Samenvatting Informatie beveiliging onder controle - SIE
Cindy van Dijk - 18082998
1
,Inhoud
Samenvatting Informatie beveiliging onder controle - SIE....................................................................... 1
HC 1 - Data Privacy................................................................................................................................... 4
AVG Notendop ..................................................................................................................................... 4
De grondwet ........................................................................................................................................ 4
De wet computercriminaliteit ............................................................................................................. 4
Wet gegevensverwerking & meldplicht .............................................................................................. 5
De algemene Verordening gegevensbescherming.............................................................................. 5
PP – doornemen .................................................................................................................................. 5
HC 2 - Privacy as Contextual Integrity ...................................................................................................... 6
Privacy as contextual integrity ............................................................................................................. 6
Verschil tussen Solove en Nissenbaum ............................................................................................... 6
Overeenkomsten/ verschillen contextuele flow analyse vs. kwetsbaarheidsanalyse ........................ 6
Kwetsbaarheidsanalyse ................................................................................................................... 6
Contextual flow analyse .................................................................................................................. 7
Overeenkomsten ............................................................................................................................. 7
Verschillen ....................................................................................................................................... 7
PP – doornemen .................................................................................................................................. 7
HC 3 - Privacy by Design & deel van HC 6 ................................................................................................ 8
Ontwerpcriteria ................................................................................................................................... 8
Wat is Privacy by Design en Privacy by Default.................................................................................... 9
Privacy by Design ............................................................................................................................. 9
Privacy by default............................................................................................................................. 9
Samenhang Privacy by Design en Privacy by Default ........................................................................... 9
De acht privacy ontwerpstrategieën ................................................................................................... 9
Minimise .......................................................................................................................................... 9
Abstract ......................................................................................................................................... 10
Seperate ........................................................................................................................................ 10
Hide ............................................................................................................................................... 10
Enforce .......................................................................................................................................... 10
Demonstrate.................................................................................................................................. 11
Control ........................................................................................................................................... 11
Inform ............................................................................................................................................ 11
PP – doornemen ................................................................................................................................ 11
HC 4 - Privacy Enhancing Technologies.................................................................................................. 12
PETs & relatie PbD ............................................................................................................................. 12
2
, Rapport ENISA en META group – doornemen ................................................................................... 12
PP – doornemen ................................................................................................................................ 12
HC 5 – Secure Software Development ................................................................................................... 12
HC 6 – Security by Design & Secure Software Development ................................................................. 12
Specificeren van toegang ................................................................................................................... 13
Verlenen van toegang ........................................................................................................................ 14
Controleren van toegang ................................................................................................................... 14
Toegangsbeheersing en techniek ...................................................................................................... 14
Authenticatie met wachtwoord ..................................................................................................... 14
Authenticatie met token of smartcard........................................................................................... 15
Authenticatie met biometrisch gegeven........................................................................................ 15
Eenmalige authenticatie (single sign-on) ....................................................................................... 15
Autorisatie in programmatuur ....................................................................................................... 15
Applicatiebeveiliging ......................................................................................................................... 16
OWASP .............................................................................................................................................. 17
Bedreigingen- en kwetsbaarheidsbeheer .......................................................................................... 18
Bedreigingenbeheer ...................................................................................................................... 18
Kwetsbaarheidsbeheer .................................................................................................................. 18
Testen van beveiligingsmaatregelen .................................................................................................. 18
Baselinetest ................................................................................................................................... 18
Kwetsbaarheidstest ....................................................................................................................... 18
Penetratietest ................................................................................................................................ 19
Red/blue teaming .......................................................................................................................... 19
PP – doornemen ................................................................................................................................ 19
HC 7 – Ethics by Design & Digitale Ethiek .............................................................................................. 19
Morele gronden van Van Den Hoven................................................................................................. 19
Systeemneutraliteit waardes ............................................................................................................. 19
Mediëren van technologie ................................................................................................................. 19
Van Den Hoven PDF – doornemen .................................................................................................... 19
Verbeek PDF – doornemen ................................................................................................................ 19
PP - doornemen ................................................................................................................................. 19
3
Cindy van Dijk - 18082998
1
,Inhoud
Samenvatting Informatie beveiliging onder controle - SIE....................................................................... 1
HC 1 - Data Privacy................................................................................................................................... 4
AVG Notendop ..................................................................................................................................... 4
De grondwet ........................................................................................................................................ 4
De wet computercriminaliteit ............................................................................................................. 4
Wet gegevensverwerking & meldplicht .............................................................................................. 5
De algemene Verordening gegevensbescherming.............................................................................. 5
PP – doornemen .................................................................................................................................. 5
HC 2 - Privacy as Contextual Integrity ...................................................................................................... 6
Privacy as contextual integrity ............................................................................................................. 6
Verschil tussen Solove en Nissenbaum ............................................................................................... 6
Overeenkomsten/ verschillen contextuele flow analyse vs. kwetsbaarheidsanalyse ........................ 6
Kwetsbaarheidsanalyse ................................................................................................................... 6
Contextual flow analyse .................................................................................................................. 7
Overeenkomsten ............................................................................................................................. 7
Verschillen ....................................................................................................................................... 7
PP – doornemen .................................................................................................................................. 7
HC 3 - Privacy by Design & deel van HC 6 ................................................................................................ 8
Ontwerpcriteria ................................................................................................................................... 8
Wat is Privacy by Design en Privacy by Default.................................................................................... 9
Privacy by Design ............................................................................................................................. 9
Privacy by default............................................................................................................................. 9
Samenhang Privacy by Design en Privacy by Default ........................................................................... 9
De acht privacy ontwerpstrategieën ................................................................................................... 9
Minimise .......................................................................................................................................... 9
Abstract ......................................................................................................................................... 10
Seperate ........................................................................................................................................ 10
Hide ............................................................................................................................................... 10
Enforce .......................................................................................................................................... 10
Demonstrate.................................................................................................................................. 11
Control ........................................................................................................................................... 11
Inform ............................................................................................................................................ 11
PP – doornemen ................................................................................................................................ 11
HC 4 - Privacy Enhancing Technologies.................................................................................................. 12
PETs & relatie PbD ............................................................................................................................. 12
2
, Rapport ENISA en META group – doornemen ................................................................................... 12
PP – doornemen ................................................................................................................................ 12
HC 5 – Secure Software Development ................................................................................................... 12
HC 6 – Security by Design & Secure Software Development ................................................................. 12
Specificeren van toegang ................................................................................................................... 13
Verlenen van toegang ........................................................................................................................ 14
Controleren van toegang ................................................................................................................... 14
Toegangsbeheersing en techniek ...................................................................................................... 14
Authenticatie met wachtwoord ..................................................................................................... 14
Authenticatie met token of smartcard........................................................................................... 15
Authenticatie met biometrisch gegeven........................................................................................ 15
Eenmalige authenticatie (single sign-on) ....................................................................................... 15
Autorisatie in programmatuur ....................................................................................................... 15
Applicatiebeveiliging ......................................................................................................................... 16
OWASP .............................................................................................................................................. 17
Bedreigingen- en kwetsbaarheidsbeheer .......................................................................................... 18
Bedreigingenbeheer ...................................................................................................................... 18
Kwetsbaarheidsbeheer .................................................................................................................. 18
Testen van beveiligingsmaatregelen .................................................................................................. 18
Baselinetest ................................................................................................................................... 18
Kwetsbaarheidstest ....................................................................................................................... 18
Penetratietest ................................................................................................................................ 19
Red/blue teaming .......................................................................................................................... 19
PP – doornemen ................................................................................................................................ 19
HC 7 – Ethics by Design & Digitale Ethiek .............................................................................................. 19
Morele gronden van Van Den Hoven................................................................................................. 19
Systeemneutraliteit waardes ............................................................................................................. 19
Mediëren van technologie ................................................................................................................. 19
Van Den Hoven PDF – doornemen .................................................................................................... 19
Verbeek PDF – doornemen ................................................................................................................ 19
PP - doornemen ................................................................................................................................. 19
3
