A Process for Developing Demostrably More Secure Software
A Process for Developing Demostrably More Secure Software
The Security Development Lifecycle (SDL) is a software development process that helps developers build more secure software and address security compliance requirements while reducing development cost
A Process for Developing Demostrably More Secure Software
A Process for Developing Demostrably More Secure Software
Cybercrime Evolution
A Process for Developing Demostrably More Secure Software
2008
A Process for Developing Demostrably More Secure Software
A Process for Developing Demostrably More Secure Software
Key Concepts
A Process for Developing Demostrably More Secure Software
A Process for Developing Demostrably More Secure Software
A Process for Developing Demostrably More Secure Software
Privacy: Empowering users to control collection, use, and distribution of their personal information.
Security: Establishing protective measures that defend against hostile acts or influence and provides assurance of defense.
A Process for Developing Demostrably More Secure Software
Important: The standards that keep a system secure don't necessarily ensure user privacy.
Privacy AND Security are key factors for trust
A Process for Developing Demostrably More Secure Software
The Fair Information Practices are the basis of Privacy laws in jurisdictions around the world:
A Process for Developing Demostrably More Secure Software
Other Factors:
A Process for Developing Demostrably More Secure Software
A Process for Developing Demostrably More Secure Software
A Process for Developing Demostrably More Secure Software
Types of notice:
Types of consent:
A Process for Developing Demostrably More Secure Software
Explicit Consent
Also known as express or direct consent means that an individual is clearly presented with an option to agree or disagree with the collection, use, or disclosure of personal information.
A Process for Developing Demostrably More Secure Software
Implicit Consent
Also known as deemed or indirect consent can mean two things:
You voluntarily personal information for an organization to collect, use, or disclose for purposes that would be considered obvious at the time, or
You provide personal information to an organization and it is used in a way that clearly benefits you and the organization’s expectations are reasonable.
A Process for Developing Demostrably More Secure Software
Opt-out consent
Opt-out consent — also known as giving consent by not declining to give consent — means that an individual is given the option to decline consent. If the individual does not clearly decline consent, consent is granted. Opt-out consent is usually done in writing.
Many organizations, especially websites, use opt-out consent as a way to request permission to use your personal information for other purposes.
A Process for Developing Demostrably More Secure Software
A Process for Developing Demostrably More Secure Software
Any Question?