[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: ISO/IEC JTC1/SC27/WG5
Dear all, As I said during the confcall, PRIPARE has now a liaison with ISO/IEC JTC1/SC27/WG5 The public web site of WG5 is http://www.jtc1sc27.din.de/cmd?level=tpl-home&languageid=en. I am now in the WG5 mailing list (sc27wg5@dlist.uni-frankfurt.de) where all the working documents are exchanged. I also attended the last meeting in Mexico where I presented PRIPARE and mentioned PMRM, PbD-SE. The WG5 convenor (Kai Rannenberg) said that there is a higher level liaison between ISO and OASIS, but no liaison betweed OASIS and ISO SC27/WG5. During the Mexico meeting I identified the following standards related to privacy:
Provides a framework for defining privacy control requirements related to personally identifiable information within an information and communication technology environment. Designed for those individuals who are involved in specifying, procuring, architecting, designing, developing, testing, administering and operating ICT systems. Is a free standard : see http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html
Describes a privacy architecture framework that describes concerns for ICT systems that process PII; lists components for the implementation of such systems; and provides architectural views contextualizing these components.This International Standard is applicable to entities involved in specifying, procuring, architecting, designing, testing, maintaining, administering and operating ICT systems that process PII. It focuses primarily on ICT systems that are designed to interact with PII principals.
It should be used by organizations that are establishing or operating programs or systems that involve the processing of PII, or that are making significant changes to existing programs or systems. This International Standard also provides guidance on privacy risk treatment options. Privacy Impact Assessments can be conducted at various stages in the life cycle of a programme or systems ranging from the prelaunch phase and decommissioning.
Establishes commonly accepted control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of Personally Identifiable Information (PII).
Provides organizations with high-level guidance about how to assess their capability to manage privacy-related processes. In particular, it:
Defines requirements on relative anonymity with identity escrow based on the model of authentication and authorization using group signature techniques. This document provides guidance to the use of group signatures for data minimization and user convenience. This guideline is applicable in use cases where authentication or authorization is needed. It allows the users to control their anonymity within a group of registered users by choosing designated escrow agents. In particular I talked to the editor of 29151 (Code of Practice for PII Protection), Heung Youl Youm from Korea. He said he would be delighted to have a discussion with Dawn in order to ensure that PbD-SE and 20151 are complementary Antonio Kung -- _________________________________________________________________________ TRIALOG 25 rue du general Foy F-75008 Paris http://www.trialog.com Tel : 33 (0) 1 44 70 61 00 Direct : 33 (0) 1 44 70 61 03 Fax : 33 (0) 1 44 70 05 91 mailto:antonio.kung@trialog.com _________________________________________________________________________ -- Software Engineering Focused on Embedded Systems Technology -- -- Connectivity Solutions for Embedded Systems -- _____________________________________________________________________ The information contained in this transmission, which may be confidential and proprietary, is only for the intended recipients. Unauthorized use is strictly prohibited. If you receive this transmission in error, please notify me immediately by telephone or electronic mail and confirm that you deleted this transmission and the reply from your electronic mail system. _____________________________________________________________________ |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]