Purpose-Based Versus Flow-Based Access Control for Privacy

Advances in information technology and the emergence of privacy-invasive technologies have made it necessary to introduce privacy regulations that impose restrictions on handling of Personal Identifiable Information (PII). According to current thinking, "PII privacy protection can only be achieved by enforcing privacy policies within an organization's online and offline data processing systems" and "Privacy cannot be efficiently implemented solely by legislative means. Data protection commissioners are therefore demanding that legal privacy requirements should be technically enforced and should be a design criteria for information systems".

Provided by: Science Publications Topic: Security Date Added: Jan 2012 Format: PDF

Find By Topic