Archetypes The characteristics and qualities that make up heroes and their journeys.
Project Presentation 2016witdom.eu/sites/default/files/witdom/public/...share their personal data...
Transcript of Project Presentation 2016witdom.eu/sites/default/files/witdom/public/...share their personal data...
empoWering prIvacy and securiTy in non-trusteD envirOnMents
Project Presentation 2016
witdom.eu
https://twitter.com/W1TD0M
https://www.linkedin.com/groups/8257514
2 2 empoWering prIvacy and securiTy in non-trusteD envirOnMents
Content 1) Project Facts
2) Value Proposition
3) Main innovations
4) Sought impact
5) Main Scenarios:
eHealth and FS
6) Project roadmap
7) WITDOM requirements
8) WITDOM Architecture
9) WITDOM platform
10) Project structure
WITDOM: “empoWering prIvacy and securiTy in non-trusteD envirOnMents”.
Research and Innovation Action.
Call 1 of the H2020-ICT-2014-1
ICT-32-2014 - topic of Cybersecurity, Trustworthy ICT
Project No. 644371
Started in January 2015
Duration: 36 months
Overall project budget: 4 million euro.
WITDOM consortium: 7 different organizations from 5 European countries
Project Facts
WITDOM value proposition
Storage/ Data processing
CLOUD PROVIDER
Untrusted domain (i.e: public cloud)
Trusted domain (i.e: private cloud)
End-users
Public Institution Regulator
3rd parties
IT DEPARTMENT
Operations
Internal users
Protected data
Requests
External users
WITDOM value proposition (II)
Framework for end-to-end protection of outsourced data in untrusted ICT-based environments.
Framework
Protection Building blocks
Reference Implementations
Guidelines
Platform
Scenarios
Metrics
General Outcomes Practical Level Implementation Level
6
Main innovations
Privacy Enhancing Techniques,
perturbation mechanisms and privacy
metrics
Privacy-preserving
cryptographic
techniques supporting encrypted processing
Cryptographic techniques for Integrity
and Verifiability of outsourced processes
European Legal
Landscape
Privacy metrics for
sensitive outsourced
data and quantifiable
leakage and traces
– Efficient HE
– Current limitations in
terms of full
anonymisation
– Produce efficient data
processing techniques.
– Integrity and consistency
guarantees
– Overcome current
restrictions to simple
storage services
– Overcomes limitations in
concurrent operation
Evolution of the EU data
protection regulation
Holistic vision, with
interrelated and entangled advance in all
areas
Macro level: • New paradigm for design and implementation of ICT
• Measurably higher level of security and privacy at marginal additional cost
• Products compliant with EU Data Protection legislation
Societal level • Increased user trust in ICT services and protection of user privacy
• Improved ability to detect breaches in security
• More resilient critical infrast. and services with built-in trustworthiness
Research & Innovation level • Simplified crypto primitives implementation, easy-to-manage
security (reduced complexity of security infrast.)
• Provable improved security than traditionally designed ICT
• User empowerment over data and trust relations (user-centric tools to define / automatically enforce privacy preferences)
Sought Impacts
Outcomes for Europe’s ICT Market Players
A cloudified version of the platform, ready to be deployed in most notable cloud platforms: Amazon, Google, Openstack…
A set of PETs, secure primitives and other building blocks (e.g. authorization) which can be combined, extended or re-arranged to address other scenarios.
The knowledge of deploying and implementing the framework in two privacy-sensitive pilot test settings.
WITDOM Scenarios: overview
Concept eHealth Financial
Scope Genetic/proteomic databases protection, shared for large-scale research analyses and outsourced individual clinical analyses.
Protection of large-scale outsourced financial data storage and processing.
Processes • Reads alignment • Variants annotations • Data remote access
• Credit card transaction fraud detection and prevention
• Credit risk scoring • Cash flow forecasting
Data size Big files (GB) Small records (<1KB)
Data quantity A few files per user (Medical reports, list of variants, raw genomic data)
Many records per users (personal info + transactions + customer portfolio)
Access to data A few access Many access
Computation Batch computation Batch & Real-time computations
eHealth scenario
Financial Services scenario
Other Areas of Application
Smart grid: efficiently and securely process housholds’ consumption data in order to
a) adjust the energy provisioning, and
b) accurately bill the customer without invading their privacy.
Public transportation: People using public transportation means (train, buses, underground) may share their personal data about their daily journeys in order to help the companies to improve their services.
Environment analysis: image processing from optical instruments and visual recording systems in order to locate hazardous events, locate missing people, or analyse people behaviour.
Towards an E2E security framework
WITDOM scenarios
Requirements: scenario, legal, technical
Common architecture
Preliminary toolset & platform
Use-case architectures
Preliminary prototypes
Prototypes evaluation
Final prototypes and platform
Y1 (2015)
Y2 (2016)
Y3 (2017)
User-centered design philosophy
Co-creation + SPbD methodology
Key: exploit feared events • Description of “bad scenarios” is easier
o I do not want “them” to do research on my DNA!
• Driven by known privacy/security principles o LINDDUN, STRIDE, etc.
Requirements methodology SPACE
Non-functional Requirements
Number of Non-functional Requirements
Requirement elicitation activity
Interviews /workshops
User Journey Maps Personas
Functional Requirements
Functional Requirements
Number of functional requirements
Data types DPD/GDPR General/sensitive
Anonymous
Pseudonymous Varies
Health data Sensitive
Genetic data Sensitive
Medical data Sensitive
Health related data Sensitive
Data which allows for health related conclusions Sensitive
Financial data General
Legal and Ethical Requirements
Approach: Focus on general character of the WITDOM system: analysis of general
requirements. Focus on complementarity and diversity in WITDOM scenarios: analysis of
sector specific requirements. Focus on future oriented approach of WITDOM: analysis of the changing
international requirements.
Legal and Ethical requirements (II)
Concept eHealth Financial
Legal Requirements
• Outsourcing • Genetic data protection • Provision of care • Clinical trials (consent) • Further use for research
purposes
• Outsourcing • Fraud scoring • Cash-flow prediction • Data protection: 4 Data
quality principles (Transparency, Proportionality, Finality and Lawfulness)
Ethical Principles
• Respect for Persons/Principle of Autonomy
• Non-maleficence • Beneficence • Justice • Dignity • Responsibility • Accountability
• Non-maleficence • Wrongful discrimination • Transparency • Accountability
Research challenges in WITDOM
Secure and efficient cryptographic building blocks
• Efficient SHE, no bootstrapping
• HW-mediated FHE
• Function optimization
• Security Analysis
• Implementation in HELib
Applied Cryptography for efficient processing in the Encrypted Domain
• Primitive redesign
• Signal and data pre-coding/SPED
• Combination of PETs and crypto
• Trade-off analysis
• Scalability
• Masking approaches
Non-cryptographic Privacy Enhancing Techniques
• Unlinkability through anonymization/pseudonimization techniques
• Applicability of perturbation techniques
• Link to applied metrics and privacy-utility trade-offs
• Scenario-specifics for achievable privacy and adequate PETs-based approach
Integrity and Verifiability of Outsourced Processes
• Increase efficiency
• Advance in complex system models
• Generalization of verification methods
• Violation recovery
• Integration with privacy-preservation
General framework, combined advances in all research areas
Functional requirements drive development of secure processing tools (protection components).
Methodology for formalization and assessment of privacy-related technical requirements
Difficult but possible interplay between cryptographic and privacy guarantees.
Challenge: Optimize Utility-Efficiency-Privacy tradeoff
Technological requirements and assessment methodology
Requirements Elicitation
Privacy Property Metric Threshold Validation
Dialogue with scenarios
Iterative with scenarios
Dialogue with scenarios
Supervised by scenarios
WITDOM Initial Architecture
Trusted domain
KM
Untrusted domain
PO
Broker IAM
Services
Applications
Broker
Secured Services
SSP Anonym.
Masking
Integrity SC
E2EE
SSP
Masking
Integrity SC
E2EE
Core components (platform)
Protection components
Applications & services
Each protection component will be able to deploy over specified IaaS
Deployment mechanism:
WITDOM platform
Trusted domain Untrusted domain
Chef server
Cloudify manager
WITDOM Platform
OS1 OS2 AWS
DEB/RPM packages
Chef scripts
Blueprint/TOSCA document
Deployment on trusted domain/local infrastructure
Trusted and cloud environment
Cloud environment
Project Structure W
P1
P
roje
ct &
Inn
ova
tio
n M
anag
emen
t (A
TOS)
WP
7
Dis
sem
inat
ion
, co
mm
un
icat
ion
, exp
loit
atio
n
and
sta
nd
ard
izat
ion
(AT
OS)
WP2 Requirements analysis and prototypes evaluation
(FCSR)
WP3 Basic research on enabling privacy
and cryptographic tools
(UVIGO)
WP6 Legal requirements and
validation (KU Leuven)
WP5 Privacy preserving
platform toolkit and prototypes
(XLAB)
WP4 applied research and architectural
design (IBM)
Project Roadmap
Requirements Formalization
Legal Requirements
Fundamental Research
Architecture
Implementation & Prototypes
Translation of DP Directives
Management
Communication/Dissemination/Standardization/Exploitation
Validation/ Assessment
Final Validation
WP1
WP2
WP3
WP4
WP5
WP6
WP7
2015 (M1-M12) 2016 (M3-M24) 2017 (M25-M36)
Thank you very much for your attention!
Partners
Contact
Elsa Prieto (Atos)
WITDOM coordinator
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 64437. This work was supported in part by the Swiss State Secretariat for Education, Research and Innovation under contract No. 15.0098. The opinions expressed and arguments employed herein do not necessarily reflect the official views of the European Commission or the Swiss Government.
witdom.eu
https://twitter.com/W1TD0M
https://www.linkedin.com/groups/8257514