• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/14

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

14 Cards in this Set

  • Front
  • Back
Security and Privacy Problem statement
There is a deep fear about how much information we give to our computer systems.
At the same time, we need more computers and to have those computers networked.
How do we reconcile these competing concerns?
The tradeoffs among Security, Privacy, Accessibility and Interoperability
What ‘privacy’ interests are we protecting?
How to protect them?
Privacy Act and Fair Information Practices
New Challenges to First Generation Principles
Trustworthy Information Systems
How do we create Trustworthy Systems? through risk reduction strategies
tWe creat trustworthy systems hrough risk reduction strategies
Privacy includes
No control…
Erroneous information being used in a legitimate decision affecting you.
Information used against you in illegitimate ways.
The general concern that modern society has intruded too deeply into the “personal sphere”.
How do we protect ourselves
Our first instinct is to…
Restrict the flow and access to information
Game the system
But with some reflection…
Open up systems for accountability
Provide more of certain kinds of information
(metadata to provide systems accountability and not personal accountability
Privacy Act / Fair Information Practices
No secret personal data record-keeping systems
People have the right to access, inspect, review, and amend data about them that is kept in an information system.
No use of personal information for purposes other than those for which it was gathered without prior consent
Managers of systems should be held liable and accountable
New Challenges Since Privacy Act
Technological innovation
No one individual knows the whole system
Blurring of public and private information
Trustworthy Information Systems
New set of principles very similar to the “chain of custody” in handling evidence
Integrity
Reliability
Authenticity
Uses “Risk Reduction Strategy”
Reconciling Two Concerns privacy and access
TIS solves the problem of BOTH those interested in protecting privacy AND those who want access to better information
Aligns these two powerful motivations rather than putting them in opposition
“Recommendation: Information procedures should provide incentives for sharing, to restore a better balance between security and shared knowledge” 9/11
Specific Needs for Law Enforcement
Improve ability to respond to emergencies, including terrorist attacks
Produce comprehensive and practical approaches and solutions to combating threats
Increase officer / deputy safety
How did OLLEISN use TIS?
OLLEISN is an Open System
Based on published and publicly vetted design
OLLEISN extensively uses Metadata - XML
XML attributes were programmatically enforced
Based on a national justice XML reference model (GJXDM)
Logging and Auditing
Use XML to trace handoffs (chain of custody)
Traceability
To prevent “loss” of information
How does OLLESIN use TIS?
Uses Risk Reduction Strategies
Supporting Informal Information Systems
Participation
Prototyping
User-Involvement and End-User Development
Agency-Level Security Policies
Security Governance
Physical Security Systems
Security Checks and Clearances
Firewalls
Passwords and Pins and Biometrics
Configuration Management
Secure Systems Design
How does Ollesin use TIS Uses Risk Reduction Strategies
Supporting Informal Information Systems
Participation
Prototyping
User-Involvement and End-User Development