SlideShare a Scribd company logo

Antonio kung - pdp4e privacy engineering oxford sept 9 - v2

Privacy Data Protection for Engineering
Privacy Data Protection for Engineering

Presentation PDP4E, from GDPR to Privacy engineering, privacy by Design.

Engineering
1 of 20
Download to read offline
Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Model-driven Engineering for Privacy Antonio Kung (Trialog) Data protection in real-time. Transforming privacy law into practice. Oxford – Sept 9th, 2019 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787034 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 1
From GDPR to Engineering 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 2
Privacy Engineering Software and System Engineering Practice Viewpoint Integration of privacy concerns 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 3 Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods
Privacy Engineering Guidelines Software and System Engineering Practice Viewpoint Integration of privacy concerns / Guidance 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 4 Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods Guidance OASIS PMRM ISO/IEC 27550 ISO 31700
Privacy Engineering Methods and Tools Software and System Engineering Practice Viewpoint Integration of privacy concerns / Guidance Engineering workproducts represented by “models” 09/09/2019 Data protection in real-time. Transforming privacy law into practice Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods Privacy and Data Protection Engineering Methods and Tools Slide 5
Model engineering and Model-driven engineering 09/09/2019 Data protection in real-time. Transforming privacy law into practice Model engineering constructing proportionally-scaled miniature working representations of full-sized machines Model driven engineering expressing specifications through processable models. Diagram orientation (e.g. UML diagrams) Slide 6
What Model-driven Engineering is about 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 7 Process Input work products Output work products Knowledge Capability
Example Risk Management 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 8 Risk management process Description of system Description of risk sources and of consequences Knowledge Capability Regulation Threat Repository Methodology
Privacy Engineering: Four Main Processes 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 9 Model driven design Requirements engineering Assurance and certification Risk management
Model driven design Requirements engineering Assurance and certification Risk management Smart grid use case Connected vehicle use case Knowledge base Meta models PDP 4E Contribution 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 10
Privacy Engineering: Four Main Processes 09/09/2019 Data protection in real-time. Transforming privacy law into practice System Models Requirements Threats, Controls… Reqs., Controls…Privacy Controls Evidences Risk Management Model-Driven Design Requirements Engineering Assurance Regulation, Ass. Patterns Threats, Controls… Reqs., Controls… Patterns… Slide 11
Synergy Risk + Goal Risk orientation From threats to measures Goal orientation From principles to measures Example of goals  Transparency  Empowerment  Consent 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 12 System Models Risk Management Model-Driven Design Threats, Controls… Patterns…
Assurance Assurance Verifying that systems meets specification Privacy assurance Sufficiency of measures (technical and organisational)  if measures do what they claim to do, then threats to assets are countered Correctness  Measures do what they claim to do 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 13 Requirements Reqs., Controls…Privacy Controls Evidences Requirements Engineering Assurance Regulation, Ass. Patterns Reqs., Controls…
Risk Management in PDP4E : MUSA (BeAwre) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 14
Input to requirements engineering in PDP4E: Papyrus (CEA) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 15
Requirement engineering method in PDP4E: Propan (U.Duisbourg) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Requirement Information Deduction ProPAn Artefacts PDP Goal Requirement Metamodel Data Protection Principle Hansen Generation of Privacy Requirement Candidates Semantic Template Adjust Privacy Requirements Validate Privacy Requirements Requirement Information Privacy Requirement Candidates Adjusted Privacy Requirements Validated Privacy Requirements Method Step External Input Internal Input/output P-DFD ProPAn Taxonomy PDP Metamodel External Input (new) X Slide 16
Assurance in PDP4E: OpenCert (Technalia) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 17 Goal Structuring Notation (GSN) – a graphical argumentation notation
Personal data detector Model-driven design in PDP4E: Papyrus (CEA) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 18 Code verification and validation Model transformation Risk Management Requirem. Engineering Systems Assurance System (Asset) models Evidences (traceability, V&V…) Privacy Controls Requirements (GDPR, ISO29100)
Future work / Challenges Complete toolset Create a community and share IPEN community (Internet Privacy Engineering Network)  Share tools  Share models Challenges System of systems risk management System of systems model driven design System of systems requirements engineering System of systems assurance 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 19
Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Thank you for your attention Questions? For more information, visit: www.pdp4e-project.org Contact points Antonio Kung (Trialog) Antonio.kung@trialog.com Yod Samuel Martín (UPM) ys.martin@upm.es 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 20

Recommended

Granular or holistic approaches 210126 Alejandra Ruiz
Granular or holistic approaches 210126 Alejandra RuizGranular or holistic approaches 210126 Alejandra Ruiz
Granular or holistic approaches 210126 Alejandra Ruiz
Privacy Data Protection for Engineering
 
Antonio kung impact of ai on privacy sept 10
Antonio kung impact of ai on privacy sept 10Antonio kung impact of ai on privacy sept 10
Antonio kung impact of ai on privacy sept 10
Privacy Data Protection for Engineering
 
Pdp4 e privacy engineering toolkit ipen 2019
Pdp4 e privacy engineering toolkit ipen 2019Pdp4 e privacy engineering toolkit ipen 2019
Pdp4 e privacy engineering toolkit ipen 2019
Privacy Data Protection for Engineering
 
Ipen2018
Ipen2018Ipen2018
Ipen2018
Privacy Data Protection for Engineering
 
Long term security evolution of ai and data protection antonio kung trialog...
Long term security evolution of ai and data protection antonio kung trialog...Long term security evolution of ai and data protection antonio kung trialog...
Long term security evolution of ai and data protection antonio kung trialog...
Privacy Data Protection for Engineering
 
Ipen 2019 roma status of privacy engineering standardisation v2
Ipen 2019 roma status of privacy engineering standardisation v2Ipen 2019 roma status of privacy engineering standardisation v2
Ipen 2019 roma status of privacy engineering standardisation v2
Privacy Data Protection for Engineering
 
Granular or holistic approaches - Antonio Kung
Granular or holistic approaches - Antonio KungGranular or holistic approaches - Antonio Kung
Granular or holistic approaches - Antonio Kung
Privacy Data Protection for Engineering
 
Privacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4EPrivacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineering
 

Recommended

Granular or holistic approaches 210126 Alejandra Ruiz
Granular or holistic approaches 210126 Alejandra RuizGranular or holistic approaches 210126 Alejandra Ruiz
Granular or holistic approaches 210126 Alejandra Ruiz
Privacy Data Protection for Engineering
 
Antonio kung impact of ai on privacy sept 10
Antonio kung impact of ai on privacy sept 10Antonio kung impact of ai on privacy sept 10
Antonio kung impact of ai on privacy sept 10
Privacy Data Protection for Engineering
 
Pdp4 e privacy engineering toolkit ipen 2019
Pdp4 e privacy engineering toolkit ipen 2019Pdp4 e privacy engineering toolkit ipen 2019
Pdp4 e privacy engineering toolkit ipen 2019
Privacy Data Protection for Engineering
 
Ipen2018
Ipen2018Ipen2018
Ipen2018
Privacy Data Protection for Engineering
 
Long term security evolution of ai and data protection antonio kung trialog...
Long term security evolution of ai and data protection antonio kung trialog...Long term security evolution of ai and data protection antonio kung trialog...
Long term security evolution of ai and data protection antonio kung trialog...
Privacy Data Protection for Engineering
 
Ipen 2019 roma status of privacy engineering standardisation v2
Ipen 2019 roma status of privacy engineering standardisation v2Ipen 2019 roma status of privacy engineering standardisation v2
Ipen 2019 roma status of privacy engineering standardisation v2
Privacy Data Protection for Engineering
 
Granular or holistic approaches - Antonio Kung
Granular or holistic approaches - Antonio KungGranular or holistic approaches - Antonio Kung
Granular or holistic approaches - Antonio Kung
Privacy Data Protection for Engineering
 
Privacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4EPrivacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineering
 
Wp6 public
Wp6 publicWp6 public
Wp6 public
Privacy Data Protection for Engineering
 
MECATECH, building the Future
MECATECH, building the FutureMECATECH, building the Future
MECATECH, building the Future
Agence du Numérique (AdN)
 
Dpm presentation
Dpm presentationDpm presentation
Dpm presentation
Privacy Data Protection for Engineering
 
Lightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeLightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edge
Agence du Numérique (AdN)
 
Data Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous VehiclesData Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous Vehicles
sulaiman_karim
 
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsTowards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Agence du Numérique (AdN)
 
Paris wp5 pd-pb_d
Paris wp5 pd-pb_dParis wp5 pd-pb_d
Paris wp5 pd-pb_d
Privacy Data Protection for Engineering
 
Multitel Cybersecurity Projects
Multitel Cybersecurity ProjectsMultitel Cybersecurity Projects
Multitel Cybersecurity Projects
Agence du Numérique (AdN)
 
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Agence du Numérique (AdN)
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
ijwscjournal
 
IoT 2014 global challenges
IoT 2014 global challengesIoT 2014 global challenges
IoT 2014 global challenges
DunavNET
 
Wp4 tool demonstration_v1
Wp4 tool demonstration_v1Wp4 tool demonstration_v1
Wp4 tool demonstration_v1
Privacy Data Protection for Engineering
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
ijwscjournal
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
ijdms
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
albert ca
 
Achieving Interoperability Through IHE
Achieving Interoperability Through IHEAchieving Interoperability Through IHE
Achieving Interoperability Through IHE
Massimiliano Masi
 
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Invest Northern Ireland
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
ijdms
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
ijdms
 
Enabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approachEnabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approach
Massimiliano Masi
 
Pdp4e IPEN-2019
Pdp4e IPEN-2019Pdp4e IPEN-2019
Pdp4e IPEN-2019
Privacy Data Protection for Engineering
 
TechEvent Cloud Governance
TechEvent Cloud GovernanceTechEvent Cloud Governance
TechEvent Cloud Governance
Trivadis
 

More Related Content

What's hot

What's hot (20)

Wp6 public
Wp6 publicWp6 public
Wp6 public
 
MECATECH, building the Future
MECATECH, building the FutureMECATECH, building the Future
MECATECH, building the Future
 
Dpm presentation
Dpm presentationDpm presentation
Dpm presentation
 
Lightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeLightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edge
 
Data Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous VehiclesData Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous Vehicles
 
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsTowards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
 
Paris wp5 pd-pb_d
Paris wp5 pd-pb_dParis wp5 pd-pb_d
Paris wp5 pd-pb_d
 
Multitel Cybersecurity Projects
Multitel Cybersecurity ProjectsMultitel Cybersecurity Projects
Multitel Cybersecurity Projects
 
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
 
IoT 2014 global challenges
IoT 2014 global challengesIoT 2014 global challenges
IoT 2014 global challenges
 
Wp4 tool demonstration_v1
Wp4 tool demonstration_v1Wp4 tool demonstration_v1
Wp4 tool demonstration_v1
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
Achieving Interoperability Through IHE
Achieving Interoperability Through IHEAchieving Interoperability Through IHE
Achieving Interoperability Through IHE
 
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
Enabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approachEnabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approach
 

Similar to Antonio kung - pdp4e privacy engineering oxford sept 9 - v2

Web Applications Security Assessment In The Portuguese World Wide Web Panorama
Web Applications Security Assessment In The Portuguese World Wide Web PanoramaWeb Applications Security Assessment In The Portuguese World Wide Web Panorama
Web Applications Security Assessment In The Portuguese World Wide Web Panorama
nfteodoro
 
Privacy is at the heart of data protection
Privacy is at the heart of data protectionPrivacy is at the heart of data protection
Privacy is at the heart of data protection
Jisc
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
SAROJ BEHERA
 
MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM research projekt ip and economic aspects of a predictive maintenance se...MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
PECB
 

Similar to Antonio kung - pdp4e privacy engineering oxford sept 9 - v2 (20)

Pdp4e IPEN-2019
Pdp4e IPEN-2019Pdp4e IPEN-2019
Pdp4e IPEN-2019
 
TechEvent Cloud Governance
TechEvent Cloud GovernanceTechEvent Cloud Governance
TechEvent Cloud Governance
 
Web Applications Security Assessment In The Portuguese World Wide Web Panorama
Web Applications Security Assessment In The Portuguese World Wide Web PanoramaWeb Applications Security Assessment In The Portuguese World Wide Web Panorama
Web Applications Security Assessment In The Portuguese World Wide Web Panorama
 
Deep Learning Analytics for IoT Security over a Configurable Big Data Platform
Deep Learning Analytics for IoT Security over a Configurable Big Data PlatformDeep Learning Analytics for IoT Security over a Configurable Big Data Platform
Deep Learning Analytics for IoT Security over a Configurable Big Data Platform
 
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu projectTraining and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
 
Privacy is at the heart of data protection
Privacy is at the heart of data protectionPrivacy is at the heart of data protection
Privacy is at the heart of data protection
 
Evolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesEvolution security controls towards Cloud Services
Evolution security controls towards Cloud Services
 
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
 
MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM research projekt ip and economic aspects of a predictive maintenance se...MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM research projekt ip and economic aspects of a predictive maintenance se...
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
 
Fitman presentation for fines
Fitman presentation for finesFitman presentation for fines
Fitman presentation for fines
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019
 
Industry 4.0 – lessons from the field
Industry 4.0 – lessons from the fieldIndustry 4.0 – lessons from the field
Industry 4.0 – lessons from the field
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2
 
E5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryptionE5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryption
 
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for..."Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
 

More from Privacy Data Protection for Engineering

More from Privacy Data Protection for Engineering (7)

Wp4 overall approach_v1
Wp4 overall approach_v1Wp4 overall approach_v1
Wp4 overall approach_v1
 
Wp5 overall approach_3-pd_pbdmodules_v4
Wp5 overall approach_3-pd_pbdmodules_v4Wp5 overall approach_3-pd_pbdmodules_v4
Wp5 overall approach_3-pd_pbdmodules_v4
 
Wp6 workshop 10_march2020
Wp6 workshop 10_march2020Wp6 workshop 10_march2020
Wp6 workshop 10_march2020
 
Pdp4 e forum
Pdp4 e forumPdp4 e forum
Pdp4 e forum
 
Paris wp5 pd-pb_d_case_study
Paris wp5 pd-pb_d_case_studyParis wp5 pd-pb_d_case_study
Paris wp5 pd-pb_d_case_study
 
Wp4 ws cea2020
Wp4 ws cea2020Wp4 ws cea2020
Wp4 ws cea2020
 
Beawre pitch
Beawre pitchBeawre pitch
Beawre pitch
 

Recently uploaded

power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
ViniHema
 
Online blood donation management system project.pdf
Online blood donation management system project.pdfOnline blood donation management system project.pdf
Online blood donation management system project.pdf
Kamal Acharya
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
gerogepatton
 
Fruit shop management system project report.pdf
Fruit shop management system project report.pdfFruit shop management system project report.pdf
Fruit shop management system project report.pdf
Kamal Acharya
 

Recently uploaded (20)

Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdfWater Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdf
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
 
Halogenation process of chemical process industries
Halogenation process of chemical process industriesHalogenation process of chemical process industries
Halogenation process of chemical process industries
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 
fundamentals of drawing and isometric and orthographic projection
fundamentals of drawing and isometric and orthographic projectionfundamentals of drawing and isometric and orthographic projection
fundamentals of drawing and isometric and orthographic projection
 
Online blood donation management system project.pdf
Online blood donation management system project.pdfOnline blood donation management system project.pdf
Online blood donation management system project.pdf
 
Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.
 
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docx
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docxThe Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docx
The Ultimate Guide to External Floating Roofs for Oil Storage Tanks.docx
 
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxCloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
 
shape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptxshape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptx
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
 
Construction method of steel structure space frame .pptx
Construction method of steel structure space frame .pptxConstruction method of steel structure space frame .pptx
Construction method of steel structure space frame .pptx
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
Scaling in conventional MOSFET for constant electric field and constant voltage
Scaling in conventional MOSFET for constant electric field and constant voltageScaling in conventional MOSFET for constant electric field and constant voltage
Scaling in conventional MOSFET for constant electric field and constant voltage
 
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-IENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
 
Top 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering ScientistTop 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering Scientist
 
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
Fruit shop management system project report.pdf
Fruit shop management system project report.pdfFruit shop management system project report.pdf
Fruit shop management system project report.pdf
 

Antonio kung - pdp4e privacy engineering oxford sept 9 - v2

  • 1. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Model-driven Engineering for Privacy Antonio Kung (Trialog) Data protection in real-time. Transforming privacy law into practice. Oxford – Sept 9th, 2019 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787034 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 1
  • 2. From GDPR to Engineering 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 2
  • 3. Privacy Engineering Software and System Engineering Practice Viewpoint Integration of privacy concerns 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 3 Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods
  • 4. Privacy Engineering Guidelines Software and System Engineering Practice Viewpoint Integration of privacy concerns / Guidance 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 4 Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods Guidance OASIS PMRM ISO/IEC 27550 ISO 31700
  • 5. Privacy Engineering Methods and Tools Software and System Engineering Practice Viewpoint Integration of privacy concerns / Guidance Engineering workproducts represented by “models” 09/09/2019 Data protection in real-time. Transforming privacy law into practice Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods Privacy and Data Protection Engineering Methods and Tools Slide 5
  • 6. Model engineering and Model-driven engineering 09/09/2019 Data protection in real-time. Transforming privacy law into practice Model engineering constructing proportionally-scaled miniature working representations of full-sized machines Model driven engineering expressing specifications through processable models. Diagram orientation (e.g. UML diagrams) Slide 6
  • 7. What Model-driven Engineering is about 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 7 Process Input work products Output work products Knowledge Capability
  • 8. Example Risk Management 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 8 Risk management process Description of system Description of risk sources and of consequences Knowledge Capability Regulation Threat Repository Methodology
  • 9. Privacy Engineering: Four Main Processes 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 9 Model driven design Requirements engineering Assurance and certification Risk management
  • 10. Model driven design Requirements engineering Assurance and certification Risk management Smart grid use case Connected vehicle use case Knowledge base Meta models PDP 4E Contribution 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 10
  • 11. Privacy Engineering: Four Main Processes 09/09/2019 Data protection in real-time. Transforming privacy law into practice System Models Requirements Threats, Controls… Reqs., Controls…Privacy Controls Evidences Risk Management Model-Driven Design Requirements Engineering Assurance Regulation, Ass. Patterns Threats, Controls… Reqs., Controls… Patterns… Slide 11
  • 12. Synergy Risk + Goal Risk orientation From threats to measures Goal orientation From principles to measures Example of goals  Transparency  Empowerment  Consent 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 12 System Models Risk Management Model-Driven Design Threats, Controls… Patterns…
  • 13. Assurance Assurance Verifying that systems meets specification Privacy assurance Sufficiency of measures (technical and organisational)  if measures do what they claim to do, then threats to assets are countered Correctness  Measures do what they claim to do 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 13 Requirements Reqs., Controls…Privacy Controls Evidences Requirements Engineering Assurance Regulation, Ass. Patterns Reqs., Controls…
  • 14. Risk Management in PDP4E : MUSA (BeAwre) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 14
  • 15. Input to requirements engineering in PDP4E: Papyrus (CEA) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 15
  • 16. Requirement engineering method in PDP4E: Propan (U.Duisbourg) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Requirement Information Deduction ProPAn Artefacts PDP Goal Requirement Metamodel Data Protection Principle Hansen Generation of Privacy Requirement Candidates Semantic Template Adjust Privacy Requirements Validate Privacy Requirements Requirement Information Privacy Requirement Candidates Adjusted Privacy Requirements Validated Privacy Requirements Method Step External Input Internal Input/output P-DFD ProPAn Taxonomy PDP Metamodel External Input (new) X Slide 16
  • 17. Assurance in PDP4E: OpenCert (Technalia) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 17 Goal Structuring Notation (GSN) – a graphical argumentation notation
  • 18. Personal data detector Model-driven design in PDP4E: Papyrus (CEA) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 18 Code verification and validation Model transformation Risk Management Requirem. Engineering Systems Assurance System (Asset) models Evidences (traceability, V&V…) Privacy Controls Requirements (GDPR, ISO29100)
  • 19. Future work / Challenges Complete toolset Create a community and share IPEN community (Internet Privacy Engineering Network)  Share tools  Share models Challenges System of systems risk management System of systems model driven design System of systems requirements engineering System of systems assurance 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 19
  • 20. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Thank you for your attention Questions? For more information, visit: www.pdp4e-project.org Contact points Antonio Kung (Trialog) Antonio.kung@trialog.com Yod Samuel Martín (UPM) ys.martin@upm.es 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 20