9.6. Privacy
In most of this book we have dealt with protecting “the system” from harm. Our “system” included companies, organizations, governments, and universities; its applications, web pages, infrastructure, computers, and networks; and all its data. “Harm” meant all the threats and threat agents we have studied. Because of the potential for serious harm, we often focused on malicious attacks, for example, by hackers. So the nature of protection has been to safeguard the system.
Now we explore another dimension to information systems security: protecting the individual, nonmalicious user. In particular, we want to investigate the privacy of sensitive data about that user. The user should be protected against the system's misuse of the private ...
Get Security in Computing, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.