Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

ISTPA Privacy Framework Overview

ISTPA Privacy Framework
John T. Sabo
Computer Associates
IAPP-TRUSTe Symposium
June 9, 2004
Copyright © 1999-2003 International Security, Trust & Privacy Alliance
All Rights Reserved
1
Context-Hard Problem

Multidimensional Privacy
 Legal, regulatory, social, economic, political, moral and
ethical dimensions

Variable Nature
 Changes with context, audience “privacy is contextual
and personal”

Privacy is plagued by lack of a:
 Common vocabulary
 Shared reference model and framework
 Structured and uniform means of analysis

Sort out the issues, understand and communicate the
underlining requirements
2
ISTPA’s Approach
 Resolution-Solution Focus
 Transform Privacy Policy to Privacy Science & Engineering
Discipline
 Build and Forward Open Multidisciplinary Standards,
Specifications and Unified Approach (Methodology)
 Shared privacy vocabulary (terms, notation)
 Open policy configurable framework
 Standardized Set of Industry Specific Use Cases
 Privacy Framework as Platform for Multidisciplinary
Collaboration
 Regulators, lawyers, law makers, corporate policy makers,
business and product managers, citizen-consumers, privacy
advocates, IT and security professionals, technologist
3
Framework Defined

Privacy Framework

An open, policy configurable set of collaborating
services and capabilities used to guide the
analysis, design and implementation and
assessment of security, trust and privacy
solutions and infrastructure
4
ISTPA Privacy Framework Services
& Capabilities










Audit – independent, verifiable accountability
Certification – credentials, trusted processes
Control - only permissible access to data
Enforcement - redress when violation
Interaction - manages data/preferences
Negotiation – of agreements, rules, privileges
Validation - checks accuracy of personal information
Access - subject can correct/update information
Agent – software that acts on behalf of data subject
Usage – data use, aggregation, anonymization
5
ISTPA Privacy Framework
Data Subject
Data Requestor
Interaction
Interaction
Negotiation
Negotiation
PI
Container
(PIC)
Control
Usage
Control
PI, Preferences
& PIC Repository
PIC Repository
Agent
Agent
Assurance Services
Validation
Certification
Audit
Security Foundation
Legal, Regulatory, & Policy Context
6
Enforcement
Framework: PI Container

PI Container
 Binding of
 PI
 Contract
 Credentials
PI Container
PI Contract
Inteneded Use
Policies
Conditions
Permissions
PI
Credentials
Identity
Credentials
Signature
7
ISTPA Privacy Framework

Data Subject
Data Requestor
Interaction
Interaction
Negotiation
Negotiation
PI
Container
(PIC)
Control
Usage
Control

PI, Preferences
& PIC Repository
PIC Repository
Agent
Agent
Assurance Services
Validation
Certification
Audit

Enforcement
Security Foundation
Legal, Regulatory, & Policy Context
8
A set of
collaborating
services and
capabilities
(layer)
Security
Foundation
(layer)
Legal,
Regulatory &
Policy
Context
Layers and Context
9
Translating Privacy Law and
Practices into Infrastructure

Privacy Fair
Information
Practices and
Translation to
the Real World
Infrastructure
Service
Data Requestor
Data Subject
Capability
Interaction
Interaction
Practices
UPDATE
NOTICE
Access
ACCESS
Negotiation
Control
Control
PI
Container
(PIC)
CHOICE
Usage
Negotiation
CORRECTION
AWARENESS
PI, Preferences
CONSENT
PIC Repository
PIC Repository
Agent
Agent
Assurance Services
Validation
Certification
QUALITY
INTEGRITY
Audit
Security Foundation
Legal, Regulatory, & Policy Context
10
Enforcement
ENFORCEMENT
RECOURCE
Services, Capabilities vs.
Mechanisms


Services & Capabilities – Defined functionality
(what) supporting privacy and security
requirements
Mechanisms –Specific service and capability
implementations (how) supporting defined
services and capabilities
 Protocols, technologies, infrastructure – Smart cards,
Trusted platforms, SAML, cryptographic tools, secure
hash, symmetric keys, P3P, EPAL, XACML
11
Reference Model Approach
ISTPA Privacy Framework as Reference Model
Service/Capability
Certification
Validation
Negotiation
Usage
Function
Organizations/Protocols/Mechanisms
credentials, trusted processes
BBBOnline, BetterWeb, E-Safe, Global Trust Alliance, Guardian
eCommerce Security, Net-Ethix, Privacy License, Privacy Secure,
Inc., PrivacyBot.com, SecureBiz, TRUSTe, WebTrust
checks accuracy of personal
information
Audit Check Services, Certificate Authorities, Credit Check Services,
of agreements, rules, privileges
APPEL, P3P, License Script, FDRM, ODRL, XrML
data use, aggregation, anonymization
Trusted Computing Group, Trusted Platforms, Smartcards, Secure
Tokens
Security
Foundation
Mechanisms
AES, MD5, Authentication, Non-Repudiation, Access Control,
Integrity, Confidentiality, Availability, PKI
Legal Context
Legal, Regulatory,
Policy
EU Data Protection Directive, HIPAA, GLBA, COPPA, Privacy Act
12
ISTPA Project Areas

Framework Projects
ISO Publicly Available Specification (PAS)
 Privacy Capability Maturity Model
 Privacy Tools & Technology

 Privacy Rule Language (IBM’s EPAL)
 Identity Management Systems
13
Questions?
John T. Sabo
john.t.sabo@ca.com
www.istpa.org
14
Backup
15
Privacy Framework Services
Service /
Capability
Description
Audit
Handles the recording and maintenance of events in any service to capture the data that
is necessary to ensure compliance with the terms and policies of an agreement and any
applicable regulations.
Certification
Manages and validates the credentials of any party or process involved in processing of
a PI transaction.
Control
Enforcement
Interaction
Negotiation
Validation
Functions as “repository gatekeeper” to ensure that access to PI which is stored by a
data collection entity complies with the terms and policies of an agreement and any
applicable regulations.
Handles redress when a data collection entity is not in conformance with the terms and
policies of an agreement and any applicable regulations.
Presents proposed agreements from a data collection entity to the data subject; receives
the subject’s personal information, preferences, and actions; confirms actions; manages
movement of data into and out of the Framework. To the extent the data subject is
represented by an agent, this service comprises the interface to the agent.
Handles arbitration of a proposal between a data collection entity and a data subject.
Successful negotiation results in an agreement. Humans, agents, or any combination,
can handle negotiation.
Checks for accuracy of PI at any point in its life cycle.
16
Privacy Framework Capabilities
Service /
Capability
Description
A capability that allows the data subject to both access the
Access individual’s PI that is held by a data collection entity, and to
correct or update it as necessary.
Agent
A software capability that acts on behalf of a data subject or
a requestor. The Agent Capability engages with one or
more of the other services defined in this Framework. Agent
can also refer to the human data subject in the case of a
manual process.
Usage
Functions as “processing monitor” to ensure that active use
of PI complies with the terms and policies of an agreement
and any applicable regulations. Such uses may include
transfer, derivation, aggregation, anonymization, linking, and
inference of data.
17
Framework-Related Technologies and
Standards
Relevant Standards Groups
Negotiation Technologies
Data Subject
Data Requestor
Interaction
Interaction
Negotiation
Negotiation
APPEL
Rights Expression
Languages
P3P
LicenseScript
FDRM
ODRL
XrML
PI
Container
(PIC)
Control
Validation Services
Adult Check Services
Certificate Authorities
Credit Check Services
Address Validation Services
Control
PI, Preferences
& PIC Repository
PIC Repository
Agent
Agent
Security Technologies
Cryptography (PK & Symmetric)
Secure Hashing
Trusted
Computing
Group
Trusted Platforms
Smartcards
Secure Tokens
Assurance Services
Privacy Seals
Validation
Certification
Audit
Integration & Interoperability
Microsoft Passport
Liberty Alliance Project
XNS
PSP
Usage
OASIS (SAML, AVDL, PKI,
WS-Security, XCBF, XRI)
W3C (XML*, HTTP, SOAP,
P3P, APPEL, CC/PP)
Trusted Computing Group
Liberty Alliance Project
XNS
Many Hardware & Govt Stds
Security Foundation
Legal, Regulatory, & Policy Context
•
•
•
•
•
Access
Authentication
Integrity
Non-repudiation
Privacy (Encryption)
18
Enforcement
•
•
•
•
•
•
•
•
•
•
•
•
BBBOnline
BetterWeb
E-Safe
Global Trust Alliance
Guardian eCommerce Security
Net-Ethix
Privacy License
Privacy Secure, Inc
PrivacyBot.com
SecureBiz
TRUSTe
WebTrust
Related documents
“Contrasting the early 19th versus early 21st Centuries”
“Contrasting the early 19th versus early 21st Centuries”
Central Missouri Cardiovascular Associates P
Central Missouri Cardiovascular Associates P
Privacy Confidentiality Minor
Privacy Confidentiality Minor
IAPP presentation - International Association of Privacy Professionals
IAPP presentation - International Association of Privacy Professionals
Maintaining Privacy and Dignity in Care (Fiona Throp)
Maintaining Privacy and Dignity in Care (Fiona Throp)
Merenje koncentracije i trzisne moci privrednih
Merenje koncentracije i trzisne moci privrednih
Download