Skip to main content

Methods and tools for GDPR compliance through Privacy and Data Protection Engineering

Deliverables

Risk management methods for data protection and privacy v1

This document will describe the risk management method, including all methodological elements besides the tool. The document will be revised in M23 to adapt the method to the feedback received from stakeholders.

Overall system requirements v1

This document will specify the prioritized technical requirements to be satisfied by the PDP4E tools. A revised version will be delivered in M23 following the first validation.

Methods for data protection model-driven design v1

This document will describe the data-protection model-driven design method, including all methodological elements besides the tool. The document will be revised in M23 to adapt the method to the feedback received from stakeholders.

Specification and design of model-driven design tool for privacy and data protection v1

This document will provide the detailed design of the tool for data protection and privacy model-driven design tool. A first version will be delivered in M14, which will be revised in M18 and M33 introducing the insights from the validation activities.

Specification and design of risk management tool for data protection and privacy v2

This document will report on the interoperability among the different tools delivered, proposing changes for the second development iteration. It will be a first version on Month 18, after validation, it will be a v2 by the Month 33, at the end of the project.

Specification and design of model-driven design tool for privacy and data protection v2

This document will provide the detailed design of the tool for data protection and privacy model-driven design tool. A first version will be delivered in M14, which will be revised in M18 and M33 introducing the insights from the validation activities.

Assurance methods for data protection and privacy v1

This document will describe the assurance method for data protection and privacy, including all methodological elements besides the tool. The document will be revised in M23 to adapt the method to the feedback received from stakeholders.

D2.1 Multi-stakeholder specification

This document will collect the needs expressed by the different PDP4E stakeholders, including the customers targeted by the demonstration pilots (T2.1) and the developers from the open-source community (T2.1), as well as the legal and ethical constraints identified in T2.2.

Specification and design of assurance tool for data protection and privacy v2

This document will provide the detailed design of the tool for data protection and privacy assurance tool. A first version will be delivered in M14, which will be revised in M18 and M33 introducing the insights from the validation activities.

Requirements engineering methods for privacy and data protection v1

This document will describe the requirements engineering method, including all methodological elements besides the tool. The document will be revised in M23 to adapt the method to the feedback received from stakeholders.

Specification and design of risk management tool for data protection and privacy v1

This document will provide the detailed design of the tool for data protection and privacy risk management. A first version will be delivered in M14, which will be revised in M18 and M33 introducing the insights from the validation activities.

Specification and design of assurance tool for data protection and privacy v1

This document will provide the detailed design of the tool for data protection and privacy assurance tool. A first version will be delivered in M14, which will be revised in M18 and M33 introducing the insights from the validation activities.

Specification and design of requirements engineering tool for privacy and data protection v2

This document will provide the detailed design of the tool for data protection and privacy requirements engineering. A first version will be delivered in M14, which will be revised in M18 and M33 introducing the insights from the validation activities.

Specification and design of requirements engineering tool for privacy and data protection v1

This document will provide the detailed design of the tool for data protection and privacy requirements engineering. A first version will be delivered in M14, which will be revised in M18 and M33 introducing the insights from the validation activities.

Overall architecture and methodological framework v1

This deliverable will detail the architecture of the software tools, their interfaces and data models, as well as the underlying methodological framework. A revision will be delivered in M23 to introduce the changes derived from the validation.

Multistakeholder specification v2

This document will collect the needs expressed by the different PDP4E stakeholders, including the customers targeted by the demonstration pilots (T2.1) and the developers from the open-source community (T2.1), as well as the legal and ethical constraints identified in T2.2. This deliverable will encompass the modifications according to use case Automotive.

Integration report v1

This document will report on the interoperability among the different tools delivered, proposing changes for the second development iteration. It will be a first version on Month 18, after validation, it will be a v2 by the Month 36, at the end of the project.

Risk management tool for data protection and privacy v1

This is the source code of the tool. An evolved version will be delivered in M33.

Model-driven design tool for privacy and data protection v1

This is the source code of the tool. An evolved version will be delivered in M33.

Assurance tool for data protection and privacy v1

This is the source code of the tool. An evolved version will be delivered in M33.

Requirements engineering tool for privacy and data protection v1

This is the source code of the tool. An evolved version will be delivered in M33.

Publications

Agile risk management for multi-cloud software development

Author(s): Victor Muntés-Mulero, Oscar Ripolles, Smrati Gupta, Jacek Dominiak, Eric Willeke, Peter Matthews, Balázs Somosköi
Published in: IET Software, Issue 13/3, 2019, Page(s) 172-181, ISSN 1751-8806
DOI: 10.1049/iet-sen.2018.5295

Reusable Elements for the Systematic Design of Privacy-Friendly Information Systems: A Mapping Study

Author(s): Julio C. Caiza, Yod-Samuel Martin, Danny S. Guaman, JOSE M. Del Alamo, Juan C. Yelmo
Published in: IEEE Access, Issue 7, 2019, Page(s) 66512-66535, ISSN 2169-3536
DOI: 10.1109/access.2019.2918003

Service level agreement-based GDPR compliance and security assurance in (multi)Cloud-based systems

Author(s): Erkuden Rios, Eider Iturbe, Xabier Larrucea, Massimiliano Rak, Wissam Mallouli, Jacek Dominiak, Victor Muntés, Peter Matthews, Luis Gonzalez
Published in: IET Software, Issue 13/3, 2019, Page(s) 213-222, ISSN 1751-8806
DOI: 10.1049/iet-sen.2018.5293

Manipulation and Malicious Personalization: Exploring the Self-Disclosure Biases Exploited by Deceptive Attackers on Social Media

Author(s): Esma Aïmeur, Nicolás Díaz Ferreyra, Hicham Hage
Published in: Frontiers in Artificial Intelligence, Issue 2, 2019, ISSN 2624-8212
DOI: 10.3389/frai.2019.00026

Smart Grid Challenges through the lens of the European General Data Protection Regulation

Author(s): Jabier Martinez, Alejandra Ruiz, Javier Puelles, Ibon Arechalde, Yuliya Miadzvetskaya
Published in: Information Systems Development: Information Systems Beyond 2020 (ISD2019 Proceedings), Issue 2019, 2019

Model-driven Evidence-based Privacy Risk Control in Trustworthy Smart IoT Systems

Author(s): Victor Muntés-Mulero, Jacek Dominiak, Elena Gonzalez, David Sanchez-Charles
Published in: Joint Proceedings of the Workshop on Model-Driven Engineering for the Internet of Things (MDE4IoT) & of the Workshop on Interplay of Model-Driven and Component-Based Software Engineering (ModComp), Issue Vol-2442, 2019, Page(s) 15-22, ISSN 1613-0073

Methods and Tools for GDPR Compliance Through Privacy and Data Protection Engineering

Author(s): Yod-Samuel Martin, Antonio Kung
Published in: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Issue 2018, 2018, Page(s) 108-111
DOI: 10.1109/eurospw.2018.00021

The GDPR & Speech Data: Reflections of Legal and Technology Communities, First Steps Towards a Common Understanding

Author(s): Andreas Nautsch, Catherine Jasserand, Els Kindt, Massimiliano Todisco, Isabel Trancoso, Nicholas Evans
Published in: Interspeech 2019, Issue 2019, 2019, Page(s) 3695-3699, ISSN 1990-9772
DOI: 10.21437/interspeech.2019-2647

The Impact of Artificial Intelligence on Security: a Dual Perspective

Author(s): Avi Szychter, Hocine Ameur, Antonio Kung, Hervé Daussin
Published in: Computer and Electronics Security Applications Rendez-Vous, 2019