
1.0
Threat to Soundness
Loss of control on classification (of honest verifier) (dotted black line) locally-informed (dashed blue line) and globally-in validation error testing error
Theoffinal would to incorporate the realsuccess PCAextension under Boiling Frogbe poisoning attacks Privacy with Secondary Use of Personal Information 10 in terms of the
of locally-informed for four different poisoning schedules world inverse poisoning feature-mapping problem; that is, the ( size of the poisoning by factors 1.01, 1.02, 1.05, and 1.15 respectively).
problem of finding real-world attack data that can
II. Towards Provable Safety Status Quo: Language-based information flow control Rigorous
In Practice
Natural Language Policy
HIPAA, (J-)SOX, KonTraG, 95/46/EC, JP PII Protection Law, …
ISO/IEC 270xx, BSI ITBaseline Protection, IETF AAA, NIST SCAP
High-Level Policy Language
Take-grant, type-safety, lattice-based access control, obligations
Enforcement classes, Ponder, ExPDT
Intermediate-Level Security Policy Flow Graph
Decentralized trust management
Social/knowledge graph, sticky policies secure delegation of rights
Low-Level Enforcement
Identity, cryptography, safe public directory, monitor, proof-carrying code
Computational complexity, PKI, virtualization, testing ZKP-carrying information
03.08.16
Privacy with Secondary Use of Personal Information
11
cf. Sandhu 1993, Myers and Liskov, 1997; Schneider, Morrisett and Harper, 2001; Sabelfeld and Myers, 2003
Natural Language Policy High-Level Policy Language
Special Cases for Safety Take-grant S1: u
S3: w
S2: u
Intermediate-Level Security Policy Flow Graph Low-Level Enforcement
Lattice-based Access Control O: o
Type-safety S1: u
S3: v
S3: w
S2: u
• Symmetric access tree Error propagation
• Strict order Role change of secondary use
• Safety if trees are separate
• Availability of data by declassification
Joined by Ground Truth
Ext.: Reliable ”Big Brother” Int.: Error propagation
S3: v
Sandhu 1992
Sandhu 1993
Lipton and Snyder 1977
O: o
• Acyclic graph Role change of secondary use • x