The City of the Future Living Lab Sauro Vicini

Similar documents
Standards and privacy engineering ISO, OASIS, PRIPARE and Other Important Developments

Research Goal 22/03/17. BERGAMO2035_A NEW URBAN CONCEPT. A model for mid-size european cities. Fulvio Adobati Sergio Cavalieri Matteo Kalchschmidt

Privacy Management in Smart Cities

Systematic Identification of Information Flows from Requirements to support Privacy Impact Assessments

Transferability of Data-Related Roles and Competencies

Data Protection and Ethics in Healthcare

CyPhers Project: Main Results

The NGI vision. Silvana Muscella BUSINESS, CAREER & FUNDING OPPORTUNITIES, W HILE DEVELOPING A HUMA N-CENTRIC INTERNET 27 MARCH MILAN, ITALY

Health Technology Assessment (HTA): A Primer for Procurement Professionals

(Fig.) JPMA Industry Vision 2025

INSPIRE FOSTERING INNOVATION? SUGGESTION ON A LIVING LAB APPROACH

Foresight for policy-making

EU Research Integrity Initiative

IEEE Smart Cities Initiative

Good afternoon. Under the title of Trust and Co-creation in the Digital Era, I would like to explain our research and development strategy.

Global Alliance for Genomics & Health Data Sharing Lexicon

Future of Cities. Harvard GSD. Smart[er] Citizens Bergamo University

USTGlobal. Internet of Medical Things (IoMT) Connecting Healthcare for a Better Tomorrow

The new deal of data in the data-driven person centric-care

BYTE: 4 th GEOSS Science &Technology Stakeholder Workshop Norfolk (VA), USA March Lorenzo Bigagli

HDR UK & Digital Innovation Hubs Introduction. 22 nd November 2018

THE METHODOLOGY: STATUS AND OBJECTIVES THE PILOT PROJECT B

HealthTech: What does it mean for compliance?

Privacy, Technology and Economics in the 5G Environment

Understanding STPA-Sec Through a Simple Roller Coaster Example

Roadmap Pitch: Road2CPS - Roadmapping Project Platforms4CPS Roadmap Workshop

Our Corporate Strategy Digital

L2: Needs iden+fica+on

Data users and data producers interaction: the Web-COSI project experience

Responsible Data Use Policy Framework

Dear Prof Morelli, 1. Structure of the Network. Place: Att:

Fujitsu Laboratories Advanced Technology Symposium 2018

BATTELLE AND THE SMART CITY. Turning vision into reality for tomorrow s urban environments.

Digital transformation in the Catalan public administrations

A guide to ICT-related activities in WP

New employment opportuni/es in the context of digitaliza/on: The case of Greece ARTEMIS SAITAKIS DIRECTOR, SCIENCE & TECHNOLOGY PARK OF CRETE

A Pattern Catalog for GDPR Compliant Data Protection

Provide input and learn more about the study at

Authors Heidi Gautschi Alexandre Raynaud Damien Vossion Michael Wade. Digital Patient Engagement. Insights for the Pharmaceutical Industry

HARNESSING TECHNOLOGY

SENIOR CITIZENS ARE RIDING THE DIGITAL HEALTH WAVE

Roadmap for machine learning

Integrated Transformational and Open City Governance Rome May

Robert Bond Partner, Commercial/IP/IT

Implementation of Systems Medicine across Europe

An Introduction to a Taxonomy of Information Privacy in Collaborative Environments

Mr. Francisco Buján Senior Innovation & Technology Consultant, CARSA WATIFY Team

Notice of Privacy Practices

Non-ferrous metals manufacturing industry: vision for the future and actions needed

Ethics Guideline for the Intelligent Information Society

Ethical Governance Framework

Introducing Foresight Alliance

Playware Research Methodological Considerations

Emerging Ethics and Responsible Innovation in IT. Bernd Carsten Stahl

President Barack Obama The White House Washington, DC June 19, Dear Mr. President,

g~:~: P Holdren ~\k, rjj/1~

Metrology at NRC Canada:

Innovation in and with ICT

A Profile-based Trust Management Scheme for Ubiquitous Healthcare Environment

Human factors and design in future health care

Response to the Western Australian Government Sustainable Health Review

SCALABLE DESIGNS AND BEST- PRACTICE ENERGISE LIVING LABS FOR EUROPEAN ENERGY CULTURES

SUCCESSFULLY IMPLEMENTING TRANSFORMATIONAL TECHNOLOGY IN HOSPITALS AND HEALTH SYSTEMS

Social Media Intelligence in Practice: The NEREUS Experimental Platform. Dimitris Gritzalis & Vasilis Stavrou June 2015

Artificial Intelligence and Society: the Challenges Ahead Yuko Harayama Executive Member Council for Science, Technology and Innovation (CSTI)

Analysing Megatrends to Better shape the future of Tourism

Enabling ICT for. development

Department of Computer Science University of Cyprus Professor George A. Papadopoulos (SEIT Lab Director)

Joe Gorman Project Coordinator SINTEF ICT, Trondheim, Norway

e-care Living Lab - 5 avenue du Grand Sablon La Tronche - FRANCE Tel: +33 (0)

Please send your responses by to: This consultation closes on Friday, 8 April 2016.

PRESIDENT S FORUM NOVEMBER 7, 2013

Our position. ICDPPC declaration on ethics and data protection in artificial intelligence

Spurring Big Data-Driven Innovation and Promoting Responsible Data Governance in a Privacy-Centred Europe

To the Front Lines of Digital Transformation

Knowledge Sharing for Advancing EGOV Research, Policy and Practice

IEEE IoT Vertical and Topical Summit - Anchorage September 18th-20th, 2017 Anchorage, Alaska. Call for Participation and Proposals

Inventor-Driven Product Development

Computational Reproducibility in Medical Research:

LEVEL 1 TRAINING. New Pa3ent Confirma3on Call & Check-In with Melissa Marley CONFIRMATION PHONE CALL CONFIRMATION PHONE CALL

UN-GGIM Future Trends in Geospatial Information Management 1

SMART CITY: A SURVEY

Applying Privacy by Design in Software Engineering - An European Perspective

REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL. on the evaluation of Europeana and the way forward. {SWD(2018) 398 final}

Development and Integration of Artificial Intelligence Technologies for Innovation Acceleration

Privacy Postures of Authen2ca2on Technologies

Research and Innovation in the Defense Health Agency

Framework Programme 7

CASI-F: a common framework for the assessment and management of sustainable innovation

Program Automotive Security and Privacy

25 th Workshop of the EURORDIS Round Table of Companies (ERTC)

IEEE SmartAg Ini-a-ve: Technology applied to the food supply chain John Verboncoeur, Chair IEEE SmartAg Ini>a>ve Michigan State University

Digital Applications for Smart / Intelligent Cities

Special Eurobarometer 460. Summary. Attitudes towards the impact of digitisation and automation on daily life

Consumers International

A Proposed Probabilistic Model for Risk Forecasting in Small Health Informatics Projects

Advances and Perspectives in Health Information Standards

Community Control and Compensa1on:

Blue NET Mari%me Clusters Network for Blue Growth EASME/EMFF/2015/ /01/SI

Guidance on the anonymisation of clinical reports for the purpose of publication in accordance with policy 0070

Transcription:

The City of the Future Living Lab Sauro Vicini CTO @ eservices for Life and Health San Raffaele Hospital Istanbul 2015

San Raffaele Hospital & Science Park in Milan Sauro Vicini All Rights Reserved

San Raffaele Hospital s Science Park & The City of the Future Living Lab

The City of the Future Living Lab A lab where tomorrow s technologies and services are conceived, designed, developed, experimented and evaluated with users ac9ve par9cipa9on. In such a fer9le se=ng, research in bought out of tradi8onal laboratory contexts and populates an ecosystem that grows and evolves day a?er day, offering future- looking experiences

A Living Lab for (Healthy) Living Services Accenture s Report on Living Services available at hfps://www.accenture.com/us- en/insight- living- services- from- accenture- digital.aspx

A Living Lab for Living Services Trusted Cloud Smart Hospital Smart City

The City of the Future Living Lab Research Misconduct

The Co-Creation Process Vicini, S., Bellini, S., & Sanna, A. (2013). User- Driven Service Innova9on in a Smarter City Living Lab. Interna9onal Conference on Service Sciences (ICSS) (p. 254-259). Shenzhen: IEEE.

City of the Future Living Lab The Co-Creation Process Co-Design

City of the Future Living Lab The Co-Creation Process Implementation

City of the Future Living Lab The Co-Creation Process Experimentation

City of the Future Living Lab The Co-Creation Process Experimentation

City of the Future Living Lab The Co-Creation Process Evaluation

The City of the Future Living Lab Our Strenghts Big and crowded Playground Knowledge and competences easy to reach Strong scien9fic background Real mul9- disciplinary research group Rigouros research methodology

The City of the Future Living Lab Our Strengths Big and crowded Playground 32.000 sqm, 25.000 visitors daily Knowledge and competences easy to reach especially in the health and wellbeing sector Strong scien9fic background Top ranked scien9fic ins9tute Real mul9- disciplinary research group Designers, Engineers, Psycologist, Sociologist, Lawyer, Philosophe, Rigourous research methodology coming from tradi9onal research & scien9fic trial

Enhancing Co-Creation with Privacy and Security-byDesign methodologies Sauro Vicini

Acknoledgments Online Privacy Enforcement, Right Assurance & Optimization PRIvacy and Security MAintaining Services in the CLOUD empowering privacy and security in non-trusted environments Trustworthy Clouds - Privacy and Resilience for Internetscale Critical Infrastructure Managing Assurance, Security and Trust for services Personalized Information Platform for Life and Health Services Privacy and Identity Management for Europe 17

The Co-Creation Process

The City of the Future Living Lab Ethics and Privacy

The Co-Creation Process (Co-Design)

Ethics, Privacy & Security by Design Derived from results Scenario Defini9on Input Data Iden9fica9on Stakeholders' Goals and Data of interests Analysis Threats and Feared Events Inves9ga9on Co- Design tools Interviews SOTA inves9ga9on List of relevant data- types handled in the system Stakeholders ' Goals table (Table) Feared Events table (Table) 1 Day Workshop Exper9se you need (7 people + Moderator): Technical (PETs) Service Design Law Ethics 3 End- user / Domain expert

Ethics, Privacy & Security by Design Scenario defini6on This phase targets the defini9on of the applica9on scenario. During this phase, stakeholders will be iden9fied via an incremental process: as the scenario is generated and enriched of details, new stakeholders may appear. A prac9cal tool widely adopted in the Co- Crea9on methodology to achieve this goal is the interview. As widely known, interviews do not follow strict templates and have to be adapted case by case (see, e.g., (S9ckdorn & Schneider, 2012; Fox, 2009)). In this phase, the interviews have to target the elicita9on of the so- called needs and pain- points of the users, i.e., highlight the missing services and those services which need a substan9al re- design. Despite the interviews are very effec9ve tools for elici9ng the end- users requirements, other co- crea9on tools (like focus- groups, workshops, brainstorming sessions, etc.) can be exploited here, if needed, for having a befer picture of the scenario. The analysis of the state- of- the- art (SOTA) is also required at this step and complements the aforemen9oned tools. The output of this phase is a textual descrip9on of the scenario.

Ethics, Privacy & Security by Design Scenario defini6on

Ethics, Privacy & Security by Design Input data iden6fica6on The defini9on of the scenario will naturally allows the iden9fica9on of the set of input data of the system, i.e., the data that will be provided by the stakeholders. Notably, once the scenario with its stakeholders and data into play has been defined and the set of input data has been iden9fied, a first privacy and security assessment inves9ga9on can be performed, e.g., by iden9fying which kind of data needs ad- hoc countermeasures because of their high sensi9veness which is protected by the law. At this stage, inputs from legal/ethics experts would be beneficial to iden9fy important requirements arising from the handling of par9cular data. Stakeholders goals and data of interest analysis The two previous phases generate the elements that are fed into the third phase of the SPACE process, devised for the analysis of stakeholder s goals and their data of interest. The following table, Table 1, is the template for carrying out such analysis. It is a table clearly and precisely summarizing the list of stakeholders, their goals and the set of data they are interested in. Notably, new data- types may be defined here (for a prac9cal example see the case study presented in Sec9on 3). The importance of filling- in this table is that it will highlight the data of interest of each stakeholder according to their goals. The usage of this data without privacy and security countermeasures, however, may violate some privacy or security principle. It is therefore of vital importance characterize the high- level goals of the stakeholders and iden9fy the data they need to provide their service, in order to consider the circumstances in which privacy or security breaches might occur. Stakeholder Goals Data of interest

Ethics, Privacy & Security by Design Stakeholders goals and data of interest analysis Stakeholder Goals Data of interest Pa6ents Take advantage of Genomic- based medical treatments; know ludic informa9on about their DNA. DNA, Ludic metadata, Clinical metadata. Doctors Cure pa9ents; Diagnose diseases. Iden9fica9on data, Clinical metadata. Researchers Support the hospital staff. DNA UIP Selling a new service. Administra9ng the (untrusted) infrastructure on which the analyses are carried out. Resource sta9s9cs (disk usage, network traffic, CPU load); System logs.

Ethics, Privacy & Security by Design Threats and Feared events inves6ga6on The table with the list of stakeholders, their goals and data of interest is fed into this phase. This phase is also parameterized by a set of threats that are pre- defined and can be tailored according the privacy and security facets of greater interest. In our applica9on scenario, we exploited the privacy and security proper9es listed in the LINDDUN (Deng, Wuyts, Scandariato, Preneel, & Joosen, 2011) and STRIDE (Howard & Lipner, 2006) threats categories. The LINDDUN threats category, also exploited in the PRIPARE methodology, comprises seven threats, each associated to a privacy property. The LINDDUN privacy proper9es are: 1. Unlinkability: hiding the link between two or more ac9ons, iden99es, and pieces of informa9on. 2. Anonymity: hiding the link between an iden9ty and an ac9on or a piece of informa9on. 3. Plausible deniability: ability to deny having performed an ac9on that other par9es can neither confirm nor contradict. 4. Undetectability: hiding the user s actvi9es. 5. Confiden9ality: hiding the data content or controlled release of data content. 6. Content awareness: user s consciousness regarding his own data. 7. Policy and consent compliance: data controller to inform the data subject about the system s privacy policy, or allow the data subject to specify consents in compliance with legisla9on. Each privacy property is associated to a threat: Linkability, Iden9fiability, Non- repudia9on, Detectability, Disclosure of informa9on, Unawareness, and Non- compliance.

Ethics, Privacy & Security by Design Stakeholder Threat Data involved Feared Event Security/Privacy countermeasure Pa6ents Disclosure DNA Full disclosure of DNA, The system must ask the affec9ng his/her rela9ves signature of the informed privacy. consent to the pa9ents Hospital staff Detectability Clinical metadata; Iden9fica9on data Pa9ent does not have the control on who accesses his/ her data. Researchers Unawareness DNA Unauthorized research ac9vity. Researcher Disclosure DNA Knowing more things about me than the things I expect to know. Researchers Linkability DNA Blood- link between pa9ents. rela9ves. The system must track logs of all the access and allow the user to know who is accessing and when they are accessing their data. Researchers must sign an agreement specifying that they cannot perform research ac9vity, if the pa9ent did not allowed third par9es research ac9vi9es. The system must provide access to the minimum amount of DNA that is sufficient for a specific task. The system must avoid direct access to mul9ple DNA data that can lead to the blood- link discovery.

The Co-Creation Process (Co-Design)

References Deng, M., Wuyts, K., Scandariato, R., Preneel, B., & Joosen, W. (2011). A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requirements Engineering, 16 (1), 3-32. Fox, N. (2009). Using Interviews in a Research Project. Nottingham: The NIHR RDS for the East Midlands / Yorkshire & the Humber. Hood, L., & Flores, M. (2012). A personal view on systems medicine and the emergence of proactive P4 medicine: predictive, preventive, personalized and participatory. New Biotechnology, 613-624. Howard, M., & Lipner, S. (2006). The Security Development Lifecycle. Redmond, WA, USA: Microsoft Press. Notario, N., Crespo, A., Kung, A., Kroener, I., Le Métayer, Troncoso, C., et al. (2014). PRIPARE: A New Vision on Engineering Privacy and Security by Design. Cyber Security and Privacy - Third Cyber Security and Privacy EU Forum, CSP Forum 2014, Athens, Greece, May 21-22, 2014, Revised Selected Papers (p. 65-76). Athens, Greece: Springer. Pearson, S. (2009). Taking Account of Privacy when Designing Cloud Computing Services. Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing (p. 44-52). Washington DC: IEEE Computer Society. Shostack, A. (2014). Threat Modeling: Designing for Security. Indianapolis, Indiana: John Wiley & Sons. Stickdorn, M., & Schneider, J. (2012). This is Service Design Thinking: Basics, Tools, Cases. Wiley. Vicini, S., Bellini, S., & Sanna, A. (2012). The City of the Future Living Lab. International Journal of Automation and Smart Technology, 2 (3). Vicini, S., Bellini, S., & Sanna, A. (2013). User-Driven Service Innovation in a Smarter City Living Lab. International Conference on Service Sciences (ICSS) (p. 254-259). Shenzhen: IEEE. 29

The City of the Future Living Lab www.cityofthefuturelab.org

Sauro Vicini mail vicini.sauro@hsr.it tel +39 02 2643 3137 Istanbul / 2015

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback