Privacy and Security in Personal Data Clouds
The main objective of this study is to identify the different architectures and components of Personal Data Clouds (PDCs) and discuss their privacy and security challenges. Based on an empirical analysis of various applications that fall under, or…
Security Framework for Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation. As illustrated below, this security framework includes specific guidelines for TSP on: 1) Risk management related to the security of the eIDAS…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
Security of Mobile Payments and Digital Wallets
The primary objective of this paper is the production of guidelines to assist mobile payment developers and mobile payment providers towards recommended security controls which if implemented would help ensure that consumers, retailers and financial…
Handbook on Security of Personal Data Processing
The overall scope of the report is to provide practical demonstrations and interpretation of the methodological steps of the ENISA’s 2016 guidelines for SMEs on the security of personal data processing. This is performed through specific use cases…
Security Framework for Qualified Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation, to which both non-QTSP and QTSP are subject. Nevertheless, Article 19.1 states that the security measures “shall ensure that the level of…
Trust Services Security Incidents 2018 - Annual report
The annual report on Trust Services Security Incidents 2018 gives an aggregated overview of security breaches, showing root causes, statistics and trends. It marks the third round of security incident reporting for the EU’s trust services sector.…
Reinforcing trust and security in the area of electronic communications and online services
This study provides an overview of well-established security practices, for the purpose of sketching the notion of “state-of-the-art” in a number of categories of measures, as they are listed in ENISA’s guidelines for SMEs on the security of…
Security guidelines on the appropriate use of qualified electronic seals
This document addresses qualified electronic seals and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery and website authentication certificates to…
Security guidelines on the appropriate use of qualified electronic signatures
This document addresses qualified electronic signatures and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery or website authentication certificates…