Saturday, 21 April 2012

Taxonomy for Privacy in the Information age

My thoughts on Privacy in the Information Age to enable privacy of an individual’s data there must be confidentiality, to ensure only those who have the right to see the information should have access, to do this there must be authentication to prove they are the person with those rights. There has to be access control to ensure the authorised user has the correct access to the data, this will help ensure the integrity of the data. In all transaction there must be nonrepudiation to ensure access can and changes cannot be denied. At all times the data must be availability to ensure the data is available to those who need it only when they need it.

I have taken the tradition computer and information security and twisted them around to put privacy at the centre, surrounded by the factors that are required to protect privacy.

Privacy in the Information Age (c) 2012 G Williams

Privacy -- Ensuring that individuals maintain the right to control what information is collected about them, how it is used, who has used it, who maintains it, and what purpose it is used for
Confidentiality -- Ensuring that information is not accessed by unauthorized persons
Integrity -- Ensuring that information is not altered by unauthorized persons in a way that is not detectable by authorized users. The data also has to be accurate
Authentication -- Ensuring that users are the persons they claim to be
Access control -- Ensuring that users access only those resources and services that they are entitled to access and that qualified users are not denied access to services that they legitimately expect to receive
Nonrepudiation -- Ensuring that the originators of messages cannot deny that they in fact sent the messages
Availability -- Ensuring that a system is operational and functional at a given moment, usually provided through redundancy; loss of availability is often referred to as "denial-of-service"

No comments:

Post a Comment