Please enable JavaScript.
Coggle requires JavaScript to display documents.
Chapter 11 : Security & Privacy - Coggle Diagram
Chapter 11 : Security & Privacy
Defining Security and Privacy
Security
Definition
Practising of protecting the confidentiality, integrity & availability of data
Kind of Data being protected
Data in general
What data is protected from
Unauthorised access, unauthorised modification, reduced ability to access data
Malicious &/ illegal acts
How protection is enforced
Technical protections (e.g. encryption)
Legal protections (e.g. Computer Misuse Act)
Careful adherence to best practices & configuration of security settings
Privacy
Definition
Practise of protecting the confidentiality and control of personal data
Kind of Data being protected
Personal data specifically
name
date of birth
physical address
email address
IP address
What data is protected from
Unauthorised access, reduced ability to control how personal data is used or shared
Acts that user may not consent to even if they are not malicious or illegal
How protection is enforced
Technical protections (e.g. encryption)
Legal Protections (e.g. Personal Digital Protection Act)
Careful understanding of privacy policies & configuration of privacy settings
Confidentiality
The protection of data from unauthorised access
Unauthorized access occurs when data owned by someone is used without permission.
Intruders can use passwords or bank account information to steal money, commit fraud, and publicize private information.
Unauthorised disclosure of trade secrets or customer information can lead to financial losses, loss of trust, and legal consequences for businesses.
Integrity
The protection of data from unauthorised modification
Unauthorised modification of data can lead to untrustworthiness and undesirable consequences
Examples include unintentional transfer of money in banking and incorrect treatments in healthcare.
Data modification is crucial for security and decision-making.
Availability
The ability to access data in an uninterrupted and timely fashion
Data inaccessibility due to equipment failure, network congestion, or natural disasters.
Denial-of-service attacks can compromise server availability.
Integrity and availability are related; unauthorised modification can cause data corruption.
Corrupted data may become unusable, affecting availability.
Data corruption
Denial-of-service attack