The C3ISP project aims at creating an efficient and flexible framework for secure data analytics where data access and data analytics operations are regulated by data sharing agreements. The considered dimensions to reach the goal are:
- to facilitate the definition, analysis, management, enforcement and dissolution of data sharing agreements ; going from high level descriptions (close to natural language) to system-enforceable data usage policies;
- to select the most appropriate data protection techniques used in the analytics infrastructure, from data centric policy enforcement mechanisms, through anonymization techniques, to homomorphic encryption techniques allowing analytical operations to be performed on encrypted data;
- to address key challenges for compliant cyber-security related information sharing for cyber security. By taking a “compliance by design” approach, the project places an early emphasis on understanding and incorporating regulatory requirements into the data sharing agreements;
- to validate the framework by means of a series of four Pilots covering respectively enterprise security, national CERTs, Internet Service Providers (ISPs) and in particular for SMEs interested in a holistic cyber-protection framework (including managed security services).
The project Consortium combines strong industry players with research institutions that will deliver highquality innovation; it also includes SMEs and governmental end-users.