Privacy and Identity Management for Community Services
Funded by the EU FP7 under the grant agreement FP7 215056 (FP7-ICT-2007-1-215056)
Privacy and Identity Management for Community Services (PICOS) is an international research project focused on mobile communities. The PICOS consortium consists of eleven partners from seven different countries, supported by the EU as a part of the Trust & Security Group within the 7th Research Framework Programme. The objective of PICOS is to develop and build a state-of-the-art platform for providing the trust, privacy, and identity management aspects of social community services and applications on the Internet and in mobile communication networks.
The task of NICS in PICOS is to provide the required trust and privacy assurance to the project by ensuring that the PICOS platform architecture and design achievements, as well as the prototypes developments of the project, are accurate and consistent with the trust and privacy technical objectives planned. Through proactive measures, potential problems in different stages of the project should be anticipated by the verification and validation of the results obtained at each stage.
To this end, NICS developed a methodology  that facilitates an integration of security engineering and security assurance with the aid of the notion of assurance case, and in which the assurance case is created in step with system development. The ambition was to develop a methodology for building and maintaining security cases throughout the system development life cycle in a typical system engineering effort, when much of the information relevant for assurance is produced and feedback can be provided to system developers.
- "A methodology for security assurance-driven system development",
Requirements Engineering, vol. 16, no. 1, Springer, pp. 55-73, Mar 2011. DOI (I.F.: 0.971)
In this work, we introduce an assurance methodology that integrates assurance case creation with system development. It has been developed in order to provide trust and privacy assurance to the evolving European project PICOS (Privacy and Identity Management for Community Services), an international research project focused on mobile communities and community-supporting services, with special emphasis on aspects such as privacy, trust, and identity management. The leading force behind the approach is the ambition to develop a methodology for building and maintaining security cases throughout the system development life cycle in a typical system engineering effort, when much of the information relevant for assurance is produced and feedback can be provided to system developers. The first results of the application of the methodology to the development of the PICOS platform are presented.Impact Factor: 0.971Journal Citation Reports® Science Edition (Thomson Reuters, 2011)