Chapter 3 - Data Classification Flashcards
Who is the data owner?
The organization that collected or created the data. Normally it is the cloud customer.
Also known as data controller
Who is the data custodian?
A person or organization who manipulates, stores or moves the data on behalf of the data owner. Usual in cloud it is the cloud provider.
Also known as data processor
What are the six stages of the data life cycle?
Create, store, use, share, archive , delete
Data might be categorized by…
Regulatory compliance, business function, functional unit or by project
Data might be classifieds by…
Sensitivity, jurisdiction, criticality
Name 3 Data discovery methods
Label -based discovery, metadata-based discovery, content-based discovery
Name 3 data analytic Tools
Datamining, real-time analytics, agile business intelligence
Data Rights Management
Intellectual property & copyright
Exceptions to copyright exclusivity
Fair use:
- academic fair use
- critique
- news reporting
- scholarly research
Satire:
Library preservation: copies to preserve work itself
Personal backup: copy if Orginal licensed version fails. Explicitly includes computer programs
Version for people with physical disabilities: E.g. audio copy of a book for someone that is blind
Techniques and technologies of DRM
- Rudimentary reference checks (e.g. password in Vintage Computer Games)
- online reference Checks (Windows product key)
- local agent checks (steam local agent that checks use system against online dB)
- presence of licensed media (requires presence of licensed media e.g. a disk. DRM is installed installed and encrypted on media)
- support-based Licensing (unlicensed content doesn’t get support)
DRM challenges in the Cloud
- replication restriction (vms must be replicated but interferes with den tool)
- jurisdictional conflicts (local rights vs sharing data across borders)
- agent/Enterprise conflicts (local agent vs. Installation in cloud and byod)
- IAM and DRM Mapping (drm iam and Cloud Imam may have conflicts because of additional layer of access control)
- api conflicts (drm incorporated in content might not offer same performance across different applications)
Obligatory DRM functions independent of content or format
- persistent protection (should protect content regardless of location or if it’s the original or a copy)
- dynamic policy control (should enable cloud creators and owners to modify ACLs)
- automatic expiration (should cease with cease of legal protection)
- continuous auditing (should allow continuous monitoring of use and access history)
- replication restriction (should under all circumstances prevent illegal duplication)
- Remote Rights revocation (owner should be able to revoke rights at any time)
Data Control - Data Retention
- Retention periods
- applicable regulations (applicable local regulations)
- retention formats (eg encrypted or not)
- data classification
- archiving and retrieval procedures
- monitoring, maintenance and enforcement
Data Control - Data Audit
Should be considered: periods, scope, responsibilities, processes and procedures, applicable regulations and monitoring, maintenance and enforcement
Challenges while reading logs:
- not a priority
- Boring because repetitive work
- find the Right Person: junior because of costs but some Junior with knowledge about the firm
- needs to have an understanding of the operation
Data Control - Data Destruction/Disposal
- physical destruction
- degaussing (Magnetfeld)
- overwriting
- cryptoshredding (encrypt data, encrypt keys with another algorithm and destroy keys)
In cloud: Cryptoshredding is the only applicable variant
