This objective aims at providing the PP computation technologies of the ENCRYPT platform. More specifically, ENCRYPT will enhance already established PP technologies improving their scalability, practicality, performance, and applicability to GDPR-compliant federated processing of personal data. To this end, ENCRYPT will focus on Trusted Execution Environment (TEE), Full Homomorphic Encryption (FHE), Differential Privacy (DP), Secure Multi-Party Computation (SMPC), supporting different levels of privacy protection depending on the sensitivity of data to be processed, and according to GDPR. Furthermore, a GPU acceleration module will facilitate the automated, user-agnostic deployment of PP technologies over GPUs, significantly improving their performance and scalability. Finally, a data pre-processing module will ensure data are in an appropriate format for the application of PP techniques.
This objective aims at facilitating service-providers, end-users, and other relevant actors in easily understanding and assessing the level of privacy required for the type of data they want to process or provide access to, according to GDPR and other relevant EU regulations, and also the level of privacy offered by data-processing services. To this end, ENCRYPT will build upon existing frameworks for Data Protection Impact Assessment (e.g. the CNIL Privacy Impact Assessment open source software, ENISA Handbook for securing personal data processing4) and guidance from supervisory authorities (such as the Article 29 Data Protection Working Party Guidelines on DPIA for processing likely to result in high risk5) to build a recommendation engine for all relevant stakeholders, including industry, service providers and data subjects. This AI-based recommendation engine will take into account end-user characteristics such as the affinity for technology and cybersecurity of data subjects, the economic resources of service providers and industry players and user needs in order to provide recommendations on the type, configuration, and deployment of PP technologies in an intelligible for each group way. To reach a wider adoption and to promote an easier usage, a co-creation approach (described in Section 1.3.1) will be facilitated for the design of the recommendation system.
The aim of this objective is to develop standardised semantic representations (ontologies) by promoting virtual data spaces for reliable data exchange among different entities, supporting the annotation, sharing, integration and reuse of data and information. In particular, ENCRYPT will be enriched with a knowledge representation and interlinking layer (ENCRYPT Knowledge Graphs (EKG)) towards interoperability and knowledge reuse ensuring that data generated by different organisations is unambiguously accessible and processable across different domains and stakeholders. This layer will support the standardised capturing of organisational contexts, security and privacy requirements, personal data and profiles, as well as the matching between different data sets and privacy-protecting options, aiming at building semantically rich and interlinked knowledge graphs with generic and sector-pertinent situational contexts.
The aim of this objective is to diffuse project results towards GDPR-compliant computations in European Data Spaces, and cyberthreat intelligence applications. To this end, liaison activities with projects funded in the HORIZON-CL4-2021-DATA-01-03, HORIZON-CL3-2021-CS-01-01 and CS-01-03, and HORIZON-CL3-2021- CARE-05-02 topics will be scheduled early in the project and will span along the whole duration of the project, starting with the elicitation and alignment of user requirements and concluding with common validation campaigns. Specifically for the case of the common European Data Spaces, besides specific communication messages related to their promotion, ENCRYPT commits to also focus on standardisation, and policy feedback activities during and after the end of the project, aiming to maximise impact in this area.
This objective aims to ensure and validate the applicability of the ENCRYPT platform in a diverse set of use cases. More specifically, ENCRYPT will involve end-users throughout the project, ensuring that they remain at the very centre of the R&I lifecycle. During the design phase, we will organise workshops and employ the design thinking methodology to capture user needs, while during the evaluation phase technology providers and end-users will covalidate the developed solutions. For the validation, we will follow a 3-phase approach via which several KPIs related to performance, scalability, user-friendliness, interoperability with existing infrastructure, support for different data types, will be evaluated. During the 1st phase, in lab testing and evaluation will assess metrics related to scalability, efficiency, and accuracy, comparing also ENCRYPT solutions against the current state of the art. During this phase, a federated testbed with synthetic data will be created by technical partners, and will be used as a first validation test for privacy-preserving federated computations. During the 2nd phase, three use cases will be deployed by partners involved in the ENCRYPT consortium, to validate different technologies in relevant scenarios, and evaluate metrics related to the applicability of the ENCRYPT platform in different types of data across different sectors. The first use case is related to the processing of sensitive health data, the second use case is related to the privacy-preserving processing of CTI, and the third one involves processing of financial data. These use cases will also involve cross border processing of data. During the 3rd phase, the ENCRYPT solution will be validated in external use cases, validating its user-friendliness and applicability. More specifically, ENCRYPT will be validated in MIRACUM6, an initiative of university hospitals/universities across 10 locations throughout Germany collecting and exchanging medical data stored in federated databases. As mentioned earlier, similar agreements with projects funded under the HORIZON-CL3-2021-CS-01-01 and CS-01-03, HORIZON-CL4-2021-DATA-01-03, and HORIZON-CL3-2021-CARE-05-02 calls will be sought after as soon as the project starts. Based on the validation campaign results, the consortium will seek to sign MoUs with stakeholders in the cybersecurity, health, and finance sectors for future demonstrations and potential uptake of the ENCRYPT platform and solutions.
The aim of this objective is twofold: i) to disseminate project results to developers and researchers, providing them with access to ENCRYPT solutions, and organizing workshops and hackathons via which the relevant audience will be able to test the ENCRYPT solutions, and ii) to ensure, and measure throughout the project, the upskilling of researchers involved in the project. The consortium commits to provide FAIR access to datasets created within the project. Furthermore, researchers and developers will be provided with remote access to the ENCRYPT testbed and the IPR-protected solutions, so that they are able to evaluate them with their own datasets.