Please enable JavaScript.
Coggle requires JavaScript to display documents.
4-CONTROLS - Coggle Diagram
4-CONTROLS
IDENTIFIABILITY &
LINKABILITY
identified and linked
pseudonymous and linkable with
reasonable & automatable effort
pseudonymous and not linkable
with reasonable effort
anonymous
and unlilkable
k-anonymity
l-diversity
DATA ORIENTED
STRATEGIES
SEPARATE
to prevent correlation
isolate
geographically, demographically,
per customer/individual, etc
involves data already distributed
distribute
physical segregation
logical segregation
(role based access control)
MINIMIZE
exclude
assessing the need of data according to goals
and not to preconceived designs of systems
select
similar to exclude,
but on an individualized base
strip
removal of unnecessary data
destroy
best achieved by setting
retention periods upfront
HIDE
to prevent data
becoming public
restrict
preventing unauthorized access to data
mix
obscuring relationships btw data, that would leak
from an orderly processing
metadata
obfuscate
encryption, different language, hashing
preventing understandability of data
dissociate
removing relations btw data elements
ABSTRACT
reducing data precision
group
aggregating data to
extract correlations
summarize
making data less granular
(e.g. age->age range)
perturb
adding noise/approximating data
PROCESS ORIENTED
STRATEGIES
ENFORCE
create
context policies & processes
control policies (policies dictating
use of other strategies)
maintain
variance policies & processes
uphold
organizational-wide
policies & processes
DEMONSTRATE
log
logging and reviewing
data practices
for defined processes
audit
for less defined
processes
report
analyzing audits and logs
INFORM
(info balance)
supply
privacy notice
notify
in case of breach
explain
providing info clearly
& explaining risks
CONTROL
(power balance)
consent
choose
update
retract
DECENTRALIZATION
isolation
POINT CONTROLS
(extending user domain)
hide
control
must be external to the threat actor
don't mitigate metadata risks
ARCHITECTURE
identifiability & centricity
privacy by architecture
pseudo/anonymized data
user centric architecture
privacy by policy
the more identifiable and centralized the data
-> + reliance on pb policy
CENTRALIZATION
higher risk when data
is centrallized