Data-Privacy Assessments for Application Landscapes: A Methodology
نویسنده
چکیده
Data privacy is a major issue for companies today. Risks can come from external attacks or from internal users disclosing sensitive data to the public. In the latter case, restricting user access to data mitigates the risk. Thanks to role-based access models, users see only the data that they need for their work. This paper presents a methodology for assessing how effective such restrictions are. It is based on classifying data, analyzing access paths, and understanding the impact of design principles. Its special contribution is its endto-end view. It is applicable directly to complex IT landscapes being the norm
منابع مشابه
THE APPLICATION OF DATA ENVELOPMENT ANALYSIS METHODOLOGY TO IMPROVE THE BENCHMARKING PROCESS IN THE EFQM BUSINESS MODEL (CASE STUDY: AUTOMOTIVE INDUSTRY OF IRAN)
This paper reports a survey and case study research outcomes on the application of Data Envelopment Analysis (DEA) to the ranking method of European Foundation for Quality Management (EFQM) Business Excellence Model in Iran’s Automotive Industry and improving benchmarking process after assessment. Following the global trend, the Iranian industry leaders have introduced the EFQM practice to thei...
متن کاملA systematic methodology for privacy impact assessments: a design science approach
For companies that develop and operate IT applications that process the personal data of customers and employees, a major problem is protecting this data and preventing privacy breaches. Failure to adequately address this problem can result in considerable damage to the company’s reputation and finances, as well as negative effects for customers or employees (data subjects). To address this pro...
متن کاملAdvanced Cloud Privacy Threat Modeling
Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) metho...
متن کاملفرایند حفظ حریم بیماران: یک نظریه داده بنیان
Introduction: Ethics, customs, and divine and human values in all scientific and non-academic issues are accepted among all human societies in different eras. The purpose of this study was to understand the experiences of nursing professionals about the patient's privacy. Methods: 21 participants were selected by theoretical sampling which was guided by emerging categories. All participants we...
متن کاملA Proposed Data Mining Methodology and its Application to Industrial Procedures
Data mining is the process of discovering correlations, patterns, trends or relationships by searching through a large amount of data stored in repositories, corporate databases, and data warehouses. Industrial procedures with the help of engineers, managers, and other specialists, comprise a broad field and have many tools and techniques in their problem-solving arsenal. The purpose of this st...
متن کامل