Download | - View accepted manuscript: Visualization for Privacy Compliance (PDF, 269 KiB)
|
---|
Author | Search for: Yee, George |
---|
Format | Text, Article |
---|
Conference | The 3rd International Workshop on Visualization for Computer Security (VizSec'06), November 3, 2006, FairFax County, Virginia, USA |
---|
Subject | privacy; compliance; visualization; privacy legislation; e-services |
---|
Abstract | The growth of the Internet has been accompanied by the growth of e-services (e.g. e-commerce, e-health). This proliferation of e-services has put large quantities of consumer private information in the hands of the service providers, who in many cases have mishandled the information, either intentionally or unintentionally, to the detriment of consumer privacy. As a result, government bodies have put in place privacy legislation that spells out a consumer's privacy rights and how consumer private information is to be handled. Providers are required to comply with such privacy legislation. This paper proposes visualization as a tool that can be used by security or privacy analysts to understand how private information flows within and between provider organizations, as a way of identifying vulnerabilities that can lead to non-compliance. A model of private information flow and a graphical notation for visualizing this flow are proposed. An application example of using the notation to identify privacy vulnerabilities is given. |
---|
Publication date | 2006 |
---|
In | |
---|
Language | English |
---|
NRC number | NRCC 48772 |
---|
NPARC number | 8914409 |
---|
Export citation | Export as RIS |
---|
Report a correction | Report a correction (opens in a new tab) |
---|
Record identifier | c3c9582b-9e4c-4b6c-82af-8d5357ce1242 |
---|
Record created | 2009-04-22 |
---|
Record modified | 2020-10-09 |
---|