Position Paper of the EP3R Task Forces on Trusted Information Sharing (TF-TIS)
The key recommendations of this report are:
- To establish a pilot based on the Management and Functional Requirements listed in this document which usage will allow a more structured Information Sharing mechanism;
- To designate a neutral party who…
Guidelines for trust service providers - Part 1: Security framework
This document describes the framework surrounding trust service providers (TPSs) – the concepts and standards related to operations of a TSP. It focuses on EU standards, but also takes into account others where relevant. The document specifically…
Guidelines for trust service providers - Part 2: Risk assessment
This document covers the following aspects of Trust Service Providers operations:
• Assets: identification, classification and evaluation
• Threats to assets: classification and evaluation
• Vulnerabilities present in the environment
• Probability…
Guidelines for trust service providers - Part 3: Mitigating the impact of security incidents
This document recommends measures to mitigate the impact of security incidents on trust service providers (TSP) by proposing suitable technical and organisational means to handle the security risks posed to the TSP. This is done using a…
Recommendations for a methodology of the assessment of severity of personal data breaches
The European Union Agency for Network and Information Security (ENISA) reviewed the existing measures and the procedures in EU Member States with regard to personal data breaches and published in 2011 a study on the technical implementation of the…
eID Authentication methods in e-Finance and e-Payment services - Current practices and Recommendations
This report collects the results of a survey launched by ENISA (European Network and Information Security Agency). The main purpose of the survey has been to collect information about the electronic IDentity and Authentication Systems (eIDAS) used…
Proposal for One Security Framework for Articles 4 and 13a
There are two pieces of EU legislation which explicitly mention security measures in the telecom sector: Article 4 of the e-Privacy directive asks providers to take security measures to protect security of personal data processing. Article 13a of…
Smart Grid Threat Landscape and Good Practice Guide
ENISA report on threats in the area of smart grids and good practice guide.
On the security, privacy and usability of online seals
This report analyses the conditions under which online security and privacy seals (OSPS) can be deployed to support users to make an informed trust decision about Web services and their providers with respect to the provided security and privacy.…
Power Supply Dependencies in the Electronic Communications Sector
Electronic communications are the backbone of the EU’s digital society. Article 13a of the EU’s electronic communications Framework directive asks EU Member States to ensure the security and resilience of public electronic communications networks…