Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Privacy and Security in Smart Homes

Verified

Added on 2020/03/16

AI Summary

This assignment delves into the growing concerns of privacy and security in smart homes. It examines how personal data is collected and utilized within these environments, highlighting potential vulnerabilities and risks. The focus extends to exploring various data protection techniques employed to mitigate these threats, emphasizing the importance of secure data storage and transmission. Additionally, the assignment encourages an understanding of risk assessment methodologies used to identify and evaluate potential privacy breaches in smart home ecosystems.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD PRIVACY AND SECURITY
CLOUD PRIVACY AND SECURITY
Name of the Student
Name of the University
Author’s Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1CLOUD PRIVACY AND SECURITY
Table of Contents
Introduction..........................................................................................................................2
Privacy and Data protection.................................................................................................3
Protection of Informal Digital identity................................................................................3
Outline plan.........................................................................................................................4
1. Personal data and PII data for DAS users..............................................................5
2. PII data and Private data of the user in the HR Personnel Management suite.......6
3. Governance plan for personal and PII data for DAS of the contractors................7
4. PII data and financial data for users and DAS staff in the COTS payroll suite.....7
Conclusion...........................................................................................................................8
References............................................................................................................................9

2CLOUD PRIVACY AND SECURITY
Introduction
The report discusses about the “personal identification information” or PII and the
protection of the personal data by “Department of Administrative service” or DAS that aims at
providing different types of services to the state government of Australia (Al-Fedaghi & Al-
Azmi, 2012). PII or personally identified information are the data that are used for identifying a
specific individual potentially. Any type of information’s that are used for distinguishing
someone from the other person can be considered as an PII. There are two types of PII sensitive
and non-sensitive. Sensitive PII includes the data which when exposed can cause serious
massacre and can harm an individual.so the sensitive data should be encrypted so as to protect
the data. Non-sensitive data are those which can be easily gathered and does not harm anyone.
Digital identity refers to the information of an entity used the computer system to represent it to
the external agent. Digital identities help in accessing the computer or the service in an
automated way. This report is going to discuss about the governing plans required for the PII and
digital identity that is to be adopted by Department of Administrative Services (DAS). This type
of services are mainly aiming at putting emphasis on the certain sections of the organization.
With respect to the changes in the government policies, the main of DAS is to put emphasis on
the use of “shared services” (Chakravorty, Wlodarczyk & Rong, 2013). Which in terms highlight
the facts of DAS that id focusing on the process of creating a centralized service system which
can help the government. Collection of the data by the various service providers need to be done
from the centralized data of DAS (Theoharidou, Mylonas & Gitzalis, 2012). This is related to the
application of “SaaS HR”, “personnel management suite”, “SaaS contractor management suite”,
“Cots payroll solution” in the “AWS cloud”.

3CLOUD PRIVACY AND SECURITY
Government has taken the decision of using the MyLicense portal for the purpose of
renewing the licenses. It helps the government to retain a track of the different kind of licenses
individual citizen is having (Bryant, 2013). Certain plans have been introduced by the
government for the purpose registering on My license portal and for the purpose of creating their
own informal digital identity (Cavoukian & Jonas, 2012). The use of data stored in database for
the purpose of making better plans and taking decisions by the different government bodies and
public agencies (Venkatanathan et al., 2013).
The different important topics like the assessment of the threats and risk related to
“personally identifiable information data” on the MyLicense portal considering the privacy and
data protection with the solutions like control of the risk, adopting different Plans for controlling
the “informal digital identity”, “privacy” and “data protection” that are part of the digital identity
that has been discussed (Barocas & Nissenbaum, 2014).
Privacy and Data protection
Protection of Informal Digital identity
Three components are included in the informal digital identity and they are
“identification or registration”, “authentication” and “authorization” (Chen & Zhao, 2012). The
process which helps to get a digital identity is known as “Identification or registration”.
“Authentication process” is the process of verification of different aspects related to someone’s
identity (Barocas & Nissenbaum, 2014). “Authorization” allows a user to make use of the digital
identity for the purpose of identification in different “electronic transaction” and “online form fill
up in the license website. “Identification” also includes four different parts and they are “self-
asserted”, “direct”, “third party” and “detailed direct” (Chen & Zhao, 2012). “Self-asserted” is

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4CLOUD PRIVACY AND SECURITY
the process in which the user uses self-assertion of his own identity and the third party dose not
perform any type of verification. (Danezis et al., 2015). Verification is done by the Third and a
good sample is validating the outputs of the telecomm company (Bryant, 2013).
“Authentication” can be described as the security process that allows the user by the process of
“one factor authentication”, “two factor authentication” and “three factor authentication” (Al-
Fedaghi & Al-Azmi, 2012). The most commonly used authentication is the “One factor
authentication” which uses a combination of user and password (Ferrari, 2013). The more secure
process is the “Two factor authentication” which consist of a combination of certificates that are
digital, a fingerprint or passcode (Li et al., 2014). “Three factor authentication” is the process
which includes the all other authentication processes (Lin et al., 2012).
Outline plan
The main aim of creating a plan for governance is for the purpose of checking and
approving the different procedures that are needed for managing and administrating the projects.
(KoninG et al., 2014). For creating a proper governance plan it is necessary to take assistance
from both the “procedural and documentation” (Theoharidou, Mylonas & Gritzalis, 2012). The
governance plan of a project consists of 4 goals. The goals are promotion of the various things
like consistency, productivity and what the stakeholders expect (Haimes,2015). By taking help
from the predefined practices it is possible to produce the proper deliverables. (Venkatanathan et
al., 2013). Stakeholders can be empowered with different flexible techniques and practices.
For the purpose of executing the various decisions in the project, Governance can act as a
key factor. This in term consists of the practices, steps, strategies. Project governance can also be
defines as the “people” and “purpose” driven process (Song et al., 2012). Governing of the
projects are done by the authorized boby only and proper responsibility should be taken for

5CLOUD PRIVACY AND SECURITY
performing various processes (Haimes,2015). Four steps are included in the proper creation of
the governance plan (KoninG et al., 2014). The four steps include “nimble and flexible”, “clean
and concise consistency”, “explain and justify” and “accept and approve”. There should remain a
flexibility in the format of the governance plan for the purpose of accounting according to the
different sizes of project (Theoharidou, Mylonas & Gritzalis, 2012). Which is initially related to
the fact of “smaller”, “less complex” project which may or may not require the similar
governance planning as that of the large, complex projects. Content of governance plan are
required to be provided in the procedure that is planned and necessary justification should be
provided according to the different terms of “inclusion and exclusion” (Haimes,2015).
1. Personal data and PII data for DAS users
A certain number of things can be done in the process of dealing with “personal
identifiable information” by the using some different types of “standards” and “procedure” for
the purpose of protecting the data that are personal (Cavoukian & Jonas, 2012). The duty of
developer is not to provide any type of sensitive data in the different programs (Barocas &
Nissenbaum, 2014). Privacy and security issues are also ensured before the production
(Chakravorty, Wlodarczyk & Rong, 2013). the user should be very much aware of the imposters.
The user must be sure about the fact that who is able to get the financial or the personal details.
User must not share the personal information of the portal with someone by means of anything
unless and until the user is sure or know about the person they are dealing with. Whenever
someone asks for the details of the account the user must contact the customer service via the
official website provided in the official website of DAS. Few things that are to be considered are
Where is the PII data of the user kept? Who are responsible for that data? Who are able to access
the data? With whom the company can share the data stored? It is certain that the user has seen

6CLOUD PRIVACY AND SECURITY
the notifications that are coming from the credit cards or any other mailed statements about how
they will and will not share your PII data. The user might be asked if they have given the
permission to share their PII data. It might not be considered by the user but after that the user
might consider. The user should also dispose of the personal data before disposing of the
computer. User must ensure that all the data have been cleared before disposing of any device.
Encryption must be done by the user before uploading any information into the portal. The user
must keep the password private and should use strong passwords. the user must use specific
methods of digital identity across the portal which will help the user to know whenever someone
else tried to access the portal other than the user. By the use of single identity monitoring and the
process of verification the user is protected from any types of threats. Proper authentication
process by the user must be done.
2. PII data and Private data of the user in the HR Personnel Management suite
Governance plan makes it easy for the generation of data assets by the PII data and the
financial data which provides opportunities for the My License portal, plan and knowledge of the
experienced user (Bryant, 2013). Governance data asset can be helpful because the other assets
of enterprise like “financial security”, “cash” and “human resource”. Proper methods should be
adopted by them for the purpose of protecting the data that they are storing. DAS should look
into the matter that all the information’s they are storing are encrypted in a proper way. All the
methods of verification process should be properly developed by the DAS so that no one is able
to access the data rather than the authorized ones. All the sensitive data of the DAS are managed
by this section so the requirement for protection is very much high for the user of the users in the
HR management suite. The company should follow all the data protection laws for the purpose
of minimizing their risk of data loss. The employees must ensure that they are adopting the best

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7CLOUD PRIVACY AND SECURITY
data privacy and protection. They should aim at limiting the collection of the user’s personal data
which they “collect”, “process”, “transfer” and “store”. They should limit the access to a limited
number of user and should also provide training to the employees so as to control their personal
data.
3. Governance plan for personal and PII data for DAS of the contractors
Data of governance plan is generally inclusive of both the PII and personal data for
different contractor which should include various important points like providing ideas for
procedure which is used for safeguarding the data containing important information about the
various contractors of Australia, sensitive data containing important information must be
protected during signing of different contracts, Checking different types of regulation while
identification of various omission of identification of DAS in the suite of contractor
management.
4. PII data and financial data for users and DAS staff in the COTS payroll suite
The plan of governance can easily assist in the “PII data” and financial information for
the creation of assets of data and it also provide and wonderful chance for creation of this license
website that is My license portal. Data of governance can be useful like assets like cash, human
resource and security in the financial domain.
National action plan will help in promoting transparency, corruption fighting, will use the
power of new technologies for making the government a bit better. This plan focuses in certain
areas like domain of various business across the country, easily accessing different plan of
government. Upgradation of this plan mainly has three phase that are creating awareness about it
among the citizen, looking for new idea and lastly drafting of this plan.

8CLOUD PRIVACY AND SECURITY
This plan has led to creating awareness in the youth in the year of 2015 and addition
consciousness about the given strategy can be easily formed by use of different stages of social
media like websites of different government and mailing the notices on the various website.
Conclusion
The above discussion helps to conclude that the services provided by the “department of
Administrative service” that is DAS of Australian state government provides are “HR and
personnel management”, “payroll”, “contract tendering management”. According to the changes
in the government policies DAS focuses on the process of implementing of services that are
shared which is initially related to facts of DAS centralizing their different services. So the
organization has made the decision of using the portal MyLicense for the purpose of renewing
the licenses. This also the fact that the government can easily track the types of licenses that the
citizens are having. Introduction of new plans by the Government for the process of registering
in the portal for the purpose of creating individual new digital identities. This in terms can be
used for the purpose of planning and to make better decisions by the government bodies and also
the various public agencies. This report consists of the discussions related to the various threats
faced and the ways of mitigating the risks in the portal. Both the privacy and the protection of the
PII has been considered by the TRA. There is also a governance plan for the purpose of
protecting the data in the website. Along with this other important points like the data that are
personal and the PII data for the users of the DAS in the “HR personnel management”,
“contractor management suite” has been discussed briefly. PII data and data consisting the
financial information of the users and the staffs of the DAS in the “COTS payroll suite” is also
discussed in brief.

9CLOUD PRIVACY AND SECURITY

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10CLOUD PRIVACY AND SECURITY
References
Al-Fedaghi, S., & Al-Azmi, A. A. R. (2012). Experimentation with personal identifiable
information. Intelligent Information Management, 4(04), 123.
Barocas, S., & Nissenbaum, H. (2014). Big data's end run around procedural privacy
protections. Communications of the ACM, 57(11), 31-33.
Bryant, T. (2013). UE-COTS at the University of Iowa. Workplace: A Journal for Academic
Labor, (7).
Cavoukian, A., & Jonas, J. (2012). Privacy by design in the age of big data (pp. 1-17).
Information and Privacy Commissioner of Ontario, Canada.
Chakravorty, A., Wlodarczyk, T., & Rong, C. (2013, May). Privacy preserving data analytics for
smart homes. In Security and Privacy Workshops (SPW), 2013 IEEE (pp. 23-27). IEEE.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J. H., Metayer, D. L., Tirtea, R., &
Schiffner, S. (2015). Privacy and Data Protection by Design-from policy to
engineering. arXiv preprint arXiv:1501.03726.
Ferrari, A. (2013). DIGCOMP: A framework for developing and understanding digital
competence in Europe.
Haimes, Y. Y. (2015). Risk modeling, assessment, and management. John Wiley & Sons.

11CLOUD PRIVACY AND SECURITY
KoninG, M., KoREnhoF, P., Alpár, G., & Hoepman, J. H. (2014). The abc of abc: an analysis of
attribute-based credentials in the light of data protection, privacy and identity.
Li, Z., Ma, Z., van der Kuijp, T. J., Yuan, Z., & Huang, L. (2014). A review of soil heavy metal
pollution from mines in China: pollution and health risk assessment. Science of the Total
Environment, 468, 843-853.
Lin, N., Emanuel, K., Oppenheimer, M., & Vanmarcke, E. (2012). Physically based assessment
of hurricane surge threat under climate change. Nature Climate Change, 2(6), 462.
Louw, C., & von Solms, S. (2013, October). Personally identifiable information leakage through
online social networks. In Proceedings of the South African Institute for Computer
Scientists and Information Technologists Conference (pp. 68-71). ACM.
Marwick, A. E., & Boyd, D. (2014). Networked privacy: How teenagers negotiate context in
social media. New Media & Society, 16(7), 1051-1067.
Monteleone, S. (2012). Privacy and Data Protection at the time of Facial Recognition: towards a
new right to Digital Identity? European Journal of Law and Technology, 3(3).
Smith, C. (Ed.). (2012). Insect colonization and mass production. Elsevier.
Song, D., Shi, E., Fischer, I., & Shankar, U. (2012). Cloud data protection for the
masses. Computer, 45(1), 39-45.
Theoharidou, M., Mylonas, A., & Gritzalis, D. (2012). A risk assessment method for
smartphones. Information security and privacy research, 443-456.

12CLOUD PRIVACY AND SECURITY
Venkatanathan, J., Kostakos, V., Karapanos, E., & Gonçalves, J. (2013). Online Disclosure of
Personally Identifiable Information with Strangers: Effects of Public and Private
Sharing. Interacting with Computers, 26(6), 614-626.

1 out of 13

+13062052269

info@desklib.com

Privacy and Security in Smart Homes

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Data Privacy and Security Challenges

Governing PII and Digital Identities

Threat and Risk Assessment for MyLicense Portal - Desklib

Cloud Privacy and Security

Data Governance Plan for DAS

Cloud Computing Risks and Security