Oakleafbooks Online Library -- A Global Books Research Catalogue
And a Bookstore - We deliver Worldwide

You must enter a search term!
Browse Subject Headings
Information Privacy Engineering and Privacy by Design : Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practices
Information Privacy Engineering and Privacy by Design : Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practices
Click to enlarge
Author(s): Stallings, William
ISBN No.: 9780135302156
Pages: 528
Year: 202001
Format: Trade Paper
Price: $ 96.84
Dispatch delay: Dispatched between 7 to 15 days
Status: Available
Qty: Add to Cart

Preface xxii PART I: OVERVIEW 1 Chapter 1: Security and Cryptography Concepts 2 1.1 Cybersecurity, Information Security, and Network Security 2 Security Objectives 3 The Challenges of Information Security 5 1.2 Security Attacks 6 Passive Attacks 8 Active Attacks 8 1.3 Security Services 10 Authentication 10 Access Control 11 Data Confidentiality 11 Data Integrity 11 Nonrepudiation 12 Availability Service 12 1.4 Security Mechanisms 12 1.5 Cryptographic Algorithms 13 Keyless Algorithms 14 Single-Key Algorithms 14 Two-Key Algorithms 15 1.6 Symmetric Encryption 15 1.7 Asymmetric Encryption 17 1.


8 Cryptographic Hash Functions 20 1.9 Digital Signatures 22 1.10 Practical Considerations 23 Selection of Cryptographic Algorithms and Key Lengths 23 Implementation Considerations 24 Lightweight Cryptographic Algorithms 24 Post-Quantum Cryptographic Algorithms 25 1.11 Public-Key Infrastructure 25 Public-Key Certificates 25 PKI Architecture 27 1.12 Network Security 29 Communications Security 29 Device Security 30 1.13 Key Terms and Review Questions 30 Key Terms 30 Review Questions 31 1.14 References 31 Chapter 2: Information Privacy Concepts 32 2.1 Key Privacy Terminology 32 2.


2 Privacy by Design 35 Privacy by Design Principles 35 Requirements and Policy Development 37 Privacy Risk Assessment 37 Privacy and Security Control Selection 39 Privacy Program and Integration Plan 40 2.3 Privacy Engineering 41 Privacy Implementation 44 System Integration 44 Privacy Testing and Evaluation 45 Privacy Auditing and Incident Response 45 2.4 Privacy and Security 46 Areas of Overlap Between Security and Privacy 46 Trade-Offs Between Security and Privacy 48 2.5 Privacy Versus Utility 48 2.6 Usable Privacy 49 Users of Privacy Services and Functions 50 Usability and Utility 50 2.7 Key Terms and Review Questions 50 Key Terms 50 Review Questions 51 2.8 References 51 PART II: PRIVACY REQUIREMENTS AND THREATS 53 Chapter 3: Information Privacy Requirements and Guidelines 54 3.1 Personally Identifiable Information and Personal Data 55 Sources of PII 57 Sensitivity of PII 58 3.


2 Personal Information That Is Not PII 59 3.3 Fair Information Practice Principles 63 3.4 Privacy Regulations 66 European Union 66 U.S. Privacy Laws and Regulations 67 3.5 Privacy Standards 68 International Organization for Standardization (ISO) 69 National Institute of Standards and Technology 77 3.6 Privacy Best Practices 88 Information Security Forum (ISF) 88 Cloud Security Alliance (CSA) 90 3.7 Key Terms and Review Questions 91 Key Terms 91 Review Questions 91 3.


8 References 92 Chapter 4: Information Privacy Threats and Vulnerabilities 94 4.1 The Evolving Threat Environment 95 Overall Impact of Advances in Technology 95 Repurposing Collected Data 96 Means of Collection of PII 96 4.2 Privacy Threat Taxonomy 97 Information Collection 98 Information Processing 98 Information Dissemination 98 Invasions 99 4.3 NIST Threat Model 100 4.4 Threat Sources 105 4.5 Identifying Threats 106 4.6 Privacy Vulnerabilities 108 Vulnerability Categories 108 Location of Privacy Vulnerabilities 109 National Vulnerability Database and Common Vulnerability Scoring System 110 4.7 Key Terms and Review Questions 114 Key Terms 114 Review Questions 115 4.


8 References 116 PART III: TECHNICAL SECURITY CONTROLS FOR PRIVACY 117 Chapter 5: System Access 118 5.1 System Access Concepts 119 Privileges 119 System Access Functions 120 Privacy Considerations for System Access 121 5.2 Authorization 122 Privacy Authorization 123 5.3 User Authentication 124 Means of Authentication 125 Multifactor Authentication 126 A Model for Electronic User Authentication 127 5.4 Access Control 129 Subjects, Objects, and Access Rights 130 Access Control Policies 131 Discretionary Access Control 131 Role-Based Access Control 133 Attribute-Based Access Control 135 5.5 Identity and Access Management 140 IAM Architecture 140 Federated Identity Management 142 5.6 Key Terms and Review Questions 144 Key Terms 144 Review Questions 145 5.7 Reference 145 Chapter 6: Malicious Software and Intruders 146 6.


1 Malware Protection Activities 147 Types of Malware 147 The Nature of the Malware Threat 149 Practical Malware Protection 150 6.2 Malware Protection Software 153 Capabilities of Malware Protection Software 153 &nb.


To be able to view the table of contents for this publication then please subscribe by clicking the button below...
To be able to view the full description for this publication then please subscribe by clicking the button below...
Browse Subject Headings