A privacy-by-design framework based on information control and zero trust
Information privacy has been a concern in the digital age. Unauthorized information disclosure and misuse have been an ongoing challenge within a highly connected society. Numerous privacy breaches have raised the need for effective and robust information protection. Information owners are incapabl...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis-Master by Coursework |
| Language: | English |
| Published: |
Nanyang Technological University
2020
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/138084 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Information privacy has been a concern in the digital age. Unauthorized information disclosure and misuse have been an ongoing challenge within a highly connected society. Numerous privacy breaches have raised the need for effective and robust information protection. Information owners are incapable of exercising their rights to protect and control their information in the event of a privacy breach. Existing security and privacy frameworks were chronologically analyzed on their respective techniques in safeguarding information. The analysis allows an understanding of contextual issues and privacy challenges. Technical security mechanisms in the existing frameworks were identified and critically examined based on its effectiveness in resolving privacy challenges. The technological advancement in the past decades has seen an evolution of privacy framework that addresses contemporary information privacy issues. These frameworks signify that an information owner does not have the necessary level of control for their personal information. By understanding existing technical security mechanisms, a privacy framework is proposed based on the principles of privacy-by-design that achieve the Zero Trust principles. The focus of the proposed framework is to empower information owners to protect, secure and control their information before sharing. This framework will revolutionize the existing perspective towards information privacy as privacy control is shifted from third parties to the information owners. However, transferring the control from third parties to information owners is associated with both technical and non-technical challenges. While technical challenges are rectifiable, human-related challenges pose a higher privacy risk that will require non-technical solutions. Therefore, a holistic approach must be conceived to resolve privacy issues, which have the potential to accelerate technological advancement that benefits the community. |
|---|