Protecting Privacy in Information Systems
As heterogeneous information systems with differing privacy rules are interconnected and information is shared, policy appliances will be required to reconcile, enforce and monitor an increasing amount of privacy policy rules (and laws). There are two categories of technology to address privacy protection in commercial IT systems: communication and enforcement.
- Policy Communication
- P3P - The Platform for Privacy Preferences. P3P is a standard for communicating privacy practices and comparing them to the preferences of individuals.
- Policy Enforcement
- XACML - The Extensible Access Control Markup Language together with its Privacy Profile is a standard for expressing privacy policies in a machine-readable language which a software system can use to enforce the policy in enterprise IT systems.
- EPAL - The Enterprise Privacy Authorization Language is very similar to XACML, but is not yet a standard.
- WS-Privacy - "Web Service Privacy" will be a specification for communicating privacy policy in web services. For example, it may specify how privacy policy information can be embedded in the SOAP envelope of a web service message.
- Protecting Privacy on the Internet
On the internet you almost always give away a lot of information about yourself: Unencrypted e-mails can be read by the administrators of the e-mail server, if the connection is not encrypted (no https), and also the internet service provider and other parties sniffing the traffic of that connection are able to know the contents. Furthermore, the same applies to any kind of traffic generated on the internet (webbrowsing, instant messaging, ...) In order not to give away too much personal information, e-mails can be encrypted and browsing of webpages as well as other online activities can be done traceless via anonymizers, or, in cases those are not trusted, by open source distributed anonymizers, so called mix nets. Renowned open-source mix nets are I2P - The Anonymous Network or tor.
Read more about this topic: Information Privacy
Famous quotes containing the words protecting, privacy, information and/or systems:
“America today is capable of terrific intolerance about smoking, or toxic waste that threatens trout. But only a deeply confused society is more concerned about protecting lungs than minds, trout than black women.”
—Garry Wills (b. 1934)
“The East is the hearthside of America. Like any home, therefore, it has the defects of its virtues. Because it is a long-lived-in house, it bursts its seams, is inconvenient, needs constant refurbishing. And some of the family resources have been spent. To attain the privacy that grown-up people find so desirable, Easterners live a harder life than people elsewhere. Today it is we and not the frontiersman who must be rugged to survive.”
—Phyllis McGinley (1905–1978)
“The information links are like nerves that pervade and help to animate the human organism. The sensors and monitors are analogous to the human senses that put us in touch with the world. Data bases correspond to memory; the information processors perform the function of human reasoning and comprehension. Once the postmodern infrastructure is reasonably integrated, it will greatly exceed human intelligence in reach, acuity, capacity, and precision.”
—Albert Borgman, U.S. educator, author. Crossing the Postmodern Divide, ch. 4, University of Chicago Press (1992)
“The only people who treasure systems are those whom the whole truth evades, who want to catch it by the tail. A system is just like truth’s tail, but the truth is like a lizard. It will leave the tail in your hand and escape; it knows that it will soon grow another tail.”
—Ivan Sergeevich Turgenev (1818–1883)