Enviar búsqueda
Cargar
Ch. 12 FIT5, CIS 110 13F
•
0 recomendaciones
•
985 vistas
M
mh-108
Seguir
Presentation slides from Ch. 12, Fluency w/ Information Technology 5ed (Pearson)
Leer menos
Leer más
Educación
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 55
Descargar ahora
Descargar para leer sin conexión
Recomendados
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010
mleyden
Legal issues, Jordan Hatcher, opencontentlawyer
Legal issues, Jordan Hatcher, opencontentlawyer
jiscpowr
Data_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UK
Sally Hunt
[Privacy Webinar Slides] Global Enforcement Priorities
[Privacy Webinar Slides] Global Enforcement Priorities
TrustArc
Gdpr and usa data privacy issues
Gdpr and usa data privacy issues
Stefan Schippers
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy Shield
Parsons Behle & Latimer
Evaluating web sites
Evaluating web sites
ewaszolek
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTe
TrustArc
Recomendados
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010
mleyden
Legal issues, Jordan Hatcher, opencontentlawyer
Legal issues, Jordan Hatcher, opencontentlawyer
jiscpowr
Data_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UK
Sally Hunt
[Privacy Webinar Slides] Global Enforcement Priorities
[Privacy Webinar Slides] Global Enforcement Priorities
TrustArc
Gdpr and usa data privacy issues
Gdpr and usa data privacy issues
Stefan Schippers
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy Shield
Parsons Behle & Latimer
Evaluating web sites
Evaluating web sites
ewaszolek
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTe
TrustArc
Ch. 17 FIT5, CIS 110 13F
Ch. 17 FIT5, CIS 110 13F
mh-108
Rtdna facebook 082313_final
Rtdna facebook 082313_final
Donna Petersen
Ch. 8 FIT5, CIS 110 13F
Ch. 8 FIT5, CIS 110 13F
mh-108
2484615
2484615
Aqsa Khan
Rac lecture 5
Rac lecture 5
Apoorv Pandey
Paccific Agro Lucknow Pvt Ltd.
Paccific Agro Lucknow Pvt Ltd.
promptinfotech
The function of the heart
The function of the heart
Louise Crocombe
Manpower || Paccific Agro Lucknow Pvt Ltd.
Manpower || Paccific Agro Lucknow Pvt Ltd.
promptinfotech
Naina gupta ; compensation plan in indian airways
Naina gupta ; compensation plan in indian airways
Naina Gupta
Eligibility Criteria for Agri Consultants
Eligibility Criteria for Agri Consultants
promptinfotech
Direct marketing of agriculture produce Training Program at Barabanki
Direct marketing of agriculture produce Training Program at Barabanki
promptinfotech
Lawrence house funds
Lawrence house funds
housefunds57
TAR Lazio: il Ministro dell'Interno ed il Prefetto non possono annullare le t...
TAR Lazio: il Ministro dell'Interno ed il Prefetto non possono annullare le t...
Mario Di Carlo
Разумное потребление тепла.
Разумное потребление тепла.
Yuliya Kyamileva
Ch. 1 HTML5, CIS 110 13F
Ch. 1 HTML5, CIS 110 13F
mh-108
Ch. 2 HTML5, CIS 110 13F
Ch. 2 HTML5, CIS 110 13F
mh-108
Rac lecture 4
Rac lecture 4
Apoorv Pandey
Осознанное потребление.
Осознанное потребление.
Yuliya Kyamileva
Ch. 4 FIT5, CIS 110 13F
Ch. 4 FIT5, CIS 110 13F
mh-108
Layer session
Layer session
Herdi Fauzi
Privacy & Data Ethics
Privacy & Data Ethics
Erik Kokkonen
Data Property Rights (Rocky Mountain IP and Technology Institute 2013) (May 2...
Data Property Rights (Rocky Mountain IP and Technology Institute 2013) (May 2...
Jason Haislmaier
Más contenido relacionado
Destacado
Ch. 17 FIT5, CIS 110 13F
Ch. 17 FIT5, CIS 110 13F
mh-108
Rtdna facebook 082313_final
Rtdna facebook 082313_final
Donna Petersen
Ch. 8 FIT5, CIS 110 13F
Ch. 8 FIT5, CIS 110 13F
mh-108
2484615
2484615
Aqsa Khan
Rac lecture 5
Rac lecture 5
Apoorv Pandey
Paccific Agro Lucknow Pvt Ltd.
Paccific Agro Lucknow Pvt Ltd.
promptinfotech
The function of the heart
The function of the heart
Louise Crocombe
Manpower || Paccific Agro Lucknow Pvt Ltd.
Manpower || Paccific Agro Lucknow Pvt Ltd.
promptinfotech
Naina gupta ; compensation plan in indian airways
Naina gupta ; compensation plan in indian airways
Naina Gupta
Eligibility Criteria for Agri Consultants
Eligibility Criteria for Agri Consultants
promptinfotech
Direct marketing of agriculture produce Training Program at Barabanki
Direct marketing of agriculture produce Training Program at Barabanki
promptinfotech
Lawrence house funds
Lawrence house funds
housefunds57
TAR Lazio: il Ministro dell'Interno ed il Prefetto non possono annullare le t...
TAR Lazio: il Ministro dell'Interno ed il Prefetto non possono annullare le t...
Mario Di Carlo
Разумное потребление тепла.
Разумное потребление тепла.
Yuliya Kyamileva
Ch. 1 HTML5, CIS 110 13F
Ch. 1 HTML5, CIS 110 13F
mh-108
Ch. 2 HTML5, CIS 110 13F
Ch. 2 HTML5, CIS 110 13F
mh-108
Rac lecture 4
Rac lecture 4
Apoorv Pandey
Осознанное потребление.
Осознанное потребление.
Yuliya Kyamileva
Ch. 4 FIT5, CIS 110 13F
Ch. 4 FIT5, CIS 110 13F
mh-108
Layer session
Layer session
Herdi Fauzi
Destacado
(20)
Ch. 17 FIT5, CIS 110 13F
Ch. 17 FIT5, CIS 110 13F
Rtdna facebook 082313_final
Rtdna facebook 082313_final
Ch. 8 FIT5, CIS 110 13F
Ch. 8 FIT5, CIS 110 13F
2484615
2484615
Rac lecture 5
Rac lecture 5
Paccific Agro Lucknow Pvt Ltd.
Paccific Agro Lucknow Pvt Ltd.
The function of the heart
The function of the heart
Manpower || Paccific Agro Lucknow Pvt Ltd.
Manpower || Paccific Agro Lucknow Pvt Ltd.
Naina gupta ; compensation plan in indian airways
Naina gupta ; compensation plan in indian airways
Eligibility Criteria for Agri Consultants
Eligibility Criteria for Agri Consultants
Direct marketing of agriculture produce Training Program at Barabanki
Direct marketing of agriculture produce Training Program at Barabanki
Lawrence house funds
Lawrence house funds
TAR Lazio: il Ministro dell'Interno ed il Prefetto non possono annullare le t...
TAR Lazio: il Ministro dell'Interno ed il Prefetto non possono annullare le t...
Разумное потребление тепла.
Разумное потребление тепла.
Ch. 1 HTML5, CIS 110 13F
Ch. 1 HTML5, CIS 110 13F
Ch. 2 HTML5, CIS 110 13F
Ch. 2 HTML5, CIS 110 13F
Rac lecture 4
Rac lecture 4
Осознанное потребление.
Осознанное потребление.
Ch. 4 FIT5, CIS 110 13F
Ch. 4 FIT5, CIS 110 13F
Layer session
Layer session
Similar a Ch. 12 FIT5, CIS 110 13F
Privacy & Data Ethics
Privacy & Data Ethics
Erik Kokkonen
Data Property Rights (Rocky Mountain IP and Technology Institute 2013) (May 2...
Data Property Rights (Rocky Mountain IP and Technology Institute 2013) (May 2...
Jason Haislmaier
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
gppcpa
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Alan McSweeney
9 Privacy Clauses for a Landing Page
9 Privacy Clauses for a Landing Page
termsfeed
4514611.ppt
4514611.ppt
ssusera4419c
Data protection For CYP Organisations
Data protection For CYP Organisations
Cliff Ashcroft
A4 presentation
A4 presentation
Sunny Sandhu
6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx
6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx
evonnehoggarth79783
Introduction to EU General Data Protection Regulation: Planning, Implementat...
Introduction to EU General Data Protection Regulation: Planning, Implementat...
Financial Poise
TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc
Chapter 8
Chapter 8
Nada G.Youssef
The Interwoven Complexities of Social Media, Privacy and Data Security
The Interwoven Complexities of Social Media, Privacy and Data Security
Armstrong Teasdale
Ethics in Data Management.pptx
Ethics in Data Management.pptx
Ravindra Babu
Data, Data Wherever.pptx
Data, Data Wherever.pptx
MenchBroqz1
Confidentiality
Confidentiality
izzati masturah
Trending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted Marketing
cdasLLP
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
FLUZO
Get you and your business GDPR ready
Get you and your business GDPR ready
Harrison Clark Rickerbys
Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)
Jason Haislmaier
Similar a Ch. 12 FIT5, CIS 110 13F
(20)
Privacy & Data Ethics
Privacy & Data Ethics
Data Property Rights (Rocky Mountain IP and Technology Institute 2013) (May 2...
Data Property Rights (Rocky Mountain IP and Technology Institute 2013) (May 2...
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
9 Privacy Clauses for a Landing Page
9 Privacy Clauses for a Landing Page
4514611.ppt
4514611.ppt
Data protection For CYP Organisations
Data protection For CYP Organisations
A4 presentation
A4 presentation
6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx
6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx
Introduction to EU General Data Protection Regulation: Planning, Implementat...
Introduction to EU General Data Protection Regulation: Planning, Implementat...
TrustArc Webinar: Challenges & Risks Of Data Graveyards
TrustArc Webinar: Challenges & Risks Of Data Graveyards
Chapter 8
Chapter 8
The Interwoven Complexities of Social Media, Privacy and Data Security
The Interwoven Complexities of Social Media, Privacy and Data Security
Ethics in Data Management.pptx
Ethics in Data Management.pptx
Data, Data Wherever.pptx
Data, Data Wherever.pptx
Confidentiality
Confidentiality
Trending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted Marketing
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
Get you and your business GDPR ready
Get you and your business GDPR ready
Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)
Más de mh-108
Ch. 16 Database Case Study: XML/XSLT
Ch. 16 Database Case Study: XML/XSLT
mh-108
Ch. 15 FIT5, CIS 110 13F
Ch. 15 FIT5, CIS 110 13F
mh-108
Ch. 10 FIT5, CIS 110 13F
Ch. 10 FIT5, CIS 110 13F
mh-108
Ch. 7 FIT5, CIS 110 13F
Ch. 7 FIT5, CIS 110 13F
mh-108
Ch. 3 HTML5, CIS 110 13F
Ch. 3 HTML5, CIS 110 13F
mh-108
Ch. 3 FIT5, CIS 110 13F
Ch. 3 FIT5, CIS 110 13F
mh-108
FIT5 Ch. 5, CIS 110 13F
FIT5 Ch. 5, CIS 110 13F
mh-108
Más de mh-108
(7)
Ch. 16 Database Case Study: XML/XSLT
Ch. 16 Database Case Study: XML/XSLT
Ch. 15 FIT5, CIS 110 13F
Ch. 15 FIT5, CIS 110 13F
Ch. 10 FIT5, CIS 110 13F
Ch. 10 FIT5, CIS 110 13F
Ch. 7 FIT5, CIS 110 13F
Ch. 7 FIT5, CIS 110 13F
Ch. 3 HTML5, CIS 110 13F
Ch. 3 HTML5, CIS 110 13F
Ch. 3 FIT5, CIS 110 13F
Ch. 3 FIT5, CIS 110 13F
FIT5 Ch. 5, CIS 110 13F
FIT5 Ch. 5, CIS 110 13F
Último
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
lancelewisportillo
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
Celine George
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
VanesaIglesias10
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
TechSoup
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
Patidar M
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Carlos105
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
YousafMalik24
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
Humphrey A Beña
Food processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture hons
ManeerUddin
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.ppt
shraddhaparab530
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
MIPLM
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
JoshuaGantuangco2
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
Conquiztadors- the Quiz Society of Sri Venkateswara College
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
KayeClaireEstoconing
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
mary850239
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
Rosabel UA
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
Conquiztadors- the Quiz Society of Sri Venkateswara College
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
Seán Kennedy
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
mary850239
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
Sabitha Banu
Último
(20)
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
Food processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture hons
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.ppt
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
Ch. 12 FIT5, CIS 110 13F
1.
Chapter 12 Privacy and
Digital Security Friday, December 6, 13
2.
Information Privacy &
Security Learning Objectives • Privacy: safeguards for Personally Identifying Information (PII) & Personal Identifiers (PIDs) • OECD Fair Information Practices (FIPs) • U.S. privacy: Opt-in/Opt-out, compliance/enforcement • Computer Security • public key cryptosystems (PKCs) Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
3.
Privacy: Whose Information
Is It? • Buying a product at a store generates a transaction, which produces information. • If you do this online, you supply even more PII • Even if you don’t “sign in”, your browser reveals information about you Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
4.
How Can the
Information Be Used? • Transaction information – normal part of business – information belongs to the store • based on your purchases – store sends you ads for other items, – standard business practice Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
5.
Controlling the Use
of Information • Who controls transaction information? 1. No Uses. The information ought to be deleted when the store is finished with it. 2. Approval or Opt-in. The store can use it for other purposes, but only if you approve. 3. Objection or Opt-out. The store can use it for other purposes, but not if you object. 4. No Limits. The information can be used any way the store chooses. Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
6.
Controlling the Use
of Information 5. Internal Use. – store can use the information to conduct business with you, but for no other use – It would not include giving or selling your information to another person or business – may not require your approval Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
7.
Controlling the Use
of Information • Outside the US the law and standards would place it between (1) and (2), but very close to (1). • In the US, the law and standards would place it between (3) and (4), but very close to (4) Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
8.
A Privacy Definition •
Privacy: The right of people to choose freely under what circumstances and to what extent they will reveal personally identifying information to others. Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
9.
Fair Information Practices •
There must be clear guidelines adopted for handling private information: -> Fair Information Practices (FIPs). Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
10.
OECD Fair Information
Practices • 1980: the Organization for Economic Cooperation & Development (OECD) developed an 8-point list of privacy principles => became known as the Fair Information Practices => now, widely accepted standard Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
11.
OECD Fair Information
Practices • The public has an interest in these principles becoming law • The principles also give a standard that businesses and governments can meet as a “due diligence test” for protecting citizens’ rights of privacy Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
12.
OECD Fair Information
Practices An important aspect of the OECD principles is the concept that – a data controller: (the person or office setting the policies) – must interact with individuals about their information – must be accountable for those policies Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
13.
OECD’s Fair Information
Practices • The standard eight-point list of privacy principles. – – – – – – – – Limited Collection Principle Quality Principle Purpose Principle Use Limitation Principle Security Principle Openness Principle Participation Principle Accountability Principle Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13 13
14.
Copyright © 2013
Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
15.
Privacy Worldwide • Privacy
is not enjoyed in much of the world at the OECD standard • Privacy often comes in conflict with private or governmental interests: – Example, the United States has not adopted the OECD principles, because many U.S. companies profit by buying and using information in ways that are inconsistent with the OECD principles Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
16.
Privacy Worldwide • Many
non-EU countries have also adopted laws based on OECD principles – One provision in the EU Directive requires that data about EU citizens be protected by the standards of the law even when it leaves their country Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
17.
U.S. Privacy Laws •
The US failure to meet the requirements of the EU Directive concerns information stored by businesses Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
18.
U.S. Privacy Laws •
US Sectoral Laws and Privacy: – Electronic Communication Privacy Act (‘86) – Telephone Consumer Protection Act of (‘91) – Driver’s Privacy Protection Act (’94) – Health Insurance Privacy & Accountability Act (’96) • The sectoral approach provides very strong privacy protections in specific cases Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
19.
Privacy Principles: Abroad •
Three weaknesses in US privacy laws: 1. Opt-in/Opt-out (the US default is opt-out) 2. Enforcement There is no office of data controller in the US The FTC proposes that U.S. companies “comply voluntarily” 3. Coverage Countries adopting the Fair Information Practices have everything covered Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
20.
Copyright © 2013
Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
21.
Cookies • Cookies are exchanged
between the client and the server on each transmission of information, allowing the server to know which of the many clients is sending information Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
22.
Cookies • Many sites
use cookies, even when the interaction is not intended to be as secure as a bank transaction (National Air and Space Museum sent the above) • The meaning of the fields is unimportant • The first is the server and the last is the unique information identifying the session Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
23.
Cookie Abuse • There
is a loophole called a third-party cookie • A cookie is exchanged between the client and server making the interaction private • But, if the Web site includes ads on its page, the server may direct it to link to the ad company to deliver the ad • This new client/server relationship place a cookie on your computer Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
24.
Copyright © 2013
Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
25.
Flash Cookies Flash Cookies
(LSO) Congressmen Seek Answers to ‘Supercookies’ (WSJ) Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
26.
FIPS in the
News Hazards of the FaceBook Generation FTC Fair Information Practices (FIPs) Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
27.
Tracking • Tracking is
the practice of a Web site automatically sending details about a visit to other content providers • This is an emerging problem of concern to privacy experts • The consequences of being tracked are not yet fully understood • HTTP has a tracking flag telling servers what your tracking preferences are Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
28.
Do Not Track Notice
that Google’s Chrome browser does not support user requests not to track. Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
29.
Copyright © 2013
Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
30.
Digital Security • Computer
security is a topic that is in the news almost daily. • Remember the “dos and don’ts” for online behavior: – Do check with the sender before opening an attachment you’re unsure about – Don’t fall for phishing emails Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
31.
Cryptology The scientific study
of cryptography and cryptanalysis Cryptography: creating secret codes encryption Cryptanalysis: breaking secret codes decryption Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
32.
Encryption • Information that
is recoded to hide its true meaning uses encryption • A major component of encryption is the key • They come in two forms: – Private – Public Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
33.
Symmetric-key Encryption • The
key is a “magic number” used to transform plain text into cipher text • Both the sender and receiver must possess the key • The process of sending an encrypted message is a five-step algorithm Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
34.
Symmetric-key Encryption • 5-Step
Encryption algorithm: 1. The sender breaks the message into groups of letters 2. “Multiply” each group of letters times the key 3. Send the “products”/results from the “multiplications” to the receiver 4. The receiver “divides” the “products” by the key to recreate the groups 5. Assemble the groups into the message Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
35.
Symmetric-key Encryption • This
works because the math works • The “reversibility” of encryption makes them 2-way ciphers – Only the sender and receiver know the key, making the products useless numbers • This is a secure communication • This is called private key encryption, or symmetric-key cryptography Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
36.
Encryption Example Copyright ©
2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
37.
Symmetric-key Schematic Diagram Copyright
© 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
38.
Private Key Encryption •
Real encryption systems use much longer blocks (hundreds of letters) and larger keys • Multiplication, division are not the only operations that can be used for encryption • All that is needed is for an operation to have an inverse (divide is the inverse of multiply) Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
39.
Symmetric-key Encryption • Effective
only if the symmetric key is kept secret by the two parties involved • Problem: The sender and receiver have to agree on the key, which means they need to communicate somehow • Usually, they meet face-to-face (they can’t email, they don’t have a key yet!) Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
40.
Public Key Encryption •
To avoid that face-to-face meeting, publish the key! • Use public key encryption – Two special prime numbers multiplied together Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
41.
Public Key Encryption
Steps • After, the receiver publishes the special key, K, the following happens: 1. The sender breaks up the message into blocks as before 2. The sender cubes each block, and divides by K, keeping only the remainders 3. The remainders are transmitted Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
42.
Public Key Encryption
Steps • After, the receiver publishes the special key, K, the following happens: 4. The receiver raises each remainder to a high power determined by the prime numbers and known only to him 5. The receiver divides by K, too, and saves only the remainders, which are the original blocks. 6. The receiver assembles the message. Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
43.
How Do We
Know It Works? • K, the magic public key, is just two prime numbers, p and q, multiplied together • It is possible to figure out those two numbers from the published key in theory. • This process, called factoring, is tough if the numbers p and q are large (60 digits apiece) • It is impractical to factor them no matter how powerful the computer! Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
44.
Web Field Trip Public-Key
Cryptography (Mozilla Developers Network) • • • • • • Read the following sections: Introduction Internet Security Issues Encryption & Decryption Symmetric-Key Encryption Public-Key Encryption Key Length & Encryption Strength Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
45.
Web Field Trip Public-Key
Cryptography (Mozilla Developers Network) Symmetric-key encryption plays an important role in the SSL protocol, which is used for encryption over TCP/IP networks. SSL also uses techniques of public-key encryption Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
46.
Web Field Trip Mozilla
Developers Network • Public-key encryption requires more computation than private-key encryption • Therefore, use public-key encryption to send a symmetric key, which can then be used to encrypt additional data • This is the approach used by the SSL protocol Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
47.
Copyright © 2013
Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
48.
Back Up your
Personal Computer • First, you need a place to keep the copy, and you need software to make the copy. • The two easiest “places” to keep the copy are on an external hard disk or “in the cloud” • The “cloud” company’s computers store the information for you and they take responsibility of keeping it available to you Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
49.
System Backup Utilities •
OS X: Time Machine • Windows: Backup and Restore Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
50.
Copyright © 2013
Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
51.
Summary • Revealing personal
information can be beneficial (e.g., Facebook, Google, etc.) • Organizations that receive the information must keep it private & secure • Guidelines for keeping data private have been created by several organizations, including the Organization for Economic Cooperation and Development (OECD) Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
52.
Summary • Guidelines often
conflict with the interests of business and government, so some countries like the United States have not adopted them. Because the United States takes a sectoral approach to privacy, adopting laws only for specific business sectors or practices, much of the information collected on its citizens is not protected by OECD standards. Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
53.
Summary • The shortcomings
for privacy conditions in the United States are Opt-in/Opt-out, compliance/enforcement, and coverage. • The “third-party cookie” loophole allows companies to gather information; identity theft is an unresolved problem. The best way to manage privacy in the Information Age is to have OECD-grade privacy laws. Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
54.
Summary • Public key
cryptography (PKC) is a straightforward idea built on familiar concepts. • Computer scientists have not yet proved the invincibility of the RSA scheme, but it can be “made more secure” simply by increasing the size of the key. Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
55.
Ch. 12 Assessment: Learning
Outcomes - Know the following Copyright © 2013 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Friday, December 6, 13
Descargar ahora