This white paper focuses on the increasing role of security and privacy and highlights research directions from a NESSI perspective. The paper does not aim to look at security and privacy from all angles, but on the impact on software, services, cloud and data of all kinds.
Managing risks – Tools to improve the analysis and treatment of risks by reducing the reliance on labour intensive and potentially error-prone analysis by experts is required.
In the cloud – Privacy-enhancing technologies (PETs) and cryptographic mechanisms are to be enabled for applications in cloud environments. Standardized frameworks would support making transparency-related information available to cloud customers and would enable automated security and privacy enforcement and traceability in federated clouds.
While analysing data – Technologies exist to detect security incidents and violations; little exists in the area of privacy. Statistical privacy, research on implementing measures directly to the core of the system and a categorization and formulation of principles is also needed.
Awareness in life cycle – Privacy-enabled applications must be ‘certified’ or ‘labelled’ to existing regulations and legal requirements. Clearly defined automatic policy handling could be achieved, if data are equipped with sticky policies.
Data analytics for security and privacy – Analytics could automatically detect, identify and classify sensitive information. Existing privacy technologies should be improved such that they become useful and usable by guaranteeing performance, scalability, availability, and utility.
Finally the white paper highlights some example application sectors in which NESSI Partners are active.
You can access the full text of the Security and Privacy White Paper at NESSI > Publications > Position Papers.