Propozycja zgłoszona do Ideal-ist Partner Search i opatrzona Quality Label.

PROJECT OVERVIEW

Call Identifier: H2020-SECURITY-DS-2014
Objective: DS-1-2014: Privacy
Funding Schemes: Innovation Actions
Evaluation Scheme: one stage
Closure Date: 28/08/2014

PROJECT DESCRIPTION

Comprehensive framework for assurance and enforcement of privacy for users of cloud services

Proposal Outline:

The widespread use of cloud services created a host of privacy issues for consumers. These include loss of privacy for data stored on user devices, uncontrolled transfer of mobile device sensor outputs (such as location data)  to cloud service providers, loss of control over user data stored at service provider databases, and loss of control over user data consumed and stored by public administration bodies. In addition, users giving up their private data in exchange for use of “free” cloud services do not participate in monetization of the data and are excluded from the economic benefit derived from the data by the service providers.

Defined by a group of world class information security experts, the proposed project will create a comprehensive framework for a simple to manage, user friendly, comprehensive enforcement of privacy in this complex environment.

The Online Privacy Assurance Framework will allow creation of privacy services that will transfer control over private data back to the hands of the consumers. It will allow users to execute granular control over release of their data to cloud service providers, and will enable users to manage access rights to the data already stored at the service provider databases. Consequently users willing to give up their privacy in exchange for use of cloud services will gain a stronger negotiating position vis à vis service providers. The targeted privacy framework will be versatile enough to support both independent commercial privacy services and regulatory privacy enforcement.

Scope:

After fine-tuning the definition of the framework, the project will demonstrate of a set of privacy features by implementing an actual cloud based privacy enforcement service complying with the framework. The contemplated features will include:

• Protection and control over private data stored at user device
• Control of time-of-use data transferred from user devices to service providers
• Control over rights of access and use of user data stored in service provider databases
• Security audit of user privacy settings at social networks
• Protection against social graph leakage due to social network federation
• User data anonymization.

PARTNER PROFILE SOUGHT

Required skills and Expertise:

• server side programming
• client side programming
• mobile app programming
• rights management
• open API design
• open API use
• open SSL use
• user interface/user experience design
• consortium coordination.

Description of work to be carried out by the partner(s) sought:

Following collaborative fine-tuning of the concept and creation of top level implementation design, the consortium will design a reference implementation of the privacy service based on the framework, with a significant subset of all the possible features. This will include implementation of a mobile client agent and server parts of the online privacy service, with a strong emphasis on simplicity and convenience of user experience. The work will be distributed between the partners according to their respective expertise.

Type of partner(s) sought:

SME or other software developers

Security research organizations

PROPOSER INFORMATION
Organisation: Arteevo
Department: Management
Type of Organisation: Industry – SME
Country: Israel
Więcej…