Periodic Reporting for period 2 - C3ISP (Collaborative and Confidential Information Sharing and Analysis for Cyber Protection)
Okres sprawozdawczy: 2017-10-01 do 2019-09-30
C3ISP provides a flexible framework allowing confidential and collaborative information sharing and analysis in order to ease cyber protection among relevant stakeholders.
We envision a flexible and confidential framework for managing information shared for security analytics. In our scenario information providers are also the consumers of the analysis results. Hence, we will refer these entities as information prosumers.
The framework will allow the prosumers to define their Data Sharing Agreements (DSAs) in order to express their contractual requirements for providing and consuming their information and possibly compulsory law obligations as well as specific anonymization/encryption actions to be performed on data.
C3ISP has the following objectives:
Objective 1: build a flexible, confidential and privacy-preserving framework for managing data sharing agreements, for security purposes, by different prosumers
Objective 2: define data analytics for security services in a collaborative and confidential way
Objective 3: improve, mature and integrate several tools provided by C3ISP partners and tailor those to the specific needs of the C3ISP platform and Pilots
Objective 4: apply the framework to four pilots for:
1. Internet Service Providers (ISPs) Pilot;
2. Governmental CERT Pilot;
3. Enterprise Pilot;
4. SMEs Pilot.
Objective 5: promote and ease the exploitation, communication, standardization, dissemination and adoption of its results.
We envision a flexible and confidential framework for managing information shared for security analytics. In our scenario information providers are also the consumers of the analysis results. Hence, we will refer these entities as information prosumers.
The framework will allow the prosumers to define their Data Sharing Agreements (DSAs) in order to express their contractual requirements for providing and consuming their information and possibly compulsory law obligations as well as specific anonymization/encryption actions to be performed on data.
C3ISP has the following objectives:
Objective 1: build a flexible, confidential and privacy-preserving framework for managing data sharing agreements, for security purposes, by different prosumers
Objective 2: define data analytics for security services in a collaborative and confidential way
Objective 3: improve, mature and integrate several tools provided by C3ISP partners and tailor those to the specific needs of the C3ISP platform and Pilots
Objective 4: apply the framework to four pilots for:
1. Internet Service Providers (ISPs) Pilot;
2. Governmental CERT Pilot;
3. Enterprise Pilot;
4. SMEs Pilot.
Objective 5: promote and ease the exploitation, communication, standardization, dissemination and adoption of its results.
All the planned milestones have been achieved and these are the main results in the first year:
• All the management activities have been carried out, including financial distribution and one amendment requested by the partners. More than 6 project meetings were organized by the partners;
• All the requirements from the pilots have been collected and elaborated;
• The main C3ISP architectural features have been defined using the previous requirements;
• All the pilots have their own architecture and embed the C3ISP main architectural components;
• Several components of the C3ISP architecture started the maturation phase;
• Several publications were produced in the topics of the project;
• A scientific book on collaborative security has been agreed with Springer, a main global publisher, due to the interests in the topics of the project.
• All the management activities have been carried out, including financial distribution and one amendment requested by the partners. More than 6 project meetings were organized by the partners;
• All the requirements from the pilots have been collected and elaborated;
• The main C3ISP architectural features have been defined using the previous requirements;
• All the pilots have their own architecture and embed the C3ISP main architectural components;
• Several components of the C3ISP architecture started the maturation phase;
• Several publications were produced in the topics of the project;
• A scientific book on collaborative security has been agreed with Springer, a main global publisher, due to the interests in the topics of the project.
The project will deliver an innovative framework for collaborative information sharing and anaylitics for cyber protection. It develops a framework where user is empowered with control and capability to define the leve of privacy and confidentiality for its data. The framework puts together and integrates several different techniqus and approachs from data usage contorl to differential privacy and homomorphic computing. In all these areas there is progress beyond the state f the art. Several improvements have been developed duirng the first year as the many publications testify.