使用Player FM应用程序离线!
S2E24: "Cloud-Native Privacy Engineering via DevPrivOps" with Elias Grünewald (TU Berlin)
Manage episode 374922570 series 3407760
This week’s guest is Elias Grünewald, Privacy Engineering Research Associate at Technical University, Berlin, where he focuses on cloud-native privacy engineering, transparency, accountability, distributed systems, & privacy regulation.
In this conversation, we discuss the challenge of designing privacy into modern cloud architectures; how shifting left into DevPrivOps can embed privacy within agile development methods; how to blend privacy engineering & cloud engineering; the Hawk DevOps Framework; and what the Shared Responsibilities Model for cloud lacks.
Topics Covered:
- Elias's courses at TU Berlin: "Programming Practical Privacy: Web-based Application Engineering & Data Management" & "Advanced Distributed Systems Prototyping: Cloud-native Privacy Engineering"
- Elias' 2022 paper, "Cloud Native Privacy Engineering through DevPrivOps" - his approach, findings, and framework
- The Shared Responsibilities Model for cloud and how to improve it to account for privacy goals
- Defining DevPrivOps & how it works with agile development
- How DevPrivOps can enable formal privacy-by-design (PbD) & default strategies
- Elias' June 2023 paper, "Hawk: DevOps-Driven Transparency & Accountability in Cloud Native Systems," which helps data controllers align cloud-native DevOps with regulatory requirements for transparency & accountability
- Engineering challenges when trying to determine the details of personal data processing when responding to access & deletion requests
- A deep-dive into the Hawk 3-phase approach for implementing privacy into each DevOps phase: Hawk Release; Hawk Operate; & Hawk Monitor
- How open sourced project, TOUCAN, is documenting conceptual best practices for corresponding phases in the SDLC, and a call for collaboration
- How privacy engineers can convince their management to adopt a DevPrivOps approach
Read Elias' papers, talks, & projects:
- Cloud Native Privacy Engineering through DevPrivOps
- Hawk: DevOps-driven Transparency and Accountability in Cloud Native Systems
- CPDP Talk: Privacy Engineering for Transparency & Accountability
- TILT: A GDPR-Aligned Transparency Information Language & Toolkit for Practical Privacy Engineering
- TOUCAN
Guest Info:
Privado.ai
Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.
Shifting Privacy Left Media
Where privacy engineers gather, share, & learn
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Copyright © 2022 - 2024 Principled LLC. All rights reserved.
章节
1. S2E24: "Cloud-Native Privacy Engineering via DevPrivOps" with Elias Grünewald (TU Berlin) (00:00:00)
2. Introducing Elias Grünewald (00:02:15)
3. Elias discusses the courses that he teaches at TU Berlin: "Programming Practical Privacy: Web-based Application Engineering & Data Management" and "Advanced Distributed Systems Prototyping: Cloud-native Privacy Engineering" (00:05:33)
4. Discussion of Elias' 2022 paper, "Cloud Native Privacy Engineering through DevPrivOps" - his approach, findings, and framework (00:11:42)
5. Discussion of the Shared Responsibilities Model for cloud and how it can be improved to better account for privacy goals (00:18:58)
6. Defining DevPrivOps and how it works with agile development (00:21:50)
7. How DevPrivOps can enable formal privacy-by-design (PbD) & default strategies (00:28:17)
8. Discussion of Elias' June 2023 paper, "Hawk: DevOps-Driven Transparency & Accountability in Cloud Native Systems," which helps data controllers align cloud-native DevOps with regulatory requirements for transparency & accountability (00:31:01)
9. The challenges that engineers run into when they try to determine the details of personal data processing, as they're respond to access requests or deletion requests (00:35:59)
10. Elias describes his approach to integrating privacy into 3 phases of DevOps: 1) Hawk Release; 2) Hawk Operate; & 3) Hawk Monitor (00:39:30)
11. Elias describes how the Hawk framework can benefit regulators as well as data controllers (00:52:03)
12. Elias discusses open source project: TOUCAN (which is funded by the German Federal Ministry of Education & Research). TOUCAN is creating conceptual best practices for corresponding phases in the SDLC (00:57:03)
13. How privacy engineers can convince their Head of Engineering and management to adopt a DevPrivOps approach (01:00:35)
63集单集
Manage episode 374922570 series 3407760
This week’s guest is Elias Grünewald, Privacy Engineering Research Associate at Technical University, Berlin, where he focuses on cloud-native privacy engineering, transparency, accountability, distributed systems, & privacy regulation.
In this conversation, we discuss the challenge of designing privacy into modern cloud architectures; how shifting left into DevPrivOps can embed privacy within agile development methods; how to blend privacy engineering & cloud engineering; the Hawk DevOps Framework; and what the Shared Responsibilities Model for cloud lacks.
Topics Covered:
- Elias's courses at TU Berlin: "Programming Practical Privacy: Web-based Application Engineering & Data Management" & "Advanced Distributed Systems Prototyping: Cloud-native Privacy Engineering"
- Elias' 2022 paper, "Cloud Native Privacy Engineering through DevPrivOps" - his approach, findings, and framework
- The Shared Responsibilities Model for cloud and how to improve it to account for privacy goals
- Defining DevPrivOps & how it works with agile development
- How DevPrivOps can enable formal privacy-by-design (PbD) & default strategies
- Elias' June 2023 paper, "Hawk: DevOps-Driven Transparency & Accountability in Cloud Native Systems," which helps data controllers align cloud-native DevOps with regulatory requirements for transparency & accountability
- Engineering challenges when trying to determine the details of personal data processing when responding to access & deletion requests
- A deep-dive into the Hawk 3-phase approach for implementing privacy into each DevOps phase: Hawk Release; Hawk Operate; & Hawk Monitor
- How open sourced project, TOUCAN, is documenting conceptual best practices for corresponding phases in the SDLC, and a call for collaboration
- How privacy engineers can convince their management to adopt a DevPrivOps approach
Read Elias' papers, talks, & projects:
- Cloud Native Privacy Engineering through DevPrivOps
- Hawk: DevOps-driven Transparency and Accountability in Cloud Native Systems
- CPDP Talk: Privacy Engineering for Transparency & Accountability
- TILT: A GDPR-Aligned Transparency Information Language & Toolkit for Practical Privacy Engineering
- TOUCAN
Guest Info:
Privado.ai
Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.
Shifting Privacy Left Media
Where privacy engineers gather, share, & learn
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Copyright © 2022 - 2024 Principled LLC. All rights reserved.
章节
1. S2E24: "Cloud-Native Privacy Engineering via DevPrivOps" with Elias Grünewald (TU Berlin) (00:00:00)
2. Introducing Elias Grünewald (00:02:15)
3. Elias discusses the courses that he teaches at TU Berlin: "Programming Practical Privacy: Web-based Application Engineering & Data Management" and "Advanced Distributed Systems Prototyping: Cloud-native Privacy Engineering" (00:05:33)
4. Discussion of Elias' 2022 paper, "Cloud Native Privacy Engineering through DevPrivOps" - his approach, findings, and framework (00:11:42)
5. Discussion of the Shared Responsibilities Model for cloud and how it can be improved to better account for privacy goals (00:18:58)
6. Defining DevPrivOps and how it works with agile development (00:21:50)
7. How DevPrivOps can enable formal privacy-by-design (PbD) & default strategies (00:28:17)
8. Discussion of Elias' June 2023 paper, "Hawk: DevOps-Driven Transparency & Accountability in Cloud Native Systems," which helps data controllers align cloud-native DevOps with regulatory requirements for transparency & accountability (00:31:01)
9. The challenges that engineers run into when they try to determine the details of personal data processing, as they're respond to access requests or deletion requests (00:35:59)
10. Elias describes his approach to integrating privacy into 3 phases of DevOps: 1) Hawk Release; 2) Hawk Operate; & 3) Hawk Monitor (00:39:30)
11. Elias describes how the Hawk framework can benefit regulators as well as data controllers (00:52:03)
12. Elias discusses open source project: TOUCAN (which is funded by the German Federal Ministry of Education & Research). TOUCAN is creating conceptual best practices for corresponding phases in the SDLC (00:57:03)
13. How privacy engineers can convince their Head of Engineering and management to adopt a DevPrivOps approach (01:00:35)
63集单集
همه قسمت ها
×欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。