Agenda
- WGDST Presentation
- Introduction to WG including current case statement (Rudolf Mayer)
- Activities to date: WGDST survey on current security and trust practices (Rudolf Mayer)
- Activities to date: WUN DAPPER workshop (Becca Wilson)
- Discussion session (Chair: Paul Burton).
Discussion Summary
How can legal requirements be integrated and automated?
-
How can data privacy legal requirements be integrated with technical solutions and automated?
-
Is the research in line with consent?
-
-
The metadata should include what the security, user accreditation etc requirements to access the data.
Accreditation for Data Users
-
What credentials and certifications do users have to prove who you are and why you need access to that information
-
There is no accreditation or Gold standard for data users - if there was then there could be clearance based on accreditation to access/use the data.
-
Are we giving data to people we trust?
-
Is eduroam or orchid good authentication mechanisms?
-
-
What information is required to give accreditation?
What do users do with the data?
-
How do you know the user has the security requirements in place to handle the data set e.g. encrypted hard drive etc.
-
How to make these requirements easier for the user to meet
-
Have they adhered to T & Cs
-
Have they misused the data > required to enact penalties for misuse
-
-
Logging/Auditing what a user does with the data.
-
Penalties
Current Security and Trust Practices
- 2036 reads