Swim lane Schema eves

Ein Swim lane-Diagramm zur Visualisierung der Phasen »Vorbereitung«, »Durchführung« und »Nachbereitung« jeweils bezogen auf den Kontrolleur, eves und den Athleten.
eves_swimlane_20150416

Introduction: ASPIDER M2M

We are happy to have won ASPIDER M2M, an independent supplier of one-stop-shop M2M/IoT enabling solutions, as a partner for our project.
In the IoT industry ASPIDER M2M delivers a worldwide operator independent managed connectivity solution. The four pillars of its offering are secure M2M, operator independent solutions, prepaid M2M combinations and IoT outsourced billing solutions.
Over 500 organizations worldwide, including large multinationals, already rely on ASPIDER M2M to provide business critical technical services and operational systems for prepaid, postpaid and hybrid offerings. You’ll find futher information on Aspider M2M here.
[schema type=”organization” orgtype=”Corporation” url=”http://www.aspiderM2M.com” name=”ASPIDER M2M headquarters” description=”ASPIDER M2M is the market leader in mobile data connectivity. With its own core network, own data sim cards and dedicated operational team, consider us the avant garde of M2M.” street=”Tjaskermolenlaan 1-7″ city=”Woerden” postalcode=”3447″ country=”NL” email=”info@aspiderM2M.de” phone=”0031 88-7464626″]

Vorstellung: ASPIDER M2M

Wir freuen uns mit ASPIDER M2M einen unabhängigen Anbieter von M2M/IOT-Lösungen für unser Projekt gewonnen zu haben.
ASPIDER M2M betreibt sein eigenes Kernnetzwerk und bietet weltweit betreiberunabhängige Lösungen an. ASPIDER M2M Secure M2M SIM basierte Lösungen erzielen mit geringem Aufwand einen höchstmöglichen Grad der Absicherung. ASPIDER
 M2M Prepaid M2M-Angebote ermöglichen uns ein Höchstmaß an Flexibilität bei der Gestaltung unserer Prozesse.
Mehr als 500 Unternehmen weltweit, darunter einige große multinationale Unternehmen, vertrauen bereits auf die geschäftskritischen technischen Dienstleistungen und Systeme, die ASPIDER M2M im M2M/IOT-Bereich anbietet. Weitere Informationen zu Aspider M2M findet ihr hier.
[schema type=”organization” orgtype=”Corporation” url=”http://www.aspiderM2M.de” name=”ASPIDER M2M Deutschland GmbH” description=”Wir bieten Ihnen eine »Managed-Single-SIM-Mobile-Connectivity-Solution« mit weltweiter Netzabdeckung für Ihre IoT/M2M Anwendungen. Sie können alle verfügbaren SIM-Kartentypen von uns beziehen, auch SIM-Chips sind selbst in kleinen Bestellmengen verfügbar. Wir bieten mit einem einzelnen Tarif ohne Wechsel der SIM-Karte eine kostengünstige Mobilfunkanbindung für Ihre Anwendung in Deutschland, der EU sowie der ganzen Welt.” street=”Rotebühlstraße 66″ city=”Stuttgart” postalcode=”70178″ country=”DE” email=”info@aspiderM2M.de” phone=”+49 711 49 03 555″ fax=”+49 711 49 03 500″]

IOC Anti Doping Research Fund Application

In 2015 the International Olympic Commitee repeatedly issued a call for Application for its Anti-Doping Research Fund.
Projects are to be supported, which have the potential to lead to a significant change in the way anti-doping programmes are carried out and will have a direct positive impact on the daily life of the clean athlete.
It is self-evident that we turned in an application. You will find the substanial excerpts of our application – hypothesis, objectives and methodology – for personal reference.

Research Hypothesis:

To date the successful completion of doping controls has been dependent on the accuracy of the whereabouts details in ADAMS.
Surveys have shown, however, that it has not been possible to conduct doping controls because of a failure to find the athletes for the following reasons: (1) The whereabouts of the athletes was changed without notice; (2) The whereabouts of the athletes was too imprecise; (3) The DCOs were unable to find the athletes due to their lack of familiarity with the location.
In addition, according to an estimate by leading data protection bodies the collection and storage of the whereabouts details in ADAMS in its current form is in breach of national and European data protection law (»Datenschutzrechtliche Bewertung der Melde- und Kontrollpflichten im Rahmen von Anti-Dopingprogrammen, die die von SP.IN vertretenen Athleten betreffen« Wedde, 2011. »Datenschutz und Dopingbekämpfung« Wagner, Weichert, 2011. »Vereinbarkeit des WADA-Codes und des ADAMS-Systems mit Datenschutzbestimmungen« BfDI, 2009. »Dopingbekämpfung und Datenschutz« Weichert, DANA 4/2011.).
If it is possible to determine the whereabouts of athletes at any time using localization technologies, it would be possible to develop a system which complies with the legal needs of data protection whilst also giving the athletes more freedom. The success of the system can be measured by the fall in missed tests.

Objectives:

The primary objective of the eves project is to research the use of a dedicated mobile device which shows an authorized DCO the precise current position of the athlete when a doping control has been scheduled without breaching data protection regulations and preserving the right to privacy of the athlete. The eves device can easily be integrated into the ADAMS data collection processes for this purpose and supports the interaction between the athlete, the doping control authorities and the anti-doping agencies. In particular eves enables athletes to live a flexible, individual lifestyle whilst at the same time ensuring that the athletes can be located effectively and efficiently if they are required for doping control purposes.
One important factor for the design of the complete system and the processes is that the security requirements and the data protection reservations of both the athletes and the DCOs are included. Eves therefore in particular ensures that the new mobile eves device for localizing the athletes complies with the various international data protection laws and regulations. The stringent German data protection law will provide the reference for the device implementation.
This means the following, for example: (1) The collection of position data for the athletes is intrinsically linked to the specific doping control process and the data are not processed any further or disclosed to third parties. (2) The unauthorized or arbitrary localization of athletes or the preparation of movement profiles is not possible thanks to the data protection-compliant system design. (3) On the other hand, all localization processes, in other words the fact that a person has been localized, are recorded and can be viewed by athletes after the doping control.

Effectiveness
The DCO uses the whereabouts details to plan routine controls. The more accurate the whereabouts details for the athlete, the greater the likelihood that the athlete will actually be found. On the other hand this enables the athlete to indirectly influence the timeframe for controls. The use of eves makes the whereabouts details filed in advance less important since the position of the athlete can be determined regardless of these whereabouts details.
Efficiency:
For national and international Anti-Doping Agencies the use of eves saves time in the initiation of doping tests. The number of unsuccessful attempts of controls and thus the administrative burden for justification after failed attempts decreases.
Usability:
The system is designed to enable athletes to enjoy greater personal freedom – not every change of location must be notified online. eves will initially supplement the whereabouts locations filed by the athlete in ADAMS. If discrepancies occur between the notified locations and the actual whereabouts of the athlete (for example spontaneous changes of journey in the event of strikes, illness, family commitments, etc.), the DCO will be able to use eves to localize the athlete anyway. For the athlete this means that he has to worry less about a missed test.
Internationalization:
The eves system uses global localization (GPS/GNSS) and communication (GSM) standards. Access to the internet, which is currently required to update the whereabouts details, is not necessary. In terms of data protection, eves complies with stringent Germany and European legislation.
Security and Privacy by Design:
The use of eves means that the athlete does not have to register lots of different whereabouts in ADAMS which goes against the principle of the sparing use of data in advance out of fear of spontaneously changing his whereabouts. In addition to purely technical/material matters, one of the main objectives of the research project is to improve compliance with the data protection needs and the right to be left alone of the athletes.

Based on the principle of basic IT security and in compliance with other test catalogues such as OWASP, the components of the whole system will be studied together with Fraunhofer Institute AISEC to identify possible dangers and risks. The consideration goes beyond purely technical aspects by also considering elementary dangers, forces majeures, organizational defects, human error, technical failure and malicious acts as risks.
The supervision and documentation of the project by the various experts is designed to ensure the required transparency of eves.

Project Summary:

1. Object of investigation

Eves is a complete system with organisational and technical components. The organisational components require a definition of the interaction between the main roles of the DCOs and athletes and of ADAMS. The technical components are designed on a cloud-based service-oriented architecture.
The eves system and its communication are based on the following components:
eves client: the portable device. After receiving an authorized location request on a dedicated encrypted channel (text message), it checks the current location using GPS or combined GPS/mobile phone localization (GNSS or AGPS). It is not possible to identify the current location, the last available location or an error message will be sent using the same method as the initial query. The last available location will be saved in an internal memory for a value pair consisting of longitude and latitude.
eves server: a high availability system which is operated in certified computer centers. Each individual athlete is assigned a unique device within the server. Queries are received via secure connections (https). The query is then forwarded to the device by text message. The longitude and latitude of the last location of the athlete or a status message is then returned. The time and authorization of the querying DCO will be logged as will the status and accessibility of the eves client. The athlete can later access all the log data filed in the system which relate to a control query involving him. The server also receives messages fromevesclients via text message relating to the status of the system, for example in the event of a critical charge condition of the battery.
ADAMS: Contains, among other things, the whereabouts of the athletes. The system has not technical connection; only the DCO can compare the information from the two systems.
DCO: The DCO receives a list of athletes who are to be tested at a certain time. From ADAMS he receives online information on the whereabouts of the athletes using a web interface. For each athlete on the list he can direct an inquiry to the eves server via a secure web interface and will then receive the current location of the athlete if it is available. He can then check the position details on a map application using the whereabouts from ADAMS and thus plan his route to meet the athlete. The eves server only provides details of the location of the athlete who is to undergo the test for a limited period of time. Every inquiry is logged.
Technical and organizational safety measures: The use of eves requires the technical components to be embedded in a secure process. The following outline conditions must be observed in any event to comply with data protection regulations.

  • The localization devices must be produced and issued without any fear of manipulation.
  • The assignment of a test order to a DCO must be totally clear and traceable. It may be the only requirement for issuing localization authority for the DCO for the athlete identified for testing. The assignment and localization process must be logged in a manipulation-proof manner.
  • The localization of athletes who are not to be tested and the localization by DCOs not assigned to the test must be effectively prevented.
  • Strict deletion deadlines must be defined for all instances of localization results once controls have been completed.

The development of a portable device (eves client), which is specially tailored to meet the athletes’ needs, is central. It is small and can be worn on the body very easily without any problems.
Using this device an authorized DCO (and only such a person) can find the location of the athlete in the event that the athlete is to be tested. This localization process can only be carried out in a single case by the authorized DCO and it is logged. The log entries can be viewed by the athlete.
The following properties are the main focal points in the development of the eves client:

  • Long battery life and service life. The device will notify the wearer of an error by means of a status light. It does not have any other information indicators, for example to show the status of a query.
  • Protection from manipulation. The device will have no external interfaces. It will be charged without a plug connector by means of induction. The housing is watertight and completely encapsulated.
  • Ease of use, co-determination and wearer comfort. The athlete can switch off the device, for example if he is on an aircraft or in a hospital.
  • An identifier to prevent the devices being mixed up by accident.
  • Fast determination of location, even within enclosed areas.
  • Secure and manipulation-resistant transfer of location and status information exclusively for the purpose of test initiation.

The portable device only finds and sends the athlete’s whereabouts when an authorized DCO requests that it does so. Movement profiles can therefore not be made and therefore also cannot be stored.

2. Methodology

2.1 Field testing

At the current time the preparations are being made for, amongst other things, a field test in which the following questions and hypothesis relating to security, sustainability, initial and running costs and technical feasibility will be studied.

  1. What technologies (including GPS / GNSS, GSM triangulation, WLAN and RF) of determining location enable sufficiently accurate localization in various everyday situations
  2. What means of communication satisfy the high requirements relating to data confidentiality and integrity (for example GSM, GPRS, WLAN, etc.)
  3. Other marginal conditions such as usability and wearer comfort in everyday life. Battery life, material and environmental compatibility, transport and logistics, etc.

The test has been designed with an open result with the aim of finding an overall solution which is optimal in terms of security, sustainability and cost. If no significant improvement of test initiation between athlete and DCO is observed, it remains to be found whether improved personal freedom and improved protection of privacy for the athletes would justify the use of the system anyway.
The main outline conditions relating to data protection have already been formulated. The next phase of the project is to set them out in more detail and implement them in the process, as long as the test demonstrates that the system is feasible in principle.

2.2 Identification of the supporting tasks

Tasks: At the current time the following core tasks have been identified which can be supported by a system based on modern localization technologies. Other tasks may be identified in conjunction with NADA.

  • The updating of their »whereabouts« in ADAMS (entries and corrections) by the athletes.
  • The localization of the athletes for the next controls by the control staff.

Roles: The athletes and the control staff have been identified with roles relating to the overall system. Another prepared role may be the general public interested in the matter, sponsors, the national and international anti-doping agencies and the International Olympic Committee.
Weaknesses in the current system: The current system should be studied for weaknesses to establish the main requirements for use which must be given due consideration in the project. The standardized ERGONORM questionnaire from the Fraunhofer organization may be used for this purpose.

2.2.1 Context of use analysis

To identify the main requirements for the new application, ISO 9241 requires the context of use on the basis of the concrete tasks of the parties involved to be defined. This can be achieved by means of structured interviews of the relevant roles (athletes and control staff). The result will be a description of the tasks and the specification of the user and organizational requirements which must be taken into consideration.
Ideally the tasks may be described in the form of program process plans (PAPs as described in DIN 66001) to identify both the precise process and the concrete requirements related to them.

2.2.2 Identification of user requirements

The context of use will be taken to identify the user requirements which must be taken into consideration in the selection of the technical solution. Examples of such user requirements include the following:

  • The athlete must be able to identify that the module must be charged,
  • The athlete must be able to charge the module anywhere (”on any socket”).
2.3 Technical requirements

The technical requirements are defined by the WADA requirements for the system and by the context of use analysis.

2.4 Software refinement and process outline

In this phase of the research project the functional requirements will be adjusted using a precise system specification. Special attention will be focussed on the needs of data security and data protection during the implementation, integration and testing of the software and hardware components of the post-alpha generation.

2.5 Production and implementation of the 1st Generation

The subsequent project phase will be concerned with the implementation of the technical and organisational procedure. A limited number of athletes will be equipped with the revised version of the module. In addition a central server will have to be set up and commissioned to satisfy the high security requirements. A procedure will be defined in combination with the institutions involved.

2.6 Evaluation

A one-year evaluation phase should follow the implementation phase. The empirical values obtained could therefore be used in enhancing the software and process. In addition the project success could be reviewed on the basis of the formulated project objectives.