loading
Documents

Research.Publish.Connect.

Paper

Authors: Majid Mollaeefar 1 ; Alberto Siena 2 and Silvio Ranise 2

Affiliations: 1 Security and Trust, Fondazione Bruno Kessler, Trento, Italy, DIBRIS, University of Genova, Genova, Italy ; 2 Security and Trust, Fondazione Bruno Kessler, Trento, Italy

ISBN: 978-989-758-446-6

Keyword(s): Cybersecurity, GDPR, Multi-Stakeholder Risk Assessment, Security and Privacy, Quantitative Risk Assessment.

Abstract: To ensure the effectiveness of the adopted security measures and minimize the impact of security issues on the rights and freedom of individuals, the General Data Protection Regulation (GDPR) requires to carry out a Data Processing Impact Assessment (DPIA). Such an assessment differs from traditional risk analyses in which the actor carrying out the evaluation is also the one interested in reducing its risk. Conflicts may thus arise between the need of protecting data subjects rights and organizations that shall provide adequate security measures while struggling with various types of constraints (e.g., budget). To alleviate this problem, we introduce the Multi-Stakeholder Risk Trade-off Analysis Problem, (MSRToAP) and propose an automated technique to solve their instances. We then show how this can help data controllers make more informed decisions about which security mechanisms allow for a better trade-off between their requirements and those of the data subjects. For concreteness , we illustrate the proposed on a simple yet realistic use case scenario. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.238.8.102

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Mollaeefar, M.; Siena, A. and Ranise, S. (2020). Multi-Stakeholder Cybersecurity Risk Assessment for Data Protection.In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT, ISBN 978-989-758-446-6, pages 349-356. DOI: 10.5220/0009822703490356

@conference{secrypt20,
author={Majid Mollaeefar. and Alberto Siena. and Silvio Ranise.},
title={Multi-Stakeholder Cybersecurity Risk Assessment for Data Protection},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,},
year={2020},
pages={349-356},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009822703490356},
isbn={978-989-758-446-6},
}

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,
TI - Multi-Stakeholder Cybersecurity Risk Assessment for Data Protection
SN - 978-989-758-446-6
AU - Mollaeefar, M.
AU - Siena, A.
AU - Ranise, S.
PY - 2020
SP - 349
EP - 356
DO - 10.5220/0009822703490356

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.