Security Group TU/e

Collaboration: TU/e, Philips, and AMC
Funded by: NWO/Cyber Security
Duration: October 2013 until March 2018
Contact: Nicola Zannone

The protection of electronic data which are increasingly generated and used in our society (e.g., electronic health records, financial data, demographic data used in eGoverment) is a serious and urgent issue nowadays. This project aims to develop the foundations of a novel approach that allows users to control their data and enables organizations to comply with users' policies and legal requirements. This will be achieved by defining:

1. a user-centric system in which users can specify the policies that regulate the access/usage of their data and in which they are aware of the consequences and risks of the specified policies in terms of security, privacy and accountability;
2. cryptographic protocols that keep data persistently encrypted, while still ensuring data availability;
3. methods for infringement identification and management;
4. methods for the identification of risk indicators from historical data stored in event logs and a policy learning mechanism for policy refinement.

• Project website
• ResearchGate

• Mahdi Alizadeh
• Milan Petkovic
• Nicola Zannone