| Phoning home is a controversial issue for software manufacturers, developers and end-users. Phoning home refers to communication between a user’s software or hardware and the manufacturer. Certain applications may collect and store information about the end user and transmit it back “home” to the manufacturer. However, phone-home software has a number of different applications that include malicious and non-malicious uses. This article will explore various uses of phone-home software, as well as the security questions that are [...] Price discrimination is a strategy that is frequently used by commercial organizations as a way of distinguishing between different groups of customers. By separating consumers into subcategories, companies can charge different prices for the same goods or services. With the rapid growth of e-commerce, companies are able to experiment with and implement different price discrimination strategies. Online consumers consciously and unconsciously provide vendors with information that helps them to split the market into segments for price discrimination. This article introduces basic concepts involved in price discrimination, as well as some of the impacts on consumers’ [...] It’s impossible to be online and not encounter social networking, which in recent years, has embedded itself in many facets of people’s online lives. Websites such as Facebook, MySpace, Twitter and LinkedIn offer their users huge forums for sharing information, establishing contact with others and maintaining ties to friends and family. This article examines social networking services from a privacy standpoint, looking at key issues such as access, control, limitations and trust. Websites’ privacy policies and their weaknesses are also examined, by using the well-known social networking service Facebook as an example of how these services can compromise users’ [...] This article looks at the processes of de-identification, or anonymization of personal information. It also examines how developments in re-identification can use anonymous information to identify individuals, underscoring the shortcomings of anonymization [...] There are numerous technological tools and resources that can help individuals preserve their online privacy. Some tools ensure that email communications are confidential, some allow users to browse webpages securely and others still ensure that files are encrypted before they are transferred between two computers. This article will explore some tools that a user might rely on to protect their online [...] The US Secure Flight Program has garnered much public concern and disapproval in Canada, where many Canadians are finding themselves subject to the controversial regulations when flying over US airspace. Aviation security is a high priority issue for the Canadian federal Privacy Commissioner, who earlier this year carried out an investigation of airport security scanners being installed in Canadian airports. While security is an issue in the aviation industry, the Privacy Commissioner, along with other privacy watchdogs, insist that security measures must also respect the privacy and personal dignity of travelers in Canadian [...] According to the OPC (Office of the Privacy Commissioner), the concept of identity is defined simply as how a person is known, either by other people, or by an organization. An individual’s identity is a distinguishing set of information that may vary from context to context. For instance, family and friends may identify a person by certain traits; an employer might identify a person by role, skill or position; and a service provider might identify a person by a unique identification number. This article examines identity concepts and identity management systems that citizens come in contact with on a daily basis, as well as the possibility of a national identity [...] Cryptography refers to the science of rendering information unrecognizable and thus useless to those without proper authorization. This field includes mathematics, computer science and engineering. While cryptography was initially applied to protect message confidentiality, it has grown to include issues such as privacy concerns, data integrity, identity authentication, secure computing and more. This article introduces the field of cryptography, defines the basic concepts of encryption and decryption and discusses related concepts. It also explores current uses of cryptography in the information security [...] Access controls determine the authorized activities of legitimate users, while mediating users’ access to system resources. Access controls ensure that data are being used by the appropriate people in the correct roles in particular contexts. For instance, IT infrastructures employ access control systems at a number of levels. Operating systems also rely on access controls to protect directories or files. As a result of regulatory compliance, there has been a noticeable push for controls in the IT industry. This article looks at basic concepts around access [...] Risk management plays a crucial role in helping organizations protect and secure their information assets. Effective risk management programs are a significant component of any IT security program. This article will discuss the role of risk management, including the identification, assessment, prioritization and diffusion of risks. Risks, Threats & Vulnerabilities Risk is often confused with other related terms and concepts. The lines between risks, threats and vulnerabilities are sometimes confused. Further, the terms “risk assessment” and “vulnerability assessment” are frequently used interchangeably, though they have very different applications. The term “risk” is defined as the impact that could result from vulnerability, or the [...] | |
