Information Privacy Engineering and Privacy by Design (häftad)
Fler böcker inom
Häftad (Paperback)
Antal sidor
Addison Wesley
229 x 178 x 25 mm
772 g
Antal komponenter
Information Privacy Engineering and Privacy by Design (häftad)

Information Privacy Engineering and Privacy by Design

Understanding privacy threats, technologies, and regulations

Häftad Engelska, 2019-05-15
Fåtal ex i lager. Skickas inom 1-2 vardagar.
Gratis frakt inom Sverige över 159 kr för privatpersoner.
Finns även som
Visa alla 2 format & utgåvor
In Information Privacy Engineering and Privacy by Design, renowned information technology author William Stallings brings together the comprehensive and practical guidance that is needed to succeed as organizations of all kinds are recognizing the crucial importance of protecting privacy. Stallings shows how to apply todays consensus best practices and widely-accepted standards documents in your environment, leveraging policy, procedures, and technology to meet legal and regulatory requirements and protect everyone who depends on you. Like Stallings other award-winning texts, this guide is designed to help students quickly find the information and gain the mastery needed to implement effective privacy. Coverage includes:
  • Planning for privacy: Approaches for managing and controlling the privacy control function; how to define your IT environments requirements; and how to develop appropriate policies and procedures for it
  • Privacy threats: Understanding and identifying the full range of threats to privacy in information collection, storage, processing, access, and dissemination
  • Information privacy technology: Satisfying the privacy requirements youve defined by using technical controls, privacy policies, employee awareness, acceptable use policies, and other techniques
  • Legal and regulatory requirements: Understanding GDPR as well as the current spectrum of U.S. privacy regulations, with insight for mapping regulatory requirements to IT actions
  • Ideal for all students studying the privacy aspects of cybersecurity
  • Includes full sections on planning for privacy, identifying and understanding threats, applying modern privacy technologies, and understanding evolving legal and regulatory requirements (including GDPR)
  • Reflects best practices and widely-accepted standards, and supports key Human Security elements of Cybersecurity Curricula 2017 (CSEC2017)
  • Multiple learning features promote rapid access and mastery: from clear learning objectives and glossary definitions to QR weblinks and a frequently updated website
  • Ancillary resources, including lecture slides, provide instructors ample support in integrating this text 
  • By William Stallings, 13-time winner of the prestigious TAA Computer Science Textbook of the Year Award
The comprehensive guide to engineering and implementing privacy best practices
  • Ideal for anyone with privacy responsibilities in any organization, and for all students studying the privacy aspects of cybersecurity
  • Includes full sections on planning for privacy, identifying and understanding threats, applying modern privacy technologies, and understanding evolving legal and regulatory requirements (including GDPR)
  • Reflects best practices and widely-accepted standards, and supports key Human Security elements of Cybersecurit...
Visa hela texten

Passar bra ihop

  1. Information Privacy Engineering and Privacy by Design
  2. +
  3. Digital Minimalism

De som köpt den här boken har ofta också köpt Digital Minimalism av Cal Newport (häftad).

Köp båda 2 för 737 kr


Har du läst boken? Sätt ditt betyg »

Övrig information

Dr. William Stallings, author of the forthcoming Pearson book Effective Cybersecurity: A Practical Guide to Standards and Best Practices, has made a unique contribution to understanding the broad sweep of technical developments in computer networking, computer architecture, and network security. He has authored more than 40 books on various aspects of these subjects, and is a 13-time winner of the Text and Academic Author Association (TAA) Computer Science Textbook of the Year Award. In over 30 years in the field, he has been a technical contributor, technical manager, and an executive with several high-technology firms. Currently he is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions. Stallings' specialties include information review and analysis of security, data communications, and networking products and services; research for and writing of technical white papers; assistance as subject-matter expert for technical advisory boards; security policy development and implementation; evaluation of security awareness and training programs; and advice relevant to compliance with IETF, NIST, and IEEE standards. Dr. Stallings is a member of the editorial board of Cryptologia, a scholarly journal devoted to all aspects of cryptology. He holds a PhD from M.I.T. in Computer Science and a BS from Notre Dame in electrical engineering.


Preface xxii PART I: OVERVIEW 1 Chapter 1: Security and Cryptography Concepts 2 1.1 Cybersecurity, Information Security, and Network Security 2 Security Objectives 3 The Challenges of Information Security 5 1.2 Security Attacks 6 Passive Attacks 8 Active Attacks 8 1.3 Security Services 10 Authentication 10 Access Control 11 Data Confidentiality 11 Data Integrity 11 Nonrepudiation 12 Availability Service 12 1.4 Security Mechanisms 12 1.5 Cryptographic Algorithms 13 Keyless Algorithms 14 Single-Key Algorithms 14 Two-Key Algorithms 15 1.6 Symmetric Encryption 15 1.7 Asymmetric Encryption 17 1.8 Cryptographic Hash Functions 20 1.9 Digital Signatures 22 1.10 Practical Considerations 23 Selection of Cryptographic Algorithms and Key Lengths 23 Implementation Considerations 24 Lightweight Cryptographic Algorithms 24 Post-Quantum Cryptographic Algorithms 25 1.11 Public-Key Infrastructure 25 Public-Key Certificates 25 PKI Architecture 27 1.12 Network Security 29 Communications Security 29 Device Security 30 1.13 Key Terms and Review Questions 30 Key Terms 30 Review Questions 31 1.14 References 31 Chapter 2: Information Privacy Concepts 32 2.1 Key Privacy Terminology 32 2.2 Privacy by Design 35 Privacy by Design Principles 35 Requirements and Policy Development 37 Privacy Risk Assessment 37 Privacy and Security Control Selection 39 Privacy Program and Integration Plan 40 2.3 Privacy Engineering 41 Privacy Implementation 44 System Integration 44 Privacy Testing and Evaluation 45 Privacy Auditing and Incident Response 45 2.4 Privacy and Security 46 Areas of Overlap Between Security and Privacy 46 Trade-Offs Between Security and Privacy 48 2.5 Privacy Versus Utility 48 2.6 Usable Privacy 49 Users of Privacy Services and Functions 50 Usability and Utility 50 2.7 Key Terms and Review Questions 50 Key Terms 50 Review Questions 51 2.8 References 51 PART II: PRIVACY REQUIREMENTS AND THREATS 53 Chapter 3: Information Privacy Requirements and Guidelines 54 3.1 Personally Identifiable Information and Personal Data 55 Sources of PII 57 Sensitivity of PII 58 3.2 Personal Information That Is Not PII 59 3.3 Fair Information Practice Principles 63 3.4 Privacy Regulations 66 European Union 66 U.S. Privacy Laws and Regulations 67 3.5 Privacy Standards 68 International Organization for Standardization (ISO) 69 National Institute of Standards and Technology 77 3.6 Privacy Best Practices 88 Information Security Forum (ISF) 88 Cloud Security Alliance (CSA) 90 3.7 Key Terms and Review Questions 91 Key Terms 91 Review Questions 91 3.8 References 92 Chapter 4: Information Privacy Threats and Vulnerabilities 94 4.1 The Evolving Threat Environment 95 Overall Impact of Advances in Technology 95 Repurposing Collected Data 96 Means of Collection of PII 96 4.2 Privacy Threat Taxonomy 97 Information Collection 98 Information Processing 98 Information Dissemination 98 Invasions 99 4.3 NIST Threat Model 100 4.4 Threat Sources 105 4.5 Identifying Threats 106 4.6 Privacy Vulnerabilities 108 Vulnerability Categories 108 Location of Privacy Vulnerabilities 109 National Vulnerability Database and Common Vulnerability Scoring System 110 4.7 Key Terms and Review Questions 114 Key Terms 114 Review Questions 115 4.8 References