Richard J Self - University of Derby 1 Governance Strategies for the Cloud, Big Data and other...
If you can't read please download the document
Richard J Self - University of Derby 1 Governance Strategies for the Cloud, Big Data and other Technologies in Education Richard J Self BA LLM MBCS FHEA
Richard J Self - University of Derby 1 Governance Strategies
for the Cloud, Big Data and other Technologies in Education Richard
J Self BA LLM MBCS FHEA Senior Lecturer in Analytics and Governance
University of Derby [email protected]
http://computing.derby.ac.uk/wordpress/people-2/richard-j-self/
Slide 2
Context Emerging Technologies in Education Critical Governance
Issues Data Protection Regulations Risks to Human Current
Frameworks ISO 27K, COBIT, etc.. Additional factors 12Vs of Big
Data Technologies in Education Key Governance Questions 2Richard J
Self - University of Derby
Slide 3
Gartner Hype Curve 2013 3Richard J Self - University of Derby
http://na1.www.gartner.com/imagesrv/newsroom/images/hype-cycle-pr.png;pv4a3db6f9c029a4db
Slide 4
Gartner Hype Curve 2014 4Richard J Self - University of Derby
http://na2.www.gartner.com/imagesrv/newsroom/images/HC_ET_2014.jpg;pv4cc7877f
7de80268
Slide 5
Emerging Technologies in Education Examples Evaluated 3D
Printing Google Glass Social Networks Data Analytics (Learning and
Academic) Biometrics Based on Student research and publications
5Richard J Self - University of Derby
Slide 6
Governance Doing the right thing in the right way at the right
time with the right resources to the right quality in the right
place for the right reasons (Self, Self and Chang, 2012) 6Richard J
Self - University of Derby
Slide 7
Governance Frameworks ISO 27k ISO27001 ISMS Certifiable process
ISO 27002 - Code of practice for information security controls
Critical questions Completeness? Generic Big Data Issues extra
needed? 7Richard J Self - University of Derby
Slide 8
ISO 27002 Key Controls 1. Information security policies 2.
Organization of information security 3. Human resource security 4.
Asset management 5. Access control 6. Cryptography 7. Physical and
environmental security 8. Operations security 9. Communications
security 10. System acquisition, development and maintenance 11.
Supplier relationships 12. Information security incident management
13. Information security aspects of business continuity 8Richard J
Self - University of Derby
Slide 9
12 Vs of Big Data 3Vs Volume (size) Velocity (speed) Variety
(sources/format) 9Vs Governance Variability (temporal?) Value (to
whom?) Veracity (truth) Validity (applicable) Volatility (temporal)
Verbosity (text) Vulnerability (security) Verification (trust?)
Visualisation (presentation) 9Richard J Self - University of
Derby
Slide 10
Volume (S, G) How much? Who? How? Storage Dangers Technology?
10 MountainsOceans (Teahupoo) Brian Bielmann Wikimedia
Slide 11
Velocity (S, G) Infrastructure Need for immediacy? Time to
analyse How fast? 11 TwitterWikimedia
Slide 12
Variety (T, S, G) What? Connections? Similarity? Original
purpose? Data Structures Ownership 12 http://applesororan
ges.wordpress.com/ cell-phones/ Twitter Fruit salad?Choices
Vulnerability (T, E, S, G ) Legal (e.g. DPA and Right to be
Forgotten) Reputation Financial Data Policies Processes Access Who
and what skills? 19 OWASP: relationship between threat agent and
business impact Wikimedia
Slide 20
Verification (T, E, S, G) How? Reliability? Context? Data
Algorithms and models 20 1 st Japanese Passport 1866Digital
Signature process Wikimedia
Slide 21
Visualisation (T, E, G) Manipulation 2D / 3D Video Who chooses?
Guidelines and standards? 21 As presented by the UK Treasury As
corrected by Sir Andrew Dilnot Log scale Breached Official
Guidelines
Slide 22
Case Studies Contributing Student Authors See Paper for
references Richard J Self - University of Derby 22
Slide 23
3D Printing A. G. Aladawi, G. Allen, A. Bensbiet, D. Silva
Caires Richard J Self - University of Derby 23
Slide 24
3D Printing Critical Risks Breach of IPR Printing dangerous /
illegal items Solvents Vulnerability and Verification Critical
Controls Access controls and logs Teaching ethics and civil / legal
responsibilities 24Richard J Self - University of Derby
Slide 25
Google Glasses F. Kalra, L. Mawhinney Richard J Self -
University of Derby 25
Slide 26
Google Glass ( use by academics) Critical Risks Privacy and
Consent Communication with Smart Device Google Cloud (DPA 1998)
Personal Safety Vulnerability and Verification Critical Controls
Acceptable Use policy (informed consent required) Cloud storage
policies 26Richard J Self - University of Derby
Slide 27
Social Networks M. Al Yousif, A. Clark, A. Nagra, P. Osullivan
K. Samarah Richard J Self - University of Derby 27
Slide 28
Social Networks Context Group work and staff / student channel
Critical Risks IPR, cyber-bullying, invasion of privacy and sharing
information Vulnerabilities and Veracity Critical Controls Private
walled-garden Strict moderation 28Richard J Self - University of
Derby
Slide 29
Data Analytics (Learning and Academic) A. Clark Richard J Self
- University of Derby 29
Slide 30
Data Analytics (Learning and Academic) Context Sentiment
analysis Predictive analysis (achievement) Critical Risks Use of
social media, irony, semantics? Data Protection Veracity,
Volatility, Vulnerability and Verbosity Critical Controls DPA
compliance Verification of sentiment analytics algorithms 30Richard
J Self - University of Derby
Slide 31
Biometrics M. Haroon, G. Ali Raza, Richard J Self - University
of Derby 31
Slide 32
Biometrics Context Personal Authentication Critical Risks False
Positive / Negative rates Enrolment DPA and security Veracity,
volatility, vulnerability, velocity Critical Controls DPA
compliance policies 32Richard J Self - University of Derby
Slide 33
Conclusions The 12Vs of Big Data Add value to ISO 27002 based
Governance Can identify critical issues in applying emerging
technologies in HE Can help develop understanding of suitable
controls 33Richard J Self - University of Derby