Promising models for personal data management (PDM), such as the MyData model that advocates giving individuals total control over their personal data, do not address common challenges of SMEs/MEs in terms of reducing the complexity of features of PDM systems, as well as define standardized technological terminologies and practices to allow free flow of data under individuals’ control.
SENTINEL helps position SMEs/MEs as key players in the emerging personal data management ecosystem through SENTINEL’s Identity Management system that settles compliance and security issues, allowing SMEs to seamlessly interface with the platform for managing and processing personal information and data.
Currently, GDPR compliance assessment toolkits rely heavily on manual activities, while only assessment exerts - assessors – are authorised to use these tools.
SENTINEL capitalises on existing assessment frameworks brought by the consortium partners to deliver a complete compliance framework to be offered in a Software-as-a-Service offering, emphasising simplicity and automation, and minimising the need for costly training and external consulting and assessment by third parties.
SMEs have been widely been neglected by cyber range providers as often the service provision is more costly, and trainings need to be repeated more often to be economically viable.
SENTINEL’s real-time cyber range training services focus on the easier and usable training service provision for SMEs, providing: (i) decision support algorithm and implementation for the cybersecurity training self-assessment of SMEs, (ii) a usable graphical interface for the SME real-time cyber range training service and (iii) an evaluation software component for monitoring the cyber training scenario events and event triggers.
Traditional Security Requirements Engineering (SRE) methodologies (risk- or goal-oriented) do not focus on in-house security mechanism specification, thus there is increased need for a new SRE metaphor that will enable the mapping of business security requirements onto external or internal service provision.
The project deploys an extension of the eCORE method – the SCORE method, addressing two objectives: (i) identify the challenges and needs for data privacy and compliance processes in SMEs/MEs, (ii) use it as the generic requirements engineering methodology, specifically targeting SMEs/MEs to address their specific needs and capabilities in the most efficient and effective manner through the SENTINEL framework.