10 Matching Annotations
- Jun 2015
-
csrc.nist.gov csrc.nist.gov
-
cyber-physical systems
Cyber-physical systems are the next evolution of embedded systems. From Wikipedia:
Today, a precursor generation of cyber-physical systems can be found in areas as diverse as aerospace, automotive, chemical processes, civil infrastructure, energy, healthcare, manufacturing, transportation, entertainment, and consumer appliances. This generation is often referred to as embedded systems. In embedded systems the emphasis tends to be more on the computational elements, and less on an intense link between the computational and physical elements.
-
Fair In formation Practice Prin ciples
-
privacy impact assessments
-
Privacy engineering is an emergi ng field, but currently there is no widely-accepted definition of the discipline. For the purposes of this publication, privacy engineering is a collection of methods to support the mitigation of risks to individuals arising from th e processing of their personal information within information systems.
-
The NIST RMF categorizes four broad 523 processes in looped phases, as illustrated in 524 Figure 01 : (i) frame risk (i.e., establish the 525 context for risk-based decisions); (ii) assess 526 risk; (iii) respond to risk once determined; 527 and (iv) monitor risk on an ongoing b
-
Predictability is the enabling of reliable assumptions by individuals, owners, and operators about personal information and its processing by an information system. Manageability is providing the capability for granular administration of personal information including alteration, deletion, and selective disclosure. Disassociability is enabling the processing of personal information or events without association to individuals or devices beyond the operational requirements of the system.
-
Data actions are information system operations that process personal information. “Processing” can include, but is not limited to, the collection, retention, logging, generation, transformation, disclosure, transfer, and disposal of personal information.
-
Personal Information: For the purpose of risk assessment, personal information is 963 considered broadly as any information that ca n uniquely identify an individual as well as 964 any other information, events or behavior th at can be associated with an individual. 965 Where agencies are conducting activities subj ect to specific laws, regulation or policy, 966 more precise definitions may apply.
A definition for personal information.
-
-
www.law.upenn.edu www.law.upenn.edu
-
A new taxonomy to understand privacy violations is thus sorely needed. This Article develops a taxonomy to identify privacy problems in a compre- hensive and concrete manner. It endeavors to guide the law toward a more coherent understanding of privacy and to serve as a framework for the fu- ture development of the field of privacy law.
-
In the taxonomy that follows, there are four basic groups of harmful ac- tivities: (1) information collection, (2) information processing, (3) informa- tion dissemination, and (4) invasion. Each of these groups consists of dif- ferent related subgroups of harmful activities.
-