H2020 project WITDOM overview
1 like538 views
The WITDOM project aims to enhance privacy and security in untrusted environments through innovative frameworks and privacy-preserving technologies, co-funded by the EU's H2020 program. Over 36 months with a budget of approximately 4 million euros, the project focuses on developing effective tools and guidelines for the protection of sensitive data in e-health and financial services. Key outcomes include resource-efficient cryptographic techniques, user-centric privacy measures, and the creation of a privacy-preserving toolkit for real-world applications.
H2020 project WITDOM overview
- 1. empoWering prIvacy and securiTy in non-trusteD envirOnMents witdom.eu General Presentation
- 2. 22empoWering prIvacy and securiTy in non-trusteD envirOnMents Content 1) Project Facts 2) Objectives 3) Main Outcomes 4) Main innovations 5) Architecture 6) Pilots 7) Project structure 8) Project roadmap
- 3. 3 WITDOM stands for “empoWering prIvacy and securiTy in non-trusteD envirOnMents”. It is a Research and Innovation Action co-funded by the European Union H2020 Programme, within the thematic priority of Information and communications technologies (ICT). WITDOM was approved under call 1 of the H2020-ICT- 2014-1, ICT-32-2014 in the topic of Cybersecurity, Trustworthy ICT with project No. 644371. WITDOM started in January 2015 will run for 36 months. The overall project budget is around 4 million euro. 7 different organizations from 5 European countries form the WITDOM consortium. Project Facts
- 4. 4 A framework for end-to-end protection of data in untrusted and fast-evolving ICT-based environments. • Driven by privacy-and-security-by-design (PSbD) principles. • Holistic and all-encompassing. • Provide end-to-end security. Tools for effective protection of sensitive data: • Resource-efficient cryptographic primitives (e.g: SHE, FHE, SMC). • Privacy Enhanced Technologies (PETs) to enhance privacy- utility tradeoffs. • Effective verification of data and process integrity. • Secure protocols for outsourcing sensitive data. • Evaluation and assessment of privacy preferences. This WITDOM framework will be instantiated and validated in two application scenarios (eHealth and Financial Services) with demanding privacy requirements to protect sensitive data. Objectives
- 5. 6 Main Outcomes • Analysis and assessment of end-to-end privacy/security • Objective privacy metrics and quantifiable evaluation mechanisms. • Guidelines and methods for the analysis of security requirements and trust relationships • PSbD and user-empowered architectures and scenarios for outsourced / distributed environments. • Definition and enforcement of user-centric privacy-preferences. • Multi-party security and privacy analysis for outsourced/distributed eHealth and Financial services scenarios, instantiated architectures. • Resource-efficient cryptographic primitives, protocols and PETs for outsourced processing of sensitive data (addressing the trade-off between good performance and strong cryptographic protection). • Efficient cryptographic verifiability mechanisms for user-empowered outsourced processing • Evaluation of the developed primitives, quantitative assessment of the net advances in utility, efficiency and privacy/security • Privacy-preserving toolkit mplementing privacy-preserving primitives, protocols, privacy- enhancing techniques (PETs) and formalized preferences for user-centric verifiable outsourced processing (open-access building blocks). • Multi-disciplinary assessment of prototypes for eHealth and Banking scenarios, making use of the toolkit and showcasing the net advance and impact of the general and practical outcomes in two privacy-aware scenarios. General Outcomes Framework Practical Level Platform Implementation Level Toolkit& prototypes
- 6. 7 Main innovations Privacy Enhancing Techniques, perturbation mechanisms and privacy metrics Privacy- preserving cryptographic techniques supporting encrypted processing Cryptographic techniques for Integrity and Verifiability of outsourced processes European Legal Landscape – Comprehensive privacy metrics for sensitive outsourced data and quantifiable leakage and traces – Privacy guarantees even if an adversary has access to arbitrary background and secondary information (based on DP) – Fine-tune other complexity- dependent methods to match the life- span of Cloud-related environments. – Resource efficient SHE and FHE – PEKS, PERKS, SMC, ZK – Overcome the current limitations in terms of full anonymisation of financial and eHealth data – Produce efficient data processing techniques in both scenarios – Integrity and consistency guarantees (i.e., fork-linearizability and derived) – Overcome current restrictions to simple storage services, and the severe limitations in concurrent operation – Advance verification of remote computation respecting multi-client input privacy – Follow the evolution GDPR, opinions and recommendations of Article 29 WP – Translate these legal requirements into technological requirements, enabling seamless assessment of legal compliance Holistic vision, with interrelated and entangled advance in all areas
- 7. 8 Architecture SPM: Coding/obfuscating/encryp ting allowing for the secure realization of certain operations implemented as secure primitives within the secure processing modules (APIs or software libraries) with a client-server structure Comms protocols: Between two SPMs, as part of the advanced cryptographic techniques used for data and signal processing in the encrypted domain and PETs Policy Enforcement, Auth, Verifiability Compliance of user preferences to access control to private data, anonymity/privacy enforcement, and data and process integrity. Secure Storage Module Encryption standards, perturbation mechanisms and data formats in unsecured environments, enabling the verifiable encrypted processing protocols.
- 8. 9 Genetic/proteomic databases protection, shared for large- scale research analyses and outsourced individual clinical analyses. Scenario I: e-Health Citizens (Data owners) Database Generators (Genetic data) Genetic Research Institutes Certification Authority & Key Management Private Requests: Genetic Analyses and Studies Cloud Diagnosis Services Genetic Research Knowledge enabling Genetic Diagnosis Citizens with their protected DNA metadata Private Requests Protected Metadata Knowledgebase Expert System working with Protected Signals Outsourced Genetic Databases with protected raw data
- 9. 10 Protection of large-scale outsourced financial data storage and processing (financial risk calculation, fraud detection,...) Scenario II: Financial Services Protected Processing requestsBanking Institution Certification Authority & Key Management Outsourced Databases processing protected data Other Banking Institutions Security Perimeters In-House Private Cloud Bank Clients Public Cloud
- 10. 11 Project Structure WP1 Project & Innovation Management (ATOS) WP7 Dissemination, communication, exploitation and standardization (ATOS) WP2 Requirements analysis and prototypes evaluation (FCSR) WP3 Basic research on enabling privacy and cryptographic tools (UVIGO) WP6 Legal requirements and validation (KU Leuven) WP5 Privacy preserving platform toolkit and prototypes (XLAB) WP4 applied research and architectural design (IBM)
- 11. 12 Project Roadmap Requirements Formalization Legal Requirements Fundamental Research Architecture Implementation&Prototypes Translation of DP Directives Management Communication/Dissemination/Standardization/Exploitation Validation/ Assessment Final Validation WP1 WP2 WP3 WP4 WP5 WP6 WP7 Year 1 (M1-M12) Year 2 (M3-M24) Year 3 (M25-M36)
- 12. Partners Contact Elsa Prieto (Atos) WITDOM coordinator and Exploitation & Innovation Manager elsa.prieto@atos.net witdom.eu This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 64437. This work was supported in part by the Swiss State Secretariat for Education, Research and Innovation under contract No. 15.0098. The opinions expressed and arguments employed herein do not necessarily reflect the official views of the European Commission or the Swiss Government.