English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113656/144643 (79%)
Visitors : 51713568      Online Users : 744
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/29689
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/29689


    Title: 語意性的隱私政策-落實於銀行內部隱私保護的研究
    Semantic privacy policies-Research for the enforcement of privacy protection inside the bank
    Authors: 李家輝
    Lee, Chia Hui
    Contributors: 胡毓忠
    Hu, Yuh Jong
    李家輝
    Lee, Chia Hui
    Keywords: 隱私權
    企業隱私偏好平台
    語意網
    本體論
    語意規則語言
    隱私偏好平台
    個人資料保護法
    金控共同行銷規範
    電子商務消費者保護綱領
    Privacy
    E-P3P
    Semantic Web
    Ontology
    SWRL
    P3P
    XACML
    EPAL
    Date: 2007
    Issue Date: 2009-09-11 16:03:59 (UTC+8)
    Abstract: 網際網路的興起帶動銀行業電子商務的發展;然而,在開放式的網路環境下,個人的財務、交易等具有隱私的資訊,可能因金融機構本身資訊安全防護技術未落實、資料處理流程權限控管不當、或相關稽核機制不健全等因素,造成銀行個人資料外洩,而影響個人財務及公司商譽的損失。現今在銀行業電子商務的網站上,雖然有使用隱私權政策聲明的方式來表示履行客戶資料隱私保護的責任,但是此形式宣告的方式大於實質保護的意義,沒有任何作用。客戶資料的隱私資訊,亦應受到法律的保護;在我國主要的法律有電腦處理個人資料保護法、內部控制法及金控共同行銷規範等。本研究旨在針對銀行業電子商務交易流程中提出企業內部客戶隱私資料保護的架構模型,將客戶隱私資訊做分類,並遵循相關法律條文規範,以訂立具有語意的隱私權政策來落實企業內部客戶隱私資料的保護。我期望本研究的成果能貢獻未來金融業於客戶隱私資料保護的參考依循。
    The rising of Internet drives the development of e-commerce in banking industry. However, in the opening environment of Internet, the personal and confidential data which includes finance and transaction may be exposed because its poor secure protection technology or improper permission control for the procedure of data processing, or defective auditing mechanism in financial institutes. Therefore, it could influence the loss of personal finance and goodwill of companies. Although the e-commence website of banking industry protect customers’ data through the stated of right to privacy, the announced meaning is far more than the real protection. The customers’ private data should be protected by law, such as Computer Processing Personal Data Protection Act and Rules Concerning Cross-Selling by Financial Holding Company Subsidiaries in Taiwan.The purpose of the thesis offers the enterprise internal privacy construction model which classifies customers’ private data, follows the related law regulation, and establishes semantic privacy policies in order to achieve the protection of enterprise internal customers’ data for the transaction flow of e-commence in banking industry. I expect the research can contribute some references to follow in customers’ data protection for financial institutions in the future.
    Reference: 一、中文部份
    行政院消費者保護委員會-電子商務消費者.http://www.cpc.gov.tw.
    金管會金融控股公司.http://www.banking.gov.tw/.
    金融控股公司法.http://law.moj.gov.tw.
    楊亨利、邱顯貴,民89,「台灣地區網站對個人資料保護之資訊隱私政策調查」,第六屆資訊管理暨實務研討會,新竹市。
    銀行內部控制及稽核制度實施辦法.http://law.moj.gov.tw.
    銀行法.http://law.moj.gov.tw.
    電腦處理個人資料保護法及修正草案.http://law.moj.gov.tw.
    二、英文部份
    [1] A.I. Antón, Q. He and D. Baumer. "The Complexity
    Underlying JetBlue’s Privacy Policy Violations”. IEEE
    Intelligence(IJCAI’01),pages 225-230,Seattle,WA.
    [27]TRAVIS D. BREAUX, ANNIE I. ANT´ON and JON DOYLE,North
    Carolina State University. “Semantic
    Parameterization:A Process for Modeling Domain
    Descriptions”. NCSU CSC Technical Report, No. TR-2006-
    35, October 2006.
    [28]Vinith Bindiganavale and Dr. Jinsong yang,Member.“Role
    Based Access Control in Enterprise Application –
    Security Administration and User Management”,IEEE.
    [29]William F. Adkinson Jr.,Jeffrey A. Eisenach and Thomas
    Security & Privacy,to Appear.
    M. Lenard.“Privacy Online: A Report on the Information
    Practices and Policies of Commercial Web Sites.”,The
    Progress & Freedom Foundation 2001.
    [30]W3C. Platform for Privacy Preferences. Available at
    http://www.w3.org/P3P.
    [2] A.I. Antón, J.B. Earp, D. Bolchini, Q. He, C. Jensen
    and W. Stufflebeam. “The Lack of Clarity in Financial
    Privacy Policies and the Need for
    Standardization”. IEEE Security & Privacy, 2(2),pp.36-
    45, 2004.
    [3] Annie I. Antón, Elisa Bertino, Ninghui Li,and Ting
    Yu.“A Roadmap For Comprehensive Online Privacy Policy
    Management”, Communications of the ACM ,2007.
    [4] Charles D. Raab,“The future of privacy protection”.
    Cyber Trust & Crime Prevention Project 2004.
    [5] Christine Golbreich.Laboratoire d’Informatique
    Médicale,Université Rennes 1 Avdu Pr. Léon Bernard,
    35043 Rennes, France. “Combining Rule and Ontology
    Reasoners for the Semantic Web”.
    [6] eXtensible Access Control Markup Language Available at
    http:// http://www.oasis-open.org/
    [7] Financial Privacy: The Gramm-Leach Bliley Act, Federal
    TradeCommission,1999. http://www.ftc.gov/privacy/glbact/
    [8] Gramm-Leach-Bliley Act.Available at
    http://www.ftc.gov/privacy/glbact/glbsub1.htm
    [9] G. Karjoth, M. Schunter and M. Waidner. “ Platform for
    Enterprise Privacy Practices:Privacy-Enabled Management
    of Customer Data”.In Proceedings of the Second
    International Workshop on Privacy Enhancing
    Technologies (PET 2002), LNCS 2482,pp. 69-84, 2003.
    [10]G. Karjoth and M. Schunter.“A Privacy Policy Model for
    Enterprises”. In 15th IEEE Computer Security
    Foundations Workshop. IEEE Computer Society Press,2002.
    [11]G. Karjoth, M. Schunter and E. Van Herreweghe.“
    Translating Privacy Practices into Privacy Promises -
    How to Promise What You Can Keep”. In Proceedings of
    the 4th IEEE International Workshop on Policies for
    Distributed Systems and Networks (POLICY 2003), pp. 135-
    146,June 2003.
    [12]Guarino,N.,“Formal Ontology and Information Systems,”
    Proc. Of the 1st International
    Conference,Trento,Italy,6-8,IOS Press(amended version),
    pp.3-15,1998.
    [13]Horrocks,I.,et al.(2004). “SWRL:A Semantic Web Rule
    Language Combining OWL and RuleML.”
    http://www.w3.org/Submission/2004/SUBM-SWRL-20040521/.
    [14]Jason Reid, Juan M. Gonzlez Nieto, Ed Dawson, Eiji
    Okamoto. “Privacy and Trusted Computing”,IEEE
    Computer Society 2003.
    [15]Knublauch, H., M. A. Musen and A. L. Rector.
    (2004)“Editing description logics ontologies with the
    Protege OWL plugin.” International Workshop on
    Description Logics, Whistler, BC, Canada.
    [16]Mitra P., Wiederhold G., and Kersten M. (2000),“A
    Graph-Oriented Model for Articulation of Ontology
    Interdependencies”,Extending Database Technology2000
    (EDBT’2000),Konstanz,Germany.
    [17]N. Li, T. Yu and A. I. Antón.“A semantics-based
    approach to privacy languages”.CERIAS Technical
    Report TR 2003-28, Purdue University,November 2003.
    [18]Noy, N.F., and Musen, M.A. (1999). SMART: Automated
    Support for Ontology Merging and Alignment. Submitted
    to the Twelth Workshop on Knowledge Acquisition,
    Modeling, and Management, 1999. Banff,Canada.
    [19]Noy N. F. and Musen M. A. (2000), “PROMPT:Algorithm
    and tool for Automated Ontology Merging and
    Alignment”, 17th National Conference on Artificial
    Intelligence(AAAI’00),Austin Texas,pp450-455.
    [20]N. F. Noy, D. L. McGuinness, "Ontology Development 101:
    A guide to Creating Your First Ontology," 2001 Stanford
    University
    [21]P.Ashley, M. Schunter.“The Platform for Enterprise
    Privacy Practices” ,Information Security Solutions
    Europe (ISSE), Paris, 2002.
    [22]P. Ashley, S. Hada, G. Karjoth and M. Schunter.“ E-P3P
    Privacy Policies and Privacy Authorization.” Proc. of
    the Workshop on Privacy in the Electronic Society
    (WPES’02).Washington D.C. November 21, 2001.
    [23]Ashley, S. Hada, G. Karjoth, C. Powers and M. Schunter.
    Enterprise Privacy Authorization Language (EPAL 1.1)
    Specification. IBM Research Report.
    http://www.zurich.ibm.com/security/enterprise-
    privacy/epal. 2003.
    [24]S. De Capitani di Vimercati, S. Foresti, S. Jajodia, P.
    Samarati,“Access Control Policies and Languages in
    Open Environments”, in Secure Data Management in
    Decentralized Systems, T. Yu and S. Jajodia (eds),
    Springer-Verlag, 2007.
    [25]Studer, R., V. R. Benjamins & D. Fensel, “Knowledge
    Engineering: Principles and Methods”, Data and
    Knowledge Engineering, Vol. 25, Issue. 1-2, pp. 161-197.
    [26]Stumme G. and Madche A.(2001),“FCA-Merge: Bottom-up
    merging of ontologies”,In 7th Intl.Conf.on Artificial
    Description: 碩士
    國立政治大學
    資訊科學學系
    94971015
    96
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0094971015
    Data Type: thesis
    Appears in Collections:[資訊科學系] 學位論文

    Files in This Item:

    File SizeFormat
    index.html0KbHTML2587View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback