This shows you the differences between two versions of the page.
pleak [2018/04/20 00:21] admin created |
pleak [2019/10/01 13:53] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | The PLEAK tool is designed to support the analysis of private data flows in enterprise business pro- | ||
- | cesses (BP) and programs. PLEAK can be used by BP analysts, developers and maintainers in order to | ||
- | understand the privacy implications of the business processes used or planned by their organizations or | ||
- | customers. | ||
- | PLEAK will improve the general state of the art of privacy by simplifying the risk analysis and | ||
- | impact assessment of privacy leak in today’s systems. Most IT architects or analysts are not experts in | ||
- | information security and cannot judge the technical risks related to using security technologies. PLEAK | ||
- | provides them with a tool that they can use to describe their system by its private data elements, stake- | ||
- | holders, business processes and, optionally, data analysis algorithms. Once this is done, PLEAK will | ||
- | show how private data flows through a system, who does it leak to and to what extent does it leak. This | ||
- | will significantly expand the number of people who can argue that a system is built with insufficient | ||
- | privacy. | ||
- | |||
- | Furthermore, PLEAK will provide a library of Privacy Enhancing Technologies (PETs) that can be | ||
- | included in the models. Once the models contain the PETs, PLEAK’s analysis will take that into account | ||
- | and show reduced leakage accordingly. As every security technology has assumptions under which they | ||
- | work in, PLEAK will also collect these assumptions and present them so they can be validated. | ||
- | In addition to a cryptographic privacy analysis, PLEAK will also provide a differentially private | ||
- | analysis that will be more granular in analyzing the leakage of private data to possibly unauthorized par- | ||
- | ties. Furthermore, the NAPLES project will also strive towards the synthesis of better business processes | ||
- | by suggesting PETs. | ||
- | |||
- | A critical sub-goal of PLEAK is to be usable to a wide range of users. Thus, PLEAK is built on | ||
- | popular tools such as the BPMN (Business Process Model Notation) language. BPMN is popular among | ||
- | process and systems analysts and by extending it, we will immediately target a much wider range of users | ||
- | than we could address by building a custom language. |