Search
Close this search box.

Online privacy: It’s time for a new security paradigm – FCW

I am very pleased Mr. Hyde agreed to join to my growing Board of Advisors.  His decades of experience in the defense and intelligence community, plus his interest in cyber, access control and technical innovation make him a perfect fit.  M

Excerpt below is from the article available at: http://fcw.com/Articles/2014/09/23/Online-privacy-new-security-paradigm.aspx

(Abridged)

Internet use across industries such as government, health care, retail, education and finance relies on the ability to access personally identifiable information (PII) scattered across different applications and organizations. Further, the proliferation of software-as-a-service models and online platforms is further dispersing our personal data.

Yet, as evidenced by a number of high-profile data breaches in the past few months, the current need to protecting our PII exceeds the capabilities of existing security, privacy and interoperability technologies. Meanwhile, data breaches and resultant identity theft are imposing enormous societal economic costs and personal hardship for individuals who have had their PII compromised.

So what is the solution? There needs to be a general-purpose capability that dynamically discovers and connects distributed data and applications and enforces granular privacy, security and organizational policies to enable trusted interactions among people, organizations, applications, online services and the Internet of Things.

A set of capabilities under the banner of “trust management” has been developed in academia and is now beginning to be commercialized. It encompasses the methods and technology for assessing and protecting the information required to make decisions about online trust relationships. Establishing a system for trust management requires a common infrastructure for specifying policies that can protect yet enable access to data and systems, representing identities and credentials, and evaluating and enforcing an organization’s policies — all while maintaining privacy.