Enabling the information society — securing personal data in online environments.
European Network and Information Security Agency | Published December 18, 2012 - Deadline January 28, 2013
ENISA requires the provision of specialised services dealing with 'Enabling the information society — securing personal data in online environments'. The various services required have been presented as 2 lots, with the specific requirements for each lot as follows:
a) lot 1: identifying security best practices for privacy protection purposes:
This lot is aiming to develop recommendations based on current security certification practice in the EU Member States. The selected contractor will take stock of security certification practice in the EU to provide recommendations for a future pan-European approach for privacy certification. At the same time, the contractor will identify existing implemented security measures to protect personal data in a couple of Member States;
b) lot 2: securing personal data in online environments:
The recommendations regarding encryption specifications and security solutions must be proactively reviewed in line with the changing circumstances (i.e. new vulnerabilities and attacks, better computational power). For this activity the contractor is expected to develop a methodology & structure for a new activity with the goal of establishing a list of recommended cryptographic algorithms (e.g. block ciphers, hash functions, signature schemes, etc.) and recommended key sizes and other parameter settings (where applicable) to reach specified security objectives.