A bundle of services that enable the security-by-design implementation on the ICARUS platform. The aim of this bundle is to protect and ensure the confidentiality and the integrity of the data in the whole lifecycle of the data exploitation by safeguarding the security aspects of data in storage, in transit and in use. To this end, this bundle of services on the one hand addresses the need to protect all valuable assets and resources of the platform from unauthorized access and on the other hand to safeguard the security and privacy of the underlying data assets, as well as the secure and controlled sharing of them by applying an end-to-end security approach.
In detail, the ICARUS Data Security sets different layers for data security and privacy assurance: (a) end-to-end symmetric key encryption for data assets (before they are uploaded in the ICARUS platform) and secure tunnels for direct key sharing to authorized data consumers with active data contracts, (b) attribute-based access control policies that formally describe the circumstances under which access requests to data assets should be granted, and are easily interpretable into policy enforcement rules; (c) multiple data anonymization methods and guidelines for data providers to achieve the right balance in the “privacy vs utility” trade-off.
The ICARUS platform adopts the security by design principle in order to ensure trust in the aviation data value chain. Towards this aim, in ICARUS data security is considered as a critical aspect of the platform’s design tailored to the aviation stakeholders’ needs and is viewed under a 3-fold perspective consisting of Data Encryption, Access Control and Anonymization.
- Data Encryption: The purpose of the ICARUS Data Encryption method is to ensure that the data assets are securely transmitted: (a) from the data providers’ premises to the ICARUS platform and (b) from the ICARUS platform to the data consumer and the ICARUS secure experimentation spaces, as well as (c) stored in the ICARUS platform, without any alterations and only the authorized data consumers (who have an active data contract in the case of private data) shall be able to access and use the data asset.
- Access Control: The ICARUS access control mechanism facilitates the declarative and deterministic definition of authorisation policies for permitting or denying access requests to any data asset available in the ICARUS platform, in real-time. The Data Access Control methods effectively manages the whole policy lifecycle towards the aim of preventing: (a) unauthorized disclosure to private data assets (confidentiality) and (b) any intentional or accidental unauthorized changes to data assets (integrity).
- Data Anonymisation: the ICARUS Anonymisation method addresses the problem of data privacy protection by providing a customisable process that can be appropriately configured depending on the nature of the data to be anonymized, as well as on the privacy threat that needs to be properly eliminated. Towards this aim, it supports a generic-enough anonymization workflow that covers the complete spectrum of aviation related data across a wide range of aviation-related data analysis cases.
Data Security has many facets spanning from the protection of all valuable assets and resources of a platform from unauthorized access to the assurance of the security and privacy of the assets with enhanced access control and privacy preserving methodologies. The described bundle of services is considered one of the main features of the ICARUS platform providing end-to-end data security, advanced access control and privacy protection.
In the big data domains, including aviation, where critical, personal and sensitive data is possibly being used, it is clear that there is a strong need for solutions and technologies which embed, since design, security features. It should be noted that all services comprising the Data Security Bundle are domain agnostic and can easily and with minimal effort be replicated across different domains and industries including but not limited to IoT, cloud/fog computing, (software-defined) networking and more.
The objective of this bundle of services is to provide added value to the operations and services of the aviation data value chain. This particular solution on data security is integrated into a unique data and intelligence platform for the aviation industry, taking into account the concrete stakeholders’ needs and requirements. Progress beyond the state-of-the art is substantiated along the following dimensions:
- End-to-End Data Security allowing to encrypt data on-premise
- Advanced Access Control to regulate access to the privately owned data assets
- Privacy Preserving Toolset that is adoptable to nature of the data and the privacy-level set by the asset owner.
The novelty and added value of the ICARUS Data Security has been acknowledged by all stakeholders with whom the ICARUS consortium interacted till now in different engagement activities (in events, through dedicated interviews and online questionnaires).
The ICARUS Data Encryption method employs a dual encryption approach in which:
- A symmetric key encryption (using the AES256 symmetric key encryption algorithm) is utilised as the most efficient solution in order to encrypt the data assets ensuring the high performance of the platform without compromising the security level of the data assets
- Secure SSL handshakes are performed in order to share the symmetric key between: (a) the data provider and the data consumer, and / or (b) the data provider and the secure experimentation space of the data consumer in the ICARUS platform.
The ICARUS Access Control adheres to the Attribute-Based Access Control (ABAC) paradigm with policies based on the XACML standard that enable the data providers to protect and share their data assets without any prior knowledge of the potential individual data consumers, while also providing a proper separation of concerns between policy specification and policy enforcement that is effectively pursued with dynamically enforced arbitrary attributes in the policies.
The ICARUS Anonymisation method is enabling the data provider that both deeply comprehends the privacy concerns and vulnerabilities of the data he/she owns to tailor the anonymisation workflow based on his/her input for the appropriate parameters that is configured and executed prior to making a dataset available to other ICARUS stakeholders.