Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • MUFTIC JRC Aaas2010 Privacy Muftic

    Încărcat de

    abysinya
    18 vizualizări11 pagini
    "Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively," says sead Muftic. Privacy can be seen as an aspect of security -- one in which trade-offs between the interests of one group and another can become particularly clear.

    Descriere originală:

    Titlu original

    MUFTIC Jrc Aaas2010 Privacy Muftic

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    "Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively," says sead Muftic. Privacy can be seen as an aspect of security -- one in which trade-offs between the interests of one group and another can become particularly clear.

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    18 vizualizări11 pagini

    MUFTIC JRC Aaas2010 Privacy Muftic

    Încărcat de

    abysinya
    "Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively," says sead Muftic. Privacy can be seen as an aspect of security -- one in which trade-offs between the interests of one group and another can become particularly clear.

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 11

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)

    Sead Muftic
    Professor School of ICT Royal Institute of Technology (KTH) Stockholm, Sweden CEO/CTO SETECS, Inc. Silver Spring, MD, USA sead.muftic@setecs.com Cell: (240) 535-2095

    Privacy Issues and Solutions in Real and in Digital Worlds

    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    2

    Definition / Concept :
    Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively. Privacy is sometimes related to anonymity, the wish to remain unnoticed or unidentified in the public realm. Privacy can be seen as an aspect of security one in which trade-offs between the interests of one group and another can become particularly clear. (Wikipedia)

    Issues / Problems :
    Financial damages Personal damages Competitive disadvantages Family consequences Threats to social status

    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    3

    Personal Attitudes :
    Some are not aware, some are not interested, some are oblivious, and some are concerned, but helpless . . .

    Solutions (if needed !) :


    Technical (IT tools) Organizational (Policies) Legal (laws) International (conventions)

    Categories :
    Financial data Medical data Personal data
    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    4

    Real vs. Digital Worlds :

    Sead Muftic

    sead.muftic@setecs.com PC IP number, Cookies


    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    5

    Issues :
    Protection of data (stored and transmitted) Protection of actions (transactions and access) Consent for sharing of data Authorizations / approvals

    Innovative Solutions :
    Secure personal storage of sensitive data Trusted Third Parties Authorization Roles and Policies

    . . . Smart cards (standards and technologies) . . . Servers, organizations, regulations . . . Tools, procedures, organizational and regulatory solutions

    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    6

    Financial Data :
    Protection of data credit card numbers, account numbers, financial data in databases Protection of actions (secure payment transactions)
    ME

    PGW

    Merchant

    Payment Gateway

    Order

    CC

    CC

    Cardholder
    Order Sign Payment (CC) Sign DoubleSign

    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    7

    Medical Data :
    Protection of data (stored in EMR databases) Protection of actions (sharing through HIEs) Consent for sharing of data (HIPAA requirements) Authorizations / approvals (new medical exchanges)

    The Status of HIEs in the US


    Accumulation of data (in hospitals and PCP units) Sharing of data through HIEs Storage of data (medical data banks) Access to data (portals)

    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    8

    Project in Michigan :
    Patient medical smart cards (with fingerprint verification) Providers security card (with roles and profiles) Secure transfer of data between hospitals Authorized access to data (authorization policies)

    Medical DB

    Portal

    Patient

    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    9

    Protection of Personal Data and Actions :

    Web Proxy

    PC IP number Cookies
    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    10

    Organizational and Legal Solutions :


    Technical recommendations and standards National / international regulations Codes of practice (policies) Digital signature acts Data privacy acts HIPAA and other medical regulations National laws Court cases

    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    Information and Communication Technologies (ICT) Royal Institute of Technology (KTH)


    11

    Conclusions :
    Some are not aware, some are not interested, some are oblivious, and some are concerned, but helpless . . .

    Civilization is the progress toward a society of privacy. Civilization is the process of setting man free from men. The savage's whole existence is public, ruled by the laws of his tribe. Ayn Rand Fountainhead

    Civilized use of Internet (as a free man !)

    Presentation at the AAAS 2010 Conference San Diego, February 20, 2010

    S-ar putea să vă placă și