D7.2 Progress report for security and privacy by design guidelines

Contributing Partners

ATOS, ETRA, LISPA

Executive Summary

This report is the second deliverable of the task T7.1 Security and Privacy by design. This task defines the translation of privacy principles as outlined in data protection legal frameworks into privacy targets which could then be ranked and categorized to determine the design priorities. During the previous phases of this task a complete Privacy and Security report, result of the appliance of the PRIPARE Methodology Handbook1, was delivered. The D7.1 Progress report for security and privacy by design guidelines covers the whole process of the software production, from the earliest stages of the development: requirements elicitation, until the latest ones, such as: release, maintenance and decommission.
Then this deliverable evaluates if the final pilots implemented on PRISMALCOUD project complies with the recommendations given on the previous deliverable of this task, D7.1 Progress report for security and privacy by design guidelines.
In order to do so, a detailed analysis of the compliance of the privacy principles (legal and functional) have been studied. The study verifies that the final components of each use case achieve successfully the compliance of the different privacy and security controls.
This document is designed to be read by privacy and security managers, privacy and security operations managers, privacy and security engineers and, last but not least, the developers. It defines the essentials to verify that all privacy and security controls and measurements have been applied correctly.