SlideShare a Scribd company logo
Methods and Tools for GDPR Compliance through
Privacy and Data
Protection 4 Engineering
Model-driven Engineering for
Privacy
Antonio Kung (Trialog)
Data protection in real-time. Transforming
privacy law into practice. Oxford – Sept 9th,
2019
This project has received funding from the European
Union’s Horizon 2020 research and innovation
programme under grant agreement No 787034
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 1
From GDPR to Engineering
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 2
Privacy Engineering
Software and System Engineering Practice Viewpoint
Integration of privacy concerns
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 3
Software and
Systems
Engineering
Disciplines
Existent
Privacy &
Data Protection
Methods
Privacy Engineering Guidelines
Software and System Engineering Practice Viewpoint
Integration of privacy concerns / Guidance
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 4
Software and
Systems
Engineering
Disciplines
Existent
Privacy &
Data Protection
Methods
Guidance
OASIS PMRM
ISO/IEC 27550
ISO 31700
Privacy Engineering Methods and Tools
Software and System Engineering Practice Viewpoint
Integration of privacy concerns / Guidance
Engineering workproducts represented by “models”
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Software and
Systems
Engineering
Disciplines
Existent
Privacy &
Data Protection
Methods
Privacy and
Data
Protection
Engineering
Methods and
Tools
Slide 5
Model engineering and Model-driven
engineering
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Model engineering
constructing proportionally-scaled
miniature working
representations
of full-sized machines
Model driven engineering
expressing specifications
through processable models.
Diagram orientation
(e.g. UML diagrams)
Slide 6
What Model-driven Engineering is
about
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 7
Process
Input
work products
Output
work products
Knowledge Capability
Example Risk Management
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 8
Risk
management
process
Description of
system
Description of
risk sources and
of consequences
Knowledge Capability
Regulation Threat
Repository
Methodology
Privacy Engineering: Four Main
Processes
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 9
Model driven
design
Requirements
engineering
Assurance and
certification
Risk management
Model driven
design
Requirements
engineering
Assurance and
certification
Risk management
Smart grid use
case
Connected
vehicle use
case
Knowledge
base
Meta models
PDP 4E Contribution
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 10
Privacy Engineering: Four Main
Processes
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
System Models Requirements
Threats,
Controls…
Reqs.,
Controls…Privacy
Controls
Evidences
Risk Management
Model-Driven Design
Requirements Engineering
Assurance
Regulation,
Ass. Patterns
Threats,
Controls…
Reqs.,
Controls…
Patterns…
Slide 11
Synergy Risk + Goal
Risk orientation
From threats to measures
Goal orientation
From principles to measures
Example of goals
 Transparency
 Empowerment
 Consent
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 12
System Models
Risk Management
Model-Driven Design
Threats,
Controls…
Patterns…
Assurance
Assurance
Verifying that systems meets
specification
Privacy assurance
Sufficiency of measures (technical
and organisational)
 if measures do what they claim to do,
then threats to assets are countered
Correctness
 Measures do what they claim to do
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 13
Requirements
Reqs.,
Controls…Privacy
Controls
Evidences
Requirements Engineering
Assurance
Regulation,
Ass. Patterns
Reqs.,
Controls…
Risk Management in PDP4E : MUSA
(BeAwre)
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 14
Input to requirements engineering in
PDP4E: Papyrus (CEA)
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 15
Requirement engineering method in
PDP4E: Propan (U.Duisbourg)
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Requirement Information
Deduction
ProPAn Artefacts
PDP Goal
Requirement
Metamodel
Data Protection
Principle
Hansen
Generation of Privacy
Requirement Candidates
Semantic Template
Adjust Privacy
Requirements
Validate Privacy
Requirements
Requirement Information
Privacy Requirement Candidates
Adjusted Privacy Requirements
Validated Privacy Requirements
Method Step
External Input
Internal Input/output
P-DFD
ProPAn
Taxonomy
PDP Metamodel
External Input (new)
X
Slide 16
Assurance in PDP4E: OpenCert
(Technalia)
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 17
Goal Structuring Notation (GSN) – a graphical argumentation notation
Personal
data
detector
Model-driven design in PDP4E:
Papyrus (CEA)
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 18
Code verification
and validation
Model
transformation
Risk
Management
Requirem.
Engineering
Systems
Assurance
System (Asset)
models
Evidences
(traceability, V&V…)
Privacy Controls
Requirements
(GDPR, ISO29100)
Future work / Challenges
Complete toolset
Create a community and share
IPEN community (Internet Privacy Engineering Network)
 Share tools
 Share models
Challenges
System of systems risk management
System of systems model driven design
System of systems requirements engineering
System of systems assurance
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 19
Methods and Tools for GDPR Compliance through
Privacy and Data
Protection 4 Engineering
Thank you for your attention
Questions?
For more information, visit:
www.pdp4e-project.org
Contact points
Antonio Kung (Trialog)
Antonio.kung@trialog.com
Yod Samuel Martín (UPM)
ys.martin@upm.es
09/09/2019
Data protection in real-time. Transforming privacy law into
practice
Slide 20

More Related Content

What's hot

Wp6 public
Wp6 publicWp6 public
MECATECH, building the Future
MECATECH, building the FutureMECATECH, building the Future
MECATECH, building the Future
Agence du Numérique (AdN)
 
Dpm presentation
Dpm presentationDpm presentation
Lightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeLightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edge
Agence du Numérique (AdN)
 
Data Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous VehiclesData Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous Vehicles
sulaiman_karim
 
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsTowards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Agence du Numérique (AdN)
 
Paris wp5 pd-pb_d
Paris wp5 pd-pb_dParis wp5 pd-pb_d
Multitel Cybersecurity Projects
Multitel Cybersecurity ProjectsMultitel Cybersecurity Projects
Multitel Cybersecurity Projects
Agence du Numérique (AdN)
 
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Agence du Numérique (AdN)
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
ijwscjournal
 
IoT 2014 global challenges
IoT 2014 global challengesIoT 2014 global challenges
IoT 2014 global challenges
DunavNET
 
Wp4 tool demonstration_v1
Wp4 tool demonstration_v1Wp4 tool demonstration_v1
Wp4 tool demonstration_v1
Privacy Data Protection for Engineering
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
ijwscjournal
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
ijdms
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
albert ca
 
Achieving Interoperability Through IHE
Achieving Interoperability Through IHEAchieving Interoperability Through IHE
Achieving Interoperability Through IHE
Massimiliano Masi
 
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Invest Northern Ireland
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
ijdms
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
ijdms
 
Enabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approachEnabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approach
Massimiliano Masi
 

What's hot (20)

Wp6 public
Wp6 publicWp6 public
Wp6 public
 
MECATECH, building the Future
MECATECH, building the FutureMECATECH, building the Future
MECATECH, building the Future
 
Dpm presentation
Dpm presentationDpm presentation
Dpm presentation
 
Lightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edgeLightkone project : Lightweight computation for networks at the edge
Lightkone project : Lightweight computation for networks at the edge
 
Data Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous VehiclesData Privacy and Security in Autonomous Vehicles
Data Privacy and Security in Autonomous Vehicles
 
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation SystemsTowards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
Towards Large-Scale, High-Density Indoor Ultra Wideband Geolocation Systems
 
Paris wp5 pd-pb_d
Paris wp5 pd-pb_dParis wp5 pd-pb_d
Paris wp5 pd-pb_d
 
Multitel Cybersecurity Projects
Multitel Cybersecurity ProjectsMultitel Cybersecurity Projects
Multitel Cybersecurity Projects
 
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
Applying IoT to the Management of Natural Disasters Risk NIAGRISK - A digital...
 
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
International Conference on Big Data, IoT and Machine Learning (BIOM 2021)
 
IoT 2014 global challenges
IoT 2014 global challengesIoT 2014 global challenges
IoT 2014 global challenges
 
Wp4 tool demonstration_v1
Wp4 tool demonstration_v1Wp4 tool demonstration_v1
Wp4 tool demonstration_v1
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
Achieving Interoperability Through IHE
Achieving Interoperability Through IHEAchieving Interoperability Through IHE
Achieving Interoperability Through IHE
 
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
 
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
2 nd International Conference on Cloud, Big Data and IoT (CBIoT 2021)
 
Enabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approachEnabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approach
 

Similar to Antonio kung - pdp4e privacy engineering oxford sept 9 - v2

Pdp4e IPEN-2019
Pdp4e  IPEN-2019Pdp4e  IPEN-2019
TechEvent Cloud Governance
TechEvent Cloud GovernanceTechEvent Cloud Governance
TechEvent Cloud Governance
Trivadis
 
Web Applications Security Assessment In The Portuguese World Wide Web Panorama
Web Applications Security Assessment In The Portuguese World Wide Web PanoramaWeb Applications Security Assessment In The Portuguese World Wide Web Panorama
Web Applications Security Assessment In The Portuguese World Wide Web Panorama
nfteodoro
 
Deep Learning Analytics for IoT Security over a Configurable Big Data Platform
Deep Learning Analytics for IoT Security over a Configurable Big Data PlatformDeep Learning Analytics for IoT Security over a Configurable Big Data Platform
Deep Learning Analytics for IoT Security over a Configurable Big Data Platform
Angela - Maria Despotopoulou
 
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu projectTraining and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
Cyber Watching
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
innov-acts-ltd
 
Privacy is at the heart of data protection
Privacy is at the heart of data protectionPrivacy is at the heart of data protection
Privacy is at the heart of data protection
Jisc
 
Evolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesEvolution security controls towards Cloud Services
Evolution security controls towards Cloud Services
Hugo Rodrigues
 
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
Saxion University of Applied Sciences
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
SAROJ BEHERA
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
SAROJ BEHERA
 
MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM research projekt ip and economic aspects of a predictive maintenance se...MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
PECB
 
Fitman presentation for fines
Fitman presentation for finesFitman presentation for fines
Fitman presentation for fines
Digital Business Innovation Community
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019
Dawn Yankeelov
 
Industry 4.0 – lessons from the field
Industry 4.0 – lessons from the fieldIndustry 4.0 – lessons from the field
Industry 4.0 – lessons from the field
Shaun West
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2
Redazione InnovaPuglia
 
E5 rothke - deployment strategies for effective encryption
E5   rothke - deployment strategies for effective encryptionE5   rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryption
Ben Rothke
 
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for..."Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
e-SIDES.eu
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis
 

Similar to Antonio kung - pdp4e privacy engineering oxford sept 9 - v2 (20)

Pdp4e IPEN-2019
Pdp4e  IPEN-2019Pdp4e  IPEN-2019
Pdp4e IPEN-2019
 
TechEvent Cloud Governance
TechEvent Cloud GovernanceTechEvent Cloud Governance
TechEvent Cloud Governance
 
Web Applications Security Assessment In The Portuguese World Wide Web Panorama
Web Applications Security Assessment In The Portuguese World Wide Web PanoramaWeb Applications Security Assessment In The Portuguese World Wide Web Panorama
Web Applications Security Assessment In The Portuguese World Wide Web Panorama
 
Deep Learning Analytics for IoT Security over a Configurable Big Data Platform
Deep Learning Analytics for IoT Security over a Configurable Big Data PlatformDeep Learning Analytics for IoT Security over a Configurable Big Data Platform
Deep Learning Analytics for IoT Security over a Configurable Big Data Platform
 
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu projectTraining and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
 
Privacy is at the heart of data protection
Privacy is at the heart of data protectionPrivacy is at the heart of data protection
Privacy is at the heart of data protection
 
Evolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesEvolution security controls towards Cloud Services
Evolution security controls towards Cloud Services
 
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
Twente Data Meetup - Lessons learned from data science in industry (Jeroen Li...
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
 
Isms awareness training
Isms awareness trainingIsms awareness training
Isms awareness training
 
MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM research projekt ip and economic aspects of a predictive maintenance se...MIPLM research projekt ip and economic aspects of a predictive maintenance se...
MIPLM research projekt ip and economic aspects of a predictive maintenance se...
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
 
Fitman presentation for fines
Fitman presentation for finesFitman presentation for fines
Fitman presentation for fines
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019
 
Industry 4.0 – lessons from the field
Industry 4.0 – lessons from the fieldIndustry 4.0 – lessons from the field
Industry 4.0 – lessons from the field
 
3 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-23 oraclex evento reg puglia_v2017-09-14-2
3 oraclex evento reg puglia_v2017-09-14-2
 
E5 rothke - deployment strategies for effective encryption
E5   rothke - deployment strategies for effective encryptionE5   rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryption
 
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for..."Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
"Towards Value-Centric Big Data" e-SIDES Workshop - "A win-win initiative for...
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
 

More from Privacy Data Protection for Engineering

Wp4 overall approach_v1
Wp4 overall approach_v1Wp4 overall approach_v1
Wp5 overall approach_3-pd_pbdmodules_v4
Wp5 overall approach_3-pd_pbdmodules_v4Wp5 overall approach_3-pd_pbdmodules_v4
Wp5 overall approach_3-pd_pbdmodules_v4
Privacy Data Protection for Engineering
 
Wp6 workshop 10_march2020
Wp6 workshop 10_march2020Wp6 workshop 10_march2020
Wp6 workshop 10_march2020
Privacy Data Protection for Engineering
 
Pdp4 e forum
Pdp4 e forumPdp4 e forum
Paris wp5 pd-pb_d_case_study
Paris wp5 pd-pb_d_case_studyParis wp5 pd-pb_d_case_study
Paris wp5 pd-pb_d_case_study
Privacy Data Protection for Engineering
 
Wp4 ws cea2020
Wp4 ws cea2020Wp4 ws cea2020
Beawre pitch
Beawre pitchBeawre pitch

More from Privacy Data Protection for Engineering (7)

Wp4 overall approach_v1
Wp4 overall approach_v1Wp4 overall approach_v1
Wp4 overall approach_v1
 
Wp5 overall approach_3-pd_pbdmodules_v4
Wp5 overall approach_3-pd_pbdmodules_v4Wp5 overall approach_3-pd_pbdmodules_v4
Wp5 overall approach_3-pd_pbdmodules_v4
 
Wp6 workshop 10_march2020
Wp6 workshop 10_march2020Wp6 workshop 10_march2020
Wp6 workshop 10_march2020
 
Pdp4 e forum
Pdp4 e forumPdp4 e forum
Pdp4 e forum
 
Paris wp5 pd-pb_d_case_study
Paris wp5 pd-pb_d_case_studyParis wp5 pd-pb_d_case_study
Paris wp5 pd-pb_d_case_study
 
Wp4 ws cea2020
Wp4 ws cea2020Wp4 ws cea2020
Wp4 ws cea2020
 
Beawre pitch
Beawre pitchBeawre pitch
Beawre pitch
 

Recently uploaded

Generative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of contentGenerative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of content
Hitesh Mohapatra
 
Certificates - Mahmoud Mohamed Moursi Ahmed
Certificates - Mahmoud Mohamed Moursi AhmedCertificates - Mahmoud Mohamed Moursi Ahmed
Certificates - Mahmoud Mohamed Moursi Ahmed
Mahmoud Morsy
 
Advanced control scheme of doubly fed induction generator for wind turbine us...
Advanced control scheme of doubly fed induction generator for wind turbine us...Advanced control scheme of doubly fed induction generator for wind turbine us...
Advanced control scheme of doubly fed induction generator for wind turbine us...
IJECEIAES
 
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student MemberIEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
VICTOR MAESTRE RAMIREZ
 
CompEx~Manual~1210 (2).pdf COMPEX GAS AND VAPOURS
CompEx~Manual~1210 (2).pdf COMPEX GAS AND VAPOURSCompEx~Manual~1210 (2).pdf COMPEX GAS AND VAPOURS
CompEx~Manual~1210 (2).pdf COMPEX GAS AND VAPOURS
RamonNovais6
 
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by AnantLLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
Anant Corporation
 
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
171ticu
 
cnn.pptx Convolutional neural network used for image classication
cnn.pptx Convolutional neural network used for image classicationcnn.pptx Convolutional neural network used for image classication
cnn.pptx Convolutional neural network used for image classication
SakkaravarthiShanmug
 
CEC 352 - SATELLITE COMMUNICATION UNIT 1
CEC 352 - SATELLITE COMMUNICATION UNIT 1CEC 352 - SATELLITE COMMUNICATION UNIT 1
CEC 352 - SATELLITE COMMUNICATION UNIT 1
PKavitha10
 
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
ecqow
 
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
ydzowc
 
Manufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptxManufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptx
Madan Karki
 
Null Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAMNull Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAM
Divyanshu
 
Design and optimization of ion propulsion drone
Design and optimization of ion propulsion droneDesign and optimization of ion propulsion drone
Design and optimization of ion propulsion drone
bjmsejournal
 
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
shadow0702a
 
Computational Engineering IITH Presentation
Computational Engineering IITH PresentationComputational Engineering IITH Presentation
Computational Engineering IITH Presentation
co23btech11018
 
Seminar on Distillation study-mafia.pptx
Seminar on Distillation study-mafia.pptxSeminar on Distillation study-mafia.pptx
Seminar on Distillation study-mafia.pptx
Madan Karki
 
An Introduction to the Compiler Designss
An Introduction to the Compiler DesignssAn Introduction to the Compiler Designss
An Introduction to the Compiler Designss
ElakkiaU
 
Material for memory and display system h
Material for memory and display system hMaterial for memory and display system h
Material for memory and display system h
gowrishankartb2005
 
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.pptUnit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
KrishnaveniKrishnara1
 

Recently uploaded (20)

Generative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of contentGenerative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of content
 
Certificates - Mahmoud Mohamed Moursi Ahmed
Certificates - Mahmoud Mohamed Moursi AhmedCertificates - Mahmoud Mohamed Moursi Ahmed
Certificates - Mahmoud Mohamed Moursi Ahmed
 
Advanced control scheme of doubly fed induction generator for wind turbine us...
Advanced control scheme of doubly fed induction generator for wind turbine us...Advanced control scheme of doubly fed induction generator for wind turbine us...
Advanced control scheme of doubly fed induction generator for wind turbine us...
 
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student MemberIEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
 
CompEx~Manual~1210 (2).pdf COMPEX GAS AND VAPOURS
CompEx~Manual~1210 (2).pdf COMPEX GAS AND VAPOURSCompEx~Manual~1210 (2).pdf COMPEX GAS AND VAPOURS
CompEx~Manual~1210 (2).pdf COMPEX GAS AND VAPOURS
 
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by AnantLLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
 
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
 
cnn.pptx Convolutional neural network used for image classication
cnn.pptx Convolutional neural network used for image classicationcnn.pptx Convolutional neural network used for image classication
cnn.pptx Convolutional neural network used for image classication
 
CEC 352 - SATELLITE COMMUNICATION UNIT 1
CEC 352 - SATELLITE COMMUNICATION UNIT 1CEC 352 - SATELLITE COMMUNICATION UNIT 1
CEC 352 - SATELLITE COMMUNICATION UNIT 1
 
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
 
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
 
Manufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptxManufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptx
 
Null Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAMNull Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAM
 
Design and optimization of ion propulsion drone
Design and optimization of ion propulsion droneDesign and optimization of ion propulsion drone
Design and optimization of ion propulsion drone
 
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
 
Computational Engineering IITH Presentation
Computational Engineering IITH PresentationComputational Engineering IITH Presentation
Computational Engineering IITH Presentation
 
Seminar on Distillation study-mafia.pptx
Seminar on Distillation study-mafia.pptxSeminar on Distillation study-mafia.pptx
Seminar on Distillation study-mafia.pptx
 
An Introduction to the Compiler Designss
An Introduction to the Compiler DesignssAn Introduction to the Compiler Designss
An Introduction to the Compiler Designss
 
Material for memory and display system h
Material for memory and display system hMaterial for memory and display system h
Material for memory and display system h
 
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.pptUnit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
 

Antonio kung - pdp4e privacy engineering oxford sept 9 - v2

  • 1. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Model-driven Engineering for Privacy Antonio Kung (Trialog) Data protection in real-time. Transforming privacy law into practice. Oxford – Sept 9th, 2019 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787034 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 1
  • 2. From GDPR to Engineering 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 2
  • 3. Privacy Engineering Software and System Engineering Practice Viewpoint Integration of privacy concerns 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 3 Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods
  • 4. Privacy Engineering Guidelines Software and System Engineering Practice Viewpoint Integration of privacy concerns / Guidance 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 4 Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods Guidance OASIS PMRM ISO/IEC 27550 ISO 31700
  • 5. Privacy Engineering Methods and Tools Software and System Engineering Practice Viewpoint Integration of privacy concerns / Guidance Engineering workproducts represented by “models” 09/09/2019 Data protection in real-time. Transforming privacy law into practice Software and Systems Engineering Disciplines Existent Privacy & Data Protection Methods Privacy and Data Protection Engineering Methods and Tools Slide 5
  • 6. Model engineering and Model-driven engineering 09/09/2019 Data protection in real-time. Transforming privacy law into practice Model engineering constructing proportionally-scaled miniature working representations of full-sized machines Model driven engineering expressing specifications through processable models. Diagram orientation (e.g. UML diagrams) Slide 6
  • 7. What Model-driven Engineering is about 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 7 Process Input work products Output work products Knowledge Capability
  • 8. Example Risk Management 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 8 Risk management process Description of system Description of risk sources and of consequences Knowledge Capability Regulation Threat Repository Methodology
  • 9. Privacy Engineering: Four Main Processes 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 9 Model driven design Requirements engineering Assurance and certification Risk management
  • 10. Model driven design Requirements engineering Assurance and certification Risk management Smart grid use case Connected vehicle use case Knowledge base Meta models PDP 4E Contribution 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 10
  • 11. Privacy Engineering: Four Main Processes 09/09/2019 Data protection in real-time. Transforming privacy law into practice System Models Requirements Threats, Controls… Reqs., Controls…Privacy Controls Evidences Risk Management Model-Driven Design Requirements Engineering Assurance Regulation, Ass. Patterns Threats, Controls… Reqs., Controls… Patterns… Slide 11
  • 12. Synergy Risk + Goal Risk orientation From threats to measures Goal orientation From principles to measures Example of goals  Transparency  Empowerment  Consent 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 12 System Models Risk Management Model-Driven Design Threats, Controls… Patterns…
  • 13. Assurance Assurance Verifying that systems meets specification Privacy assurance Sufficiency of measures (technical and organisational)  if measures do what they claim to do, then threats to assets are countered Correctness  Measures do what they claim to do 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 13 Requirements Reqs., Controls…Privacy Controls Evidences Requirements Engineering Assurance Regulation, Ass. Patterns Reqs., Controls…
  • 14. Risk Management in PDP4E : MUSA (BeAwre) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 14
  • 15. Input to requirements engineering in PDP4E: Papyrus (CEA) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 15
  • 16. Requirement engineering method in PDP4E: Propan (U.Duisbourg) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Requirement Information Deduction ProPAn Artefacts PDP Goal Requirement Metamodel Data Protection Principle Hansen Generation of Privacy Requirement Candidates Semantic Template Adjust Privacy Requirements Validate Privacy Requirements Requirement Information Privacy Requirement Candidates Adjusted Privacy Requirements Validated Privacy Requirements Method Step External Input Internal Input/output P-DFD ProPAn Taxonomy PDP Metamodel External Input (new) X Slide 16
  • 17. Assurance in PDP4E: OpenCert (Technalia) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 17 Goal Structuring Notation (GSN) – a graphical argumentation notation
  • 18. Personal data detector Model-driven design in PDP4E: Papyrus (CEA) 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 18 Code verification and validation Model transformation Risk Management Requirem. Engineering Systems Assurance System (Asset) models Evidences (traceability, V&V…) Privacy Controls Requirements (GDPR, ISO29100)
  • 19. Future work / Challenges Complete toolset Create a community and share IPEN community (Internet Privacy Engineering Network)  Share tools  Share models Challenges System of systems risk management System of systems model driven design System of systems requirements engineering System of systems assurance 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 19
  • 20. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering Thank you for your attention Questions? For more information, visit: www.pdp4e-project.org Contact points Antonio Kung (Trialog) Antonio.kung@trialog.com Yod Samuel Martín (UPM) ys.martin@upm.es 09/09/2019 Data protection in real-time. Transforming privacy law into practice Slide 20