Piero A. Bonatti, Luigi Sauro. Tractable Compliance Checking with Negation. 34th International Workshop on Description Logics (DL 2021), 2021

Piero A. Bonatti, Luigi Sauro. Sticky Policies in OWL2: Extending PL with Fixpoints and Transitive Closure. Proceedings of the 19th International Conference on Principles of Knowledge Representation and Reasoning, KR2022, July 31 – August 5, 2022, Haifa, Israel. To appear


TRAPEZE poster for download (v. July 2022)
TRAPEZE leaflet v. April 2022

P. A. Bonatti: Using DPVCG’s outcome in TRAPEZE’s compliance framework.
Invited presentation at the periodic meeting of W3C’s Data Privacy Vocabularies and Controls Community Group (DPVCG) on 15/9/2021

Piero Bonatti: Real-time reasoning in OWL2 for GDPR compliance.
IJCAI 2021 – journal track.  Aug 25 and 26, 2021.
Video | Slides

M. Popovic, N. Tomasevic: A blockchain-based platform for keeping logs of citizens’ consents, LAMBDA 2021 PhD Workshop, June 2021

Piero Bonatti from Università di Napoli Federico II, presenting “Metadata, Policy and Reasoning” in the frame of the TRAPEZE project. The presentation was recorded during the Workshop on Metadata Interoperability on 27 May 2021 as part of the European Big Data Value Data Week.

TRAPEZE project presentation at roundtables organized by EC CNECT:
“ICT Verticals and Horizontals for Blockchain Standardisation”, 13 January
“Extension of ICT Verticals and horizontals for Blockchain Standardisation / Smart-Contracts”, 21 April | Blogpost

Public deliverables

Publicly available technical deliverables produced by the project will be available as soon as they are published.

Citizen-centric use case scenarios – First version (D1.1) 29 JAN 2021
TRAPEZE will implement three use cases provided by three use case partners. Each use case is designed in a way to prove the feasibility of TRAPEZE outcomes in a realistic business context. The use cases are described independently of each other in separate chapters.

Data Protection Requirements – First Version (D1.2) 31 MAY 2021
This report focuses on enhancing the protection of citizen’s rights with particular focus on the data protection related fundamental rights as laid down in Articles 7 “Respect for private and family life” and 8 “Protection of personal data” of the Charter of Fundamental Rights of the European Union

Security and Privacy Resilience Framework and Guidelines – First version (D1.3) 27 MAY 2021
This report describes the framework for cybersecurity and privacy allowing TRAPEZE stakeholders to prepare for and adapt to threats, and to respond to and recover from incidents.

Platform specification and design (D1.4) 30 APR 2021
This document presents a high-level perspective on the specification and technical design of the TRAPEZE platform, taking into account the citizen-centric use-case scenarios.

Citizen-centric use case scenarios – Second version (D1.5) 27 AUG 2021
This document provides an updated description of the three use cases (pilots) “My Citizen Profile” from Digital Flanders, “Data Intelligence Hub” from Deutsche Telecom and CaixaBank’s “Customers’ ID wallet”.

Data Protection Requirements – Second Version (D1.6) 30 SEP 2021
This deliverable represents the requirements at month 12 of the project where the initial design of the use cases has become available in Deliverable D1.5. These requirements need to be incorporated in the upcoming design cycles and will be continuously refined.

Policy Language – First version (D2.1) 31 MAR 2021
This report introduces the first version of the policy language of TRAPEZE, called PLinst, and– in preparation for the next version of the language – it proposes policy histories as an efficient way to support negation in consent policies.

Sticky Policies – First version (D2.2) 30 AUG 2021
A sticky policy is a machine-readable policy that accompanies the data, regulating its usage and specifying the applicable obligations and organizational constraints as the data migrates across multiple recipients. All kinds of TRAPEZE’s policies can be sticky policies.

Transparency and compliance checking – First version (D2.3) 27 AUG 2021
This first report on reasoning algorithms introduces correct and complete algorithms that support compliance checking for two of the planned new features of TRAPEZE’s policy language, namely instances and negation.

Compliance and explanation engines – First version (D2.4) 27 AUG 2021
The first version of TRAPEZE’s engine can check the compliance and the consistency of policies written in PLinst (see also TRAPEZE deliverable D2.1).

Engine scalability properties – First version (D2.5) 11 AUG 2022
This deliverable reports the result of a systematic performance analysis of TRAPEZE’s reasoner for PLinst (i.e. version 1 of TRAPEZE’s policy language, which extends SPECIAL’s language with instances). The data and code used for the experiments can be found here.

Securing citizens’ smart terminals and online communication – First version (D3.3) 27 AUG 2021
This deliverable identifies the interactions between the TRAPEZE platform and the citizens via their personal smartphones or tablets and the best ways to protect them through the Kaspersky Mobile Security SDK (KMS-SDK), a multi-layered security framework for building online protection directly into mobile applications.

TRAPEZE Platform – First version (D3.4) 28 FEB 2022
This report describes the interim implementation of the TRAPEZE platform. The interim implementation does not include all components and it is not expected to cover all functionality needed. It is a snapshot of the progress toward the final product at month 18 which will eventually meet the quality standards required for mission-critical software

Dynamic consent mechanisms (D4.1) 23 DEC 2021
This deliverable focuses on consent management on the privacy dashboard ( A prototype version of the privacy dashboard has been used in the first usability test.

Privacy dashboards (D4.2) 28 FEB 2022
This deliverable reports on the TRAPEZE privacy dashboard, a web application that establishes both transparency and control. Transparency features include data exploration that allows users to display the data usage and potential risks associated with processing. Control features include consent management and incident reporting to limit data usage. The privacy dashboard can generally be understood as a personal data processing limitation dashboard.

Usability and accessibility testing report – First version (D4.3) 23 DEC 2021
This report presents the findings of the first round of usability and accessibility testing of the privacy management dashboard that is being developed under TRAPEZE.

Privacy preferences and sociological aspects analysis–first version (D4.4) 23 DEC 2021
This report presents the findings of the survey that was conducted to gain an understanding of European citizens’ attitudes, knowledge and actions with regard to the safety and protection of their personal data. This also includes assessing citizens’ interest in the different citizen-facing tools that are being developed under TRAPEZE.

Security and Data Protection knowledge base – First version (D5.2) 03 MAR 2022
This report explains the security and data protection knowledge base that provides additional information to users of the help desk and the dashboards. It is a database with various kinds of background information and pointers to online texts.