Privacy-aware Information Lifecycle Management
Download
Report
Transcript Privacy-aware Information Lifecycle Management
On Privacy-aware
Information Lifecycle Management (ILM)
in Enterprises:
Setting the Context
Marco Casassa Mont
[email protected]
Hewlett-Packard Labs
Bristol, UK
Presentation Outline
Background & Privacy Concepts
What is Information Lifecycle Management (ILM)?
What is Identity Management (IDM)?
Current Privacy Management in Enterprises
Moving Towards Privacy-Aware ILM in Enterprises
Conclusions
Presentation Outline
Background & Privacy Concepts
What is Information Lifecycle Management (ILM)?
What is Identity Management (IDM)?
Current Privacy Management in Enterprises
Moving Towards Privacy-Aware ILM in Enterprises
Conclusions
Privacy: An Important Aspect of
Regulatory Compliance for Enterprises
Regulations (incomplete list …)
PRIVACY
Regulatory Compliance
(Example of Process)
Privacy Policies for Personal Data:
Core Principles
Purpose Specification
Consent
Privacy
Permissions
Limited Collection
Privacy
Rights
Limited Use
Privacy
Obligations
Limited Disclosure
Limited Retention
Privacy Policies
Management of Data/Confidential Data
in Enterprises
Systemic Approaches …
Identity
Management
Solutions
Information
Lifecycle Management
Solutions
Others
(ad-hoc, etc.)
Enterprise
Identity Information/
Confidential Data
Presentation Outline
Background & Privacy Concepts
What is Information Lifecycle Management (ILM)?
What is Identity Management (IDM)?
Current Privacy Management in Enterprises
Moving Towards Privacy-Aware ILM in Enterprises
Conclusions
Information Lifecycle Management (ILM)
Information Lifecycle Management (ILM) is a comprehensive
Approach to Manage Information Systems’ Data
and associated “Metadata” from Creation and Initial Storage to
the time when it becomes Obsolete and is Deleted:
Deal with User Practices
Automate Storage Procedures
Information Retrieval
Information Lifecycle Management Automates:
Process of Organising Data into Separate Tiers
Data Migration between Tiers based on Policies
Information Lifecycle Management (ILM)
Information Lifecycle Management (ILM) provides degrees
of support for the following Information/Data Management
Phases:
Assessment
Data Analysis
Classification
Automation
Review
Information Lifecycle Management (ILM)
Information Lifecycle Management (ILM) Automation
Technologies:
ILM Policy
Engine
Search and
Classify
ILM Policy
Audit
Information/
Document
Mover
Source: “Data Protection and Information Lifecycle Management
Ed. Prentice Hall, Author: Petrocelli”
Secure
Access
Information Lifecycle Management (ILM)
Current Privacy Management Capabilities:
Little or No Explicit Management of Privacy Policies
Limited Privacy Capabilities, such as Data
Retention/Deletion and Access Control
No Advanced Support for Privacy Obligations
Proprietary/Ad-hoc Solutions
Lack of Integration/Interoperability with Other
Solutions
Presentation Outline
Background & Privacy Concepts
What is Information Lifecycle Management (ILM)?
What is Identity Management (IDM)?
Current Privacy Management in Enterprises
Moving Towards Privacy-Aware ILM in Enterprises
Conclusions
Identity Management (IDM)
Enterprise Identity Management Solutions deal with the
Management of Digital Identities, User Accounts and User
Profiles. Provide services to Applications. Support core
Functionalities:
Authentication, Authorization, Audit
User Provisioning and Account Management
Data Storage
Links to Legacy Systems and Data Consolidation
Identity Management (IDM)
State-of-the-Art of Identity Management Solutions:
Management Components
User
Access
Fed. Mgmt
Mgmt
Control
Consumable Value Components
Single Sign-On
Personalization
Privacy
Mgmt
Self Service
Lifecycle Components
Provisioning
Longevity
Security Components
Authentication
Authorization
Auditing
Data Repository Components
Directories
Meta- Directories
Virtual Directories
Databases
Identity Management (IDM)
Current Privacy Management Capabilities:
Limited Management of Privacy Policies
Focus Mainly on Privacy-Aware Access Control
No Real Support for Privacy Obligations
Proprietary/Ad-hoc Solutions
Lack of Integration/Interoperability with Other Solutions
Presentation Outline
Background & Privacy Concepts
What is Information Lifecycle Management (ILM)?
What is Identity Management (IDM)?
Current Privacy Management in Enterprises
Moving Towards Privacy-Aware ILM in Enterprises
Conclusions
Enterprise Privacy Management
Privacy Legislation
(EU Laws, HIPAA, COPPA,SOX, GLB, Safe Harbour, …)
Internal
Guidelines
Customers’
Expectations
Impact on
Enterprises and
Opportunities
Applications
& Services
PEOPLE
Personal
Data
ENTERPRISE
Policy
Development
Customers’
Satisfaction
Regulations,
Standards,
Best Practices
Reporting
IT
Alignment
Transparenc
y
Policy
Enforcement
Monitoring
Enterprise IT Infrastructure
Regulatory Compliance
Positive Impact on
Reputation, Brand,
Customer Retention
Effective Enterprise
Privacy depends on
Good Governance
Practices
Data Governance in Enterprises
Personal Data and Digital Identities
Handled with “Identity Management”
Solutions (IDM) …
Subject to Privacy Policies
(Sensitive) Documents and Other Data
Handled with “Information Lifecycle
Management” Processes and Solutions
(ILM) and Other Approaches …
Might Contain Personal Data …
If so, Subject to Privacy Policies
Current IDM and ILM Solutions
• Exists a Dichotomy between:
“Identity Management” Solutions (IDM) …
“Information Lifecycle Management”
Processes and Solutions (ILM)…
• Various Reasons:
Different Nature of Managed Information
Different Business Requirements
Different Information Usage Patterns
Identity
Management
(IDM)
Information
Lifecycle
Management
(ILM)
IDM and ILM: Common Aspects …
Both handle Confidential Data
Both need to Address Privacy Management
No Integrated Management of Privacy Policies
Duplication of Efforts
Privacy still based on Human Processes:
Prone to Mistakes and High Costs
Current Dichotomy Doesn’t Help To
Manage Privacy
Enterprise Privacy Management [1/2]
Requires Well-Planned, Systemic and Ongoing
Efforts:
Privacy Policies and Preferences can Change
over time
Data and Confidential Documents can be
subject to different Privacy Laws
Data needs to be Disposed or Transformed
over time
Enterprise Privacy Management [2/2]
• Privacy-aware Access Control
Most of Privacy Solutions (+ R&D Work)
currently focusing here
Privacy
Permissions
Privacy
Rights
Privacy
Obligations
• Privacy Obligation Management
No “Privacy-aware” Solutions are really available …
Obligations dictate Duties and Expectations …
Obligations are Transversals to ILM and IDM:
Impact on Information Lifecycle Management
(Retention, Deletion, Notifications, Transformation, etc.)
Impact on Identity Information/
Privacy
Permissions
Identity Management
Under-emphasised Area …
Privacy
Rights
Privacy
Obligations
Focus on Privacy-aware Information
Lifecycle Management
Identity
Management
Solutions
Information
Lifecycle Management
Solutions
Privacy Obligations
Enterprise
Identity Information/
Confidential Data
Open Issues
Issues to be Addressed to enable Privacy-Aware
Information Lifecycle Management:
Lack of Automation
Human-based Processes
High Cost, Prone to Mistakes
Lack of Integration (e.g. ILM and IDM)
Duplication of Efforts
Lack of Centralization
Presentation Outline
Background & Privacy Concepts
Current Privacy Management in Enterprises
What is Information Lifecycle Management (ILM)?
What is Identity Management (IDM)?
Moving Towards Privacy-Aware ILM in Enterprises
Conclusions
Privacy-aware Information Lifecycle
Management
“Privacy-Aware Information Lifecycle
Management is the Process of Ensuring that the
Lifecycle of Personal and Confidential Data
(inclusive of any Confidential Document) is
Managed according to stated Privacy Policies,
Users’ Preferences and Enterprise Privacy
Guidelines”
Privacy-aware Information Lifecycle
Management
Requirements, Core Properties and Features
HP Labs Current R&D Work in this Area
Next Steps
Requirements [1/2]
Dictated by Privacy Laws, Best Practices, Common Sense:
Enterprise should clearly state the Purposes for collecting
personal/confidential data and Processing Criteria
Openness and Transparency over Enterprise Processes
People should:
Be enabled to express their Privacy Preferences (e.g. Deletion)
Be Notified of changes affecting the management of their personal data
Retain a degree of Control on their data
Lifecycle of Data driven by all these Aspects
Requirements [2/2]
Enforcement and Compliance Checking of
Privacy Obligations
Importance of Automating the Handling Privacy Obligations
to Enable Privacy-Aware Information Lifecycle Management
Importance of doing this across ILM and IDM Solutions
Privacy-aware Information Lifecycle
Management Solutions
Expected Core Properties and Functionalities:
Explicit Modelling of Personal/Confidential Data
Explicit Representation of Privacy Policies (e.g. Obligations)
Integrated Management of these Policies (e.g. Security Policies)
Deployment and Enforcement of these Policies:
Leveraging IDM and ILM Infrastructures
Integrated Monitoring and Checking for Compliance
Privacy-aware ILM: Our Approach
• HP Labs R&D Work on Privacy Obligation
Management
• Usage of an Obligation Management System (OMS)
as Foundation of Privacy-aware ILM, across
ILM and IDM Solutions
Obligation Management System (OMS):
Model
Obligations
Monitoring
Data
Subjects
Obligations
Scheduling
Obligations
Enforcement
Privacy
Preferences
Obligation
Management
System
Administrators
Privacy Obligations
Personal
Data (PII)
ENTERPRISE
OMS to Enable Privacy-aware ILM [1/3]
• Obligation Management System (OMS):
Centralised Modelling and Abstraction of Managed Data
Centralised Representation and Authoring of
Privacy Obligations
Orchestrates the Deployment, Enforcement and
Monitoring of Obligations within Existing ILM and IDM
Systems
OMS to Enable Privacy-aware ILM [2/3]
Privacy
Preferences
Privacy
Policies &
Models
Obligation
Management System
Policy
Policy
Control
Other …
Doc. Repositories
Policy
Control
ILM Systems
Data Repositories
Control
IDM Systems
Other Storage …
Enterprise
Information
OMS to Enable Privacy-aware ILM [3/3]
Data +
Privacy
Preferences
Users
Obligation Management System (OMS)
Obligation Policy
Representation & Lifecycle Mgmt
Data
Abstraction
Obligation
Obligation
and
Deployment &
Monitoring
Modelling
Enforcement
Adaptors
Identity
Management
Solution (IDM)
Deploy
Policies
&
Enforce
Obligation
Policies
Models
Administrators
Adaptors
Information
Lifecycle
Management
Solution (ILM)
Monitor &
Compliance
Check
ENTERPRISE
Current Status and Next Steps
• OMS System: HP Labs Proof of Concept
Integrated with IDM Solution
Exploring its Integration with ILM Solution
• Need to Further Explore some Security Implications
• First Step Towards Privacy-aware ILM
Current Objective:
Create Awareness of Privacy-aware ILM
• Work in Progress …
Presentation Outline
Background & Privacy Concepts
Current Privacy Management in Enterprises
What is Information Lifecycle Management (ILM)?
What is Identity Management (IDM)?
Moving Towards Privacy-Aware ILM in Enterprises
Conclusions
Conclusions
Importance of Privacy Management for Enterprises
Obligation Management is Key to Privacy-aware Information
Lifecycle Management
Current Obligation Management: underestimated, ad-hoc, …
Need to Centralise Obligation Policies for their Enforcement/Monitoring
& Integrate with current ILM and IDM Solutions
Importance of Creating Awareness of Need for a Comprehensive,
Enterprise-wide Privacy-aware Information Lifecycle Management
HP Labs: Work in Progress …