COBWEB

Privacy and Security

Andreas Matheus

andreas.matheus@secure-dimensions.de

21 June 2016

DoW Objectives regarding Privacy

1. “ensure compliance with the data protection act (published as 95/46/EC) when implementing, evaluating and demonstrating the Citizen Observatory Framework”

2. “provide a means of authentication and access control to provide an appropriate level of assurance concerning the identity of the individual”

DoW Objectives regarding Security

3. „ensure by means of access control that the confidentiality of certain types of information (e.g. the location of endangered species) is only released to authorised users“

Executive Summary on Privacy

• Privacy and Security in the context of Citizen Science / Crowd Sourcing

• Focusing on the ability of the COBWEB system to • be in compliance with 95/46/EC (Data Protection

Act) regarding Privacy• ensure that personal data or sensitive data from

observations is only released to authorized users and COBWEB processes such as the quality service(s)

The technical aspects – Security

• Ensure wellbeing of creatures• survey results can be sensitive, e.g.

endangered species, time & location

• Supporting users with social media login

• Supporting the survey types• Public – anyone can participate with no login• Protected – you must login to opt in• Private – you must register and be invited

COBWEB Framework

Security Architecture Overview

The used standards (security only)

• Use of Open Standards where possible and applicable to ensure interoperability• OGC: GeoXACML• OASIS: SAML• IETF: HTTP over TLS, OAuth

• COBWEB is a distributed architecture with different Technology Readiness Levels • COBWEB is a Research Project• COBWEB “core” and security is high TRL

Challenge to Identify the “Black Sheep”

Survey

Public Survey Private Survey

observationobservationobservationobservationobservationobservation

observationobservationobservationobservationobservationobservation

marked “red”at survey creation

marked “green”at survey creation

but some might be “red” by accident =>

“black sheep”

observationobservationobservationobservationobservationobservation

Support Delegation of Access in a Workflow

• Support QA to use protected worker services (e.g. WMS, WFS, etc.) delegation of access rights must be implemented

Conclusion of the privacy / security

• COBWEB has successfully addressed the privacy and managed access

• COBWEB security architecture is based on the concept of an access management federation as in operation in the academia

• Security is high TRL in COBWEB

• Introduced privacy and security concept will be applied in H2020 project LandSense http://landsense.eu/ (kick-off 27/28 Sep. ’16)

Thank you for paying attention!

It is important, to do security right...

Secure Dimensions GmbH Holistic Geosecurity Dr. Andreas Matheus

Waxensteinstr. 28 D-81377 München, Germany

Email am@secure-dimensions.de Web www.secure-dimensions.de