Article: Data-Privacy Assessments for Application Landscapes – A Methodology

Author: Klaus Haller
Published in: 1st BPM Workshop on Workflow Security Audit and Certification (WfSAC) at BPM 11 Clermont-Ferrand, France, August 28th to September 2nd, 2011

Data privacy is a major issue for companies today. Risks can come from external attacks or from internal users disclosing sensitive data to the public. In the latter case, restricting user access to data mitigates the risk. Thanks to role-based access models, users see only the data that they need for their work. This paper presents a methodology for assessing how effective such restrictions are. It is based on classifying data, analyzing access paths, and understanding the impact of design principles. Its special contribution is its end-to-end view. It is applicable directly to complex IT landscapes being the norm today.

Read the full paper:
Klaus Haller: Data-Privacy Assessments for Application Landscapes – A Methodology

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.