What is this PAS about?
The underlying premise of smart cities is that with more data and information, services and provision for citizens can be enhanced. At the same time, though, the increased use of and dependence on information technologies creates significant vulnerabilities and security issues. It means a new security minded approach needs to be developed. This PAS has been created to answer that need.
Who is this PAS for?
Why should you use this PAS?
If the smart city is to gain and maintain the trust of its citizens, it needs to respond to increasing citizen awareness and potential concerns about how their personal data is being used, and to put in place mechanisms that prevent the potential abuse of their trust.
This PAS therefore supplies a framework that enables the development of an overall security strategy for the handling, management and sharing of data and information. This framework can be used to inform and guide the development and delivery of smart city projects and the subsequent operation, delivery, evolution and disposal of assets and services.
The security-minded approach specified in this PAS covers all aspects of security relating to smart cities. It covers aspects of the environment of the smart city, including: scale, organizational complexity, complex service delivery and ownership of smart city infrastructure, response to incidents, events, changing risk levels and extent of autonomy
It covers technological aspects relating to the secure delivery of services, including: safety, authenticity, availability (including reliability), confidentiality, integrity, possession, resilience and utility.
This framework can be used to create and cultivate an appropriate, risk-based safety and security mind-set and culture across the many organizations, services and individuals which use shared, disclosed and derived data, and includes the need to monitor and audit compliance.