uniprocess
Ramón Soto Mathiesen
SPISE MISU ApS
rsm ++ uniprocess >>= spisemisu . com

A uniprocess is a stateless piece of software that encapsulates a process, seen from a business perspective, of which it is known at all times what data enter and what data comes out of the process.

The main reason the concept of uniprocesses were conceived, was to provide the possibility to comply with the Directive 95/46/EC, General Data Protection Regulation or just EU GDPR, from a technical point of view. For more information on the EU GDPR, please read the Legislation section of the About tab.

The main goals of this project are:

  1. Ensure that the fundamental rights of EU citizens, which are strengthen by the EU GDPR concerning the protection of natural persons with regard to the processing of personal data and the free circulation of these data, are being enforced in software applications by technical means.

  2. Help institutions, both public and private, to develop applications that comply with the Regulation by technical measures and thus meet goal number 1.

  3. Provide tools to the Authorities, among others the EU Data Protection Agencies, to corroborate that the created applications, see goal number 2, comply with the Regulation from a technical point-of-view.

The following analogy will showcase what problems are being solved:

In Denmark it is allowed to drive scooters on the bike lane. A requirement is that the speed limit does not exceed 45 km/h for the scooters. All companies that sell scooters in Denmark limit the engine to ensure that they do not exceed that speed (technical measure). If this were not the case, the Danish authorities could fine, very heavily, brands that don’t comply with the law. For officials, in this case the police, it is very easy to inspect if the scooter complies with the law or not, since they have in the trunk of their vehicles a speedometer (another technical measure).

And this is where the concept of uniprocess enter the scene. Using this concept, we can help brands ensure that their applications do not exceed the speed limit while providing tools to the relevant authorities to ensure that the law is followed.

# Talks

# foss-north 2019 (Chalmers, Göteborg, Sweden)

# BornHack 2019 (Gelsted, Funen, Denmark)

# Basics

# Isolation of side-effects

# Reproducible builds

By having a unique hash for both binaries as well as the distributed container it would be trivial to convince Authorities, performing the audits, that the running software actually maps directly to the code base.

# Communication

# Security

# Incoming

# Outgoing

# Data

# Documentation