Security and Privacy Principles 2.1 Flashcards
The process of verifying identity
Authentication
The principal that information, systems, and supporting infrastructure are operating and accessible when needed
Availability
The assurance that information is not disclosed to unauthorized persons,processes, or devices. Covers data in storage, during processing, and in transit.
Confidentiality
The right of an individual to control the use of their personal information.
Privacy
The process approving access
Authorization
The process of assuring the validity and origin of data
Non-repudiation
The process of tracing action to the source
Accounting
The principal that systems are trustworthy, and works as intended, and the data is complete and accurate
Integrity
Collection of personal data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject
OECD privacy principles
Collection limitation
Personal data should be relevant to the purpose collected and should be accurate, complete, and kept up-to-date.
OECD privacy principles
Data quality
The purpose for which personal data is collected should be specified not later than at the time of data collection
OECD privacy principles
Purpose specification
Personal data should not be disclosed or otherwise used for the purposes other than specified except with the consent of the data subject; or by the authority if law
OECD privacy principles
Use limitation