Authorisation and access control architecture as a framework for data and privacy protection
share
Privacy protection in digital databases does not demand that data should not be collected, stored or used, but that there should be guarantees that the data can only be used for pre-approved and legitimate purposes. We argue that a data protection law based on traditional understanding of privacy protection and detection of privacy infringements is unlikely to be successful, and that what is required is a law based on an understanding of an architectural requirement of authorisation, audit and access control in real-time.
READ FULL TEXT