Index
A
- access control lists (ACLs), Role-Based Access
- access controls, Overview-Conclusion
- and FIPPs, Access Controls and the Fair Information Practice Principles (FIPPs)
- audit logging, Access Control
- basic access, Basic Access
- discovery access, Discovery Access
- for nondeletion purging, Access controls
- functional access, Functional Access
- managing access with, Managing Access-Functional Access
- models for, Access-Control Models-Access-Control Models
- overview, Overview
- role-based access, Role-Based Access
- security architecture, Overview-Conclusion
- strengths, Strengths
- time-based access, Time-Based Access, or Data Leasing
- types of, Types of Access-Discovery Access
- weaknesses, Weaknesses
- when to use, When to Use Access Controls-When to Use Access Controls
- Adams, A.A., The “Death” of Privacy
- Advisory Committee on Automated Personal Data Systems, A Short History of U.S. Informational Privacy
- aggregate statistics, Anonymization
- Allen, Alasdair, iPhone Location Database
- ALPRs (see automated license plate readers)
- Amsterdam Privacy Conference, Avoiding Privacy Tunnel Vision
- Android, iPhone vs., iPhone Location Database
- anonymization, Anonymization-Anonymization, Anonymization Under Siege
- Apple, Policy Considerations
- Apple iPhone (see iPhone)
- application administrator, securing role of, The Application Administrator-The Application Administrator
- archiving, as nondeletion purging, Archiving
- asynchronous federation, Asynchronous Federation
- audit logging, Overview-Conclusion
- access control, Access Control
- advanced auditing considerations, Reactive Versus Proactive Auditing
- and contextual clues, Context
- and FIPPs, Audit Logging and the Fair Information Practice Principles (FIPPs)
- auditing the auditors, Audit the Auditors
- characteristics of effective system, What Are the Challenges to Effective Auditing and How Do I Meet Them?-Retention
- emergency stop for audit-log failures, Emergency Stop for Audit-Log Failures
- format and readability, Format and Readability
- importance of, Why Are Audit Records Important?
- overview, Overview
- perspectives supported by, Perspective
- reactive vs. proactive auditing, Reactive Versus Proactive Auditing
- retention, Retention
- retrievability, Retrievability-Retrievability
- scale issues, Scale
- security for, Security-Security
- technical and strategic design issues, But Auditing Is Easy, Right?
- Australian Privacy Act, A Short History of U.S. Informational Privacy
- automated license plate readers (ALPRs), Policy Considerations, Time-Based Access, or Data Leasing, Use Case #3: Automated License Plate Readers (ALPR)-Use Case #3: Automated License Plate Readers (ALPR)
B
- basic access, Basic Access
- Big Data (Mayer-Schonberger and Cukier), The Destiny of Data
- Big Data and Innovation, Setting the Record Straight: De-identification Does Work (Cavoukian and Castro), Anonymization Under Siege
- Brandeis, Louis, A Short History of U.S. Informational Privacy-A Short History of U.S. Informational Privacy, Expect the Unexpected
- bricking, Deletion-by-encryption
- Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization (Ohm), Before You Get Started, Anonymization, Anonymization Under Siege
C
- case studies
- Castro, Daniel, Anonymization Under Siege
- Cavoukian, Ann, Anonymization Under Siege
- cell-level security, Access-Control Models
- Chef, Separating Roles, Separating Powers
- Church Committee, Today
- ciphertext, Policy Considerations
- cloud architectures, The Hardware or Cloud Administrator
- Cohen, Julie E., What Is Privacy?, Expect the Unexpected
- collection-level security, Access-Control Models
- Computers, Privacy, and Data Protection Conference, Avoiding Privacy Tunnel Vision
- conferences, privacy, Avoiding Privacy Tunnel Vision
- Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation (Humble and Farley), The Application Administrator
- control, consumer, Greater Transparency and Control
- Crump, Catherine, Use Case #3: Automated License Plate Readers (ALPR)
- Crypto-Gram (newsletter), Further Reading
- cryptographic disk erasure, Deletion-by-encryption
- cryptographic hash-chaining, Security-Security
- cryptographic signature, Security
- Cukier, Kenneth, Today, The Destiny of Data
- customer support, privacy engineers role in, The Role of the Privacy Engineer
D
- dangling references, Archiving
- data collection
- data leasing (time-based access), Time-Based Access, or Data Leasing, Data leasing
- data minimization, Data Retention, Purging, and the FIPPs
- Data Protection Directive, Legal Reform
- data purging, So You Want to Purge Data. Now What?-Physical hardware destruction
- access controls for, Access controls
- anonymization, Anonymization-Anonymization
- archiving, Archiving
- data leasing, Data leasing
- deletion purging, Deletion Purging (or Gradations of Gone)-Physical hardware destruction
- deletion-by-encryption, Deletion-by-encryption
- designing deletes, Designing Deletes
- FIPPs and, Data Retention, Purging, and the FIPPs
- hard delete, Hard delete
- nondeletion purging, Nondeletion Purging (or Not-Quite-Gone)-Archiving
- options for, So You Want to Purge Data. Now What?-Physical hardware destruction
- partial redaction, Partial redaction
- physical hardware destruction, Physical hardware destruction
- scheduling of, Designing Deletes
- setting policies for, How to Set Retention and Purge Policies-How to Set Retention and Purge Policies
- soft deletion, Soft deletion
- data retention, Overview-How to Set Retention and Purge Policies, Practical Steps of Data Retention-Data Retention, Purging, and the FIPPs
- data revelation, Overview-Conclusion
- and FIPPs, Data Revelation and the Fair Information Practice Principles (FIPPs)
- designing for, Designing for Data Revelation
- hybrid revelation, Hybrid Revelation and Practical Scoping
- overview, Overview
- practical scoping, Hybrid Revelation and Practical Scoping
- purpose-driven revelation, Purpose-Driven Revelation
- reasons for, The Case for Data Revelation
- requirements of, Requirements of Data Revelation
- scope-driven revelation, Scope-Driven Revelation
- selective revelation, Selective Revelation
- strengths, Strengths
- weaknesses, Weaknesses
- when to use, When to Use Data Revelation
- datafication, Today, The Destiny of Data
- death of privacy, The “Death” of Privacy-The “Death” of Privacy
- decisional privacy, Defining Privacy
- degaussing, Physical hardware destruction
- degrees of separation scope, Scope-Driven Revelation
- deletion
- deletion purging, Deletion Purging (or Gradations of Gone)-Physical hardware destruction
- deletion-by-encryption, Deletion-by-encryption
- denial-of-service (DOS) attacks, The Network Administrator
- Department of Health, Education, and Welfare (HEW), A Short History of U.S. Informational Privacy
- design
- destruction of physical hardware, Physical hardware destruction
- differential privacy, Anonymization
- discovery access, Discovery Access
- distribution strategy, privacy engineers role in, The Role of the Privacy Engineer
- DOS (denial-of-service) attacks, The Network Administrator
- Duhigg, Charles, Use Case #1: Social Media Analysis
- Duo Security, InfoSec Best Practices for Privacy-Protected Systems
- Durkin, Dennis, The Role of the Privacy Engineer
- duties, of IT administrators
E
- "East Coast Code" (see legal issues)
- Electronic Authentication Guideline, Further Reading
- Electronic Communications Privacy Act (ECPA), Today
- electronic library card catalog system, Access-Control Models
- electronic medical record (EMR) system, Access-Control Models
- encrypting network traffic, InfoSec Best Practices for Privacy-Protected Systems
- encryption, deletion by, Deletion-by-encryption
- encryption-at-rest, InfoSec Best Practices for Privacy-Protected Systems
- end user, securing role of, The End User
- European Convention on Human Rights, Defining Privacy
- European Union Data Protection Directive, A Short History of U.S. Informational Privacy
F
- Facebook, A Short History of U.S. Informational Privacy, Why Privacy Is Important
- Fair Information Practice Principles (FIPPs), A Short History of U.S. Informational Privacy
- access controls and, Access Controls and the Fair Information Practice Principles (FIPPs)
- audit logging and, Audit Logging and the Fair Information Practice Principles (FIPPs)
- data purging and, Data Retention, Purging, and the FIPPs
- data retention and, Data Retention, Purging, and the FIPPs
- data revelation and, Data Revelation and the Fair Information Practice Principles (FIPPs)
- federated systems and, Federated Systems and the Fair Information Practice Principles (FIPPs)
- Farley, David, The Application Administrator
- Federal Trade Commission, U.S. (FTC), Today
- federated source, Asking Out and Being Asked
- federated systems, Overview-Conclusion
- always-on federation, “Always-On” Federation
- and complex regulatory regimes, Complex Regulatory Regimes
- and FIPPs, Federated Systems and the Fair Information Practice Principles (FIPPs)
- and PR imperatives, PR Imperatives
- asynchronous federation, Asynchronous Federation
- federated source, Asking Out and Being Asked
- overview, Overview
- shared federated search server, Asking Out and Being Asked
- weaknesses, Weaknesses
- when to use, When to Use Federated Architecture-PR Imperatives
- with untrusted users, Lack of Trust
- FIPPs (see Fair Information Practice Principles)
- Foreign Intelligence Surveillance (FISA) Court, Today
- FTC (U.S. Federal Trade Commission), Today
- functional access, Functional Access
- future of privacy, The Future of Privacy-Expect the Unexpected
G
- Garfinkel, Simson L., Physical hardware destruction
- Gaydar: Facebook Friendships Expose Sexual Orientation (Jernigan and Mistree), Use Case #1: Social Media Analysis
- General Data Protection Regulation, Legal Reform
- geo-fences, Scope-Driven Revelation
- geolocational data, “East Coast” Code and “West Coast” Code
- Gmail, Policy Considerations
- Google, Why Privacy Is Important, Policy Considerations
- Google Android, iPhone vs., iPhone Location Database
- Google Authenticator, InfoSec Best Practices for Privacy-Protected Systems
- Google Street View data collection case study, Google Street View WiFi: Inadvertent Over-Collection of Data
- Griswold v. Connecticut (court case), Defining Privacy
- Guardian, The, Today
- Guide to Storage Encryption Technologies for End User Devices (NIST), Further Reading
H
- hard delete, Hard delete
- hardware administrator, securing role of, The Hardware or Cloud Administrator
- hardware destruction, Physical hardware destruction
- hardware security module (HSM), The System Administrator, Security
- Hartford Courant, A Short History of U.S. Informational Privacy
- Harvard Law Review, A Short History of U.S. Informational Privacy-A Short History of U.S. Informational Privacy
- hash-based message authentication code (HMAC), Security
- health clinic patient record system, Access-Control Models
- Hesse, Hermann, Overview
- HEW (U.S. Department of Health, Education, and Welfare), A Short History of U.S. Informational Privacy
- hidden service protocol, Use Case #2: Secure Messaging
- history of U.S. informational privacy, A Short History of U.S. Informational Privacy-A Short History of U.S. Informational Privacy
- HMAC (hash-based message authentication code), Security
- homomorphic encryption, Policy Considerations-Policy Considerations
- How Companies Learn Your Secrets (New York Times Magazine article), Use Case #1: Social Media Analysis
- How to Break into Security (Krebs), Further Reading
- HSM (hardware security module), The System Administrator, Security
- Humble, Jez, The Application Administrator
- hybrid revelation, Hybrid Revelation and Practical Scoping
I
- identifiable information data sets, Anonymization Under Siege
- iMessage, Policy Considerations
- influencers, Use Case #1: Social Media Analysis
- Information Practice Principles, Legal Reform
- information security (InfoSec), Information Security: Protecting Data from Unauthorized Access-Conclusion, InfoSec Best Practices for Privacy-Protected Systems
- Information Technology Rules (India), A Short History of U.S. Informational Privacy
- informational privacy
- Instagram, A Short History of U.S. Informational Privacy
- intelligence analysis system, Access-Control Models
- International Conference of Data Protection and Privacy Commissioners, Avoiding Privacy Tunnel Vision
- International Information Security and Privacy Conference, Avoiding Privacy Tunnel Vision
- IP addresses, re-identification via, Use Case #2: Secure Messaging
- iPhone
- IT administrators
M
- magnetic data deletion, Physical hardware destruction
- marking for deletion, Practical Steps of Data Retention-Practical Steps of Data Retention
- master key management systems, The System Administrator
- Mayer-Schonberger, Viktor, Today, The Destiny of Data
- McNealy, Scott, The “Death” of Privacy
- metadata, Access-Control Models
- Mistree, Behram F. T., Use Case #1: Social Media Analysis
- Morgan, Jacob, The “Death” of Privacy
P
- partial redaction, Partial redaction
- personal data, Personal Data and Privacy-Conclusion
- personally identified or identifiable (PII) data, Before You Get Started, Policy Considerations
- physical hardware destruction, Physical hardware destruction
- Police Documents of License Plate Scanners Reveal Mass Tracking (Crump), Use Case #3: Automated License Plate Readers (ALPR)
- practical applications, Practical Applications and Use Cases-Conclusion
- practical scoping (data revelation), Hybrid Revelation and Practical Scoping
- privacy
- privacy adversaries, Use Case #2: Secure Messaging
- privacy conferences, Avoiding Privacy Tunnel Vision
- privacy engineers, Enter the Privacy Engineer-Conclusion
- Privacy Enhancing Technologies Symposium, Avoiding Privacy Tunnel Vision
- Privacy Law Scholars Conference, Avoiding Privacy Tunnel Vision
- privacy tunnel vision, avoiding, Avoiding Privacy Tunnel Vision
- privacy-protected systems, InfoSec best practices for, InfoSec Best Practices for Privacy-Protected Systems
- proactive auditing, Reactive Versus Proactive Auditing
- proportionality, Policy Considerations
- Puppet, Separating Roles, Separating Powers
- purging (see data purging)
- Purpose Specification, Audit Logging and the Fair Information Practice Principles (FIPPs)
- purpose-driven revelation, Purpose-Driven Revelation
R
- re-identification, Policy Considerations, Anonymization Under Siege
- reactive auditing, Reactive Versus Proactive Auditing
- read access, Basic Access
- reasonable expectation of privacy, A Short History of U.S. Informational Privacy
- record-level security, Access-Control Models
- Records, Computers and the Rights of Citizens (Secretary’s Advisory Committee on Automated Personal Data Systems), A Short History of U.S. Informational Privacy
- referential integrity, Archiving
- regulation, federated systems and, Complex Regulatory Regimes
- Remembrance of Data Passed: A Study of Disk Sanitization Practices (Garfinkel and Shelat), Physical hardware destruction
- retention of data (see data retention)
- retrievable audit trails, Retrievability
- revelation of data (see data revelation)
- Richardson, Elliot Lee, A Short History of U.S. Informational Privacy
- right to privacy, Defining Privacy
- Right to Privacy, The (Warren and Brandeis), A Short History of U.S. Informational Privacy-A Short History of U.S. Informational Privacy
- right-to-know information, Overview
- role-based access, Role-Based Access
- roles, of IT administrators
- root access, The System Administrator
- RSA, Policy Considerations
S
- SANS Institute, Further Reading
- scheduling of purging events, Designing Deletes
- Schneier, Bruce, Further Reading
- scope-driven revelation, Scope-Driven Revelation
- Secrets & Lies (Schneier), Further Reading
- secure messaging (use case), Use Case #2: Secure Messaging-Use Case #2: Secure Messaging
- security, Data Retention, Purging, and the FIPPs
- security architecture, Overview-Conclusion
- and application administrator, The Application Administrator-The Application Administrator
- and end user, The End User
- and hardware administrator, The Hardware or Cloud Administrator
- and network administrator, The Network Administrator
- and system administrator, The System Administrator-The System Administrator
- making roles secure, Making Roles Secure-The Network Administrator
- overview, Overview
- separation of roles/duties, Separating Roles, Separating Powers-Separating Roles, Separating Powers
- selective revelation, Selective Revelation
- Seltzer, Margo, The “Death” of Privacy
- separation of roles/duties, Separating Roles, Separating Powers-Separating Roles, Separating Powers
- shared federated search server, Asking Out and Being Asked
- Shelat, Abhi, Physical hardware destruction
- signatures, Security
- Simple Demographics Often Identify People (Carnegie Mellon University, Data Privacy Working Paper), Anonymization Under Siege
- Singaporean Personal Data Protection Bill, A Short History of U.S. Informational Privacy
- small-scale hard deletions, Hard delete
- smartphones, Today
- Snapchat, A Short History of U.S. Informational Privacy
- Snowden, Edward, Today
- social media analysis (use case), Use Case #1: Social Media Analysis-Use Case #1: Social Media Analysis
- social network analysis (SNA), Use Case #2: Secure Messaging
- Solove, Daniel, Defining Privacy
- spatial scope, Scope-Driven Revelation
- sub-cell-level security, Access-Control Models
- superuser access, The System Administrator
- Supreme Court, U.S., Defining Privacy, A Short History of U.S. Informational Privacy, Today, “East Coast” Code and “West Coast” Code, Privacy in Plain Sight
- Sweeney, Latanya, Anonymization Under Siege
- Symposium on Usable Privacy and Security (SOUPS), Avoiding Privacy Tunnel Vision
- system (term), Overview
- system administrators, securing role of, The System Administrator-The System Administrator
- system-level security, Access-Control Models
T
- tamper-evident logs, Security, Security
- tamper-proof logs, Security
- technology issues
- temporal scope, Scope-Driven Revelation
- time-based access (data leasing), Time-Based Access, or Data Leasing, Data leasing
- timestamp service, Security
- Tivo, The Role of the Privacy Engineer
- transparency, future of privacy and, Greater Transparency and Control
- trust, federated systems and, Lack of Trust
- Twitter, The Destiny of Data
- two-factor authentication, InfoSec Best Practices for Privacy-Protected Systems
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.