Part II. Access and Control: Controlling Authorized Data Access
We have grouped our privacy-protective capabilities under two broad umbrellas—access and oversight. In this section, we discuss architectural choices related to data access. Access refers to the ability of users to see, share, and manipulate data within a system. The more precisely you can control access and the more nuanced those control decisions can be, the more flexibility your users have in finding ways to work with data within the FIPPs paradigm. A data-processing technology will generally function within a larger IT system that in itself must be secure as discussed in Chapter 5 on Security Architecture. Chapters 6 and 7 then explore the myriad possibilities for privacy protection offered by application-level access controls. As we’ll show, these can be configured to do far more than just provide all-or-nothing access to data.
Get The Architecture of Privacy now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.