SlideShare uma empresa Scribd logo

H2020 project WITDOM overview

Elsa Prieto
Elsa Prieto

The project “empoWering prIvacy and securiTy in non-trusteD envirOnMents” (WITDOM for short) is a three-year multi-disciplinary, Research and Innovation Action co-funded by the European Commission in the context of Horizon 2020, the EU Framework Programme for Research and Innovation. WITDOM aims at protecting the privacy and security of data outsourced to untrusted ICT providers, such as clouds. By protecting sensitive data cryptographically and by applying the privacy-by-design paradigms, WITDOM will provide a holistic framework that addresses end-to-end security for sensitive data. WITDOM's data protection methods will be tailored to the risks associated with different classes of data, so that users remain immune to the threats, vulnerabilities, and risks that may affect remote data processing.

Tecnologia
1 de 12
Baixar para ler offline
empoWering prIvacy and securiTy in non-trusteD envirOnMents witdom.eu General Presentation
22empoWering prIvacy and securiTy in non-trusteD envirOnMents Content 1) Project Facts 2) Objectives 3) Main Outcomes 4) Main innovations 5) Architecture 6) Pilots 7) Project structure 8) Project roadmap
3  WITDOM stands for “empoWering prIvacy and securiTy in non-trusteD envirOnMents”.  It is a Research and Innovation Action co-funded by the European Union H2020 Programme, within the thematic priority of Information and communications technologies (ICT).  WITDOM was approved under call 1 of the H2020-ICT- 2014-1, ICT-32-2014 in the topic of Cybersecurity, Trustworthy ICT with project No. 644371.  WITDOM started in January 2015 will run for 36 months.  The overall project budget is around 4 million euro.  7 different organizations from 5 European countries form the WITDOM consortium. Project Facts
4  A framework for end-to-end protection of data in untrusted and fast-evolving ICT-based environments. • Driven by privacy-and-security-by-design (PSbD) principles. • Holistic and all-encompassing. • Provide end-to-end security.  Tools for effective protection of sensitive data: • Resource-efficient cryptographic primitives (e.g: SHE, FHE, SMC). • Privacy Enhanced Technologies (PETs) to enhance privacy- utility tradeoffs. • Effective verification of data and process integrity. • Secure protocols for outsourcing sensitive data. • Evaluation and assessment of privacy preferences.  This WITDOM framework will be instantiated and validated in two application scenarios (eHealth and Financial Services) with demanding privacy requirements to protect sensitive data. Objectives
6 Main Outcomes • Analysis and assessment of end-to-end privacy/security • Objective privacy metrics and quantifiable evaluation mechanisms. • Guidelines and methods for the analysis of security requirements and trust relationships • PSbD and user-empowered architectures and scenarios for outsourced / distributed environments. • Definition and enforcement of user-centric privacy-preferences. • Multi-party security and privacy analysis for outsourced/distributed eHealth and Financial services scenarios, instantiated architectures. • Resource-efficient cryptographic primitives, protocols and PETs for outsourced processing of sensitive data (addressing the trade-off between good performance and strong cryptographic protection). • Efficient cryptographic verifiability mechanisms for user-empowered outsourced processing • Evaluation of the developed primitives, quantitative assessment of the net advances in utility, efficiency and privacy/security • Privacy-preserving toolkit mplementing privacy-preserving primitives, protocols, privacy- enhancing techniques (PETs) and formalized preferences for user-centric verifiable outsourced processing (open-access building blocks). • Multi-disciplinary assessment of prototypes for eHealth and Banking scenarios, making use of the toolkit and showcasing the net advance and impact of the general and practical outcomes in two privacy-aware scenarios. General Outcomes Framework Practical Level Platform Implementation Level Toolkit& prototypes
7 Main innovations Privacy Enhancing Techniques, perturbation mechanisms and privacy metrics Privacy- preserving cryptographic techniques supporting encrypted processing Cryptographic techniques for Integrity and Verifiability of outsourced processes European Legal Landscape – Comprehensive privacy metrics for sensitive outsourced data and quantifiable leakage and traces – Privacy guarantees even if an adversary has access to arbitrary background and secondary information (based on DP) – Fine-tune other complexity- dependent methods to match the life- span of Cloud-related environments. – Resource efficient SHE and FHE – PEKS, PERKS, SMC, ZK – Overcome the current limitations in terms of full anonymisation of financial and eHealth data – Produce efficient data processing techniques in both scenarios – Integrity and consistency guarantees (i.e., fork-linearizability and derived) – Overcome current restrictions to simple storage services, and the severe limitations in concurrent operation – Advance verification of remote computation respecting multi-client input privacy – Follow the evolution GDPR, opinions and recommendations of Article 29 WP – Translate these legal requirements into technological requirements, enabling seamless assessment of legal compliance Holistic vision, with interrelated and entangled advance in all areas
8 Architecture SPM: Coding/obfuscating/encryp ting allowing for the secure realization of certain operations implemented as secure primitives within the secure processing modules (APIs or software libraries) with a client-server structure Comms protocols: Between two SPMs, as part of the advanced cryptographic techniques used for data and signal processing in the encrypted domain and PETs Policy Enforcement, Auth, Verifiability Compliance of user preferences to access control to private data, anonymity/privacy enforcement, and data and process integrity. Secure Storage Module Encryption standards, perturbation mechanisms and data formats in unsecured environments, enabling the verifiable encrypted processing protocols.
9  Genetic/proteomic databases protection, shared for large- scale research analyses and outsourced individual clinical analyses. Scenario I: e-Health Citizens (Data owners) Database Generators (Genetic data) Genetic Research Institutes Certification Authority & Key Management Private Requests: Genetic Analyses and Studies Cloud Diagnosis Services Genetic Research Knowledge enabling Genetic Diagnosis Citizens with their protected DNA metadata Private Requests Protected Metadata Knowledgebase Expert System working with Protected Signals Outsourced Genetic Databases with protected raw data
10  Protection of large-scale outsourced financial data storage and processing (financial risk calculation, fraud detection,...) Scenario II: Financial Services Protected Processing requestsBanking Institution Certification Authority & Key Management Outsourced Databases processing protected data Other Banking Institutions Security Perimeters In-House Private Cloud Bank Clients Public Cloud
11 Project Structure WP1 Project & Innovation Management (ATOS) WP7 Dissemination, communication, exploitation and standardization (ATOS) WP2 Requirements analysis and prototypes evaluation (FCSR) WP3 Basic research on enabling privacy and cryptographic tools (UVIGO) WP6 Legal requirements and validation (KU Leuven) WP5 Privacy preserving platform toolkit and prototypes (XLAB) WP4 applied research and architectural design (IBM)
12 Project Roadmap Requirements Formalization Legal Requirements Fundamental Research Architecture Implementation&Prototypes Translation of DP Directives Management Communication/Dissemination/Standardization/Exploitation Validation/ Assessment Final Validation WP1 WP2 WP3 WP4 WP5 WP6 WP7 Year 1 (M1-M12) Year 2 (M3-M24) Year 3 (M25-M36)
Partners Contact Elsa Prieto (Atos) WITDOM coordinator and Exploitation & Innovation Manager elsa.prieto@atos.net witdom.eu This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 64437. This work was supported in part by the Swiss State Secretariat for Education, Research and Innovation under contract No. 15.0098. The opinions expressed and arguments employed herein do not necessarily reflect the official views of the European Commission or the Swiss Government.

Recomendados

Witdom overview 2016
Witdom overview 2016Witdom overview 2016
Witdom overview 2016Elsa Prieto
 
Pendahuluan it forensik
Pendahuluan it forensikPendahuluan it forensik
Pendahuluan it forensiknewbie2019
 
Book
BookBook
BookUlf Mattsson
 
ETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS - the Global IT Association for Telecommunications
 
License-based Access Control in EPCglobal Networks
License-based Access Control in EPCglobal NetworksLicense-based Access Control in EPCglobal Networks
License-based Access Control in EPCglobal NetworksMatthieu Schapranow
 
An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...IJECEIAES
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysSolarwinds N-able
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 

Recomendados

Witdom overview 2016
Witdom overview 2016Witdom overview 2016
Witdom overview 2016Elsa Prieto
 
Pendahuluan it forensik
Pendahuluan it forensikPendahuluan it forensik
Pendahuluan it forensiknewbie2019
 
Book
BookBook
BookUlf Mattsson
 
ETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS - the Global IT Association for Telecommunications
 
License-based Access Control in EPCglobal Networks
License-based Access Control in EPCglobal NetworksLicense-based Access Control in EPCglobal Networks
License-based Access Control in EPCglobal NetworksMatthieu Schapranow
 
An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...IJECEIAES
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysSolarwinds N-able
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
Iot forensics
Iot forensicsIot forensics
Iot forensicsAbeis Ab
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things ForensicsAakashjit Bhattacharya
 
International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)ijcisjournal
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationUlf Mattsson
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)ijfcst journal
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020Ulf Mattsson
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...JonesSmith7
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyUlf Mattsson
 
Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...IJNSA Journal
 
Future data security ‘will come from several sources’
Future data security ‘will come from several sources’Future data security ‘will come from several sources’
Future data security ‘will come from several sources’John Davis
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networkskontakt.io
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp JonesSmith7
 
6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...IJNSA Journal
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
Ijwns
IjwnsIjwns
IjwnsMiajackB
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...Ulf Mattsson
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 

Mais conteúdo relacionado

Mais procurados

A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
Iot forensics
Iot forensicsIot forensics
Iot forensicsAbeis Ab
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)ijcisjournal
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationUlf Mattsson
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)ijfcst journal
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020Ulf Mattsson
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...JonesSmith7
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyUlf Mattsson
 
Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...IJNSA Journal
 
Future data security ‘will come from several sources’
Future data security ‘will come from several sources’Future data security ‘will come from several sources’
Future data security ‘will come from several sources’John Davis
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networkskontakt.io
 
6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...IJNSA Journal
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...Ulf Mattsson
 

Mais procurados (20)

A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
Iot forensics
Iot forensicsIot forensics
Iot forensics
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things Forensics
 
International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computation
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technology
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacy
 
Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...
 
Future data security ‘will come from several sources’
Future data security ‘will come from several sources’Future data security ‘will come from several sources’
Future data security ‘will come from several sources’
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networks
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp
 
6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)
 
Ijwns
IjwnsIjwns
Ijwns
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...
 

Semelhante a H2020 project WITDOM overview

Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES.eu
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAUlf Mattsson
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summitElsa Prieto
 
Secure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeSecure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeWolfgang Kuchinke
 
EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015Marco Moreschini
 
EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - Marco Moreschini
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaEUBrasilCloudFORUM .
 
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...apidays
 
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, GermanyIOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, GermanyCharith Perera
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKUlf Mattsson
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesUlf Mattsson
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationStefane Mouille
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protectionUlf Mattsson
 
Guidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainGuidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainIvano Malavolta
 
EU H2020 PRISMACLOUD Project Overview
EU H2020 PRISMACLOUD Project OverviewEU H2020 PRISMACLOUD Project Overview
EU H2020 PRISMACLOUD Project OverviewPRISMACLOUD Project
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsLionel Briand
 

Semelhante a H2020 project WITDOM overview (20)

Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACA
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summit
 
Brokerage and market Platform
Brokerage and market PlatformBrokerage and market Platform
Brokerage and market Platform
 
Secure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeSecure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinke
 
EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015
 
EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 -
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agenda
 
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
 
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, GermanyIOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UK
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniques
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentation
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protection
 
Guidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainGuidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domain
 
EU H2020 PRISMACLOUD Project Overview
EU H2020 PRISMACLOUD Project OverviewEU H2020 PRISMACLOUD Project Overview
EU H2020 PRISMACLOUD Project Overview
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech Applications
 

Último

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 

Último (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

H2020 project WITDOM overview

  • 1. empoWering prIvacy and securiTy in non-trusteD envirOnMents witdom.eu General Presentation
  • 2. 22empoWering prIvacy and securiTy in non-trusteD envirOnMents Content 1) Project Facts 2) Objectives 3) Main Outcomes 4) Main innovations 5) Architecture 6) Pilots 7) Project structure 8) Project roadmap
  • 3. 3  WITDOM stands for “empoWering prIvacy and securiTy in non-trusteD envirOnMents”.  It is a Research and Innovation Action co-funded by the European Union H2020 Programme, within the thematic priority of Information and communications technologies (ICT).  WITDOM was approved under call 1 of the H2020-ICT- 2014-1, ICT-32-2014 in the topic of Cybersecurity, Trustworthy ICT with project No. 644371.  WITDOM started in January 2015 will run for 36 months.  The overall project budget is around 4 million euro.  7 different organizations from 5 European countries form the WITDOM consortium. Project Facts
  • 4. 4  A framework for end-to-end protection of data in untrusted and fast-evolving ICT-based environments. • Driven by privacy-and-security-by-design (PSbD) principles. • Holistic and all-encompassing. • Provide end-to-end security.  Tools for effective protection of sensitive data: • Resource-efficient cryptographic primitives (e.g: SHE, FHE, SMC). • Privacy Enhanced Technologies (PETs) to enhance privacy- utility tradeoffs. • Effective verification of data and process integrity. • Secure protocols for outsourcing sensitive data. • Evaluation and assessment of privacy preferences.  This WITDOM framework will be instantiated and validated in two application scenarios (eHealth and Financial Services) with demanding privacy requirements to protect sensitive data. Objectives
  • 5. 6 Main Outcomes • Analysis and assessment of end-to-end privacy/security • Objective privacy metrics and quantifiable evaluation mechanisms. • Guidelines and methods for the analysis of security requirements and trust relationships • PSbD and user-empowered architectures and scenarios for outsourced / distributed environments. • Definition and enforcement of user-centric privacy-preferences. • Multi-party security and privacy analysis for outsourced/distributed eHealth and Financial services scenarios, instantiated architectures. • Resource-efficient cryptographic primitives, protocols and PETs for outsourced processing of sensitive data (addressing the trade-off between good performance and strong cryptographic protection). • Efficient cryptographic verifiability mechanisms for user-empowered outsourced processing • Evaluation of the developed primitives, quantitative assessment of the net advances in utility, efficiency and privacy/security • Privacy-preserving toolkit mplementing privacy-preserving primitives, protocols, privacy- enhancing techniques (PETs) and formalized preferences for user-centric verifiable outsourced processing (open-access building blocks). • Multi-disciplinary assessment of prototypes for eHealth and Banking scenarios, making use of the toolkit and showcasing the net advance and impact of the general and practical outcomes in two privacy-aware scenarios. General Outcomes Framework Practical Level Platform Implementation Level Toolkit& prototypes
  • 6. 7 Main innovations Privacy Enhancing Techniques, perturbation mechanisms and privacy metrics Privacy- preserving cryptographic techniques supporting encrypted processing Cryptographic techniques for Integrity and Verifiability of outsourced processes European Legal Landscape – Comprehensive privacy metrics for sensitive outsourced data and quantifiable leakage and traces – Privacy guarantees even if an adversary has access to arbitrary background and secondary information (based on DP) – Fine-tune other complexity- dependent methods to match the life- span of Cloud-related environments. – Resource efficient SHE and FHE – PEKS, PERKS, SMC, ZK – Overcome the current limitations in terms of full anonymisation of financial and eHealth data – Produce efficient data processing techniques in both scenarios – Integrity and consistency guarantees (i.e., fork-linearizability and derived) – Overcome current restrictions to simple storage services, and the severe limitations in concurrent operation – Advance verification of remote computation respecting multi-client input privacy – Follow the evolution GDPR, opinions and recommendations of Article 29 WP – Translate these legal requirements into technological requirements, enabling seamless assessment of legal compliance Holistic vision, with interrelated and entangled advance in all areas
  • 7. 8 Architecture SPM: Coding/obfuscating/encryp ting allowing for the secure realization of certain operations implemented as secure primitives within the secure processing modules (APIs or software libraries) with a client-server structure Comms protocols: Between two SPMs, as part of the advanced cryptographic techniques used for data and signal processing in the encrypted domain and PETs Policy Enforcement, Auth, Verifiability Compliance of user preferences to access control to private data, anonymity/privacy enforcement, and data and process integrity. Secure Storage Module Encryption standards, perturbation mechanisms and data formats in unsecured environments, enabling the verifiable encrypted processing protocols.
  • 8. 9  Genetic/proteomic databases protection, shared for large- scale research analyses and outsourced individual clinical analyses. Scenario I: e-Health Citizens (Data owners) Database Generators (Genetic data) Genetic Research Institutes Certification Authority & Key Management Private Requests: Genetic Analyses and Studies Cloud Diagnosis Services Genetic Research Knowledge enabling Genetic Diagnosis Citizens with their protected DNA metadata Private Requests Protected Metadata Knowledgebase Expert System working with Protected Signals Outsourced Genetic Databases with protected raw data
  • 9. 10  Protection of large-scale outsourced financial data storage and processing (financial risk calculation, fraud detection,...) Scenario II: Financial Services Protected Processing requestsBanking Institution Certification Authority & Key Management Outsourced Databases processing protected data Other Banking Institutions Security Perimeters In-House Private Cloud Bank Clients Public Cloud
  • 10. 11 Project Structure WP1 Project & Innovation Management (ATOS) WP7 Dissemination, communication, exploitation and standardization (ATOS) WP2 Requirements analysis and prototypes evaluation (FCSR) WP3 Basic research on enabling privacy and cryptographic tools (UVIGO) WP6 Legal requirements and validation (KU Leuven) WP5 Privacy preserving platform toolkit and prototypes (XLAB) WP4 applied research and architectural design (IBM)
  • 11. 12 Project Roadmap Requirements Formalization Legal Requirements Fundamental Research Architecture Implementation&Prototypes Translation of DP Directives Management Communication/Dissemination/Standardization/Exploitation Validation/ Assessment Final Validation WP1 WP2 WP3 WP4 WP5 WP6 WP7 Year 1 (M1-M12) Year 2 (M3-M24) Year 3 (M25-M36)
  • 12. Partners Contact Elsa Prieto (Atos) WITDOM coordinator and Exploitation & Innovation Manager elsa.prieto@atos.net witdom.eu This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 64437. This work was supported in part by the Swiss State Secretariat for Education, Research and Innovation under contract No. 15.0098. The opinions expressed and arguments employed herein do not necessarily reflect the official views of the European Commission or the Swiss Government.