Privacy Compliant Systems Design

profileprasad0484
1.Intro-PrivacyRiskAssessmentUsingDFM.pptx

Privacy Risk Assessment

High level Steps

Create DFM Diagram (see next slide please) to Identify Surfaces with Privacy Risks: Identify process, storage, channel or environment that may facilitate access to private data/information

Identify Relevant Requirements: For each such surface, identify the subset of the (15) privacy requirements that could be breached at that surface

We will review a process this week presented in “Privacy Engineering: A data flow and ontological approach by Ian Oliver.” The book is available in kindle unlimited.

DFM: Data Flow Modeling diagram is a data flow modeling tool for identifying surfaces with privacy risks (review the attached DFM.pdf).

Major Steps:

Drawing DFM diagram: Model the flow of information through the system via different processes and channels (and possibly saved to some storage)

Annotation: Annotate the DFM diagram with information characteristics, transmission protocols, purpose of usage, risks involved (review the standard annotations that we will use for this class in Annotation.zip).

Decomposition: Split a process or a channel in the DFM diagram if that process or the channel involves information with different privacy implication

Partition: Partition the DFM diagram (possibly in various ways) to identify groups with some common boundaries (that may have common privacy implications)