Page 191 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 191
Unit 12: Security Metrics and Privacy
Privacy is regarding informational self-determination—the capability to decide what Notes
information regarding you goes where and Security provides the capability to be confident
that those decisions are appreciated.
There are ten Information Privacy Principles (IPPs) which cover the entire life cycle of
information from compilation and handling to storage and removal.
12.11 Keywords
Metric: A metric refers to a system of dimension that depends on quantifiable procedures.
Privacy: An individual’s or organization’s right to establish whether, when and to whom
personal or organizational information is released.
Security matrix: It is used to concentrate measures where they are required, and to be aware of
what measures are being (purposely) abandoned.
12.12 Review Questions
1. Explain the process of security metrics and also discuss metrics lifecycle.
2. Describe the concept of security metrics management.
3. Explain the various issues or aspects of security measurement.
4. Explain various categories of security metrics for process control systems.
5. What is security matrix? Enlighten its uses.
6. How do you consider privacy as business issue? Illustrate with examples.
7. Explain the concept of differentiation between privacy and security.
8. What are Information Privacy Principles? Explain each of them in detail.
9. Individuals have a right to search for access to their personal information and make
alterations. Comment.
10. Describe the rules and regulations used for compilation of sensitive information.
Answers: Self Assessment
1. metric 2. Dimensions
3. Correctness 4. long
5. Security matrix 6. Operational
7. information 8. privacy
9. business 10. Changes
11. Security 12. confidentiality
13. Licensee 14. File Server
15. Information Act 16. identifier
LOVELY PROFESSIONAL UNIVERSITY 185
