Part 5: Identity and Identity Management ; International audience ; The paper presents a Pan-European Identity Management System that was developed through the concerted efforts of several European research initiatives, and identifies gaps in the privacy protection mechanisms, which occur because privacy is considered strictly from the EU Data Protection regulation perspective. Privacy protection problems are identified, and measures to eliminate them are outlined on the basis of an extended notion of privacy, which includes aspects of unlinkability, transparency, anonymity and pseudonymity.
AbstractThe paper presents a mathematical model for the optimal security-technology investment evaluation and decision-making processes based on the quantitative analysis of security risks and digital asset assessments in an enterprise. The model makes use of the quantitative analysis of different security measures that counteract individual risks by identifying the information system processes in an enterprise and the potential threats. The model comprises the target security levels for all identified business processes and the probability of a security accident together with the possible loss the enterprise may suffer. The selection of security technology is based on the efficiency of selected security measures. Economic metrics are applied for the efficiency assessment and comparative analysis of different protection technologies. Unlike the existing models for evaluation of the security investment, the proposed model allows direct comparison and quantitative assessment of different security measures. The model allows deep analyses and computations providing quantitative assessments of different options for investments, which translate into recommendations facilitating the selection of the best solution and the decision-making thereof. The model was tested using empirical examples with data from real business environment.
