SlideShare a Scribd company logo

Can Trust In Security TEchnologies be Enhanced through Certification?

Download as PPTX, PDF
CRISP Project
CRISP Project

Thordis Sveinsdottir presented work from the CRISP project at the 7th Biennial Surveillance & Society Conference in Barcelona in April 2016.

Science
1 of 11
Can Trust in Security Technologies be Enhanced through Certification?: Lessons from the CRISP project. Thordis Sveinsdottir Trilateral Research Ltd 7th Biennial Surveillance & Society Conference Barcelona 20-23 April 2016
Security Certification – European Context  The EU security market, which is strong and fast growing:  Includes very different types of products and services  Is supplied by very varied stakeholder group  There is also a plethora of assorted standards and certification schemes for security products, systems and services and there is a distinct lack of harmonisation and mutual recognition of these schemes across Europe.  CRISP project objectives are to:  Aid in the harmonisation of the European security market through pan- European certification  Increase citizen trust in security products, systems and services through integrating social dimensions in the evaluation phase
The CRISP project  Evaluation and Certification Schemes for Security Products (CRISP)  36 Month project  1st April 2014-1st March 2017  Website: http://crispproject.eu/  Twitter: @CRISP_Project
RRI approach to security RD&I  There is a need to align security technologies, especially those which breech citizens’ fundamental rights and privacy, with societal needs and values to a greater extent (von Schomberg, 2011)  RRI focus allows for seeing tensions between security and fundamental rights:  as a set of practices and issues that can be addressed with an approach where a concern for ethical and social consequences of technologies are weaved into the R&D process  as a process where users and other stakeholders are engaged with producers early on, to allow for adjustments to security processes, products and systems.
CRISP evaluation of social dimensions  CRISP will contribute a holistic evaluation methodology for security products, systems and services that encompasses :  A defined use scenario  Multiple stakeholder perspectives on any one security technology  At the highest level the four dimensions, Security, Trust, Efficiency and Freedom Infringement (S-T-E-Fi) are each used for evaluation, and consideration is also paid to their interrelations and potential conflicts.  Within each evaluation dimension, a number of evaluation criteria are defined, which are further narrowed down to specific evaluation questions for each product
The CRISP Web tool A project manager sets up a scenario, which serves as basis for evaluation. Information providers answer questions for each of the STEFi dimensions
Stakeholder Analysis  Stakeholders included: Security industry, certification bodies, standardisation organisations, accreditation bodies, insurers, DPAs, policy makers and end users  Questions to ascertain the opportunities, needs and challenges of current evaluation and certification of security systems. Ascertaining the need for a scheme such as CRISP  Stakeholder analysis consisted of case study research of three technology areas.  Video Surveillance  Alarm Systems  Remotely Piloted Aircraft Systems (drones).  The case studies included: Desk research, Interviews with stakeholders, Web surveys
Stakeholder needs from certification  It provides clear added value (Security industry, certification bodies):  Low administrative burden  Low cost  One-stop certification  Transparency at all levels (e.g., documentation, evaluation, certification processes)  A robust scheme (minimum allowance for difference)  Flexibility of scheme (e.g., to allow for technological innovation)
Possible limitations of the CRISP scheme  The contextual nature of security  National security cultures/specificities  Different users/use contexts  Different use possibilities of any one product  The subjectivity of the STEFi dimensions  Too “soft” to serve as effective evaluation criteria  Concern over key dimensions and their definitions
Trust through certification?  Case study findings indicate that certification of a product, system or service enhances feelings of trust, e.g.:  The notion of certification as a ‘seal of quality’ or assurance to end users’ ranked as the most important benefit of certification by 85% of supply-side respondents and 82% of demand-side respondents*.  Certification was also seen to have the benefit of “improving service and product standards” and was selected by 42,6% of supply and 57,1% of demand side stakeholders  However:  Certification needs to be a transparent process – currently too opaque and confusing  Certification seal needs to be well known to be respected/trusted
Contact  Full findings can be found in the Work Package Report - Sveinsdottir, T., Finn, R., Wadhwa K., Rodrigues, R., van Zetten, J. Wurster, S., Murphy, P., Hirschmann, N., Rallo, A., Garcia, R., Pauner, C., Viguri, J., Kalan, E. and Kolar, I. (2015) D3.1 Stakeholder Analysis. Available at: http://crispproject.eu/wp- content/uploads/2015/03/CRISP-D3.1-Stakeholder-Analysis-FINAL.pdf  Thordis Sveinsdottir – thordis.sveinsdottir@trilateralresearch.com

Recommended

CRISP evaluation using the STEFi approach
CRISP evaluation using the STEFi approachCRISP evaluation using the STEFi approach
CRISP evaluation using the STEFi approachCRISP Project
 
CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP Project
 
Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference CRISP Project
 
CRISP - Overview and results
CRISP - Overview and results CRISP - Overview and results
CRISP - Overview and results CRISP Project
 
Policy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferencePolicy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferenceCRISP Project
 
Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...CRISP Project
 
Standardisation and certification basics
Standardisation and certification basicsStandardisation and certification basics
Standardisation and certification basicsCRISP Project
 
EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification CRISP Project
 

Recommended

CRISP evaluation using the STEFi approach
CRISP evaluation using the STEFi approachCRISP evaluation using the STEFi approach
CRISP evaluation using the STEFi approachCRISP Project
 
CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP Project
 
Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference CRISP Project
 
CRISP - Overview and results
CRISP - Overview and results CRISP - Overview and results
CRISP - Overview and results CRISP Project
 
Policy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferencePolicy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferenceCRISP Project
 
Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...CRISP Project
 
Standardisation and certification basics
Standardisation and certification basicsStandardisation and certification basics
Standardisation and certification basicsCRISP Project
 
EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification CRISP Project
 
CRISP Work package 4 Key Outcomes
CRISP Work package 4 Key OutcomesCRISP Work package 4 Key Outcomes
CRISP Work package 4 Key OutcomesCRISP Project
 
RPAS related privacy and data protection: practical advice for RPAS users
RPAS related privacy and data protection: practical advice for RPAS usersRPAS related privacy and data protection: practical advice for RPAS users
RPAS related privacy and data protection: practical advice for RPAS usersTrilateral Research
 
Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 2016Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 20163GDR
 
Cp18 cyrail final conference en
Cp18 cyrail final conference enCp18 cyrail final conference en
Cp18 cyrail final conference enUICcom
 
_Introduction_to_eu-LISA
_Introduction_to_eu-LISA_Introduction_to_eu-LISA
_Introduction_to_eu-LISASokratis Marioglou
 
Vlg Loss Prevention & Secruity Engels
Vlg Loss Prevention & Secruity EngelsVlg Loss Prevention & Secruity Engels
Vlg Loss Prevention & Secruity Engelspascalverbaten
 
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)OSIRIS_European Utility Week 2015 - Vienna (arrastrado)
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)Jose Angel Velasco
 
2. crisp final conf ste fi workshop_reflections iec-tc79 wg12
2. crisp final conf ste fi workshop_reflections iec-tc79 wg122. crisp final conf ste fi workshop_reflections iec-tc79 wg12
2. crisp final conf ste fi workshop_reflections iec-tc79 wg12CRISP Project
 
Smart Video Surveillance and Privacy - CRISP Final Conference
Smart Video Surveillance and Privacy - CRISP Final ConferenceSmart Video Surveillance and Privacy - CRISP Final Conference
Smart Video Surveillance and Privacy - CRISP Final ConferenceCRISP Project
 
Crisp kaleidoscope presentation 13112015
Crisp kaleidoscope presentation 13112015Crisp kaleidoscope presentation 13112015
Crisp kaleidoscope presentation 13112015CRISP Project
 
CRISP Stakeholder Analysis
CRISP Stakeholder AnalysisCRISP Stakeholder Analysis
CRISP Stakeholder AnalysisCRISP Project
 
BYTE bdva Valencia Summit November 2016
BYTE bdva Valencia Summit November 2016BYTE bdva Valencia Summit November 2016
BYTE bdva Valencia Summit November 2016Trilateral Research
 
3Com 3C10384VCX
3Com 3C10384VCX3Com 3C10384VCX
3Com 3C10384VCXsavomir
 
What js? Its environment
What js? Its environmentWhat js? Its environment
What js? Its environmentLucio Martinez
 
3Com 792002 REV D2
3Com 792002 REV D23Com 792002 REV D2
3Com 792002 REV D2savomir
 
CRISP WP3 stakeholder workshop
CRISP WP3 stakeholder workshopCRISP WP3 stakeholder workshop
CRISP WP3 stakeholder workshopTrilateral Research
 
CRISP project: overview of findings and lessons learned.
CRISP project: overview of findings and lessons learned.CRISP project: overview of findings and lessons learned.
CRISP project: overview of findings and lessons learned.Trilateral Research
 
A stakeholder based approach to standardisation for disaster resilience
A stakeholder based approach to standardisation for disaster resilienceA stakeholder based approach to standardisation for disaster resilience
A stakeholder based approach to standardisation for disaster resilienceTrilateral Research
 
Examining End-User Standardisation Needs for Disaster Resilience
Examining End-User Standardisation Needs for Disaster ResilienceExamining End-User Standardisation Needs for Disaster Resilience
Examining End-User Standardisation Needs for Disaster ResilienceTrilateral Research
 
Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...stuimrozsm
 
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...Dr. Monideep Dey
 
Corporate Tekes Safety and Security programme 2013
Corporate Tekes Safety and Security programme 2013Corporate Tekes Safety and Security programme 2013
Corporate Tekes Safety and Security programme 2013Turvallisuus2013
 

More Related Content

What's hot

CRISP Work package 4 Key Outcomes
CRISP Work package 4 Key OutcomesCRISP Work package 4 Key Outcomes
CRISP Work package 4 Key OutcomesCRISP Project
 
RPAS related privacy and data protection: practical advice for RPAS users
RPAS related privacy and data protection: practical advice for RPAS usersRPAS related privacy and data protection: practical advice for RPAS users
RPAS related privacy and data protection: practical advice for RPAS usersTrilateral Research
 
Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 2016Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 20163GDR
 
Cp18 cyrail final conference en
Cp18 cyrail final conference enCp18 cyrail final conference en
Cp18 cyrail final conference enUICcom
 
Vlg Loss Prevention & Secruity Engels
Vlg Loss Prevention & Secruity EngelsVlg Loss Prevention & Secruity Engels
Vlg Loss Prevention & Secruity Engelspascalverbaten
 
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)OSIRIS_European Utility Week 2015 - Vienna (arrastrado)
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)Jose Angel Velasco
 

What's hot (7)

CRISP Work package 4 Key Outcomes
CRISP Work package 4 Key OutcomesCRISP Work package 4 Key Outcomes
CRISP Work package 4 Key Outcomes
 
RPAS related privacy and data protection: practical advice for RPAS users
RPAS related privacy and data protection: practical advice for RPAS usersRPAS related privacy and data protection: practical advice for RPAS users
RPAS related privacy and data protection: practical advice for RPAS users
 
Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 2016Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 2016
 
Cp18 cyrail final conference en
Cp18 cyrail final conference enCp18 cyrail final conference en
Cp18 cyrail final conference en
 
_Introduction_to_eu-LISA
_Introduction_to_eu-LISA_Introduction_to_eu-LISA
_Introduction_to_eu-LISA
 
Vlg Loss Prevention & Secruity Engels
Vlg Loss Prevention & Secruity EngelsVlg Loss Prevention & Secruity Engels
Vlg Loss Prevention & Secruity Engels
 
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)OSIRIS_European Utility Week 2015 - Vienna (arrastrado)
OSIRIS_European Utility Week 2015 - Vienna (arrastrado)
 

Viewers also liked

2. crisp final conf ste fi workshop_reflections iec-tc79 wg12
2. crisp final conf ste fi workshop_reflections iec-tc79 wg122. crisp final conf ste fi workshop_reflections iec-tc79 wg12
2. crisp final conf ste fi workshop_reflections iec-tc79 wg12CRISP Project
 
Smart Video Surveillance and Privacy - CRISP Final Conference
Smart Video Surveillance and Privacy - CRISP Final ConferenceSmart Video Surveillance and Privacy - CRISP Final Conference
Smart Video Surveillance and Privacy - CRISP Final ConferenceCRISP Project
 
Crisp kaleidoscope presentation 13112015
Crisp kaleidoscope presentation 13112015Crisp kaleidoscope presentation 13112015
Crisp kaleidoscope presentation 13112015CRISP Project
 
CRISP Stakeholder Analysis
CRISP Stakeholder AnalysisCRISP Stakeholder Analysis
CRISP Stakeholder AnalysisCRISP Project
 
BYTE bdva Valencia Summit November 2016
BYTE bdva Valencia Summit November 2016BYTE bdva Valencia Summit November 2016
BYTE bdva Valencia Summit November 2016Trilateral Research
 
3Com 3C10384VCX
3Com 3C10384VCX3Com 3C10384VCX
3Com 3C10384VCXsavomir
 
What js? Its environment
What js? Its environmentWhat js? Its environment
What js? Its environmentLucio Martinez
 
3Com 792002 REV D2
3Com 792002 REV D23Com 792002 REV D2
3Com 792002 REV D2savomir
 

Viewers also liked (8)

2. crisp final conf ste fi workshop_reflections iec-tc79 wg12
2. crisp final conf ste fi workshop_reflections iec-tc79 wg122. crisp final conf ste fi workshop_reflections iec-tc79 wg12
2. crisp final conf ste fi workshop_reflections iec-tc79 wg12
 
Smart Video Surveillance and Privacy - CRISP Final Conference
Smart Video Surveillance and Privacy - CRISP Final ConferenceSmart Video Surveillance and Privacy - CRISP Final Conference
Smart Video Surveillance and Privacy - CRISP Final Conference
 
Crisp kaleidoscope presentation 13112015
Crisp kaleidoscope presentation 13112015Crisp kaleidoscope presentation 13112015
Crisp kaleidoscope presentation 13112015
 
CRISP Stakeholder Analysis
CRISP Stakeholder AnalysisCRISP Stakeholder Analysis
CRISP Stakeholder Analysis
 
BYTE bdva Valencia Summit November 2016
BYTE bdva Valencia Summit November 2016BYTE bdva Valencia Summit November 2016
BYTE bdva Valencia Summit November 2016
 
3Com 3C10384VCX
3Com 3C10384VCX3Com 3C10384VCX
3Com 3C10384VCX
 
What js? Its environment
What js? Its environmentWhat js? Its environment
What js? Its environment
 
3Com 792002 REV D2
3Com 792002 REV D23Com 792002 REV D2
3Com 792002 REV D2
 

Similar to Can Trust In Security TEchnologies be Enhanced through Certification?

CRISP project: overview of findings and lessons learned.
CRISP project: overview of findings and lessons learned.CRISP project: overview of findings and lessons learned.
CRISP project: overview of findings and lessons learned.Trilateral Research
 
A stakeholder based approach to standardisation for disaster resilience
A stakeholder based approach to standardisation for disaster resilienceA stakeholder based approach to standardisation for disaster resilience
A stakeholder based approach to standardisation for disaster resilienceTrilateral Research
 
Examining End-User Standardisation Needs for Disaster Resilience
Examining End-User Standardisation Needs for Disaster ResilienceExamining End-User Standardisation Needs for Disaster Resilience
Examining End-User Standardisation Needs for Disaster ResilienceTrilateral Research
 
Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...stuimrozsm
 
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...Dr. Monideep Dey
 
Corporate Tekes Safety and Security programme 2013
Corporate Tekes Safety and Security programme 2013Corporate Tekes Safety and Security programme 2013
Corporate Tekes Safety and Security programme 2013Turvallisuus2013
 
EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - Marco Moreschini
 
EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015Marco Moreschini
 
TSSG Security research unit May11_zdooly
TSSG Security research unit May11_zdoolyTSSG Security research unit May11_zdooly
TSSG Security research unit May11_zdoolyzdooly
 
Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...
Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...
Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...Editor IJCATR
 
TAICS - Cybersecurity Certification for European Market.pptx
TAICS - Cybersecurity Certification for European Market.pptxTAICS - Cybersecurity Certification for European Market.pptx
TAICS - Cybersecurity Certification for European Market.pptxJavier Tallón
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...abhichowdary16
 
Criterios Minimos de Seguridad CTPAT 2019 conference
Criterios Minimos de Seguridad CTPAT 2019 conferenceCriterios Minimos de Seguridad CTPAT 2019 conference
Criterios Minimos de Seguridad CTPAT 2019 conferenceJoe Garza
 
Model-based security testing
Model-based security testingModel-based security testing
Model-based security testingAxel Rennoch
 
Framework for Improving Critical Infrastructure Cyber.docx
Framework for Improving Critical Infrastructure Cyber.docxFramework for Improving Critical Infrastructure Cyber.docx
Framework for Improving Critical Infrastructure Cyber.docxbudbarber38650
 
OEB Cyber Security Framework
OEB Cyber Security FrameworkOEB Cyber Security Framework
OEB Cyber Security FrameworkNorbi Hegedus
 
Img s position-paper_for_h2020
Img s position-paper_for_h2020Img s position-paper_for_h2020
Img s position-paper_for_h2020Marco Manso
 

Similar to Can Trust In Security TEchnologies be Enhanced through Certification? (20)

CRISP WP3 stakeholder workshop
CRISP WP3 stakeholder workshopCRISP WP3 stakeholder workshop
CRISP WP3 stakeholder workshop
 
CRISP project: overview of findings and lessons learned.
CRISP project: overview of findings and lessons learned.CRISP project: overview of findings and lessons learned.
CRISP project: overview of findings and lessons learned.
 
A stakeholder based approach to standardisation for disaster resilience
A stakeholder based approach to standardisation for disaster resilienceA stakeholder based approach to standardisation for disaster resilience
A stakeholder based approach to standardisation for disaster resilience
 
Examining End-User Standardisation Needs for Disaster Resilience
Examining End-User Standardisation Needs for Disaster ResilienceExamining End-User Standardisation Needs for Disaster Resilience
Examining End-User Standardisation Needs for Disaster Resilience
 
Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...
 
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...
 
Corporate Tekes Safety and Security programme 2013
Corporate Tekes Safety and Security programme 2013Corporate Tekes Safety and Security programme 2013
Corporate Tekes Safety and Security programme 2013
 
EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 -
 
EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015
 
TSSG Security research unit May11_zdooly
TSSG Security research unit May11_zdoolyTSSG Security research unit May11_zdooly
TSSG Security research unit May11_zdooly
 
Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...
Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...
Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...
 
Principles and risk assessment of managing distributed ontologies hosted by e...
Principles and risk assessment of managing distributed ontologies hosted by e...Principles and risk assessment of managing distributed ontologies hosted by e...
Principles and risk assessment of managing distributed ontologies hosted by e...
 
TAICS - Cybersecurity Certification for European Market.pptx
TAICS - Cybersecurity Certification for European Market.pptxTAICS - Cybersecurity Certification for European Market.pptx
TAICS - Cybersecurity Certification for European Market.pptx
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
 
Criterios Minimos de Seguridad CTPAT 2019 conference
Criterios Minimos de Seguridad CTPAT 2019 conferenceCriterios Minimos de Seguridad CTPAT 2019 conference
Criterios Minimos de Seguridad CTPAT 2019 conference
 
Model-based security testing
Model-based security testingModel-based security testing
Model-based security testing
 
Framework for Improving Critical Infrastructure Cyber.docx
Framework for Improving Critical Infrastructure Cyber.docxFramework for Improving Critical Infrastructure Cyber.docx
Framework for Improving Critical Infrastructure Cyber.docx
 
OEB Cyber Security Framework
OEB Cyber Security FrameworkOEB Cyber Security Framework
OEB Cyber Security Framework
 
Emily Thompson
Emily ThompsonEmily Thompson
Emily Thompson
 
Img s position-paper_for_h2020
Img s position-paper_for_h2020Img s position-paper_for_h2020
Img s position-paper_for_h2020
 

Recently uploaded

Vision and reflection on Mining Software Repositories research in 2024
Vision and reflection on Mining Software Repositories research in 2024Vision and reflection on Mining Software Repositories research in 2024
Vision and reflection on Mining Software Repositories research in 2024AyushiRastogi48
 
Call Girls In Nihal Vihar Delhi ❤️8860477959 Looking Escorts In 24/7 Delhi NCR
Call Girls In Nihal Vihar Delhi ❤️8860477959 Looking Escorts In 24/7 Delhi NCRCall Girls In Nihal Vihar Delhi ❤️8860477959 Looking Escorts In 24/7 Delhi NCR
Call Girls In Nihal Vihar Delhi ❤️8860477959 Looking Escorts In 24/7 Delhi NCRlizamodels9
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeSatoshi NAKAHIRA
 
Dashanga agada a formulation of Agada tantra dealt in 3 Rd year bams agada tanta
Dashanga agada a formulation of Agada tantra dealt in 3 Rd year bams agada tantaDashanga agada a formulation of Agada tantra dealt in 3 Rd year bams agada tanta
Dashanga agada a formulation of Agada tantra dealt in 3 Rd year bams agada tantaPraksha3
 
Call Girls in Aiims Metro Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Aiims Metro Delhi 💯Call Us 🔝9953322196🔝 💯Escort.Call Girls in Aiims Metro Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Aiims Metro Delhi 💯Call Us 🔝9953322196🔝 💯Escort.aasikanpl
 
Recombinant DNA technology( Transgenic plant and animal)
Recombinant DNA technology( Transgenic plant and animal)Recombinant DNA technology( Transgenic plant and animal)
Recombinant DNA technology( Transgenic plant and animal)DHURKADEVIBASKAR
 
Speech, hearing, noise, intelligibility.pptx
Speech, hearing, noise, intelligibility.pptxSpeech, hearing, noise, intelligibility.pptx
Speech, hearing, noise, intelligibility.pptxpriyankatabhane
 
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxLIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxmalonesandreagweneth
 
Neurodevelopmental disorders according to the dsm 5 tr
Neurodevelopmental disorders according to the dsm 5 trNeurodevelopmental disorders according to the dsm 5 tr
Neurodevelopmental disorders according to the dsm 5 trssuser06f238
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Nistarini College, Purulia (W.B) India
 
Manassas R - Parkside Middle School 🌎🏫
Manassas R - Parkside Middle School 🌎🏫Manassas R - Parkside Middle School 🌎🏫
Manassas R - Parkside Middle School 🌎🏫qfactory1
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxSwapnil Therkar
 
Call Girls in Mayapuri Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Mayapuri Delhi 💯Call Us 🔝9953322196🔝 💯Escort.Call Girls in Mayapuri Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Mayapuri Delhi 💯Call Us 🔝9953322196🔝 💯Escort.aasikanpl
 
RESPIRATORY ADAPTATIONS TO HYPOXIA IN HUMNAS.pptx
RESPIRATORY ADAPTATIONS TO HYPOXIA IN HUMNAS.pptxRESPIRATORY ADAPTATIONS TO HYPOXIA IN HUMNAS.pptx
RESPIRATORY ADAPTATIONS TO HYPOXIA IN HUMNAS.pptxFarihaAbdulRasheed
 
Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Patrick Diehl
 
Best Call Girls In Sector 29 Gurgaon❤️8860477959 EscorTs Service In 24/7 Delh...
Best Call Girls In Sector 29 Gurgaon❤️8860477959 EscorTs Service In 24/7 Delh...Best Call Girls In Sector 29 Gurgaon❤️8860477959 EscorTs Service In 24/7 Delh...
Best Call Girls In Sector 29 Gurgaon❤️8860477959 EscorTs Service In 24/7 Delh...lizamodels9
 
Artificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PArtificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PPRINCE C P
 
Transposable elements in prokaryotes.ppt
Transposable elements in prokaryotes.pptTransposable elements in prokaryotes.ppt
Transposable elements in prokaryotes.pptArshadWarsi13
 
Welcome to GFDL for Take Your Child To Work Day
Welcome to GFDL for Take Your Child To Work DayWelcome to GFDL for Take Your Child To Work Day
Welcome to GFDL for Take Your Child To Work DayZachary Labe
 

Recently uploaded (20)

Vision and reflection on Mining Software Repositories research in 2024
Vision and reflection on Mining Software Repositories research in 2024Vision and reflection on Mining Software Repositories research in 2024
Vision and reflection on Mining Software Repositories research in 2024
 
Call Girls In Nihal Vihar Delhi ❤️8860477959 Looking Escorts In 24/7 Delhi NCR
Call Girls In Nihal Vihar Delhi ❤️8860477959 Looking Escorts In 24/7 Delhi NCRCall Girls In Nihal Vihar Delhi ❤️8860477959 Looking Escorts In 24/7 Delhi NCR
Call Girls In Nihal Vihar Delhi ❤️8860477959 Looking Escorts In 24/7 Delhi NCR
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real time
 
Dashanga agada a formulation of Agada tantra dealt in 3 Rd year bams agada tanta
Dashanga agada a formulation of Agada tantra dealt in 3 Rd year bams agada tantaDashanga agada a formulation of Agada tantra dealt in 3 Rd year bams agada tanta
Dashanga agada a formulation of Agada tantra dealt in 3 Rd year bams agada tanta
 
Call Girls in Aiims Metro Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Aiims Metro Delhi 💯Call Us 🔝9953322196🔝 💯Escort.Call Girls in Aiims Metro Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Aiims Metro Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
 
Recombinant DNA technology( Transgenic plant and animal)
Recombinant DNA technology( Transgenic plant and animal)Recombinant DNA technology( Transgenic plant and animal)
Recombinant DNA technology( Transgenic plant and animal)
 
Speech, hearing, noise, intelligibility.pptx
Speech, hearing, noise, intelligibility.pptxSpeech, hearing, noise, intelligibility.pptx
Speech, hearing, noise, intelligibility.pptx
 
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptxLIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
LIGHT-PHENOMENA-BY-CABUALDIONALDOPANOGANCADIENTE-CONDEZA (1).pptx
 
Neurodevelopmental disorders according to the dsm 5 tr
Neurodevelopmental disorders according to the dsm 5 trNeurodevelopmental disorders according to the dsm 5 tr
Neurodevelopmental disorders according to the dsm 5 tr
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...
 
Manassas R - Parkside Middle School 🌎🏫
Manassas R - Parkside Middle School 🌎🏫Manassas R - Parkside Middle School 🌎🏫
Manassas R - Parkside Middle School 🌎🏫
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
 
Call Girls in Mayapuri Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Mayapuri Delhi 💯Call Us 🔝9953322196🔝 💯Escort.Call Girls in Mayapuri Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Mayapuri Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
 
RESPIRATORY ADAPTATIONS TO HYPOXIA IN HUMNAS.pptx
RESPIRATORY ADAPTATIONS TO HYPOXIA IN HUMNAS.pptxRESPIRATORY ADAPTATIONS TO HYPOXIA IN HUMNAS.pptx
RESPIRATORY ADAPTATIONS TO HYPOXIA IN HUMNAS.pptx
 
Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?
 
Best Call Girls In Sector 29 Gurgaon❤️8860477959 EscorTs Service In 24/7 Delh...
Best Call Girls In Sector 29 Gurgaon❤️8860477959 EscorTs Service In 24/7 Delh...Best Call Girls In Sector 29 Gurgaon❤️8860477959 EscorTs Service In 24/7 Delh...
Best Call Girls In Sector 29 Gurgaon❤️8860477959 EscorTs Service In 24/7 Delh...
 
Artificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PArtificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C P
 
Transposable elements in prokaryotes.ppt
Transposable elements in prokaryotes.pptTransposable elements in prokaryotes.ppt
Transposable elements in prokaryotes.ppt
 
Welcome to GFDL for Take Your Child To Work Day
Welcome to GFDL for Take Your Child To Work DayWelcome to GFDL for Take Your Child To Work Day
Welcome to GFDL for Take Your Child To Work Day
 
Engler and Prantl system of classification in plant taxonomy
Engler and Prantl system of classification in plant taxonomyEngler and Prantl system of classification in plant taxonomy
Engler and Prantl system of classification in plant taxonomy
 

Can Trust In Security TEchnologies be Enhanced through Certification?

  • 1. Can Trust in Security Technologies be Enhanced through Certification?: Lessons from the CRISP project. Thordis Sveinsdottir Trilateral Research Ltd 7th Biennial Surveillance & Society Conference Barcelona 20-23 April 2016
  • 2. Security Certification – European Context  The EU security market, which is strong and fast growing:  Includes very different types of products and services  Is supplied by very varied stakeholder group  There is also a plethora of assorted standards and certification schemes for security products, systems and services and there is a distinct lack of harmonisation and mutual recognition of these schemes across Europe.  CRISP project objectives are to:  Aid in the harmonisation of the European security market through pan- European certification  Increase citizen trust in security products, systems and services through integrating social dimensions in the evaluation phase
  • 3. The CRISP project  Evaluation and Certification Schemes for Security Products (CRISP)  36 Month project  1st April 2014-1st March 2017  Website: http://crispproject.eu/  Twitter: @CRISP_Project
  • 4. RRI approach to security RD&I  There is a need to align security technologies, especially those which breech citizens’ fundamental rights and privacy, with societal needs and values to a greater extent (von Schomberg, 2011)  RRI focus allows for seeing tensions between security and fundamental rights:  as a set of practices and issues that can be addressed with an approach where a concern for ethical and social consequences of technologies are weaved into the R&D process  as a process where users and other stakeholders are engaged with producers early on, to allow for adjustments to security processes, products and systems.
  • 5. CRISP evaluation of social dimensions  CRISP will contribute a holistic evaluation methodology for security products, systems and services that encompasses :  A defined use scenario  Multiple stakeholder perspectives on any one security technology  At the highest level the four dimensions, Security, Trust, Efficiency and Freedom Infringement (S-T-E-Fi) are each used for evaluation, and consideration is also paid to their interrelations and potential conflicts.  Within each evaluation dimension, a number of evaluation criteria are defined, which are further narrowed down to specific evaluation questions for each product
  • 6. The CRISP Web tool A project manager sets up a scenario, which serves as basis for evaluation. Information providers answer questions for each of the STEFi dimensions
  • 7. Stakeholder Analysis  Stakeholders included: Security industry, certification bodies, standardisation organisations, accreditation bodies, insurers, DPAs, policy makers and end users  Questions to ascertain the opportunities, needs and challenges of current evaluation and certification of security systems. Ascertaining the need for a scheme such as CRISP  Stakeholder analysis consisted of case study research of three technology areas.  Video Surveillance  Alarm Systems  Remotely Piloted Aircraft Systems (drones).  The case studies included: Desk research, Interviews with stakeholders, Web surveys
  • 8. Stakeholder needs from certification  It provides clear added value (Security industry, certification bodies):  Low administrative burden  Low cost  One-stop certification  Transparency at all levels (e.g., documentation, evaluation, certification processes)  A robust scheme (minimum allowance for difference)  Flexibility of scheme (e.g., to allow for technological innovation)
  • 9. Possible limitations of the CRISP scheme  The contextual nature of security  National security cultures/specificities  Different users/use contexts  Different use possibilities of any one product  The subjectivity of the STEFi dimensions  Too “soft” to serve as effective evaluation criteria  Concern over key dimensions and their definitions
  • 10. Trust through certification?  Case study findings indicate that certification of a product, system or service enhances feelings of trust, e.g.:  The notion of certification as a ‘seal of quality’ or assurance to end users’ ranked as the most important benefit of certification by 85% of supply-side respondents and 82% of demand-side respondents*.  Certification was also seen to have the benefit of “improving service and product standards” and was selected by 42,6% of supply and 57,1% of demand side stakeholders  However:  Certification needs to be a transparent process – currently too opaque and confusing  Certification seal needs to be well known to be respected/trusted
  • 11. Contact  Full findings can be found in the Work Package Report - Sveinsdottir, T., Finn, R., Wadhwa K., Rodrigues, R., van Zetten, J. Wurster, S., Murphy, P., Hirschmann, N., Rallo, A., Garcia, R., Pauner, C., Viguri, J., Kalan, E. and Kolar, I. (2015) D3.1 Stakeholder Analysis. Available at: http://crispproject.eu/wp- content/uploads/2015/03/CRISP-D3.1-Stakeholder-Analysis-FINAL.pdf  Thordis Sveinsdottir – thordis.sveinsdottir@trilateralresearch.com