Internet of Things Security and Data Protection by Sébastien Ziegler

Internet of Things Security and Data Protection by Sébastien Ziegler

Author:Sébastien Ziegler
Language: eng
Format: epub
ISBN: 9783030049843
Publisher: Springer International Publishing


The initial UPRAAM model developed in Privacy Flag was including about 150 checks and controls, defined to assess the compliance with most applicable data protection obligations. However, this initial theoretical model had to be adapted in order to address the specific needs and requirements of distinct applications. There are major differences regarding the UPRAAM adaptation to the crowd and to the certification requirements that led to two very distinct UPRAAM adaptations and implementations.

First of all, the crowdsourcing tools required to simplify as much as possible the UPRAAM model and to reduce it to about 15 questions in order to satisfy the end user adoption constraints and limitations. This simplification has a cost in terms of precision and reliability of the assessment results. The UPRAAM model for certification required exactly the opposite: a very systematic and detailed analysis of the compliance in order to maximise the reliability of the assessment result. This process led Archimede Solutions to develop a detailed UPRAAM with up to 650 potential checks and controls.

Another fundamental difference relates to information access. The crowd users can only access partial information, because part of the information is controlled and not disclosed by the owner of the solution or the service to be assessed. This cognitive limitation directly impacts and restricts the questions that can be answered by the end user. This is illustrated by the green delimited area of the following, Fig. 7.5, which constitutes the focus of the UPRAAM version for crowdsourcing.

Fig. 7.5Asymmetric access to information



Download



Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.