I have taken the tradition computer and information security and twisted them around to put privacy at the centre, surrounded by the factors that are required to protect privacy.
Privacy in the Information Age (c) 2012 G Williams |
Privacy -- Ensuring that individuals maintain the right to control what information is collected about them, how it is used, who has used it, who maintains it, and what purpose it is used for
Confidentiality -- Ensuring that information is not accessed by unauthorized persons
Integrity -- Ensuring that information is not altered by unauthorized persons in a way that is not detectable by authorized users. The data also has to be accurate
Authentication -- Ensuring that users are the persons they claim to be
Access control -- Ensuring that users access only those resources and services that they are entitled to access and that qualified users are not denied access to services that they legitimately expect to receive
Nonrepudiation -- Ensuring that the originators of messages cannot deny that they in fact sent the messages
Availability -- Ensuring that a system is operational and functional at a given moment, usually provided through redundancy; loss of availability is often referred to as "denial-of-service"
No comments:
Post a Comment