Abstract
Cyber-attacks represent a serious threat to public authorities and their agencies are an attractive target for hackers. The public sector as a whole collects lots of data on its citizens, but that data is often kept on vulnerable systems. Especially for Local Public Administrations (LPAs), protection against cyber-attacks is an extremely relevant issue due to outdated technologies and budget constraints. Furthermore, the General Data Protection Regulation (GDPR) poses many constraints/limitations on the data usage when “special type of data” is processed. In this paper the approach of the EU project COMPACT (H2020) is presented and the solutions used to guarantee the data privacy during the real time monitoring performed by the COMPACT security tools are highlighted.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Time to face up to cyber risk. http://www.publicfinance.co.uk/opinion/2016/03/time-face-cyber-risk. Accessed 09 Apr 2018
Coppolino, L., D’Antonio, S., Romano, L.: Exposing vulnerabilities in electric power grids: an experimental approach. Int. J. Crit. Infrastr. Prot. 7 (2014). https://doi.org/10.1016/j.ijcip.2014.01.003
Coppolino, L., D’Antonio, S., Formicola, V., Romano, L.: Enhancing SIEM technology to protect critical infrastructures, pp. 10–21 (2013). https://doi.org/10.1007/978-3-642-41485-5_2
Coppolino, L., D’Antonio, S., Formicola, V., Romano, L.: Integration of a system for critical infrastructure protection with the OSSIM SIEM platform: a dam case study, vol. 6894, pp. 199–212 (2011). https://doi.org/10.1007/978-3-642-24270-0_15
D’Antonio, S., Coppolino, L., Elia, I., Formicola, V.: Security issues of a phasor data concentrator for smart grid infrastructure (2011). https://doi.org/10.1145/1978582.1978584
Data Breach Investigations Report (DBIR). http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/. Accessed 09 Apr 2018
CCN-CERT, Threats and Risk Analysis in Industrial Control Systems (ICS), Report IA-04/16, Centro Criptologico Nacional, Madrid, 28 January 2016. (in Spanish). https://www.ccn-cert.cni.es/informes/informes-ccncert-publicos/1381-ccn-cert-ia-04-16-amenazas-y-analisis-de-riesgos-en-sistemas-de-control-industrial-ics/file.html. Accessed 09 Apr 2018
Data security incident trends. https://ico.org.uk/action-weve-taken/data-security-incident-trends/. Accessed 09 Apr 2018
Gajli, A.: Time to face up to cyber risk, Public Finance, 31 March 2016. http://www.publicfinance.co.uk/opinion/2016/03/time-face-cyber-risk. Accessed 09 Apr 2018
3 Basic cyber security threats to be aware of that people still get wrong. http://blog.scstechsolutions.co.uk/3-basic-cyber-security-threats/. Accessed 09 Apr 2018
Biggest cybersecurity threats in 2016. http://www.cnbc.com/2015/12/28/biggest-cybersecurity-threats-in-2016.html. Accessed 09 Apr 2018
Top 7 Cyberthreats to Watch Out for in 2015-2016. Kaspersky Lab
Computer security and incident response teams network. https://www.enisa.europa.eu/topics/national-csirt-network
El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Proceedings of CRYPTO 84 on Advances in Cryptology. Springer, New York, pp. 10–18 (1985). http://dl.acm.org/citation.cfm?id=19478.19480
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-x_16
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, STOC 2009, pp. 169–178. ACM, New York (2009). https://doi.org/10.1145/1536414.1536440, http://doi.acm.org/10.1145/1536414.1536440
van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers, Cryptology ePrint Archive, Report 2009/616 (2009). http://eprint.iacr.org/2009/616
Naehrig, M., Lauter, K., Vaikuntanathan, V.: Can homomorphic encryption be practical? In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, CCSW 2011, pp. 113–124. ACM, New York (2011). https://doi.org/10.1145/2046660.2046682, http://doi.acm.org/10.1145/2046660.2046682
Acknowledgments
This project has received funding from the European Union’s Horizon 2020 Framework Programme for Research and Innovation under grant agreements No 74071 (COMPACT)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Sgaglione, L., Mazzeo, G. (2019). A GDPR-Compliant Approach to Real-Time Processing of Sensitive Data. In: De Pietro, G., Gallo, L., Howlett, R., Jain, L., Vlacic, L. (eds) Intelligent Interactive Multimedia Systems and Services. KES-IIMSS-18 2018. Smart Innovation, Systems and Technologies, vol 98. Springer, Cham. https://doi.org/10.1007/978-3-319-92231-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-92231-7_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-92230-0
Online ISBN: 978-3-319-92231-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)