Μεθοδολογίες ελέγχου ιδιωτικότητας και ασφάλειας σε ηλεκτρονικά παρεχόμενες υπηρεσίες

View/
Keywords
Απαιτήσεις ιδιωτικότητας ; Αρχές ιδιωτικότητας ; Απαιτήσεις ασφάλειας ; Εκτίμηση αντικτύπου ιδιωτικότητας ; Γενικός Κανονισμός για την Προστασία των Δεδομένων (ΓΚΠΔ) ; Μεθοδολογία ελέγχου ; Μετρικές ; Χαρακτηριστικά οργανισμού ; Υπολογιστικό νέφοςAbstract
The assessment of the potential impact for an organization from a privacy violation incident is important for three main reasons: the organization will have a justified estimate of the cost (financial, reputation or other) that may be raised, will facilitate the selection of the appropriate technical, procedural and organizational protection mechanisms and also will be compliant with the new General Data Protection Regulation (GDPR) that is in effect from May 2018. Today, there are several methods to do a Privacy Impact Assessment (PIA) but none of these quantifies the results using specific metrics and thus can be significantly affected by various subjective parameters. Furthermore, the specific organizational characteristics (size, activities, number of clients, type of offered services etc.) are very rarely accounted, a fact that also affects the accuracy of the results. This thesis proposes a privacy impact assessment method that explicitly takes into account the organizational characteristics and employs a list of well-defined metrics as input, demonstrating its applicability to two Hospital Information Systems with different characteristics. The above proposed method consists of two separate methodologies. Driven by the fact that there is no way to handle at the same time the elicitation of the security and privacy requirements and of the main privacy principles, the first methodology proposed integrates the basic steps of well-established risk analysis methodologies with those of methodologies used for the elicitation of privacy requirements, considering, at the same time, the most well-known privacy principles. The aim is to assist information system designers to come up with a complete and accurate list of all security and privacy requirements that must be satisfied by the system. Furthermore, driven by the absence of a widely accepted structured representation of the privacy principles, that makes their adoption or/and satisfaction difficult and in some cases inconsistent, the second methodology proposed consists of discrete steps that organizations can follow for deciding or/and auditing their privacy protection measures. Every step is based on the significance of a privacy principle and on the sequence of the audit procedure. This thesis also analyses how a cloud computing service provider will achieve compliance with the GDPR by proposing technical and organizational measures demonstrating their applicability on a hospital cloud environment.


