Presentation is loading. Please wait.

Presentation is loading. Please wait.

Nov. 8, 2002Privacy and Security: Totally Committed IT Security Evaluation and Certification Standards and Personal Information Current challenges and.

Similar presentations


Presentation on theme: "Nov. 8, 2002Privacy and Security: Totally Committed IT Security Evaluation and Certification Standards and Personal Information Current challenges and."— Presentation transcript:

1 Nov. 8, 2002Privacy and Security: Totally Committed IT Security Evaluation and Certification Standards and Personal Information Current challenges and future needs in a multilateral perspective Giovanni Iachello College of Computing, Georgia Inst. of Technology

2 Nov. 8, 2002Privacy and Security: Totally Committed2 Evaluation and Certification: Why? Verify and validate conformance to requirements –Increase information fluidity Compare among competitors –Better informed decisions Independent quality assessment –Increase credibility Marketing –Increase confidence Regulation (in the future) –Higher protection standards

3 Nov. 8, 2002Privacy and Security: Totally Committed3 Model for Information Security Information Security ManagementTechnologyProcess Principles Legislation Requirements Techniques Best Practices

4 Nov. 8, 2002Privacy and Security: Totally Committed4 Personal Information Complicates Things Multiple interests –Subject –Controller –DPA, government Different concerns/risks Different security goals Need for multilateral security Bank Merchant Government Telecoms Customer Financial services

5 Nov. 8, 2002Privacy and Security: Totally Committed5 –Audit and intrusion detection –Backups –Authorization –Outsourcing –Asset value maximization –Unobservable use –Reduce retention –Anonymous use –Limit disclosure –Control use of data Technical Business-related Competing Interests in Information Security A multilateral approach can help identify and prioritize all security concerns in order to reach a satisfactory compromise

6 Nov. 8, 2002Privacy and Security: Totally Committed6 Common Criteria and PETs Context –Modular security requirements framework –Addresses products and systems –Evaluation and certification –Address SW HW FW –Derives from 20+ years experience (TCSEC, ITSEC) Security = Functionality + Assurance –Functional requirements “What can the system do to be secure?” –Assurance requirements “What was done to assure that the TOE does what it shall do / does not what it shouldn't do?” Why use the Common Criteria (CC)? –Accredited evaluation facilities already exist –Evaluations can be recognized by participating countries –Integrate PET evaluation with security evaluation

7 Nov. 8, 2002Privacy and Security: Totally Committed7 Common Criteria and PETs Older criteria – no privacy! –ITSEC: “security = integrity, confidentiality and availability” (1991) Common Criteria FPR class: good… –Privacy requirements (a.k.a. the “Freiburg class”) –Support anonymity, pseudonymity, unobservability (1995-) …but not enough! –Information collection, use, retention –Non-security requirements –Unlinkability, trust distribution

8 Nov. 8, 2002Privacy and Security: Totally Committed8 Enhancing the Common Criteria Derive functional and assurance requirements from FIPs (PETTEP ) –One functional family for each Fair Information Practice –Each requirement supports one or more practices Use abstract properties (Trust, Linkability) to derive functional requirements (IIG Freiburg ) –Trust allocation in multiple administrative domains –Unlinkability –Information retention At the proposal stage – Real world testing is needed

9 Nov. 8, 2002Privacy and Security: Totally Committed9 Shortcomings of PET Certification Conflicting requirements –Structured to protect centralized systems –New requirements can be inconsistent with old ones Trust –Advanced PETs distribute information so that no trustee can abuse it –Distinct administrative domains, awkward to state within the CC –Need to “step out of the box” Technology is only as good as how it is used –Safeguards can be circumvented or ignored –Information has an inherent strategic value –How to protect a system from its own administrators?

10 Nov. 8, 2002Privacy and Security: Totally Committed10 PET Evaluation/Certification Costs Currently evaluated products 1.Mass-market products –Evaluation paid by the manufacturer 2.Custom products with special security requirements –Evaluation paid by the customer as part of the contract Formal evaluation –Very costly –Impractical in patchwork systems –Impractical for consumer products  Unlikely that formal PET evaluation can be made mandatory in the short term

11 Nov. 8, 2002Privacy and Security: Totally Committed11 Example Temporary HR staffing company –Personal information is the main asset of the organization –Personal information is ubiquitous –Legacy systems, COTS, distributed networks –Non-electronic information (forms …) –Complex non-IT based processes (people, faxes, phones) –Outsourcing of IT services –Development teams working in house

12 Nov. 8, 2002Privacy and Security: Totally Committed12 …let’s look at the Management side Management and process definition can be used to increase personal information protection How can personal data management be assessed? –Voluntary self-evaluation –U.S. Safe Harbor –Japan Requirements for Personal Information Protection –European Data Protection Laws –Independent assessments

13 Nov. 8, 2002Privacy and Security: Totally Committed13 What’s happening in the security scene? “Top five IT vulnerabilities to cyberattacks: –Security of suppliers and partners –No benchmarking (spending and value) –Security not integrated into projects –Poor governance and culture –Lack of risk management integration” — Source: Gartner 2002 Information Security Management Evaluation Standards are popular  Use the tool also for personal information processing

14 Nov. 8, 2002Privacy and Security: Totally Committed14 IT Security Management Evaluation and Certification – ISO Widely used for many years as British Standard 7799 ISO standardized in 2000 Part 1: Code of practice –Best practices and application guidelines –Policy, infrastructure, asset control, personnel, physical, communications, access control, development & maintenance, compliance Part 2: Specification –What requirements are needed for certification –Not yet ISO standard

15 Nov. 8, 2002Privacy and Security: Totally Committed15 IS17799 and Personal Information IS17799 has no provision for personal data management Needs support for privacy requirements –Personal data privacy policy –Accountability –Identification of data protection roles, responsibilities –Management –How and why of personal data lifecycle –Communication –With the data subject and the data protection authority –Challenge Compliance In development, needs to be tested

16 Nov. 8, 2002Privacy and Security: Totally Committed16 Pros and Cons of Management Certification Advantages –Provides assurance on how really the organization is doing in managing the data –Can inform sound management practices –Does not require to evaluate/change installed technology Drawbacks –Not the perfect solution (e.g. “locked closet” and “dusty shelf” problems of ISO9000) –Done on a per-organization basis –Must be regularly repeated –Cultural resistance

17 Nov. 8, 2002Privacy and Security: Totally Committed17 Summary Personal Information Management Evaluation –Integration of COTS –Legacy systems –Data transfer to third parties –how does the system inform the subject about the data transfer? –Definition of system parameters –how long may information be retained? Privacy Enhancing Technology Evaluation –Enforcement of PDC (Personal data constraints) –Automatic purging –Labeling attributes –Control on processing activities –Must be designed into the product –Does not work well with patchwork systems

18 Nov. 8, 2002Privacy and Security: Totally Committed18 Conclusions PETs evaluation / certification can help… … but management evaluation is equally important! –Could be more effective in the short run –Could help DPAs to assess organizations –Could help organizations with their privacy management needs and problems Sound process design is fundamental Acknowledgements: IIG, IFIP WG9.6, Altoprofilo


Download ppt "Nov. 8, 2002Privacy and Security: Totally Committed IT Security Evaluation and Certification Standards and Personal Information Current challenges and."

Similar presentations


Ads by Google