{"title":"面向新数据生态下分布式网络安全的隐私管理框架","authors":"T. Breaux, Catherine B. Lotrionte","doi":"10.1109/THS.2011.6107840","DOIUrl":null,"url":null,"abstract":"Cyber security increasingly depends on advance notice of emerging threats as individuals, groups or nations attempt to exfiltrate information or disrupt systems and services. Advance notice relies on having access to the right information at the right time. This information includes trace digital evidence, distributed across public and private networks that are governed by various privacy policies, inter-agency agreements, federal and state laws and international treaties. To enable rapid and assured information sharing that protects privacy, the US government needs a means to balance privacy with the need to share. In this paper, we review US laws and policies governing government surveillance and describe key elements for a privacy management framework that seeks to enable government investigations while protecting privacy in a systematic way. The framework aligns existing Federal investigative guidelines for attributing a cyberattack with concerns for automated decision making that arise from the Fourth Amendment “reasonable expectation of privacy” and several fair information practice principles. We discuss technical challenges for those seeking to implement this framework.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"131 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Towards a privacy management framework for distributed cybersecurity in the new data ecology\",\"authors\":\"T. Breaux, Catherine B. Lotrionte\",\"doi\":\"10.1109/THS.2011.6107840\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber security increasingly depends on advance notice of emerging threats as individuals, groups or nations attempt to exfiltrate information or disrupt systems and services. Advance notice relies on having access to the right information at the right time. This information includes trace digital evidence, distributed across public and private networks that are governed by various privacy policies, inter-agency agreements, federal and state laws and international treaties. To enable rapid and assured information sharing that protects privacy, the US government needs a means to balance privacy with the need to share. In this paper, we review US laws and policies governing government surveillance and describe key elements for a privacy management framework that seeks to enable government investigations while protecting privacy in a systematic way. The framework aligns existing Federal investigative guidelines for attributing a cyberattack with concerns for automated decision making that arise from the Fourth Amendment “reasonable expectation of privacy” and several fair information practice principles. We discuss technical challenges for those seeking to implement this framework.\",\"PeriodicalId\":228322,\"journal\":{\"name\":\"2011 IEEE International Conference on Technologies for Homeland Security (HST)\",\"volume\":\"131 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-12-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE International Conference on Technologies for Homeland Security (HST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/THS.2011.6107840\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/THS.2011.6107840","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards a privacy management framework for distributed cybersecurity in the new data ecology
Cyber security increasingly depends on advance notice of emerging threats as individuals, groups or nations attempt to exfiltrate information or disrupt systems and services. Advance notice relies on having access to the right information at the right time. This information includes trace digital evidence, distributed across public and private networks that are governed by various privacy policies, inter-agency agreements, federal and state laws and international treaties. To enable rapid and assured information sharing that protects privacy, the US government needs a means to balance privacy with the need to share. In this paper, we review US laws and policies governing government surveillance and describe key elements for a privacy management framework that seeks to enable government investigations while protecting privacy in a systematic way. The framework aligns existing Federal investigative guidelines for attributing a cyberattack with concerns for automated decision making that arise from the Fourth Amendment “reasonable expectation of privacy” and several fair information practice principles. We discuss technical challenges for those seeking to implement this framework.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
