Our five main services
The DEFeND platform provides 5 main services to organisations and relevant stakeholders: Data Scope Management Service, Data Process Management Service Data Breach Management Service, GDPR Planning Service and GDPR Reporting Service. Each one of these services assists organisations to collect, analyse and operationalise different aspects and articles of the GDPR and provide appropriate reporting capabilities. To support those services, the platform consists of five (5) back-end components: Data Assessment Component, Data Privacy Analysis Component, Privacy Specification Component, Privacy Implementation and Monitoring Component, Data Breach Component. Each component includes a number of modules aiming to deliver functionalities. The modules will be developed in WP3 by enhancing software tools, services and frameworks of the project partners. These components have been developed under various different national and international projects. Moreover, the platform includes a dashboard, which works as the main front-end between the platform and its users.
Below, we provide a description of each of the modules together with information of the frameworks and tools that are part of each module. It is worth mentioning that we have decided to follow a modular approach, to increase flexibility of the platform usage. As a result, not all modules are needed for the platform to run and work correctly. However, the more modules used in a platform the more information, services and results users will obtain from DEFeND.
Data Assessment Component (DAC)
This component will be based on the BE-Assess tool of Business-e and it will be responsible for the elicitation of the organizational information and the transformation of such information for the Data Analysis Privacy Component. To achieve that, DAC supports two functionalities implemented by two modules:
- Organisation Data Collection (ODC) This provides an Organisational Data Questionnaire that collects the information related to the organisation’s scope, list of processing, and status of the privacy processes and activities. That module is used by the Organisation (data controller and data processor(s)) to evaluate the status of the organisation in relation of the relevant parts of privacy laws. Moreover, as part of the ODC, DEFeND will allow organisations to define their characteristics (size, available privacy/GDPR expertise etc.) so it can recommend specific modules and services of the DEFeND platform that the organisation requires. (Supporting Tool: BE-ASSESS).
- Assessment Translator (ATr) This module takes as input the Organisational Data Questionnaire from the ODC and translates it into an XML schema that can be used to create the Data Assessment Model. DAM is a goal-based requirements engineering model of the organizational data. Such model will include information about the actors of the organization, its assets, establishments, how data flows in such organization (Supporting Tool: BE-Assess).
Data Privacy Analysis Component (DPAC)
This component is responsible for receiving the DAM as an input and performing a Data Protection Impact Assessment, Data minimisation analysis and privacy by design/default and threat analysis. This is realised through four functionalities supported by the enhancement of two software tools of project partners: RAM and SecTro. The various analysis results are then used as an input to create the Data Privacy Model. Such model provides a strategic conceptual model that clearly defines the various operational aspects of Data Scope Management and supports organisations to deal with GDPR art. 35.
- DPIA Analysis (DPIA) This module will be based on the RAM tool of Business-e. It will enable organisations to measure and review their privacy level and when necessary propose design changes. Moreover, it will include the safeguards and privacy/security measures for mitigating potential risks. The outputs of such analysis will be used to create the Data Privacy Model (supporting tool: RAM).
- Privacy-by-design/default (PbD) This functionality will be based on the state of the art goal-oriented security and privacy requirements engineering methodology Secure Tropos that UoB has developed and tested in previous projects. The methodology and relevant tool will be extended to ensure it supports the new GDPR privacy by design/default requirement. The resulted module will support organisations in understanding security and privacy requirements, and design systems and services that fulfil those requirements. As such, it will “force” organisations to think about privacy from the start of the development process and not as an afterthought (Supporting tool: SecTro).
- Data Minimisation Analysis (DMAn) This functionality will support analysis of the usability of the data that an organisation holds, in order to support the data minimisation principle of GDPR to ensure that subject to limited exceptions, an organisation should only process the personal data that it actually needs to process in order to achieve its processing purposes (supporting tool: RAM).
- Threat Analysis (ThAn) This functionality will enable the modelling and analysis of privacy threats to the data that the organisation holds for data subjects. Threat analysis will include identification of relevant vulnerabilities, attack methods that can exploit them and potential malicious actors that can initiate such methods. Moreover, the module will support threat assessment through combining different sources of information such as vulnerability scans and real-time monitoring of the infrastructure (supporting tools – SecTro, RAE). This functionality will create the link between privacy compliance and Cyber security on the data protection prevention.
Privacy Specification Component (PSC)
- Consent Analysis (CAn) This module will take as input organisational privacy information from the Data Privacy Model and data subject consent preferences from data subjects. The latter will be requested through the platform dashboard. The CAnalyser will then will extend the idea of Privacy Level Agreement (PLA), defined and developed in a previous project by partners Business-e, ATOS and UoB, to support the elicitation, analysis and specification of data subject consent and create a Data Privacy Consent (DPC) Specification in the form of Data Privacy Consent Model (DPCM). DPCM will be used by PIMC to visualise, monitor and enforce data subject consent (Supporting tool: CAnalyser).
- Data Access Rights Analysis (DARA) This module will be based on the JTrust and EPICA tools of UoB and ATOS. DARA will support automated generated of policies for controlling data access, use and processing of information. Moreover, it will support elicitation, modelling and analysis of data access rights scenarios by analysing potential access requests, how these are processed within the organisation, and how the information will be provided to the data subject. The analysis will feed the Security/Privacy Specification Model (Supporting tools: JTRUST – EPICA).
- Security/Privacy Technologies (STT) In this module, alternative technological solutions for privacy and security will be elicited, modelled and analysed. In particular, the module will support the selection of optimal security/privacy configurations with respect to criteria such as security/privacy requirements priorities and the severity of threats. The approach will support expression of the level of mitigation of each threat and other goals of the systems (e.g. cost and performance) as cost-functions that will then be optimized. The output will be fed into the Security/Privacy Specification Model (Supporting tool: SecTro).
Privacy Implementation and Monitoring Component (PIMC)
- Privacy Technologies Runtime This module will be based on CHIMERA, KET AND EPICA tools from PDM and ATOS. It will take as input the specification model developed during PSC and it will implement the relevant security/privacy technologies across three main areas: encryption (KET), authorisation (EPICA) and anonymization (CHIMERA). In terms of encryption, it will support key management and encryption of relevant sensitive data using a number of encryption strategies to support the needs of different organisations. For authorisation, it will control access based on the specification derived from the Data Access Rights Analysis and it will cover not only user access but also other relevant attributes such as location and time. For anonymization, the module will support ingestion of data (structured and non-structured) and a high level Domain specific Language for data transformation and anonymization. Based on the existing work of the partners, we expect that it will support a plethora of algorithms hashing leveraging the openssl lib. (Supporting tools: CHIMERA, KET, EPICA).
- Privacy Data Consent Monitoring and Notification (PDCMN) This module will be based on the XACML tool of ATOS and it will include a Privacy Data Consent Monitoring enforcer and notifier. It will support organisations to enforce and monitor the developed Privacy Data Consent (created during the PSC component) by automatically filtering traffic and removing any data that the data subject has not consent to share. Moreover, in such cases where there is an attempt to share data without appropriate consent PDCMN will provide an alert notification to both data controllers (organisations) and data subjects (clients/citizens). (Supporting tool: EPICA).
Data Breach component (DBC)
This component is responsible for modelling, analysing, detecting and responding to data breaches. It will take as input information from the Security/Privacy Specification Model and the Privacy Data Consent Model created at PSC and it will enable organisations to develop, at planning stage, a data breach model, which will then be used at run-time to detect, notify and respond to data breaches. It consists of the following modules:
- Data Breach Modelling and Analysis (DBMA) This module will provide an organisation with the capability to create a data breach model. Such model will include information (both organisational and technical) relevant to data breaches. In particular, it will include a representation of the organisations business processes, along with data flows and relevant security and privacy requirements. DBMA will also support analysis – based on the created module- of potential threats and data breaches as we as the definition of response plans (Supporting tools: Business Modeller).
- Data Breach detection and Response (DBD) This module will be based on the XL-SIEM (ATOS) and CERBERO (Business-e) tools and it will provide an information management system that will receive input from various sources (both from other components of the platform –e.g. data breach model and external sources – e.g. threat identification web sites), evaluate such information and detect, notify and respond to potential data breaches. As part of the notification process, the module will generate a data breach bulletin that will provide information about potential data breaches or will notify organisations about a data breach. In cases of a data breach, the module will enforce data breach response plans based on the analysis of the DBMA. (Supporting tools: XL-SIEM, CERBERO)
The platform dashboard acts as an interface (i.e. front-end) between the platform users (both organisations and clients/citizens, i.e. data controllers and data subjects) and the back-end components of the platform, as shown in the below figure:
The main purpose of the dashboard is on one hand to provide organisations with control over the creation, deployment, and monitoring of a data privacy governance strategy, which will help them to achieve GDPR compliance, and on the other hand to enable citizens/clients to interact with the platform to support the necessary consent related activities required by GDPR. Regarding the former, the dashboard will provide organisations with the following privacy related capabilities:
- Input Organisational Info to the platform This is supported mostly through the Data Assessment Component (DAC) through an easy to understand and interact questionnaire;
- Create, View and modify Organisational Privacy related models The platform allow organisations to create, view and modify the following models: Data Assessment Model, Data Privacy Model, Security/Privacy Specification Model, Privacy Data Consent Model, Data Breach model;
- Implement Privacy Technologies This is supported through the Privacy Implementation and Monitoring Component (PIMC);
- Monitor and Receive notifications about data subject consent and data breaches This is supported through the Privacy Implementation and Monitoring Component and the Data Breach Component;
- Monitor and evaluate GDPR compliance readiness and make use of
Moreover, the dashboard includes specific GDPR supporting modules:
This supports the collection of information from the platform models and its visualisation based on GDPR requirements. The result is a visual representation of the GDPR readiness of the organization and the ability to define a plan of action to achieve compliance
This module supports the collection of information required for GDPR reporting purposes. The information is collected by the platform models and it can be visualised through the dashboard as well as shared with relevant authorities