ТОП просматриваемых книг сайта:
Privacy Risk Analysis. Sourya Joyee De
Читать онлайн.Название Privacy Risk Analysis
Год выпуска 0
isbn 9781681732008
Автор произведения Sourya Joyee De
Жанр Компьютеры: прочее
Серия Synthesis Lectures on Information Security, Privacy, and Trust
Издательство Ingram
Figure 3.1: BEMS data flow diagram.
Each consumer, using his user portal account number, can access the User Interface. The User Interface fetches from the Consumer Information System the bill and energy management suggestions corresponding to his meter ID. The User Interface also displays the contact and the identification details to the user. The user can request updates or corrections of the identification and the contact details through the User Interface.
All the data are stored and transferred encrypted and signed, with the exception of the transfer of the energy consumption data from the home appliances to the smart meter, which is not fully secure.3
4. Supporting assets. The supporting assets are defined in Table 3.1.
5. Actors. The actors of the BEMS System are the following: consumers, system administrators, service technicians (for installation and maintenance of smart meters and utility gateways), developers, operators and other employees under the utility provider.
1Billing and Energy Management System.
2The billing cycle, which is generally one month, is defined by the utility provider.
3Various security vulnerabilities of the Zigbee standard are documented in [155, 170].
CHAPTER 4
Personal Data
In this chapter, we first discuss the differences between the definitions of personally identifiable information (PII) in the U.S. and personal data in Europe (Section 4.1). We also summarize the ongoing debates on anonymization which is a central issue in this context (Section 4.2). We proceed with a categorization of personal data and a discussion about specific categories of data considered sensitive by certain regulations (Section 4.3). Next, we present the set of data attributes to be considered in a privacy risk analysis (Section 4.4). Data categories and attributes are then illustrated with the BEMS System (Section 4.5).
4.1 EUROPEAN AND U.S. VIEWS
The notions of “personal data” in the EU and “personally identifiable information” (PII) in the U.S., which are the cornerstones of modern privacy regulations, do not carry exactly the same meaning. The first part of our discussion concentrates on these variations and the differences between the U.S. and the EU approaches to privacy.
Table B.1 in Appendix B shows various definitions of personal data and personally identifiable information. The sources of these definitions are mostly privacy laws and standardization documents. For example, the CNIL1 guidelines [32, 33] refer to the definitions of personal data from the EU Directive [47], the French Data Protection Act [50] and the ISO standard ISO/IEC 29100:2011 [72].
Considering the central role of the notion of personal data in the legal framework, the EU Directive [47] has introduced the following general definition:
“Personal data shall mean any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.”
As a first comment, it may be noted that the EU Directive does not seem to make a difference between “data” and “information.” In fact, the two words are not always used with the same meaning in the literature2 but this distinction is not essential here and we will, as the EU Directive, use them interchangeably.
Конец ознакомительного фрагмента.
Текст предоставлен ООО «ЛитРес».
Прочитайте эту книгу целиком, купив полную легальную версию на ЛитРес.
Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.