Invited Keynote Speaker
9:15 - 10:00
Inah Omoronyia, University of Bristol
Software Engineering Practices and Data Protection Challenges
Abstract. Engineering software systems is now predominantly a complex and heterogeneous activity - crosscutting multiple operational, deployment and data-sharing environment, which are long-lived and required to satisfy multiple stakeholders' objectives. The life source of these systems is often their ability to collect, process, store and distribute data in phenomenal ways. This data must also be protected to ensure future-proof for the next evolution in digital transformation. Techniques such as cloud native, microservices, third-party APIs/SDKs and DevOps has become the main engineering driving force. The problem is that the pace of technological innovation supported by these techniques is fast and not at par with the know-how necessary to ensure underlying data is protected. The consequence is an imbalance where amid much talked about functional benefits, system stakeholders (incl. developers, regulators and users) are increasingly dissatisfied due to ensuing personal and societal harms.
This talk will explore this imbalance to highlight the challenges and efforts aimed at supporting different stakeholders. We will review some of the security and privacy challenges of modern cloud delivery models and third-party architectures. Focusing on data protection principles such as transparency and accountability, we will examine software quality and tradeoffs, as well as metrics that can support software engineers in assessing and verifying the effectiveness of a secure software solution.
Bio: Inah Omoronyia is a Senior Lecturer in Privacy at the Bristol Cyber Security Group, University of Bristol. His work focuses on the intersections of software, privacy engineering and security as well as regulatory compliance. He investigates and builds frameworks, tools and techniques for engineering secured and privacy preserving software systems. He led an Innovate UK Cyber Security Academic Startup Accelerator Programme on privacy engineering technique for software designers. He is a recipient of the European Research Consortium for Informatics and Mathematics (ERCIM). He was also awarded research and enterprise fellowship by Scottish Enterprise to help business organisations with Process Regulation and Compliance struggles. Omoronyia is the Principal Investigator of a UKRI TAS Hub research to investigate Consent Verification in Autonomous Systems – to support stakeholders such as data protection officers in complex data discovery and privacy assurance of system behaviour. He is a member of the management team for the EPSRC TIPS-at-scale CDT aimed at training new generation of PhDs in the cyber security of large-scale infrastructures. He is also a member of Research Centre on Privacy, Harm Reduction and Adversarial Influence Online (REPHRAIN) – where he focuses on building techniques and systems for early detection of privacy harms in online systems.