Publicly available technical deliverables produced by the project will be available as soon as they are published. The reports are ordered thematically by “Work Packages”.

A good way to consult the project’s development on the technical issues is our GitHub repository

Citizen-Centric Use Cases and Requirements

Citizen-centric use case scenarios – First version (D1.1) 29 JAN 2021
TRAPEZE will implement three use cases provided by three use case partners. Each use case is designed in a way to prove the feasibility of TRAPEZE outcomes in a realistic business context. The use cases are described independently of each other in separate chapters.

Data Protection Requirements – First Version (D1.2) 31 MAY 2021
This report focuses on enhancing the protection of citizen’s rights with particular focus on the data protection related to fundamental rights as laid down in Articles 7 “Respect for private and family life” and 8 “Protection of personal data” of the Charter of Fundamental Rights of the European Union

Security and Privacy Resilience Framework and Guidelines – First version (D1.3) 27 MAY 2021
This report describes the framework for cybersecurity and privacy allowing TRAPEZE stakeholders to prepare for and adapt to threats, and to respond to and recover from incidents.

Platform specification and design (D1.4) 30 APR 2021
This document presents a high-level perspective on the specification and technical design of the TRAPEZE platform, taking into account the citizen-centric use-case scenarios.

Citizen-centric use case scenarios – Second version (D1.5) 27 AUG 2021
This document provides an updated description of the three use cases (pilots) “My Citizen Profile” from Digital Flanders, “Data Intelligence Hub” from Deutsche Telecom and CaixaBank’s “Customers’ ID wallet”.

Data Protection Requirements – Second Version (D1.6) 30 SEP 2021
This deliverable represents the requirements at month 12 of the project where the initial design of the use cases has become available in Deliverable D1.5. These requirements need to be incorporated in the upcoming design cycles and will be continuously refined.

Security and Privacy Resilience Framework and Guidelines – Second version (D1.7) 28 FEB 2022
This report is an update of D1.3 and describes in more detail the framework for cybersecurity and privacy allowing TRAPEZE stakeholders to prepare for and adapt to threats, and to respond to and recover from incidents.

Platform Specification and Design-Second Version (D1.8) 28 FEB 2022
This report is an update of D1.4 about the specification and technical design of the TRAPEZE platform and presents its high-level technical perspective.

Policy Management, Transparency and Compliance

Policy Language – First version (D2.1) 31 MAR 2021
This report introduces the first version of the policy language of TRAPEZE, called PLinst, and– in preparation for the next version of the language – it proposes policy histories as an efficient way to support negation in consent policies.

Sticky Policies – First version (D2.2) 30 AUG 2021
A sticky policy is a machine-readable policy that accompanies the data, regulating its usage and specifying the applicable obligations and organizational constraints as the data migrates across multiple recipients. All kinds of TRAPEZE’s policies can be sticky policies.

Transparency and compliance checking – First version (D2.3) 27 AUG 2021
This first report on reasoning algorithms introduces correct and complete algorithms that support compliance checking for two of the planned new features of TRAPEZE’s policy language, namely instances and negation.

Compliance and explanation engines – First version (D2.4) 27 AUG 2021
The first version of TRAPEZE’s engine can check the compliance and the consistency of policies written in PL_inst (see also TRAPEZE deliverable D2.1).

Engine scalability properties – First version (D2.5) 11 AUG 2022
This deliverable reports the result of a systematic performance analysis of TRAPEZE’s reasoner for PL_inst (i.e. version 1 of TRAPEZE’s policy language, which extends SPECIAL’s language with instances). The data and code used for the experiments can be found here.

Policy Language – Second version (D2.6) 31 AUG 2022
This report introduces the second version of the policy language of TRAPEZE, called PLT₂, which extends SPECIAL’s policy language with instance-valued properties and exceptions in data subject policies.

Sticky Policies – Second version (D2.7) 31 AUG 2022
This report is an update of D2.2 and describes an implementation of a blockchain-based solution on how to make sticky policies (and their evolution) tamper-proof and how to make the connection between the sticky policy and the data tamper-proof.

Transparency and compliance checking algorithms – Second version (D2.8) 31 AUG 2022
This second report on reasoning algorithms introduces correct and complete algorithms for flexible sticky policies, the new feature of TRAPEZE’s policy language.

Compliance and explanation engines – Second Version (D2.9) 31 AUG 2023
This report is divided into two sections. The first part discusses the features of the second version of the Java compliance engine, designed for high-speed compliance checks with support for instances, negation, and select sticky policies. The second part focuses on the implementation of a broader approach to sticky policies based on previous work in D2.8. The report concludes with a summary and final remarks.

Engine scalability properties – Second Version (2.10) 31. AUG 2023
This report contains a systematic performance analysis of the second version of the Java compliance
engine, which supports instances, negation (more precisely, exceptions to a general
policy), and a selected range of sticky policies of practical interest.

TRAPEZE Platform, Integration and Components

Securing citizens’ smart terminals and online communication – First version (D3.3) 27 AUG 2021
This deliverable identifies the interactions between the TRAPEZE platform and the citizens via their personal smartphones or tablets and the best ways to protect them through the Kaspersky Mobile Security SDK (KMS-SDK), a multi-layered security framework for building online protection directly into mobile applications.

TRAPEZE Platform – First version (D3.4) 28 FEB 2022
This report describes the interim implementation of the TRAPEZE platform. The interim implementation does not include all components and it is not expected to cover all functionality needed. It is a snapshot of the progress toward the final product at month 18 which will eventually meet the quality standards required for mission-critical software.

Securing citizens smart terminals and online communication – Second Version (D3.7) 29.APR 2023
This deliverable focuses on the interactions between the TRAPEZE platform and citizens using their personal smartphones or tablets. It emphasizes the use of the Kaspersky Mobile Security SDK (KMS-SDK), a comprehensive security framework integrated into mobile applications to protect users. The TRAPEZE Mobile app, designed for Android devices, leverages KMS-SDK features tailored to citizens’ needs. It offers security against various threats, alerts users about malicious websites, and ensures the safety of online communications.

TRAPEZE platform – Second version (D3.8) 30 AUG 2023
This report details the implementation of the TRAPEZE platform, which followed an iterative approach to integrate technical developments from various work packages. As the project evolved, additional components and functionalities were incorporated into the platform. Furthermore, based on extensive feedback from end-users, adjustments and refinements were made to better align with identified requirements and the end-user perspective.

Citizen Interaction, User Experience and Sociological Considerations

Dynamic consent mechanisms (D4.1) 23 DEC 2021
This deliverable focuses on consent management on the privacy dashboard (https://dashboard.trapeze-project.eu/). A prototype version of the privacy dashboard has been used in the first usability test.

Privacy dashboards – First version (D4.2) 28 FEB 2022
This deliverable reports on the TRAPEZE privacy dashboard, a web application that establishes both transparency and control. Transparency features include data exploration that allows users to display the data usage and potential risks associated with processing. Control features include consent management and incident reporting to limit data usage. The privacy dashboard can generally be understood as a personal data processing limitation dashboard.

Usability and accessibility testing report – First version (D4.3) 23 DEC 2021
This report presents the findings of the first round of usability and accessibility testing of the privacy management dashboard that is being developed under TRAPEZE.

Privacy preferences and sociological aspects analysis–first version (D4.4) 23 DEC 2021
This report presents the findings of the survey that was conducted to gain an understanding of European citizens’ attitudes, knowledge and actions with regard to the safety and protection of their personal data. This also includes assessing citizens’ interest in the different citizen-facing tools that are being developed under TRAPEZE.

Data Protection Requirements for the TRAPEZE Privacy Dashboard (Working Document WD1.0) 29 APR 2022

Dynamic consent mechanisms – Second version (D4.5) 2 May 2023
This report focuses on enabling European citizens to perform consent management themselves on the privacy dashboard. The results of the first usability test motivated a novel design in the upcoming Versions v1 and v2 of the privacy dashboard.

Privacy dashboards – Second version (D4.6) 30 June 2023
This report describes the privacy dashboard as one of software components of the TRAPEZE platform. The dashboard is available at https://dashboard.trapeze-project.eu

Usability and accessibility testing – Second version (D4.7) 27 APR 2023
This report outlines the evaluation of the usability and accessibility of the TRAPEZE privacy dashboard among a group of citizens. The report focuses on the results of the second phase of usability and accessibility testing conducted from June to December 2022. It also informs about the ongoing third phase of testing, occurring between March and June 2023.

Privacy preferences and sociological aspects analysis – Second version (D4.8) 30 June 2023
The report outlines the work carried out on analyzing privacy preferences and sociological aspects. The objective was to comprehend European citizens’ behaviors and attitudes regarding the security of their personal data. This was achieved through a survey conducted in various European countries in 2021, along with a literature review of similar recent studies up to 2023, which provided additional insights beyond the survey’s outcomes.

Raising Citizen’s Security & Privacy Awareness and Competence

Security and Data Protection knowledge base – First version (D5.2) 03 MAR 2022
This report explains the security and data protection knowledge base that provides additional information to users of the help desk and the dashboards. It is a database with various kinds of background information and pointers to online texts.

Citizen-centric help desk-First version (D5.3) 30 APR 2022
This report describes the citizen-centric help desk, designed to provide citizens with a central information point for security and privacy topics.

Security & Privacy Awareness and Competence Testing-First Version (D5.4) 09 MAY 2022
This report describes Kaspersky’s K-ASAP training platform created to improve citizens’ Security &
Privacy Awareness and Competence, and how it is tested by the users and evaluated from the users’ perspective.

Security and Data Protection knowledge base – Second version (D5.6) 30 APR 2023
This report describes the security and data protection knowledge base providing additional information to users of the help desk and the dashboards.

Citizen-centric help desk – Second version (D57) 29 AUG 2023
This report presents the citizen-centric helpdesk offering a dynamic web application as a solution to bridge the gap between privacy awareness and action. This interactive tool not only simplifies complex privacy laws but also empowers users through interactive tests and gamified learning experiences.

Use Case Implementation and Platform Evaluation

Public penetration_hacking challenges – First version (D6.3) 26 JUL 2022
This deliverable reports on the challenge to verify that the TRAPEZE infrastructure complies with policies and regulations, and ensures that data are shared only with authorized individuals. The challenge is implemented on the openbugbounty.org platform and continues until the end of the project. Everyone can participate in the program.

Integrated platform testing – First version (D6.4) 31 AUG 2022
This report presents the results of the TRAPEZE platform evaluation using the methodology of the “Special Transparency and Consent Benchmark”. This report serves as a summary of current tests and results and will be updated regularly as the project advances.

Integrated platform testing – Second version (D6.7) 30 JUNE 2023
This document is an update to the initial version of the integrated platform testing. It primarily covers the latest tested components from the first version, along with newly developed components since the initial deliverable submission. Additionally, it provides extra reporting on the resource consumption of the server hosting the System Under Test (SUT).