On Thursday I set out to find some information on how to approach privacy on the website. I think it will be an issue if I am to have a log in option on my website, so I figured I better know what kind of things I need to consider. I believe that the book covers this in encryption, but that is well past the half way mark of the book, so I don't know if I am going to get there in time for assignment 1 submission. So i did a search on the web for some information and this is what I came up with:
http://dig.csail.mit.edu/2007/09/ieee-ic-beyond-secrecy-weitzner.html - This article was more about the social issues that are arising in regard to privacy. He suggests that we not worry too much about what information people are gathering on us, but we should worry more about the laws governing what others can do with that information. It really didn't have a lot of practical application for me at this stage though.
http://web.mit.edu/Saltzer/www/publications/protection/ - This article was quite long and drawn out. Again, it was more on the issues arising form privacy and probably more relevant to large database and network systems. But I did get some good things out of it.
What I need to look at:
1. What kind of information I will require from a user
2. How will it be stored
3. How will it be used
4. What is my 'desired authority structure'?
Design Principles:
1. Keep it simple
2. Fail-safe default
3. Across the board protection
4 Open design
5. Separation of privileges & key system
6. Least privilege - limit accessibility to the minimum
7. Least common mechanism - avoid security compromise
8. Psychological acceptability - ease of use for correct application
9. Work factor - how technical do you have to be to check password
10. Compromise recording - use reliable recording methods over foolproofing
The final article was from the modules:
http://gvu.cc.gatech.edu/user_surveys/survey-1998-10/ - It was very thought provoking. These are some of the things I gained from it.
* From the statistics it is clear that there must be an option on the website to communicate with the vendor.
* Detailed information on the product is #1 in importance
* Availability of product is #2
* Price comparison is #3
Reasons for dissatisfaction:
1. Confusing/disorganised
2. Couldn't find what they were looking for
3. Slow download.
skip to main |
skip to sidebar
This blog tracks the progress of the website titled 'RASPBERRY WHIRL' by Tracy Maurer. Highlighting the progress made and the lessons learnt along the way
No comments:
Post a Comment