Using Object-Oriented Concepts to Develop a High-Level Information Privacy Risk Management Model

Author

Reddy, Kamil ; Venter, H.S.

Author_Institution

Inf. & Comput. Security Archit. Res. Group, Univ. of Pretoria, Pretoria, South Africa

fYear

2009

fDate

18-23 June 2009

Firstpage

23

Lastpage

30

Abstract

In this paper we present a conceptual model for the management of information privacy risk in large organisations. The model is based on the similarities between the concepts of departments in large organisations and the object-oriented computer paradigm. It is a high-level model that takes a holistic view of information privacy risk management, and, as such, identifies risk in both manual and automated processes during the acquisition, processing, storage and dissemination of information. While conceptual in nature, the model is well suited to practical implementation due to the structure it derives from the object-oriented paradigm. The practical application of the model is demonstrated by way of an example scenario. This paper contributes by addressing the absence in the literature of freely available models for the holistic management information privacy risk in large organisations.

Keywords

data privacy; object-oriented programming; risk management; high-level information privacy risk management model; object-oriented computer paradigm; object-oriented concepts; Computer security; Guidelines; Information management; Intellectual property; Law; Object oriented modeling; Privacy; Protection; Risk management; Storage automation; information privacy; information privacy management; information privacy risk;

fLanguage

English

Publisher

ieee

Conference_Titel

Emerging Security Information, Systems and Technologies, 2009. SECURWARE '09. Third International Conference on

Conference_Location

Athens, Glyfada

Print_ISBN

978-0-7695-3668-2

Type

conf

DOI

10.1109/SECURWARE.2009.11

Filename

5211038