SlideShare una empresa de Scribd logo

H2020 project WITDOM overview

Elsa Prieto
Elsa Prieto

The project “empoWering prIvacy and securiTy in non-trusteD envirOnMents” (WITDOM for short) is a three-year multi-disciplinary, Research and Innovation Action co-funded by the European Commission in the context of Horizon 2020, the EU Framework Programme for Research and Innovation. WITDOM aims at protecting the privacy and security of data outsourced to untrusted ICT providers, such as clouds. By protecting sensitive data cryptographically and by applying the privacy-by-design paradigms, WITDOM will provide a holistic framework that addresses end-to-end security for sensitive data. WITDOM's data protection methods will be tailored to the risks associated with different classes of data, so that users remain immune to the threats, vulnerabilities, and risks that may affect remote data processing.

Tecnología
1 de 12
Descargar para leer sin conexión
empoWering prIvacy and securiTy in non-trusteD envirOnMents witdom.eu General Presentation
22empoWering prIvacy and securiTy in non-trusteD envirOnMents Content 1) Project Facts 2) Objectives 3) Main Outcomes 4) Main innovations 5) Architecture 6) Pilots 7) Project structure 8) Project roadmap
3  WITDOM stands for “empoWering prIvacy and securiTy in non-trusteD envirOnMents”.  It is a Research and Innovation Action co-funded by the European Union H2020 Programme, within the thematic priority of Information and communications technologies (ICT).  WITDOM was approved under call 1 of the H2020-ICT- 2014-1, ICT-32-2014 in the topic of Cybersecurity, Trustworthy ICT with project No. 644371.  WITDOM started in January 2015 will run for 36 months.  The overall project budget is around 4 million euro.  7 different organizations from 5 European countries form the WITDOM consortium. Project Facts
4  A framework for end-to-end protection of data in untrusted and fast-evolving ICT-based environments. • Driven by privacy-and-security-by-design (PSbD) principles. • Holistic and all-encompassing. • Provide end-to-end security.  Tools for effective protection of sensitive data: • Resource-efficient cryptographic primitives (e.g: SHE, FHE, SMC). • Privacy Enhanced Technologies (PETs) to enhance privacy- utility tradeoffs. • Effective verification of data and process integrity. • Secure protocols for outsourcing sensitive data. • Evaluation and assessment of privacy preferences.  This WITDOM framework will be instantiated and validated in two application scenarios (eHealth and Financial Services) with demanding privacy requirements to protect sensitive data. Objectives
6 Main Outcomes • Analysis and assessment of end-to-end privacy/security • Objective privacy metrics and quantifiable evaluation mechanisms. • Guidelines and methods for the analysis of security requirements and trust relationships • PSbD and user-empowered architectures and scenarios for outsourced / distributed environments. • Definition and enforcement of user-centric privacy-preferences. • Multi-party security and privacy analysis for outsourced/distributed eHealth and Financial services scenarios, instantiated architectures. • Resource-efficient cryptographic primitives, protocols and PETs for outsourced processing of sensitive data (addressing the trade-off between good performance and strong cryptographic protection). • Efficient cryptographic verifiability mechanisms for user-empowered outsourced processing • Evaluation of the developed primitives, quantitative assessment of the net advances in utility, efficiency and privacy/security • Privacy-preserving toolkit mplementing privacy-preserving primitives, protocols, privacy- enhancing techniques (PETs) and formalized preferences for user-centric verifiable outsourced processing (open-access building blocks). • Multi-disciplinary assessment of prototypes for eHealth and Banking scenarios, making use of the toolkit and showcasing the net advance and impact of the general and practical outcomes in two privacy-aware scenarios. General Outcomes Framework Practical Level Platform Implementation Level Toolkit& prototypes
7 Main innovations Privacy Enhancing Techniques, perturbation mechanisms and privacy metrics Privacy- preserving cryptographic techniques supporting encrypted processing Cryptographic techniques for Integrity and Verifiability of outsourced processes European Legal Landscape – Comprehensive privacy metrics for sensitive outsourced data and quantifiable leakage and traces – Privacy guarantees even if an adversary has access to arbitrary background and secondary information (based on DP) – Fine-tune other complexity- dependent methods to match the life- span of Cloud-related environments. – Resource efficient SHE and FHE – PEKS, PERKS, SMC, ZK – Overcome the current limitations in terms of full anonymisation of financial and eHealth data – Produce efficient data processing techniques in both scenarios – Integrity and consistency guarantees (i.e., fork-linearizability and derived) – Overcome current restrictions to simple storage services, and the severe limitations in concurrent operation – Advance verification of remote computation respecting multi-client input privacy – Follow the evolution GDPR, opinions and recommendations of Article 29 WP – Translate these legal requirements into technological requirements, enabling seamless assessment of legal compliance Holistic vision, with interrelated and entangled advance in all areas
8 Architecture SPM: Coding/obfuscating/encryp ting allowing for the secure realization of certain operations implemented as secure primitives within the secure processing modules (APIs or software libraries) with a client-server structure Comms protocols: Between two SPMs, as part of the advanced cryptographic techniques used for data and signal processing in the encrypted domain and PETs Policy Enforcement, Auth, Verifiability Compliance of user preferences to access control to private data, anonymity/privacy enforcement, and data and process integrity. Secure Storage Module Encryption standards, perturbation mechanisms and data formats in unsecured environments, enabling the verifiable encrypted processing protocols.
9  Genetic/proteomic databases protection, shared for large- scale research analyses and outsourced individual clinical analyses. Scenario I: e-Health Citizens (Data owners) Database Generators (Genetic data) Genetic Research Institutes Certification Authority & Key Management Private Requests: Genetic Analyses and Studies Cloud Diagnosis Services Genetic Research Knowledge enabling Genetic Diagnosis Citizens with their protected DNA metadata Private Requests Protected Metadata Knowledgebase Expert System working with Protected Signals Outsourced Genetic Databases with protected raw data
10  Protection of large-scale outsourced financial data storage and processing (financial risk calculation, fraud detection,...) Scenario II: Financial Services Protected Processing requestsBanking Institution Certification Authority & Key Management Outsourced Databases processing protected data Other Banking Institutions Security Perimeters In-House Private Cloud Bank Clients Public Cloud
11 Project Structure WP1 Project & Innovation Management (ATOS) WP7 Dissemination, communication, exploitation and standardization (ATOS) WP2 Requirements analysis and prototypes evaluation (FCSR) WP3 Basic research on enabling privacy and cryptographic tools (UVIGO) WP6 Legal requirements and validation (KU Leuven) WP5 Privacy preserving platform toolkit and prototypes (XLAB) WP4 applied research and architectural design (IBM)
12 Project Roadmap Requirements Formalization Legal Requirements Fundamental Research Architecture Implementation&Prototypes Translation of DP Directives Management Communication/Dissemination/Standardization/Exploitation Validation/ Assessment Final Validation WP1 WP2 WP3 WP4 WP5 WP6 WP7 Year 1 (M1-M12) Year 2 (M3-M24) Year 3 (M25-M36)
Partners Contact Elsa Prieto (Atos) WITDOM coordinator and Exploitation & Innovation Manager elsa.prieto@atos.net witdom.eu This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 64437. This work was supported in part by the Swiss State Secretariat for Education, Research and Innovation under contract No. 15.0098. The opinions expressed and arguments employed herein do not necessarily reflect the official views of the European Commission or the Swiss Government.

Recomendados

Witdom overview 2016
Witdom overview 2016Witdom overview 2016
Witdom overview 2016Elsa Prieto
 
Pendahuluan it forensik
Pendahuluan it forensikPendahuluan it forensik
Pendahuluan it forensiknewbie2019
 
Book
BookBook
BookUlf Mattsson
 
ETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS - the Global IT Association for Telecommunications
 
License-based Access Control in EPCglobal Networks
License-based Access Control in EPCglobal NetworksLicense-based Access Control in EPCglobal Networks
License-based Access Control in EPCglobal NetworksMatthieu Schapranow
 
An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...IJECEIAES
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysSolarwinds N-able
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 

Recomendados

Witdom overview 2016
Witdom overview 2016Witdom overview 2016
Witdom overview 2016Elsa Prieto
 
Pendahuluan it forensik
Pendahuluan it forensikPendahuluan it forensik
Pendahuluan it forensiknewbie2019
 
Book
BookBook
BookUlf Mattsson
 
ETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS - the Global IT Association for Telecommunications
 
License-based Access Control in EPCglobal Networks
License-based Access Control in EPCglobal NetworksLicense-based Access Control in EPCglobal Networks
License-based Access Control in EPCglobal NetworksMatthieu Schapranow
 
An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...IJECEIAES
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysSolarwinds N-able
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
Iot forensics
Iot forensicsIot forensics
Iot forensicsAbeis Ab
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things ForensicsAakashjit Bhattacharya
 
International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)ijcisjournal
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationUlf Mattsson
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)ijfcst journal
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020Ulf Mattsson
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...JonesSmith7
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyUlf Mattsson
 
Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...IJNSA Journal
 
Future data security ‘will come from several sources’
Future data security ‘will come from several sources’Future data security ‘will come from several sources’
Future data security ‘will come from several sources’John Davis
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networkskontakt.io
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp JonesSmith7
 
6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...IJNSA Journal
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
Ijwns
IjwnsIjwns
IjwnsMiajackB
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...Ulf Mattsson
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 

Más contenido relacionado

La actualidad más candente

A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
Iot forensics
Iot forensicsIot forensics
Iot forensicsAbeis Ab
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)ijcisjournal
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationUlf Mattsson
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)ijfcst journal
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020Ulf Mattsson
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...JonesSmith7
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyUlf Mattsson
 
Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...IJNSA Journal
 
Future data security ‘will come from several sources’
Future data security ‘will come from several sources’Future data security ‘will come from several sources’
Future data security ‘will come from several sources’John Davis
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networkskontakt.io
 
6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...IJNSA Journal
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...Ulf Mattsson
 

La actualidad más candente (20)

A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
Iot forensics
Iot forensicsIot forensics
Iot forensics
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things Forensics
 
International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)International Journal on Cryptography and Information Security (IJCIS)
International Journal on Cryptography and Information Security (IJCIS)
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computation
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technology
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacy
 
Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...Call for Papers - 6th International Conference on Cryptography and Informatio...
Call for Papers - 6th International Conference on Cryptography and Informatio...
 
Future data security ‘will come from several sources’
Future data security ‘will come from several sources’Future data security ‘will come from several sources’
Future data security ‘will come from several sources’
 
Kontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia NetworksKontakt.io webinar with Cassia Networks
Kontakt.io webinar with Cassia Networks
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp
 
6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...6th International Conference on Cryptography and Information Security (CRIS 2...
6th International Conference on Cryptography and Information Security (CRIS 2...
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)
 
Ijwns
IjwnsIjwns
Ijwns
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...
 

Similar a H2020 project WITDOM overview

Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES.eu
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAUlf Mattsson
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summitElsa Prieto
 
Secure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeSecure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeWolfgang Kuchinke
 
EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015Marco Moreschini
 
EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - Marco Moreschini
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaEUBrasilCloudFORUM .
 
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...apidays
 
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, GermanyIOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, GermanyCharith Perera
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKUlf Mattsson
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesUlf Mattsson
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationStefane Mouille
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protectionUlf Mattsson
 
Guidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainGuidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainIvano Malavolta
 
EU H2020 PRISMACLOUD Project Overview
EU H2020 PRISMACLOUD Project OverviewEU H2020 PRISMACLOUD Project Overview
EU H2020 PRISMACLOUD Project OverviewPRISMACLOUD Project
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsLionel Briand
 

Similar a H2020 project WITDOM overview (20)

Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACA
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summit
 
Brokerage and market Platform
Brokerage and market PlatformBrokerage and market Platform
Brokerage and market Platform
 
Secure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeSecure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinke
 
EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015
 
EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 -
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agenda
 
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
apidays LIVE Paris 2021 - Data privacy in the era of cloud native app by Guil...
 
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, GermanyIOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UK
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniques
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentation
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protection
 
Guidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainGuidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domain
 
EU H2020 PRISMACLOUD Project Overview
EU H2020 PRISMACLOUD Project OverviewEU H2020 PRISMACLOUD Project Overview
EU H2020 PRISMACLOUD Project Overview
 
Secure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech ApplicationsSecure and Compliant Data Management in FinTech Applications
Secure and Compliant Data Management in FinTech Applications
 

Último

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Último (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

H2020 project WITDOM overview

  • 1. empoWering prIvacy and securiTy in non-trusteD envirOnMents witdom.eu General Presentation
  • 2. 22empoWering prIvacy and securiTy in non-trusteD envirOnMents Content 1) Project Facts 2) Objectives 3) Main Outcomes 4) Main innovations 5) Architecture 6) Pilots 7) Project structure 8) Project roadmap
  • 3. 3  WITDOM stands for “empoWering prIvacy and securiTy in non-trusteD envirOnMents”.  It is a Research and Innovation Action co-funded by the European Union H2020 Programme, within the thematic priority of Information and communications technologies (ICT).  WITDOM was approved under call 1 of the H2020-ICT- 2014-1, ICT-32-2014 in the topic of Cybersecurity, Trustworthy ICT with project No. 644371.  WITDOM started in January 2015 will run for 36 months.  The overall project budget is around 4 million euro.  7 different organizations from 5 European countries form the WITDOM consortium. Project Facts
  • 4. 4  A framework for end-to-end protection of data in untrusted and fast-evolving ICT-based environments. • Driven by privacy-and-security-by-design (PSbD) principles. • Holistic and all-encompassing. • Provide end-to-end security.  Tools for effective protection of sensitive data: • Resource-efficient cryptographic primitives (e.g: SHE, FHE, SMC). • Privacy Enhanced Technologies (PETs) to enhance privacy- utility tradeoffs. • Effective verification of data and process integrity. • Secure protocols for outsourcing sensitive data. • Evaluation and assessment of privacy preferences.  This WITDOM framework will be instantiated and validated in two application scenarios (eHealth and Financial Services) with demanding privacy requirements to protect sensitive data. Objectives
  • 5. 6 Main Outcomes • Analysis and assessment of end-to-end privacy/security • Objective privacy metrics and quantifiable evaluation mechanisms. • Guidelines and methods for the analysis of security requirements and trust relationships • PSbD and user-empowered architectures and scenarios for outsourced / distributed environments. • Definition and enforcement of user-centric privacy-preferences. • Multi-party security and privacy analysis for outsourced/distributed eHealth and Financial services scenarios, instantiated architectures. • Resource-efficient cryptographic primitives, protocols and PETs for outsourced processing of sensitive data (addressing the trade-off between good performance and strong cryptographic protection). • Efficient cryptographic verifiability mechanisms for user-empowered outsourced processing • Evaluation of the developed primitives, quantitative assessment of the net advances in utility, efficiency and privacy/security • Privacy-preserving toolkit mplementing privacy-preserving primitives, protocols, privacy- enhancing techniques (PETs) and formalized preferences for user-centric verifiable outsourced processing (open-access building blocks). • Multi-disciplinary assessment of prototypes for eHealth and Banking scenarios, making use of the toolkit and showcasing the net advance and impact of the general and practical outcomes in two privacy-aware scenarios. General Outcomes Framework Practical Level Platform Implementation Level Toolkit& prototypes
  • 6. 7 Main innovations Privacy Enhancing Techniques, perturbation mechanisms and privacy metrics Privacy- preserving cryptographic techniques supporting encrypted processing Cryptographic techniques for Integrity and Verifiability of outsourced processes European Legal Landscape – Comprehensive privacy metrics for sensitive outsourced data and quantifiable leakage and traces – Privacy guarantees even if an adversary has access to arbitrary background and secondary information (based on DP) – Fine-tune other complexity- dependent methods to match the life- span of Cloud-related environments. – Resource efficient SHE and FHE – PEKS, PERKS, SMC, ZK – Overcome the current limitations in terms of full anonymisation of financial and eHealth data – Produce efficient data processing techniques in both scenarios – Integrity and consistency guarantees (i.e., fork-linearizability and derived) – Overcome current restrictions to simple storage services, and the severe limitations in concurrent operation – Advance verification of remote computation respecting multi-client input privacy – Follow the evolution GDPR, opinions and recommendations of Article 29 WP – Translate these legal requirements into technological requirements, enabling seamless assessment of legal compliance Holistic vision, with interrelated and entangled advance in all areas
  • 7. 8 Architecture SPM: Coding/obfuscating/encryp ting allowing for the secure realization of certain operations implemented as secure primitives within the secure processing modules (APIs or software libraries) with a client-server structure Comms protocols: Between two SPMs, as part of the advanced cryptographic techniques used for data and signal processing in the encrypted domain and PETs Policy Enforcement, Auth, Verifiability Compliance of user preferences to access control to private data, anonymity/privacy enforcement, and data and process integrity. Secure Storage Module Encryption standards, perturbation mechanisms and data formats in unsecured environments, enabling the verifiable encrypted processing protocols.
  • 8. 9  Genetic/proteomic databases protection, shared for large- scale research analyses and outsourced individual clinical analyses. Scenario I: e-Health Citizens (Data owners) Database Generators (Genetic data) Genetic Research Institutes Certification Authority & Key Management Private Requests: Genetic Analyses and Studies Cloud Diagnosis Services Genetic Research Knowledge enabling Genetic Diagnosis Citizens with their protected DNA metadata Private Requests Protected Metadata Knowledgebase Expert System working with Protected Signals Outsourced Genetic Databases with protected raw data
  • 9. 10  Protection of large-scale outsourced financial data storage and processing (financial risk calculation, fraud detection,...) Scenario II: Financial Services Protected Processing requestsBanking Institution Certification Authority & Key Management Outsourced Databases processing protected data Other Banking Institutions Security Perimeters In-House Private Cloud Bank Clients Public Cloud
  • 10. 11 Project Structure WP1 Project & Innovation Management (ATOS) WP7 Dissemination, communication, exploitation and standardization (ATOS) WP2 Requirements analysis and prototypes evaluation (FCSR) WP3 Basic research on enabling privacy and cryptographic tools (UVIGO) WP6 Legal requirements and validation (KU Leuven) WP5 Privacy preserving platform toolkit and prototypes (XLAB) WP4 applied research and architectural design (IBM)
  • 11. 12 Project Roadmap Requirements Formalization Legal Requirements Fundamental Research Architecture Implementation&Prototypes Translation of DP Directives Management Communication/Dissemination/Standardization/Exploitation Validation/ Assessment Final Validation WP1 WP2 WP3 WP4 WP5 WP6 WP7 Year 1 (M1-M12) Year 2 (M3-M24) Year 3 (M25-M36)
  • 12. Partners Contact Elsa Prieto (Atos) WITDOM coordinator and Exploitation & Innovation Manager elsa.prieto@atos.net witdom.eu This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 64437. This work was supported in part by the Swiss State Secretariat for Education, Research and Innovation under contract No. 15.0098. The opinions expressed and arguments employed herein do not necessarily reflect the official views of the European Commission or the Swiss Government.