Cybersecurity and Privacy

From OpenCommons
Jump to navigation Jump to search
Cybersecurity and Privacy Advisory Committee (CPAC)
Cybersecurity and Privacy 200.jpg
Cybersecurity and Privacy
Team Members Department of Homeland Security, Adaptable Security Corp, Evo Monitors, EP3 Foundation, Global Cyber Alliance, ISC2 Silicon Valley Chapter, San Mateo County, SF Bay ISSA, Sightlinesec, Smart Connections Consulting, The Sorter Group, SRI International
Blueprint Cybersecurity and Privacy Blueprint

This set of 8 projects is managed by the Cybersecurity and Privacy Advisory Committee (CPAC), a public-private partnership dedicated to built-in cybersecurity and privacy best practices and considerations in Smart Secure Cities and Communities.

Smart Secure Cities and Communities unleash tremendous potential built on the power of data and technology. With great power comes great responsibility. Well designed and executed, municipalities and citizens will harvest marvelous benefits such as less traffic congestion, faster emergency services, and safer environments. Inadequately designed and executed, however, municipalities and citizens may subject themselves to undesirable consequences such as loss of privacy, data breaches, financial loss and disruption to their work and even lives.

Formed in March 2018, CPAC consists of cybersecurity and privacy professionals and practitioners from governments, nonprofits and private businesses. CPAC achieves its goal by 1) helping SuperClusters build cybersecurity and privacy best practices and considerations in their blueprints; 2) providing one-size-does-not-fit-all methodologies to enable SuperClusters and municipalities to comply with laws and standards pertinent to them. To ensure timely, tailored and consistent support, CPAC embeds champions in SuperClusters' leadership teams and invite SuperClusters' leaders into CPAC leadership to guide its direction and priorities. Membership is open to all communities, private sector enterprises, non-governmental organizations, and government agencies (at all levels).


  • Scott Tousley, Deputy Director of S&T,
    Department of Homeland Security
  • Lan Jenson, CEO,
    Adaptable Security Corp.


RohnertPark.jpg Advanced Flood Warning and Environmental Awareness
AFWEAR is a real-time network of environmental sensors, including rain and precipitation sensors that will be located throughout the city of Rohnert Park, a city at the base of Sonoma Mountain in Sonoma County, CA, located 50 miles north of San Francisco with population of 40,000. The purpose of the system will be the following:
  • Improve flood response time and efficiency throughout the city.
  • Link rainfall observations in the upper watershed (on the hill) and coasts to predictions of stream flow in the city.
  • Provide ability to incorporate various environmental sensors, watershed models (assessment tools to plan and manage watersheds), and user-friendly communication tools into the network to allow for rapid understanding and collaboration between scientists, citizens, and city planners as necessary in response to environmental “events”.
Taipei1.jpg Building Human Centered Smart City
* BiiMe as the Digital ID to leverage with DLT
  • Global roaming service based on the DID
  • Increase the Data Liquidity, Data Integrity & Data privacy
CasaPeraltaLights.png CryptoMove San Leandro Smart Lights Project
Create reference architecture for Smart Lights and Sensors via deployment of CryptoMove Moving Target Data Protection to render data onto a constantly shifting and mutating defensive fabric, thereby greatly decreasing the likelihood of exfiltration of sensitive data, and likewise for ransomware probability.
ActionClusterImage.png Cybersecurity Risk Assessment and Mitigation
Empower municipalities with cybersecurity risk assessment methodology and resources to enable timely understanding of their risk levels and appropriate mitigation against cyberrisks.

The risk assessment methodology is adapted from NIST Cybersecurity Framework with a Technical Risk Rating component and an Expert Assessment. The daunting resource shortage is addressed by a unique volunteer matching mechanism based on public-private partnerships.

Singaporefreewifi.jpg Deployment of user-friendly, secure and sustainable federated public Wi-Fi systems
To deploy a sustainable federated public Wi-Fi solution across Singapore that is has easy to use secure authenticated access and jointly develop a set of best practices with cities, industry players, and the academia to promote coordinated public Wi-Fi deployment, to address signal interference issues, standardizing user experience and security.
TIoT-Enabled Smart City Framework.png IoT Device Security for Smart Cities
* Use of PKI to mutually-authenticate IoT devices to networks & gateways
  • Secure provisioning, registration and production PKI certificates
  • Life-Cycle Management of IoT Device certificates
Secure Cloud Architecture SC3-cpSriA.jpg Secure Cloud Architecture SC3-cpSriA
Smart cities run largely on cloud services for efficiency and affordability reasons. Residents, government agencies, and small and medium businesses can benefit from an Architecture or Framework for privacy and rights-inclusive security practices across smart city and community cloud services. First, the City of Syracuse, New York, USA, in cooperation with Syracuse University and SC3-cpSriA Action Cluster(Smart City and Community Challenge Cloud privacy security rights inclusive Architecture) consider how the Architecture guidelines may apply. The SC3-cpSriA Action Cluster welcomes new members to broaden the debate. First, smart streetlight networks, catch basin monitoring, and water metering projects may consider if and how security, privacy, data protection and rights-inclusive cloud architecture guidelines may be followed. The ethics for facial recognition, machine learning and artificial intelligence systems and cloud services in future smart cities with privacy, security and rights-inclusive architecture will also be reviewed. Can architecture guidelines help protect citizens rights and encourage growth of smart city open data lakes, encouraging civic engagement and data privacy security and rights-inclusive innovation, entrepreneurship and economic development?
IFS.jpg Smart Wide Area Protection and Security for All from Concorde Security
Concorde provides Wide Area Protection for a Cluster of buildings from a mobile surveillance vehicle (called I-Man Facility Sprinter or “IFS”) manned by a 2-3 man specialist team.
  • Deploy security infrastructure comprising cameras, sensors and wireless connectivity in a mesh network architecture connected to the IFS vehicle
  • Cameras and sensors provide the real time surveillance and trigger alerts to IFS which will be able to immediately respond to the situation
  • Multiple IFS from neighboring clusters will provide the redundancy and support to any surge in demand in any particular cluster
  • Several IFS can cover a large urban center to provide the immediate real-time security coverage and immediate response to any public safety and security incident(s)