The overall process of risk identification, risk analysis, and risk evaluation, with regard to the handling of personally identifiable information (PII).
Published in Chapter:
A Survey of Methodologies for Protecting Privacy of User Data Within Enterprise Information Infrastructure
Asmita Manna (Jadavpur University, India), Anirban Sengupta (Jadavpur University, India), and Chandan Mazumdar (Jadavpur University, India)
Copyright: © 2021
|Pages: 23
DOI: 10.4018/978-1-7998-5728-0.ch003
Abstract
During recent years, especially after the introduction of data protection regulations by different countries, protecting the privacy of user data has become an important research topic. Different threads of information privacy research have emerged, particularly in the areas of eliciting privacy requirements, incorporating privacy by design, performing privacy impact assessments, developing privacy enhancement techniques, implementing those techniques for privacy compliance, verifying privacy compliance, etc. Privacy engineering is integral to all phases of data lifecycle, right from privacy requirement elicitation to compliance verification. This chapter covers a brief survey of notable privacy researches and models proposed for different phases of privacy engineering (i.e., privacy requirement engineering, privacy by design, privacy impact assessment, privacy compliance, and modeling approaches for privacy in enterprise infrastructure). Models and frameworks have been chosen based on the relevance of their applicability in modeling and implementing privacy within an enterprise.