Privacy enhancing technologies Flashcards
What are the privacy enhancing tecnology to be aware of?
Data minimization - limiting data collection to only what is required to fulfill a specific purpose
- when an organization applies data minimization, any processing they do will only use the lease amount of data necessary.
- Data collected should not be used for any other purpose or process without consent from the data subject.
Privacy enhancing technlogy to be aware of?
Data masking: protect sensitive data, while providing a functional alternative when real data is not needed for example, in user training, sales demos or software testing.
- change the values of the data while using the same format.
- Goal is to create a version that cannot be deciphered or reverse engineered
What are the differet masking types?
Static data masking - create sanitized copy of the database by altering all sensitive data until a copy database cane be safely shared
Deterministic data masking - map two sets of data that have the same type of data, in such a way that one value is always replaced by another value.
On the fly data masking - masking data while it is transferred from production systems to test or development system,s before the data is saved to disk.
- Dynamic data masking - similar to on the fly masking, but data is never stored in a secondary data store in the production system and consumed by another system in the dev/test environment.
What are the data masking techniques?
Data encryption Data scrambling Nuling out Value variance data substitution data shuffling Pseusdonymization
What is data encryption?
useless unless the viewer has the decryption key
What is Data scrambling?
Characters are recognized in random order
what is nuling out?
missing or null when viewed by unauthorized users
What is value variance?
Original data values are replaced by a function
What is data substitution?
Fake, but realistic, alternative values
What is data shuffling?
Values are switched within the same dataset
What is pseudonymization?
Ensures data cannot be used for personal identification
What is tokenization?
it reaplaces a sensitive data element with a non-sensitive substitute, known as a token
- the token is a randomized data string has no essential or exploitable value or meaning
- is unique identifier which retains all the pertinent information about the data without compromising its security
- Links the original data to a token but does not provide any way to decipher the token and reveal the original data.
- In contrast to encryption systems, which allow data to be deciphered using a secret key
What pseudonymization vs anonymization?
Pseudonymization - personally identifiable information fields within a consumer data record are replaced by one or more artificial identifiers, or pseudonyms, which may be recalled at a later date to re-identify the record. This is reversible
Anonymization - either encrypting or removing personally identifiable information from data sets so that the people whom the data describes remain PERMANENTLY anonymous.
