Title :
Towards Privacy Taxonomy-Based Attack Tree Analysis for the Protection of Consumer Information Privacy
Author :
Reddy, Kamil ; Venter, H.S. ; Olivier, Martin ; Currie, Iain
Author_Institution :
Inf. & Comput. Security Archit. Res. Group, Univ. of Pretoria, Pretoria
Abstract :
There is a strong legal and ethical imperative for organisations to protect consumer information privacy. In this paper we present a method called privacy taxonomy-based attack tree analysis (PTATA). PTATA involves the combination of privacy violation taxonomies and attack trees. It assists organisations in protecting information privacy by providing a means to analyze weaknesses in their protective measures. We define privacy violation taxonomies, as well as review attack trees, and illustrate the practical implementation of PTATA through example scenarios. The advantages and drawbacks to our method are also discussed. The paper ends with future research which may build on this work.
Keywords :
consumer protection; ethical aspects; organisational aspects; security of data; trees (mathematics); consumer information privacy; privacy taxonomy-based attack tree analysis; privacy violation taxonomies; Computer architecture; Computer security; Data privacy; Guidelines; Information analysis; Information security; Law; Legal factors; Protection; Taxonomy; Attack Trees; Information Privacy; Privacy; Taxonomy-Based Attack Tree Analysis;
Conference_Titel :
Privacy, Security and Trust, 2008. PST '08. Sixth Annual Conference on
Conference_Location :
Fredericton, NB
Print_ISBN :
978-0-7695-3390-2
DOI :
10.1109/PST.2008.18
