Closed mitcholll closed 4 days ago
security -> dealing with personal medical data
critical assumptions: assume the user isn't going to try to break the system. for us, there might be people who are trying to get health data. assumptions are reasonable statements that will eliminate the need to address certain hazards. try not to be too trigger happy. Make sure they are strong, reasonable assumptions. Could be psychological. Not just harms, physicially.
Safety and security. how will we take steps to ensure data won't be compromised. Be careful with security, because it has to deal with health.
What precautions can we reasonably assume will be taken.
We might not have critical assumptions. Assume mic is in good working order. Maybe the system wants to detect if the there is noise and we can detect a voice?
This one is more focused on which parts of the system do we have control over, and can we mitigate risks for. Microphone is external to the system -> Do we want to assume the microphone works?
What if the database crashes? We can detect it and put on some sort of "pop-up". We could assume the database works and won't crash
System boundary diagram gives a way to tell us what's in scope, and which parts of the system we have control over, and which parts we don't.
Ensure consistency. If we say the assumption is the database works, and the boundary diagram shows that it's inside the boundary, it wouldn't be consistent.
Critical Assumptions security -> dealing with personal medical data
critical assumptions: assume the user isn't going to try to break the system. for us, there might be people who are trying to get health data. assumptions are reasonable statements that will eliminate the need to address certain hazards. try not to be too trigger happy. Make sure they are strong, reasonable assumptions. Could be psychological. Not just harms, physicially.
Safety and security. how will we take steps to ensure data won't be compromised. Be careful with security, because it has to deal with health.
What precautions can we reasonably assume will be taken.
We might not have critical assumptions. Assume mic is in good working order. Maybe the system wants to detect if the there is noise and we can detect a voice?
System Boundaries and Components This one is more focused on which parts of the system do we have control over, and can we mitigate risks for. Microphone is external to the system -> Do we want to assume the microphone works?
What if the database crashes? We can detect it and put on some sort of "pop-up". We could assume the database works and won't crash
System boundary diagram gives a way to tell us what's in scope, and which parts of the system we have control over, and which parts we don't.
Ensure consistency. If we say the assumption is the database works, and the boundary diagram shows that it's inside the boundary, it wouldn't be consistent.
October 21st 2024, 11:30am
Attendance
Agenda