Personal Information Security Assistant (PISA)



Similar documents
Graphical User Interfaces. Prof. dr. Paul De Bra Technische Universiteit Eindhoven Universiteit Antwerpen. 2005/2006 Graphical User Interfaces 2

12/17/2012. Business Information Systems. Portbase. Critical Factors for ICT Success. Master Business Information Systems (BIS)

How to manage Business Apps - Case for a Mobile Access Strategy -

MAYORGAME (BURGEMEESTERGAME)

Informatiebeveiliging volgens ISO/IEC 27001:2013

Constructief omgaan met conflicten

Project number Applicant Title Partners + Collaboration

IBK Scholingsdag. Created with Haiku Deck, presentation software that's simple, beautiful and fun. page 1 of 44

Oversight Management: een zinvolle aanvulling!

Maximizer Synergy. BE Houwaartstraat 200/1 BE 3270 Scherpenheuvel. Tel: Fax:

Behavior Change Support Systems for Privacy and Security

ISACA Roundtable. Cobit and 7 september 2015

Ons privacybier. Derde privacycafé Data Protection Institute 13 januari 2016 Thomas More Mechelen 21/01/16

CO-BRANDING RICHTLIJNEN

IJkdijk: June :33:06

The information in this report is confidential. So keep this report in a safe place!

Security Assessment Report

PROFIBUS & PROFINET Nederland PROFIBUS, PROFINET en IO-Link. Ede, 12 november 2009

Cambridge International Examinations Cambridge International General Certificate of Secondary Education

GMP-Z Annex 15: Kwalificatie en validatie

Management control in creative firms

Big data, the future of statistics

Mobile Broadband Security Services - A Quick Tutorial

Making, Moving and Shaking a Community of Young Global Citizens Resultaten Nulmeting GET IT DONE

Windows Azure Push Notifications

IT-waardeketen management op basis van eeuwenoude supply chain kennis

NL VMUG UserCon March

The new release of Oracle BI 11g R1

* With contributions of: Edwin de Jonge and Paul van den Hurk. Definition and the 3 V s. Can Big Data be used for official statistics?

Doorstroommogelijkheden in 3TU-verband in 2008 en 2009

Information Security Governance

#BMIT. Welcome. Seminar Business Continuity

HR Transformation and Future of HR Brussel, 25 april 2013 Material part 1/2

How To Design A 3D Model In A Computer Program


CyberDEW Een Distributed Early Warning Systeem ten behoeve van Cyber Security

Gert Eijkelboom Enterprise Architect De Nederlandsche Bank. NAF Insight ArchiMate, 8 maart 2012

What Is KAURI?

Round Tables Maintenance Follow up meeting. Aad Veenman Chairman

Cloud. Transformatie. Cases.

Virtualisatie. voor desktop en beginners. Gert Schepens Slides & Notities op gertschepens.be

Network Assessment Client Risk Report Demo

Tooway 2015 prices / prijslijst

Platform voor Informatiebeveiliging IB Governance en management dashboards

AUC and the wider learning context. Tilburg, 12 December 2012

IC Rating NPSP Composieten BV. 9 juni 2010 Variopool

Making Leaders Successful Every Day

Examen Software Engineering /09/2011

Hoorcollege marketing 5 de uitgebreide marketingmix. Sunday, December 9, 12

Metaphors for knowledge

Individual project 2010: Kick- off. 13 April 2010

If your internal communication is really effective?

Relationele Databases 2002/2003

Design Document. Developing a Recruitment campaign for IKEA. Solve-

3PM²: an integrated approach to enable the execution of organisational strategy. 3PM² - 16 november 2012 Stanwick Management Consultants

Police and gendarmerie reform in Belgium: from force to service

How To Test A Website On A Web Browser

Big CBS. Experiences at Statistics Netherlands. Dr. Piet J.H. Daas Methodologist, Big Data research coördinator. Statistics Netherlands

ACCESS CONTROL AND SERVICE-ORIENTED ARCHITECTURES

Risk-Based Monitoring

Pitches Datamanagement:

Safety Analysis Nitrogen Vessel

Ontwikkelingen in het onderwijs. Eduard Beck & Martin Diepeveen 31 maart 2016

Schadevoorziening bij brand- en bouwveiligheid

Mijn spelen is mijn leren, dus speel ik computerspelletjes

Specification by Example (methoden, technieken en tools) Remco Snelders Product owner & Business analyst

Program overview. 09-Jul :40. Year 2013/2014 Technology, Policy and Management

THE EMOTIONAL VALUE OF PAID FOR MAGAZINES. Intomart GfK 2013 Emotionele Waarde Betaald vs. Gratis Tijdschrift April

Engineering Natural Lighting Experiences

SURE: Statistics on the Usage of REpositories

De rol van requirements bij global development

Presentation about Worknets on the Bridge-IT conference. Barcelona, March 2011

tablet technologie in het onderwijs

Inclusive Education : An international perspective

MINISTRY OF DEFENCE LANGUAGES EXAMINATIONS BOARD

Proprietary Kroll Ontrack. Data recovery Data management Electronic Evidence

Environment-behavior Studies and Design Research.

Special Interest Group Oracle WebCenter

Is het nodig risico s te beheersen op basis van een aanname..

Hoeveel is uw informatievoorziening waard?

What can Office 365 do for your organization? Cor Kroon

The network serves as a medium for new media art. This does not comprise a

Querying Microsoft SQL Server 2012

Uniface en PostgreSQL, de eerste ervaringen

Active Security: Welfare to Work on the Work Floor

IS research relevance from an industrial perspective. Ir. A.F.Baldinger Chairman of NAF

Het Secure Datacenter

5 e CSIT World Sports Games

Example-Based Treebank Querying. Liesbeth Augustinus Vincent Vandeghinste Frank Van Eynde

TRENDS IN TRAVEL. GfK turning research into business opportunities. Judith Nijk,

Self-employed and independent IT professional, specialized in enterprise and solutions architecture.

Welkom! Copyright 2014 Oracle and/or its affiliates. All rights reserved.

Software VOC netwerkbijeenkomst De kansen van OEM. Hans Schut OEM Partner Manager Nederland 9 juli 2014

Hoe onze wereld aan het veranderen is

Subject information: Subject: English

Implementeren van HL7v3 Web Services

Serious Game for Amsterdam Nieuw-West

Ferjan Ormeling. Mobile Solutions Specialist Microsoft BV

Uw partner in system management oplossingen

IMPT Intensity Modulated Proton Therapy

Transcription:

Personal Information Security Assistant (PISA) Prof. Dr. Roel Wieringa Universiteit Twente 3 Juli 2013 Cybersecurity Veldraadpleging 1

Project goal To develop and field-test a tool that performs IT risk management for consumers Long-term, but applied cybersecurity research 3 Juli 2013 Cybersecurity Veldraadpleging 2

Project motivation End-users are the weakest link in IT security Easy prey for cyberattacks Easy resources (botnets) for cyberattacks Improvement in end-user security has potentially large rewards End-users can function as early adopters 3 Juli 2013 Cybersecurity Veldraadpleging 3

Tool architecture PISA Client End-user PISA Risk Repository PISA Assurance Provider IT Service IT Service Provider End-user: Consumer, independent entrepeneur, or employee IT service: An application, service or device IT service provider: The organization delivering the service 3 Juli 2013 Cybersecurity Veldraadpleging 4

Tool architecture PISA Client End-user PISA Risk Repository PISA Assurance Provider IT Service IT Service Provider Client collects data about IT services used by end-users Risk repository maintains data about risks of IT services Assurance provider answers questions about end-user s risk profile 3 Juli 2013 Cybersecurity Veldraadpleging 5

Three usage scenarios Independent components End user (e.g. an entrepeneur) manually configures and manages PISA client; Independent provider manages risk repository; Trusted third party manages assurance provider. Integrated scenario IT service provider (e.g. social network) integrates PISA components in its own IT service Enabled scenario IT service provider (e.g. a bank) integrates risk repository in its own service; PISA client is offered through a web interface to end-users; End user runs assurance provider on its own devices. 3 Juli 2013 Cybersecurity Veldraadpleging 6

Partners KPN SBIR project Personal trust Agent/Personal trust center. Protection of teleworkers. XS4all Field testing 3 Juli 2013 Cybersecurity Veldraadpleging 7

User group CSC (o.a. security consultancy) Complions (o.a. security consultancy) Intermedion (consultancy) IT United Cap Gemini (still need a bank) Two user group meetings per year Case study sites 3 Juli 2013 Cybersecurity Veldraadpleging 8

Research goal 1 Tool development (with KPN) Requirements (KPN, User group, current prototype) Development & test infrastructure (KPN) Initial design & prototype, test on small scale (UT, KPN, user group) Test security of PISA Second prototype, small field test (XS4all 30 subjects) Third prototype, large field test (XS4all, 30 + 30 subjects) 3 Juli 2013 Cybersecurity Veldraadpleging 9

Research goal 2 Risk repository Develop a risk ontology Build initial risk repository (KPN, User group) Design and test ways to maintain risk repository 3 Juli 2013 Cybersecurity Veldraadpleging 10

Research goal 3 Design and test persuasive user interface Use risk visualization techniques Use persuasion techniques Use adaptation techniques 3 Juli 2013 Cybersecurity Veldraadpleging 11

Business models Different scenarios come with different business models Develop these models Follow up the project with valorisation 3 Juli 2013 Cybersecurity Veldraadpleging 12

Ervaringen bij projectvoorbereiding Match met KPN bij matchmaking bijeenkomst: Zelfde ideeën over IT beveiliging; persoonlijke match met Haydar Cimen (KPN) Echter: success rate 1:100? Champion in KPN KPN heeft een gerelateerd SBIR project met als doelgroep telewerkers; andere technologie. Koppeling LTR SBIR is toevallig; niet eisen in een call for proposals. Als hij er is, geeft hij veel meerwaarde; kruisbestuiving Motivatie KPN: Aanvulling eigen SBIR project; PISA output is mogelijk nuttig. Exposure van KPN aan interessante jonge mensen en ideeën Interessantere onderzoeks-werkomgeving voor KPN medewerkers; medewerkers uitdagen kennis op peil te houden. 3 Juli 2013 Cybersecurity Veldraadpleging 13

Thank you! 3 Juli 2013 Cybersecurity Veldraadpleging 14

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information