On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard Labs Bristol, UK
Presentation Outline Background & Privacy Concepts What is Information Lifecycle Management (ILM)? What is Identity Management (IDM)? Current Privacy Management in Enterprises Moving Towards Privacy-Aware ILM in Enterprises Conclusions
Presentation Outline Background & Privacy Concepts What is Information Lifecycle Management (ILM)? What is Identity Management (IDM)? Current Privacy Management in Enterprises Moving Towards Privacy-Aware ILM in Enterprises Conclusions
PRIVACY Regulations (incomplete list …) Regulatory Compliance (Example of Process) Privacy: An Important Aspect of Regulatory Compliance for Enterprises
Privacy Policies Limited Retention Limited Disclosure Limited Use Limited Collection Consent Purpose Specification Privacy Rights Privacy Permissions Privacy Obligations Privacy Policies for Personal Data: Core Principles
Identity Management Solutions Information Lifecycle Management Solutions Enterprise Identity Information/ Confidential Data Management of Data/Confidential Data in Enterprises Others (ad-hoc, etc.) Systemic Approaches …
Presentation Outline Background & Privacy Concepts What is Information Lifecycle Management (ILM)? What is Identity Management (IDM)? Current Privacy Management in Enterprises Moving Towards Privacy-Aware ILM in Enterprises Conclusions
Information Lifecycle Management (ILM) Information Lifecycle Management (ILM) is a comprehensive Approach to Manage Information Systems’ Data and associated “Metadata” from Creation and Initial Storage to the time when it becomes Obsolete and is Deleted: Deal with User Practices Automate Storage Procedures Information Retrieval Information Lifecycle Management Automates: Process of Organising Data into Separate Tiers Data Migration between Tiers based on Policies
Information Lifecycle Management (ILM) Information Lifecycle Management (ILM) provides degrees of support for the following Information/Data Management Phases: Assessment Data Analysis Classification Automation Review
Information Lifecycle Management (ILM) Information Lifecycle Management (ILM) Automation Technologies: ILM Policy Engine Search and Classify ILM Policy Audit Information/ Document Mover Secure Access Source: “Data Protection and Information Lifecycle Management Ed. Prentice Hall, Author: Petrocelli”
Information Lifecycle Management (ILM) Current Privacy Management Capabilities: Little or No Explicit Management of Privacy Policies Limited Privacy Capabilities, such as Data Retention/Deletion and Access Control No Advanced Support for Privacy Obligations Proprietary/Ad-hoc Solutions Lack of Integration/Interoperability with Other Solutions
Presentation Outline Background & Privacy Concepts What is Information Lifecycle Management (ILM)? What is Identity Management (IDM)? Current Privacy Management in Enterprises Moving Towards Privacy-Aware ILM in Enterprises Conclusions
Identity Management (IDM) Enterprise Identity Management Solutions deal with the Management of Digital Identities, User Accounts and User Profiles. Provide services to Applications. Support core Functionalities: Authentication, Authorization, Audit User Provisioning and Account Management Data Storage Links to Legacy Systems and Data Consolidation
Identity Management (IDM) State-of-the-Art of Identity Management Solutions: Privacy Mgmt Directories Meta- Directories Virtual Directories Data Repository Components Authentication Authorization Auditing Security Components Provisioning Longevity Lifecycle Components Single Sign-On Personalization Consumable Value Components Self Service Management Components Fed. Mgmt User Mgmt Access Control Databases
Identity Management (IDM) Current Privacy Management Capabilities: Limited Management of Privacy Policies Focus Mainly on Privacy-Aware Access Control No Real Support for Privacy Obligations Proprietary/Ad-hoc Solutions Lack of Integration/Interoperability with Other Solutions
Presentation Outline Background & Privacy Concepts What is Information Lifecycle Management (ILM)? What is Identity Management (IDM)? Current Privacy Management in Enterprises Moving Towards Privacy-Aware ILM in Enterprises Conclusions
Personal Data Applications & Services PEOPLE ENTERPRISE Privacy Legislation (EU Laws, HIPAA, COPPA,SOX, GLB, Safe Harbour, …) Customers’ Expectations Internal Guidelines Regulatory Compliance Customers’ Satisfaction Positive Impact on Reputation, Brand, Customer Retention Enterprise Privacy Management Impact on Enterprises and Opportunities Regulations, Standards, Best Practices Enterprise IT Infrastructure IT Alignment Policy Enforcement Policy Development Transparenc y Monitoring Reporting Effective Enterprise Privacy depends on Good Governance Practices
Data Governance in Enterprises Personal Data and Digital Identities Handled with “Identity Management” Solutions (IDM) … Subject to Privacy Policies (Sensitive) Documents and Other Data Handled with “Information Lifecycle Management” Processes and Solutions (ILM) and Other Approaches … Might Contain Personal Data … If so, Subject to Privacy Policies
Current IDM and ILM Solutions Exists a Dichotomy between: “Identity Management” Solutions (IDM) … “Information Lifecycle Management” Processes and Solutions (ILM)… Various Reasons: Different Nature of Managed Information Different Business Requirements Different Information Usage Patterns Identity Management (IDM) Identity Management (IDM) Information Lifecycle Management (ILM) Information Lifecycle Management (ILM)
IDM and ILM: Common Aspects … Current Dichotomy Doesn’t Help To Manage Privacy Both handle Confidential Data Both need to Address Privacy Management No Integrated Management of Privacy Policies Duplication of Efforts Privacy still based on Human Processes: Prone to Mistakes and High Costs
Requires Well-Planned, Systemic and Ongoing Efforts: Privacy Policies and Preferences can Change over time Data and Confidential Documents can be subject to different Privacy Laws Data needs to be Disposed or Transformed over time Enterprise Privacy Management [1/2]
Enterprise Privacy Management [2/2] Privacy-aware Access Control Most of Privacy Solutions (+ R&D Work) currently focusing here Privacy Obligation Management No “Privacy-aware” Solutions are really available … Obligations dictate Duties and Expectations … Obligations are Transversals to ILM and IDM: Impact on Information Lifecycle Management (Retention, Deletion, Notifications, Transformation, etc.) Impact on Identity Information/ Identity Management Under-emphasised Area … Privacy Rights Privacy Permissions Privacy Obligations Privacy Rights Privacy Permissions Privacy Obligations
Identity Management Solutions Information Lifecycle Management Solutions Enterprise Identity Information/ Confidential Data Privacy Obligations Focus on Privacy-aware Information Lifecycle Management
Open Issues Issues to be Addressed to enable Privacy-Aware Information Lifecycle Management: Lack of Automation Lack of Automation Human-based Processes High Cost, Prone to Mistakes Lack of Integration (e.g. ILM and IDM) Lack of Integration (e.g. ILM and IDM) Duplication of Efforts Lack of Centralization
Presentation Outline Background & Privacy Concepts Current Privacy Management in Enterprises What is Information Lifecycle Management (ILM)? What is Identity Management (IDM)? Moving Towards Privacy-Aware ILM in Enterprises Conclusions
Privacy-aware Information Lifecycle Management “Privacy-Aware Information Lifecycle Management is the Process of Ensuring that the Lifecycle of Personal and Confidential Data (inclusive of any Confidential Document) is Managed according to stated Privacy Policies, Users’ Preferences and Enterprise Privacy Guidelines”
Privacy-aware Information Lifecycle Management Requirements, Core Properties and Features HP Labs Current R&D Work in this Area Next Steps
Requirements [1/2] Dictated by Privacy Laws, Best Practices, Common Sense: Enterprise should clearly state the Purposes for collecting personal/confidential data and Processing Criteria Openness and Transparency over Enterprise Processes People should: Be enabled to express their Privacy Preferences (e.g. Deletion) Be Notified of changes affecting the management of their personal data Retain a degree of Control on their data Lifecycle of Data driven by all these Aspects
Requirements [2/2] Enforcement and Compliance Checking of Privacy Obligations Importance of Automating the Handling Privacy Obligations to Enable Privacy-Aware Information Lifecycle Management Importance of doing this across ILM and IDM Solutions
Privacy-aware Information Lifecycle Management Solutions Expected Core Properties and Functionalities: Explicit Modelling of Personal/Confidential Data Explicit Representation of Privacy Policies ( e.g. Obligations ) Integrated Management of these Policies ( e.g. Security Policies ) Deployment and Enforcement of these Policies: Leveraging IDM and ILM Infrastructures Integrated Monitoring and Checking for Compliance
Privacy-aware ILM: Our Approach HP Labs R&D Work on Privacy Obligation Management Usage of an Obligation Management System (OMS) as Foundation of Privacy-aware ILM, across ILM and IDM Solutions
Obligation Management System Obligations Scheduling Obligations Enforcement Obligations Monitoring Personal Data (PII) Data Subjects Administrators ENTERPRISE Obligation Management System (OMS): Model Privacy Obligations Privacy Preferences
OMS to Enable Privacy-aware ILM [1/3] Obligation Management System (OMS): Centralised Modelling and Abstraction of Managed Data Centralised Representation and Authoring of Privacy Obligations Orchestrates the Deployment, Enforcement and Monitoring of Obligations within Existing ILM and IDM Systems
OMS to Enable Privacy-aware ILM [2/3] Obligation Management System Obligation Management System ILM Systems IDM Systems Other … Data RepositoriesDoc. Repositories Other Storage … Enterprise Information Policy Control Policy Control Policy Control Privacy Preferences Privacy Policies & Models
Identity Management Solution (IDM) Identity Management Solution (IDM) Information Lifecycle Management Solution (ILM) Information Lifecycle Management Solution (ILM) Obligation Management System (OMS) Data Abstraction and Modelling Obligation Policy Representation & Lifecycle Mgmt Obligation Deployment & Enforcement Obligation Monitoring Users Data + Privacy Preferences Adaptors Administrators Obligation Policies Models ENTERPRISE Deploy Policies & Enforce Monitor & Compliance Check OMS to Enable Privacy-aware ILM [3/3]
Current Status and Next Steps OMS System: HP Labs Proof of Concept Integrated with IDM Solution Exploring its Integration with ILM Solution Need to Further Explore some Security Implications First Step Towards Privacy-aware ILM Current Objective: Create Awareness of Privacy-aware ILM Work in Progress …
Presentation Outline Background & Privacy Concepts Current Privacy Management in Enterprises What is Information Lifecycle Management (ILM)? What is Identity Management (IDM)? Moving Towards Privacy-Aware ILM in Enterprises Conclusions
Conclusions Importance of Privacy Management for Enterprises Obligation Management is Key to Privacy-aware Information Lifecycle Management Current Obligation Management: underestimated, ad-hoc, … Need to Centralise Obligation Policies for their Enforcement/Monitoring & Integrate with current ILM and IDM Solutions Importance of Creating Awareness of Need for a Comprehensive, Enterprise-wide Privacy-aware Information Lifecycle Management HP Labs: Work in Progress …