Designing privacy into systems at the beginning of the development process necessitates the effective translation of privacy principles, models, and mechanisms into system requirements.
Terms and Conditions of Use provides, in part, that unless you have obtained prior permission, you may not download an entire issue of a journal or multiple copies of articles, and you may use content in the JSTOR archive only for your personal, non-commercial use. Each copy of any part of a JSTOR transmission must contain the same copyright notice that… (More)
"Privacy by design" (PbD) represents a distinct philosophical movement and a shift away from the dominant legal-oriented approach to privacy and toward an approach that is more proactive, technical, and embedded. However, it suffers from the general absence of organized systematic techniques for carrying it out. In part, this gap reflects a failure to… (More)
Cyber security and threat information sharing efforts involve a variety of groups of practicioners and stakeholders. This paper presents a methodology for analyzing information sharing efforts, to determine whether and how well the efforts will succeed. An effort to share information between two groups is represented by a directed graph. Each edge is… (More)
—Privacy risk analysis of complex socio-technical systems suffers from an inadequate risk model that focuses primarily on some form of Fair Information Practice Principles (FIPPs). Anonymization as a privacy risk control suffers from an emphasis on risk of failure, neglecting the circumstances surrounding its selection as a risk control in the first place.… (More)