Additional Information on the Tracks and Trusted Cloud Platform Components
TRACK 1: Data Connectors and Data Exploitation on Personal Data Store
- Personal and business applications exploiting personal data in privacy-preserving context
- Connectors for securing personal data sets in personal clouds
The scope is to seek and promote the development of products and/or services that take advantage of personal data. These applications must be compliant with the My Data Store architectural framework which implements a privacy preserving personal data management paradigm that allows individuals to control the type of data to be collected in a personal and private storage space (named Personal Data Store - PDS), exploited (e.g., disclosing them to applications) and shared with other individuals. The scope of the call is:
- Personal and business applications exploiting personal data in privacy-preserving context: novel applications for individuals and/or organizations exploiting the personal data stored in PDSs. Applications for individuals to improve the quality of life (e.g., control of the personal expenditure, quantified-self applications, time optimization, smart living, social comparison) or enable some economic benefits (e.g., discounts, gifts). Applications for organizations can leverage the Personal Data stored in PDS to gain a deeper understanding of people's needs and behaviour, either as single individual or as communities; moreover, these applications could increase the stickiness of organizations' customers, offering them appealing applications, accessing data respecting people privacy a trusted way.
- Connectors for securing personal data sets in personal clouds: enabling the automatic collection of personal information of an individual from external data sources (e.g., private organizations, public organizations, personal devices, sensors, online services) into her/his Personal Data Store; these applications must guarantee the integration of the APIs of the data sources and the Personal Data Store.
The trusted APIs manage the Personal Data interacting with PDS: individuals are able to control the Personal Data accessed by applications and their usage; applications offered to organizations are able to elaborate Personal Data in PDS, according to the rules defined by Individuals. Moreover, these applications cannot copy, store and manage Personal Data except for the declared purposes.
My Data Store is a Personal Data Store platform (PDS) which is able to manage heterogeneous Personal Data, about one specific individual. Possible examples are:
- Data collection sensors on mobile personal devices such as smartphones or tablets (e.g. locations by GPS sensors, social interactions or traditional calls, movements/activity patterns detected by the accelerometer, proximity records via Bluetooth);
- Data generated or collected by generic mobile apps (e.g. games, instant messaging applications, ad-hoc applications such as personal expenses manager) or specific application exploiting the new generation devices (e.g. NFC payments, etc.);
- Data collected from connected devices, such as sensors connected to the smartphone (e.g. environmental sensors, wearable sensors, etc.), or directly connected/transmitting to the collecting platform (smart objects in the IoT approach);
- Data gathered from online services (e.g. content publically published by the individual on social networks, such as tweets or others)
- Data gathered from organizations about their customers/users to whom they offer services (e.g. network operators, service/utility providers, retailers, etc.).
My Data Store aims to provide a framework for Trusted Personal Data management, built around the role of My Data Store, as far as any other PDS. The architecture supports developers in building trusted and transparent applications compliant with a user-centric personal data management model.
The My Data Store framework provides a set of APIs for accessing the users' personal data in a compliant way with their disclosure preference (based on the data type, the periods, the quantity, the anonymisation/ aggregation level, the application/services, requiring the information).
My Data Store is a Web portal with controlled access that makes available to granted users a set of tools for managing their data. The My Data Store design focuses on three drivers: empowering people to take full control over the life-cycle of their data, improving their awareness of the data and enabling the exploitation and use of their personal data. The design simplifies the user experience by providing people with a limited, but clear and powerful set of capabilities.
My Data Store offers a number of Data Management features:
- Collection Area: in the Collection Area users can choose how data types are collected and stored. Users then have a complete set of controls for tuning the settings that best fit their privacy concerns, exploitation or usage;
- Sharing Area: users can set the disclosure level of the collected data by granting different levels of access;
- Deletion Area: users can delete single records or all the data collected in a specific type and time interval.
My Data Store is extensively used in the Mobile Territorial Lab (MTL, www.mobileterritoriallab.eu), a long-term living lab engaging a real community (involving about 150 individuals, parents in young families): the participants of MTL collect, manage and use their personal data while they live their daily life, e.g., by interacting and performing digital activities through their smartphones, and by using ad-hoc designed applications exploiting their data. Participants to MTL are provided with a smartphone and access to My Data Store where they manage their personal data, continuously and passively collected in independent user silos. The data automatically sensed consist of: i) call and SMS logs, ii) proximity data scanning near-by devices, iii) locations from GPS and WiFi. Additional personal data such as mood and expenses of the participants is collected through experience sampling methods by means of ad-hoc applications. MTL participants collect also meteorological data and the air-quality in their surroundings (e.g. CO and other gas levels) by geo-referencing the values measured by an environmental sensor connected to their smartphone.
My Data Store will be experimented in a real "business" context (a maximum of 200 individuals), where one commercial partner (a big Italian retailer) will enrich the data eco-system by filling the user space with details of purchases of users using their fidelity card. This enables both the user to have value added services, including awareness of their expenses and empowering them with a recommendation system supporting their purchase choice, and enable the retailer to improve its affiliation with customers and create more business scenarios.
TRACK 2: Trusted Cloud Solutions
- Secure Cloud based applications with sensitivities to data leaks and integrity and/or applications which are intensive in processing and hosting requirements
- Multi-cloud applications i.e. applications that can benefit by having multiple cloud providers
Global Trusted Cloud Co-Innovation Platform provides a cloud enterprise service or application store, - enabling SMEs to "on-board" publish and re-sell their applications, to protect them with various cloud security services and to deploy, host and manage their applications and data on the platform’s Cloud Compute Infrastructure, other public clouds, private clouds and hybrids.
Cloud security capabilities can protect and govern data and applications using security services that work across multiple cloud platforms & providers. These "horizontal" services can also be provided by our SME partners. If an SME has a novel "killer" capability - e.g. network, optimisation, security, cloud analytics, it can be offered as a new "horizontal" capability as an off-the-shelf solution across multiple clouds.
Cloud Compute Infrastructure provides a cloud Infrastructure as a Service with advanced automation and self-management capabilities that enables SMEs to host their applications and take advantage of various value adding trusted cloud services
The Intelligent Protection Cloud Service Store Edition is a cloud security service designed and developed to address SME needs for protecting virtual servers and hosted applications on cloud infrastructures against malware, intrusions, data leaks and cyber-attacks. The novelty of this service centres around offering security and protection of hosted systems, application and data as a value-added service (multi-tenant security SaaS) while enforcement is delivered via the cloud infrastructure, with minimal integration overhead. Users of the Cloud Service Store edition further benefit from "click-to-buy" for cloud-based security services and "click-to-build" for secure applications. This incorporates security management and business intelligence innovations enabling the automatic inclusion of security controls into the deployment and management of applications and data on internal and public clouds.
Secure Cloud Storage - Service Store Edition is a cloud security service that provides data protection for public and private clouds and other virtualization platforms. It allows SMEs to protect and control their confidential and sensitive information with a user-friendly, volume-level encryption service that keeps their data private, and helps meet their regulatory compliance requirements.
Secure Cloud Storage offers SMEs policy-based key and data management. It uses identity and integrity-based policy enforcement to ensure only authorized virtual machines receive keys and access secure volumes, and it can specify location and time constraints on access to the encrypted data. Secure Cloud Storage:
- Integrates easily into existing cloud infrastructure;
- Ensures customers comply with data protection in a cloud environment;
- Provides encrypted cloud storage ‘as a service’;
- Puts the customer in control of connection, protection and access to secure storage;
- Provides detailed reporting and alerting features with incident-based and interval-based notifications.
Our partners can also act as a Virtual Cloud Service Provider and bundle customised enterprise cloud application catalogues, policies, and infrastructure for a specific "vertical" market - effectively customising and reselling a tailored mix of IT services and infrastructure that suits the needs of their clients.
Content Cloud platform has been designed for partners who want to offer their customer base a secure content cloud solution to store, consume, share, find and organize their content across various devices and computers. The Content Cloud platform is built to support a wide range of Operating Systems, and it is a highly reliable, scalable, and securely hosted platform service built on F-Secure’s long-term expertise in the field of security and privacy. The Content Cloud provides the foundation for storing customer data to the cloud, offering an API that allows you to develop your own applications on, or integrate to other systems. You have freedom to provide customized user interfaces and user experience for your customers - within the scope of the API features. The API provides functionality for
- Object storage, synchronization and content-related services
- User authentication services
- Security features, such as encryption and malware scanning
- Service provisioning functionality
The API layer provides you with well-known technologies and protocols, for example OAuth 2.0 and REST API. Content Cloud also offers interfaces that are required for integrating to provisioning and billing systems. F-Secure offers the Content Cloud platform infrastructure and hosting as a service. This means that the company operates and maintains the full platform (including the required infrastructure) for you according to the service level agreement.
Younited has been developed for consumers and SMB customers on top of the Content Cloud and is available for use. Younited is everything that users need for a content-centric online storage, share and sync solution in one compelling package. Users can access, consume and share their content from any device at any time as well as create group space storage areas that can be used also by others not only to consume content but also to create new content or edit the content already residing in the group space.
TRACK 3: Data Science Experiment
This track is targeted to the implementation of "data experiment" activities where SMEs create a solution related to private and open marine traffic data. Examples of solutions and types of applications to be addressed are:
- Suspicious boat trajectory detection, in order to maximize the efficiency of boat controls that are currently made randomly
- Prediction of boat trip duration to detect anomalous durations
- Boat trajectory classification in order to discriminate as finely as possible boat activities according to their behaviours (e.g. identifying the types of fish a fishing boat is chasing)
Available datasets are:
- AIS (Automatic Identification System) data on the South East Asia area collected over a 6-month period (18 million data points); all boats above a given size are legally required to have an AIS transmitter on-board that has an ID which uniquely identifies the boat
- MMSI (ID of the AIS device) - correlated with Lloyds open dataset to find the IMO number (boat identifier)
- Geolocation: latitude, longitude
Boat local trajectory: speed, heading, rate of turn