Abstract
The increased commercial use (and value) of PII(Privacy Identifiable information), the sharing of PII across legal jurisdictions, and the growing complexity of ICT systems, makes it extremely difficult for an organization to ensure privacy and to achieve compliance with the various laws and regulations. Additionally, the open nature and characteristics of the Internet and its communication protocols can lead to a loss of information privacy when PII is used in a way that was not originally intended. Uncertainty or distrust can arise as a result of how an organization or other entity handles information privacy matters and as a result of cases of PII misuse. This paper proposes a security model for the management of personal information by each lifecycle stage, so that the information and communication service providers, which collect, store, manage, and use personal information, can manage their customers’ personal information more securely and efficiently. However, as the policy and technology designed to protect personal information vary in terms of application depending on the environment of each organization and enterprise, this paper presents general criteria. Therefore, the security requirements for each personal information lifecycle stage may be selectively applied to the environment appropriately for each organization and enterprise.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chang, Y.F., Chen, C.S., Zhou, H.: Smart phone for mobile commerce. Computers & Security, Elsevier Advanced Technology (31), 740–747 (2009)
Mobile phone users wary about privacy, the nielsen company (April 2011)
ISO/IEC JTC1 JCT1 SC27 WG5, CD Information technology – Security techniques- Privacy Framework (April 2011)
ISO/IEC JTC1 JCT1 SC27 WG5, WD Information technology – Security techniques- Privacy Reference Architecture (April 2011)
Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: Trust Management for Public-Key Infrastructures (Position Paper). In: Proceedings of the 6th International Workshop on Security Protocols, April 15-17, pp. 59–63 (1998)
Scott Saponas, T.: Devices that tell on you: privacy trends in consumer ubiquitous computing (2007)
Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-Privacy in Public-Key Encryption. In: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, December 9-13, pp. 566–582 (2001)
Collins, J.: Lost and Found in Legoland. RFID Journal (2004), http://www.rfidjournal.com/article/articleview/921/1/1/
Andrew senior, blinkering surveillance: enabling video privacy through computer vision. Surveillance & Society (2002)
OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, http://www.oecd.org/document/18/0,3746,en_2649_34255_1815186_1_1_1_1,00.html#introduction
APEC, Privacy Framework (2008), http://www.ema.gov.au/www/agd/rwpattach.nsf/VAP/03995EABC73F94816C2AF4AA2645824B~APEC+Privacy+Framework.pdf/$file/APEC+Privacy+Framework.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shin, YN., Chun, W.B., Jung, H.S., Chun, M.G. (2011). Privacy Reference Architecture for Personal Information Life Cycle. In: Kim, Th., Adeli, H., Robles, R.J., Balitanas, M. (eds) Advanced Communication and Networking. ACN 2011. Communications in Computer and Information Science, vol 199. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23312-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-23312-8_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23311-1
Online ISBN: 978-3-642-23312-8
eBook Packages: Computer ScienceComputer Science (R0)