Ideal for software engineers new to privacy, this book helps you examine privacy-protective information management architectures and their foundational components—building blocks that you can combine in many ways. Policymakers, academics, students, and advocates unfamiliar with the technical terrain will learn how these tools can help drive policies to maximize privacy protection.
Table of contents
- I. Getting Started
- 1. What Is Privacy?
- 2. Personal Data and Privacy
- 3. Case Studies in Data Collection
- 4. Information Security: Protecting Data from Unauthorized Access
- II. Access and Control: Controlling Authorized Data Access
- 5. Security Architecture
6. Access Controls
- Access-Control Models
- Types of Access
- Managing Access
- Strengths and Weaknesses of Access Control
- Access Controls and the Fair Information Practice Principles (FIPPs)
- When to Use Access Controls
7. Data Revelation
- The Case for Data Revelation
- Requirements of Data Revelation
- Selective Revelation
- Purpose-Driven Revelation
- Scope-Driven Revelation
- Hybrid Revelation and Practical Scoping
- Designing for Data Revelation
- Strengths and Weaknesses of Data Revelation
- Data Revelation and the Fair Information Practice Principles (FIPPs)
- When to Use Data Revelation
- III. Oversight: Holding Users and Systems Accountable
8. Federated Systems
- “Always-On” Federation
- Asynchronous Federation
- Asking Out and Being Asked
- Strengths and Weaknesses of Federated Systems
- Federated Systems and the Fair Information Practice Principles (FIPPs)
- When to Use Federated Architecture
9. Audit Logging
- Why Are Audit Records Important?
- But Auditing Is Easy, Right?
- What Are the Challenges to Effective Auditing and How Do I Meet Them?
- Audit Logging and the Fair Information Practice Principles (FIPPs)
- Advanced Auditing Considerations
10. Data Retention and Data Purging
- What Is Data Retention?
- Why Is Data Retention Important?
- How to Set Retention and Purge Policies
- So You Want to Purge Data. Now What?
- Practical Steps of Data Retention
- Data Retention, Purging, and the FIPPs
- IV. Putting It All Together
- 11. Practical Applications and Use Cases
- 12. Enter the Privacy Engineer
- 13. The Future of Privacy
- Title: The Architecture of Privacy
- Release date: September 2015
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781491904015
You might also like
The Privacy Engineer's Manifesto: Getting from Policy to Code to QA to Value
"It's our thesis that privacy will be an integral part of the next wave in the …
Security and Privacy in Cyber-Physical Systems
Written by a team of experts at the forefront of the cyber-physical systems (CPS) revolution, this …
The Compliance Revolution: How Compliance Needs to Change to Survive
The Compliance Revolution—Practical, Powerful Changes for Strategic Organizational Value Compliance is absolutely critical in creating a …
Assessing vendors is a tricky process. Large and regulated organizations are forced to demonstrate due diligence …