The SPECIAL Public Challenge is an open call to researchers, ethical hackers, IT professionals and other interested individuals to test and inspect the SPECIAL platform and point out any security vulnerabilities, bugs or flaws in the system or its components. Some familiarity with the technologies we used (OWL, RDF, reasoning engines) is helpful, but not required. There are many ways you can help us.
We are interested in learning about any shortcomings of the SPECIAL platform that could result in a data breach or a violated data usage policy. Examples of such shortcoming include bugs pertaining to authentication/authorization, the APIs or other bugs related to data flows, the logs or log formats, the front-ends, the policy language, etc. The platform can be deployed and tested locally or on any remote server under your control. Additionally, the policy language can be tested outside the platform setup.
We are currently testing the first prototype. There will be more challenges later.
The page ‘SPECIAL public challenge’ contains all the details of how to try out the system and how to report issues (and what you can win!).