The architecture of privacy on engineering technologies that can deliver trustworthy safeguards
Technology’s influence on privacy not only concerns consumers, political leaders, and advocacy groups, but also the software architects who design new products. In this practical guide, experts in data analytics, software engineering, security, and privacy policy describe how software teams can make...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Beijing, [China] :
O'Reilly
2015.
|
| Edición: | First edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009629717206719 |
Tabla de Contenidos:
- Copyright; Table of Contents; Foreword; Preface; Who Should Read This Book; Why We Wrote This Book; A Word on Privacy and Technology Today; Navigating This Book; Safari® Books Online; How to Contact Us; Acknowledgments; Courtney Bowman; Ari Gesher; John K. Grant; Daniel Slate; Part I. Getting Started; Chapter 1. What Is Privacy?; How to Think About Privacy; Defining Privacy; A Short History of U.S. Informational Privacy; Today; "East Coast" Code and "West Coast" Code; Why Privacy Is Important; Before You Get Started; Chapter 2. Personal Data and Privacy
- Data Collection: Understanding Privacy's First FrontierPolicy Considerations; Implementation Considerations; Conclusion; Chapter 3. Case Studies in Data Collection; Google Street View WiFi: Inadvertent Over-Collection of Data; iPhone Location Database; Conclusion; Chapter 4. Information Security: Protecting Data from Unauthorized Access; InfoSec Best Practices for Privacy-Protected Systems; Further Reading; Conclusion; Part II. Access and Control: Controlling Authorized Data Access; Chapter 5. Security Architecture; Overview; Separating Roles, Separating Powers; Making Roles Secure
- The End UserThe Application Administrator; The System Administrator; The Hardware or Cloud Administrator; The Network Administrator; Conclusion; Chapter 6. Access Controls; Overview; Access-Control Models; Types of Access; Basic Access; Discovery Access; Managing Access; Role-Based Access; Time-Based Access, or Data Leasing; Functional Access; Strengths and Weaknesses of Access Control; Strengths; Weaknesses; Access Controls and the Fair Information Practice Principles (FIPPs); When to Use Access Controls; Conclusion; Chapter 7. Data Revelation; Overview; The Case for Data Revelation
- Requirements of Data RevelationSelective Revelation; Purpose-Driven Revelation; Scope-Driven Revelation; Hybrid Revelation and Practical Scoping; Designing for Data Revelation; Strengths and Weaknesses of Data Revelation; Strengths; Weaknesses; Data Revelation and the Fair Information Practice Principles (FIPPs); When to Use Data Revelation; Conclusion; Part III. Oversight: Holding Users and Systems Accountable; Chapter 8. Federated Systems; Overview; "Always-On" Federation; Asynchronous Federation; Asking Out and Being Asked; Strengths and Weaknesses of Federated Systems; Strengths
- WeaknessesFederated Systems and the Fair Information Practice Principles (FIPPs); When to Use Federated Architecture; Complex Regulatory Regimes; Lack of Trust; PR Imperatives; Conclusion; Chapter 9. Audit Logging; Overview; Why Are Audit Records Important?; But Auditing Is Easy, Right?; What Are the Challenges to Effective Auditing and How Do I Meet Them?; Perspective; Context; Format and Readability; Scale; Retrievability; Security; Access Control; Retention; Audit Logging and the Fair Information Practice Principles (FIPPs); Advanced Auditing Considerations
- Reactive Versus Proactive Auditing
