Report on Privacy and Data Protection Strategies for MyLicense Portal

Verified

Added on 2023/06/06

AI Summary

This report focuses on the privacy and data protection strategies employed for the MyLicense portal, emphasizing the importance of maintaining informal data identity. It details the monitoring of transactions and user registration processes, highlighting the use of user IDs and passwords as digital identities managed by the DAS system. The report addresses security risks such as lack of KYC details, transaction risks, PEP screening, data frauds, and authentication errors, proposing mitigation plans including encryption, transaction monitoring, PEP screening, continuous data monitoring, and proper authentication procedures. Control mechanisms like attribute collection, standards adherence, attribute exchange, authentication, service delivery, and authorization are also discussed to secure the digital identity of DAS consumers. The report provides references to support the discussed strategies and solutions.

PRIVACY AND DATA PROTECTION STRATEGIES
OF INFORMAL DATA IDENTITY FOR MYLICENSE
PORTAL
The various transactions being performed on the system should be monitored on a constant
basis for maintenance of the informal data identity in context to the information related to
users of MyLicence portal. It will include the renewal of licence and issuing them in the
portal. The customers will have to register into the system for this process and maintaining
their identity on the virtual system. The user ID and password will be considered as their
digital identity. The digital identity of the customers will be maintained by the DAS system
so that more information about them can be retrieved easily. The identification of the
customers will be done with the help of certain specific variables that forms the part of user’s
digital identity. The insecurity related to fraudulent entities will be managed through the DAS
system. It will be ensured that the services are not being provided to the adversaries. The
process of excessive identity proofing will be used to assure the customers that their personal
data is secure. It will be done through combining the authenticator, proofing along with
requirements of the government.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Privacy and Data Protection Control of Informal Data Identity for
MyLicene Portal

S. No Security Risks
(Personal data)
Mitigation Plans Implementation
Methods
1. Lack of
Customer
Details
The information of
customers will be
collected for security
reasons whenever the
customer accesses the
portal and completes
registration.
Know Your
Customer (KYC)
2. Transaction
Risks
The encryption and
monitoring of
transactions will be
carried out on a constant
basis to mitigate the
identified errors or even
frauds.
Transaction
Monitoring
3. Politically
Exposed
Person (PEP)
Risks
The screening of
sanctions will be done
for identification of the
adversaries and so that
they could be kept away
from the portal.
PEP and Sanction
Screening
4. Data Frauds Continuous monitoring
of data will be carried
out to identify and
mitigate any frauds or
errors.
Prevention of
frauds
5. Authentication
Errors
Proper authentication
procedures have to be
followed by the users and
they will requested to
provide correct
authentication credentials
otherwise they will not
be given access to the
system.
Pop-up display
with alert to users
about the incorrect
authentication
credentials.
6. Identity
Proofing
Errors
Proper identification of
users will be done prior
to providing permission
for utilizing the services.
Multiple
authentication
levels

Control Mechanisms
Different types of control mechanism are available, used in order to secure the digital identity
of DAS consumers. The different control mechanisms are elaborated in the below section:
 Features/ Attribute collection: Against any sort of threats the necessary attributes of
the users and identify proofing mechanism are all captured, stored and secured
accurately.
 Standards: The function and the operation are assists following security standards to
avoid consistency issues and co-ordination issues.
 Attribute Exchange: Proper privacy and security techniques are adopted while
exchanging data from one source to another
 Authentication: Through developing links between the users and the attributes
different authentication mechanism are available
 Service Delivery: Proper license services are needed to be offered by the users
 Authorization: Accurate rules are to be applied for successful authentication of some
of the services. Based on the users attributes the authentication should be
implemented.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

References
Abawajy, J. H., Ninggal, M. I. H., & Herawan, T. (2016). Privacy preserving social network
data publication. IEEE communications surveys & tutorials, 18(3), 1974-1997.
Bartolini, C., Muthuri, R., & Santos, C. (2015, November). Using ontologies to model data
protection requirements in workflows. In JSAI International Symposium on Artificial
Intelligence (pp. 233-248). Springer, Cham.
Bindschaedler, V., Shokri, R., & Gunter, C. A. (2017). Plausible deniability for privacy-
preserving data synthesis. Proceedings of the VLDB Endowment, 10(5), 481-492.
Edwards, L. (2016). Privacy, security and data protection in smart cities: A critical EU law
perspective. Eur. Data Prot. L. Rev., 2, 28.
Pasquier, T., Singh, J., Powles, J., Eyers, D., Seltzer, M., & Bacon, J. (2018). Data
provenance to audit compliance with privacy policy in the Internet of
Things. Personal and Ubiquitous Computing, 22(2), 333-344.