Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIS-2005 : Xi’an - China 1 A New Conceptual Framework within Information Privacy: Meta Privacy Mr. Geoff Skinner Dr Song Han Prof. Elizabeth Chang Curtin.

Published byTimothy Shields Modified over 8 years ago

Similar presentations

Presentation on theme: "CIS-2005 : Xi’an - China 1 A New Conceptual Framework within Information Privacy: Meta Privacy Mr. Geoff Skinner Dr Song Han Prof. Elizabeth Chang Curtin."— Presentation transcript:

1 CIS-2005 : Xi’an - China 1 A New Conceptual Framework within Information Privacy: Meta Privacy Mr. Geoff Skinner Dr Song Han Prof. Elizabeth Chang Curtin University of Technology Perth, WA, Australia.

2 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 2 Overview Introduction Information Privacy Metadata and Meta-Structure Meta Privacy Definition Meta Privacy Principles Meta Privacy Components Meta Privacy Protection Conclusion Questions

3 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 3 Introduction The need for excessive and increasing data collection habits is a cause for concern. Management of metadata and metastructure information involves serious privacy considerations. Entities are not given a reasonable spectrum of choices for what information you provide in order to use a service.

4 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 4 What is Privacy? – The right to be left alone. – The maintenance of personal space. – Subjective, context and environmentally specific.

5 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 5 What is Privacy? Privacy has a number of dimensions [Clarke]: – Privacy of the person: medical conditions, etc. – Privacy of personal behaviour: religion, sex, etc. – Privacy of personal communication. – Privacy of personal data.

6 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 6 Privacy and Security Information Privacy: ‘is the interest an individual has in controlling, or at least significantly influencing, the handling of data about themselves’ [Clarke]. Data / Information Security IS NOT Data / Information Privacy. Rather Information Security is a tool that can be used to facilitate Information Privacy.

7 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 7 Privacy and Security The concepts of Information Security, Privacy, and Trust are closely inter-related and often inter-dependant. PET’s : Privacy Enhancing Technologies. Include encryption, filters, anonymizers, cookie cutters, etc.

8 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 8 Metadata and Meta-Structure Metadata provides information about, or documentation of, other data managed within an application, system, or environment. Metadata can also provide descriptive information about an organizations data, data activities, systems, and holdings.

9 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 9 Meta-Structure The Metastructure components are composed of the data concerned with the functioning and structural details of the information systems and their many components. This may include: – information on the access controls used in the systems – the system and policy frameworks which supplies rules regarding the relationships within the systems and policies – other information about the system and component structures.

10 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 10 Understanding Meta Privacy Current privacy protection approaches unable to provide protection across a broad spectrum of information privacy issues. Solutions applied in an ad-hoc fashion resulting in a piecemeal approach to privacy protection. Need system privacy controls designed and integrated into the system that entities are unable to circumvent.

11 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 11 Meta Privacy - Definition Meta Privacy means ensuring the security and privacy of data about privacy and personal data. Meta privacy is concerned with the security and privacy of the information used to support other system services and processors that may impact upon an entities privacy. This encompasses the protection of metadata and metastructure information that may reveal an entities identity and other personal information.

12 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 12 Meta Privacy - Definition Entity may be an individual, group, or organization. Individual represents a singular entity, most often a human being. A group is defined as a ‘non-committed’ informal relationship between entities. An organization is defined as a committed formal relationship between entities. The members of an groups and organization may be individuals, groups, and other organizations.

13 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 13 Meta Privacy

14 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 14 Meta Privacy Practices Proper Meta Privacy practises would ensure that none of the personal information contained in the metadata and metastructure is used for any purpose other than that specially agreed upon by the personal information owner. Also metadata is not provided to any third party not authorized to access the data without the owners express permission.

15 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 15 MPR and MPB Meta-information and processes making use of metadata and metastructure information can be classified as either: – Meta Privacy Risks (MPR) – Meta Privacy Benefits (MPB).

16 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 16 Meta Privacy Risks Where metadata provides information about the content, quality, condition, and other characteristics of entity data it can be classified as being in a Meta Privacy Risks (MPR) category.

17 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 17 Meta Privacy Benefits The use of meta-information for privacy protection. Meta privacy tags and metadata can be used for entity privacy policy preferences representation and enforcement. The use of metadata and metastructure information in this way is classified as Meta Privacy Benefits (MPB).

18 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 18 Meta Privacy Benefits The leading example of use of metadata for representing privacy preferences is P3P. Other approaches have been proposed that use metadata and metastructure information to protect personal data and privacy in a number of alternate operational settings. E.G.: associating and storing metadata for representing individual items of personally identifiable information (PII).

19 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 19 Meta Privacy Components Meta Privacy therefore encompasses both Meta Privacy Risk and Meta Privacy Benefit categories. Where metadata and metastructure information contains details that reflect some level of knowledge pertaining to an individual’s identity or other forms of personal information They are a potential risk to privacy.

20 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 20

21 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 21 Meta Privacy Protection Metadata and metastructure information has to be protected by the same levels of security used to protect personal information. System owners and the entities providing their personal information need to be aware of metadata generation and usage. Should be subjected to the same privacy policy guidelines selected by an entity to protect their personal data.

22 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 22 Meta Privacy Protection Unlinkability Unobservability Use of Pseudo-Anonymous and Anonymous Data Requires same levels of protection provided to personal data and PII.

23 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 23 Concluding Remarks Have formally defined Meta Privacy. Meta Privacy has two main elements: – Meta Privacy Benefits – Meta Privacy Risks Have shown that meta-data and meta-structural information must be afforded to the same levels of privacy and security protection given to personal data and PII. Highlighted the need to understand and give due consideration to meta privacy protection.

24 CIS05 Xi’an China Geoff Skinner, Song Han & Elizabeth Chang 24 Questions ? ??

Download ppt "CIS-2005 : Xi’an - China 1 A New Conceptual Framework within Information Privacy: Meta Privacy Mr. Geoff Skinner Dr Song Han Prof. Elizabeth Chang Curtin."

Similar presentations

The Public Health Conceptual Data Model HL7 RIM Harmonization May 2000.

The Public Health Conceptual Data Model HL7 RIM Harmonization May 2000.
Database Systems: Design, Implementation, and Management Tenth Edition

Database Systems: Design, Implementation, and Management Tenth Edition
Criteria For Approval 45 CFR 46.111 25 CFR 56.111 Minimized risks Reasonable risk/benefit ratio Equitable subject selection Informed consent process Informed.

Criteria For Approval 45 CFR CFR Minimized risks Reasonable risk/benefit ratio Equitable subject selection Informed consent process Informed.
<<Date>><<SDLC Phase>>

<<Date>><<SDLC Phase>>
Dr Gordon Russell, Napier University Unit 5.3 - Data Dictionary 1 Data Dictionary Unit 5.3.

Dr Gordon Russell, Napier University Unit Data Dictionary 1 Data Dictionary Unit 5.3.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.

On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
Chapter 3 Preparing and Evaluating a Research Plan Gay and Airasian

Chapter 3 Preparing and Evaluating a Research Plan Gay and Airasian
Methodology Conceptual Database Design

Methodology Conceptual Database Design
Gurpreet Dhillon Virginia Commonwealth University

Gurpreet Dhillon Virginia Commonwealth University
Demonstration of the Software Prototypes PRIME PROJECT 17 December 2004.

Demonstration of the Software Prototypes PRIME PROJECT 17 December 2004.
MPEG-21 : Overview MUMT 611 Doug Van Nort. Introduction Rather than audiovisual content, purpose is set of standards to deliver multimedia in secure environment.

MPEG-21 : Overview MUMT 611 Doug Van Nort. Introduction Rather than audiovisual content, purpose is set of standards to deliver multimedia in secure environment.
Centro de Estudos e Sistemas Avançados do Recife PMBOK - Chapter 4 Project Integration Management.

Centro de Estudos e Sistemas Avançados do Recife PMBOK - Chapter 4 Project Integration Management.
Model For Effective Self-Regulation November 2002 Daniel M. Sibears Senior Vice President & Deputy Member Regulation, NASD.

Model For Effective Self-Regulation November 2002 Daniel M. Sibears Senior Vice President & Deputy Member Regulation, NASD.
Survey on Privacy-Related Technologies Presented by Richard Lin Zhou.

Survey on Privacy-Related Technologies Presented by Richard Lin Zhou.
Privacy Engineering for Digital Rights Management Systems By XiaoYu Chen.

Privacy Engineering for Digital Rights Management Systems By XiaoYu Chen.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.

Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
Database Environment Chapter 2. Data Independence Sometimes the way data are physically organized depends on the requirements of the application. Result:

Database Environment Chapter 2. Data Independence Sometimes the way data are physically organized depends on the requirements of the application. Result:
Prof. Adrie J.M. Beulens 2004Slide1 An Ontological Framework for Structuring Process Knowledge for the Process of Model-Based Problem Solving. Reference:

Prof. Adrie J.M. Beulens 2004Slide1 An Ontological Framework for Structuring Process Knowledge for the Process of Model-Based Problem Solving. Reference:
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
1 PARCC Data Privacy & Security Policy December 2013.

1 PARCC Data Privacy & Security Policy December 2013.

Similar presentations

Ads by Google