4 Security & Privacy in Supply Chain Management based on the PRIME Project Privacy and Identity Management for Europe
5 PRIME Vision In the Information Society, users can act and interact in a safe and secure way while retaining control of their private sphere.
6 PRIME Objectives Advance the state-of-the-art in privacyenhancing identity management Demonstrate how to embed European privacy laws and regulations into technology Empower individuals to effectively realise their right to privacy and informational selfdetermination Development of real-world tools and solutions for identity management
7 PRIME Objectives (1/2) Advance the state-of-the-art in privacy-enhancing identity management by: Laying the theoretical foundations, taking into account current environments as well as future scenarios. Developing novel, practical solutions and approaches to the validation and communication of the level of privacy and security achieved. Raising awareness of the privacy problems and of practically feasible options.
8 PRIME Objectives (2/2) PRIME takes a highly interdisciplinary approach in order to produce solutions that are Technically feasible; Understandable and manageable by end users; Socially desirable and acceptable; Legally required; Commercially viable and exploitable.
9 PRIME seems about Private People but what about Products & Processes
10 Security& Privacy in a World where.
11 The Supply Networks Suppliers (thailand) Manufacturers (China) Port of Rotterdam HPH-ECT EDC Germany Customer NYK Asia Lines P&O Nedlloyd ERS rail shuttle Vos European transport are monitored and sensed
12 The Supply Networks Suppliers (thailand) Manufacturers (China) Port of Rotterdam HPH-ECT EDC Germany Customer NYK Asia Lines P&O Nedlloyd ERS rail shuttle Vos European transport Product Privacy Actor Process Privacy Privacy
13 How do we handle this Security & Privacy in a Chain or Network
14 If Security Requirements too Restrictive than Problem
15 If Security Requirements too Lax than Problem
16 Secure Info exchange in SC transactions Agent applications Structuring based on SCOR model horizontal, vertical and cross organisational coordination
17 So Definition of SLA s for Security & Privacy in Supply Chain exchanges
18 SLA architecture SLA instance outcome compliant with legal framework contract Rights granted information gatherer by security protector Euros Settlement terms based on security feature values SLA Information Each party has both a Cost and a Benefit function Security protector security feature metrics Information gatherer
19 Security Enhancing (agent) Technologies Next generation of Security Enhancing Technologies SET Data Disclosure Client Roles Software agent Anonymous Pseudonym Business Fully detailed Data tracking
20 Service Level Negotiation Software agent Disclosure of personal data Business Conditions, ex: Delete all Sensitive data after transaction is complete
21 Future Smart & Secure Supply Chains use this type of Technologies
22 Research Questions The engineering approach given all the technological possibilities How to design? How to control? The New Secure &Privacy Robust Supply Chain
23 Research Questions Can we develop Theory and Models that help in Design and Control Problems and create NEW BUSINESS OPPORTUNITIES for such Secure & Privacy Robust Supply Chains
24 Research Questions Can we develop Theory and Models that help in Evaluating Economic and Social Consequences?
25 Research Challenge Can we together work on a Secure And Privacy Robust Future for Our Economy
26 PROTECT Project factsheet Status: project started 1/1/2005 Duration 4 years Total project budget % subsidy BSIK fund administered by TRANSUMO Project coordination RSM Erasmus University Key question: How can companies generate benefits from security in the supply chain?
27 PROTECT: Overview Demarcation and definition of security Threat analysis Steering group WP 1 WP 2 WP 3 WP 4 Assessments of benefits of measures Policy monitoring track Prioritisation of solutions Business panel track Fundamental research track Security in global supply chains Phase II Pilots & Demonstration Projects Solutions WP 5: Technology WP 6: Regulatory WP 7: Operations
28 PROTECT The involvement of the business community in PROTECT is very important! We hope to secure your cooperation
29 The Seminar Speakers Ko Colijn (Erasmus Univeristy) Roeland van Bockel (European Commission) Peter Mackenbach (DNV) Cees Scheepens (Philips International) Interactieve sessie
30 Today in With Privacy & security in Supply Chains
32 It is more than what you see.
33 And a lot more.. Thrilling!
34 13:40 Dr. J. Colijn, Erasmus Universiteit Internationale Ontwikkelingen & Terroristische Dreigingen 14:10 R. van Bockel, Europese Commissie, DG TREN Stand van Zaken Europese Wet- en Regelgeving omtrent Security 14:40 Break 15:00 P. Mackenbach, Det Norske Veritas Impact van Wetgeving op Bedrijfsleven 15:30 C. Scheepens, Philips Security in de Praktijk als Onderdeel van Supply Chain Management 16:00 Interactieve Sessie o.l.v. Jo van Nunen en Albert Veenstra 17:00 Afsluiting met drankje
IDENTITY MANAGEMENT DEFINED How to position enterprises into the Identity Management framework Informatics & Economics Faculty of Economics Erasmus University Rotterdam Monday, 19 December 2005 Drs. (Master)
1. Leadership in the Public Sector Program Outline (2015 2016) (16 day program) Is the public sector leadership even possible in an environment that is constrained by labour unions, unresponsive incentives
Approach to Information Security Architecture Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera About TeliaSonera TeliaSonera provides network access and telecommunication services that help
State of Privacy Report 2015 SYMANTEC / STATE OF PRIVACY REPORT 2015 01 Contents Introduction 02 01 The Depth of Security Concern 05 02 The Data Trust Gap 19 03 Where Does The Responsibility Lie? 27 04
Green Paper on Citizen Science Citizen Science for Europe Towards a better society of empowered citizens and enhanced research Green Paper on Citizen Science Citizen Science for Europe Towards a better
PROJECT FINAL REPORT Grant Agreement number: 212117 Project acronym: FUTUREFARM Project title: FUTUREFARM-Integration of Farm Management Information Systems to support real-time management decisions and
LSI YW00 Youth Work National Occupational Standards Introduction Youth Work National Occupational Standards Introduction Contents: Suite Overview...2 Glossary......8 Functional Map.11 List of Standards..15
WHITEPAPER CLOUD Possible Use of Cloud Technologies in Public Administration Version 1.0.0 2012 Euritas THE BEST WAY TO PREDICT THE FUTURE IS TO CREATE IT. [Willy Brandt] 2 PUBLISHER'S IMPRINT Publisher:
CALL FOR EVIDENCE ON PROPOSED EU DIRECTIVE ON NETWORK AND INFORMATION SECURITY Summary of Responses SEPTEMBER 2013 About this consultation To: All interested parties Duration: From 22/05/13 to 21/06/13
CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
BS 11000 Collaborative Business Relationships It s your choice Your implementation guide BS 11000 - Collaborative Business Relationships Background BS 11000 is a recognized standard for ensuring mutually
EUROPEAN COMMISSION Brussels, 2.7.2014 COM(2014) 442 final COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE
TRADE COMPLIANCE: THE BASIS FOR A TRUSTED SUPPLY CHAIN Whitepaper 25-11-2014 Version 0.12 Table of Contents 1 Management Summary...3 2 Introduction...5 3 What is Trade Compliance?...6 4 The Business drivers
ADVISORY The Business Codes of the Fortune Global 200 What the largest companies in the world say and do 2 The Business Codes of the Fortune Global 200 The Business Codes of the Fortune Global 200 3 Table
Role Profile Job Description Job Title.NET Senior Analyst Developer Directorate or Region UK Department/Country GIS / Poland Location of post Warsaw Pay Band 8 Reports to Aleksandra Bogdanov Duration of
EXPLORATORY RESEARCH IN ATM David Bowen Chief ATM 4 th May 2015 1 ATM Research in Europe HORIZON Transport Challenges smart, green and integrated transport FlightPath 2050 five challenges to aviation beyond
Science System Assessment Societal Impact Analysis Next Generation Infrastructures Final Report Stefan de Jong, Laurens Hessels & Barend van der Meulen Societal Impact Analysis Next Generation Infrastructures
Exploiting the Experience of Transformation IT Outsourcing 2006 IT World Limited on behalf of the BuyIT Best Practice Network Page 1 P12 IT Outsourcing May 2006 Forewords One of the prime objectives of
214 GOVERNANCE OF CYBERSECURITY ISACA Chapter NL 2 About ISACA As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading
The Asset Management Landscape Second Edition ISBN 978-0-9871799-2-0 Published March 2014 www.gfmam.org The Global Forum on Maintenance and Asset Management The Global Forum on Maintenance and Asset Management
Leeds Beckett University Faculty of Arts, Environment & Technology PERCCOM Master Program Master s Thesis in Pervasive Computing & COMmunications for sustainable Development Maike Schmidt A Web-Based Environmental
Sources of Innovation and Competitiveness: National Programmes Supporting the Development of Work Organisation Final Report to DG Employment and Social Affairs Peter Brödner and Erich Latniak Institute
ANALYSIS OF CYBER SECURITY ASPECTS IN THE MARITIME SECTOR November 2011 Analysis of cyber security aspects in the maritime sector I Contributors to this report ENISA would like to express its gratitude
Public Consultation on Cloud Computing Public Consultation on Cloud Computing Creation date 30-08-2011 Last update date User name null Case Number 776993758361424211 Invitation Ref. Status N Language en