Poseidon is one of the General Data Protection Regulation (GDPR) Cluster projects that aims to develop an innovative Privacy Enhancing Dashboard for personal data protection supporting the digital security pillars of the new EU’s GDPR.
To detect insider attacks, existing security information and event management systems (SIEM) need to be developed significantly. To this end, the project partners in the project DREI are researching an organization-internal, distributed security center to detect insider attacks.
It also examines the legal compliance and effectiveness of the measures under realistic conditions. For this security center, procedures are developed that serve the privacy-friendly capture and storage of security events. They should have the ability to disclose identities, as needed, and detect anomalies that lead to the disclosure of innate perpetrator activities.
This is done on the basis of anonymised or pseudonymous data as well as the analysis of legal data protection requirements. From this test criteria are derived, which are evaluated in the project for their safety.