Published by Addison-Wesley Professional (May 28, 2019) © 2020

William Stallings
    VitalSource eTextbook (Lifetime access)
    €52,99
    Adding to cart… The item has been added
    ISBN-13: 9780135278376

    Information Privacy Engineering and Privacy by Design: Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practices ,1st edition

    Language: English

    The Comprehensive Guide to Engineering and Implementing Privacy Best Practices

    As systems grow more complex and cybersecurity attacks more relentless, safeguarding privacy is ever more challenging. Organizations are increasingly responding in two ways, and both are mandated by key standards such as GDPR and ISO/IEC 27701:2019. The first approach, privacy by design, aims to embed privacy throughout the design and architecture of IT systems and business practices. The second, privacy engineering, encompasses the technical capabilities and management processes needed to implement, deploy, and operate privacy features and controls in working systems.

    In Information Privacy Engineering and Privacy by Design, internationally renowned IT consultant and author William Stallings brings together the comprehensive knowledge privacy executives and engineers need to apply both approaches. Using the techniques he presents, IT leaders and technical professionals can systematically anticipate and respond to a wide spectrum of privacy requirements, threats, and vulnerabilities—addressing regulations, contractual commitments, organizational policies, and the expectations of their key stakeholders.

    • Review privacy-related essentials of information security and cryptography
    • Understand the concepts of privacy by design and privacy engineering
    • Use modern system access controls and security countermeasures to partially satisfy privacy requirements
    • Enforce database privacy via anonymization and de-identification
    • Prevent data losses and breaches
    • Address privacy issues related to cloud computing and IoT
    • Establish effective information privacy management, from governance and culture to audits and impact assessment
    • Respond to key privacy rules including GDPR, U.S. federal law, and the California Consumer Privacy Act

    This guide will be an indispensable resource for anyone with privacy responsibilities in any organization, and for all students studying the privacy aspects of cybersecurity.
    Preface     xxii
    PART I:  OVERVIEW     1
    Chapter 1:  Security and Cryptography Concepts     2

    1.1 Cybersecurity, Information Security, and Network Security     2
        Security Objectives     3
        The Challenges of Information Security     5
    1.2 Security Attacks     6
        Passive Attacks     8
        Active Attacks     8
    1.3 Security Services     10
        Authentication     10
        Access Control     11
        Data Confidentiality     11
        Data Integrity     11
        Nonrepudiation     12
        Availability Service     12
    1.4 Security Mechanisms     12
    1.5 Cryptographic Algorithms     13
        Keyless Algorithms     14
        Single-Key Algorithms     14
        Two-Key Algorithms     15
    1.6 Symmetric Encryption     15
    1.7 Asymmetric Encryption     17
    1.8 Cryptographic Hash Functions     20
    1.9 Digital Signatures     22
    1.10 Practical Considerations     23
        Selection of Cryptographic Algorithms and Key Lengths     23
        Implementation Considerations     24
        Lightweight Cryptographic Algorithms     24
        Post-Quantum Cryptographic Algorithms     25
    1.11 Public-Key Infrastructure     25
        Public-Key Certificates     25
        PKI Architecture     27
    1.12 Network Security     29
        Communications Security     29
        Device Security     30
    1.13 Key Terms and Review Questions     30
        Key Terms     30
        Review Questions     31
    1.14 References     31
    Chapter 2:  Information Privacy Concepts     32
    2.1 Key Privacy Terminology     32
    2.2 Privacy by Design     35
        Privacy by Design Principles     35
        Requirements and Policy Development     37
        Privacy Risk Assessment     37
        Privacy and Security Control Selection     39
        Privacy Program and Integration Plan     40
    2.3 Privacy Engineering     41
        Privacy Implementation     44
        System Integration     44
        Privacy Testing and Evaluation     45
        Privacy Auditing and Incident Response     45
    2.4 Privacy and Security     46
        Areas of Overlap Between Security and Privacy     46
        Trade-Offs Between Security and Privacy     48
    2.5 Privacy Versus Utility     48
    2.6 Usable Privacy     49
        Users of Privacy Services and Functions     50
        Usability and Utility     50
    2.7 Key Terms and Review Questions     50
        Key Terms     50
        Review Questions     51
    2.8 References     51
    PART II:  PRIVACY REQUIREMENTS AND THREATS     53
    Chapter 3:  Information Privacy Requirements and Guidelines     54

    3.1 Personally Identifiable Information and Personal Data     55
        Sources of PII     57
        Sensitivity of PII     58
    3.2 Personal Information That Is Not PII     59
    3.3 Fair Information Practice Principles     63
    3.4 Privacy Regulations     66
        European Union     66
        U.S. Privacy Laws and Regulations     67
    3.5 Privacy Standards     68
        International Organization for Standardization (ISO)     69
        National Institute of Standards and Technology     77
    3.6 Privacy Best Practices     88
        Information Security Forum (ISF)     88
        Cloud Security Alliance (CSA)     90
    3.7 Key Terms and Review Questions     91
        Key Terms     91
        Review Questions     91
    3.8 References     92
    Chapter 4:  Information Privacy Threats and Vulnerabilities     94
    4.1 The Evolving Threat Environment     95
        Overall Impact of Advances in Technology     95
        Repurposing Collected Data     96
        Means of Collection of PII     96
    4.2 Privacy Threat Taxonomy     97
        Information Collection     98
        Information Processing     98
        Information Dissemination     98
        Invasions     99
    4.3 NIST Threat Model     100
    4.4 Threat Sources     105
    4.5 Identifying Threats     106
    4.6 Privacy Vulnerabilities     108
        Vulnerability Categories     108
        Location of Privacy Vulnerabilities     109
        National Vulnerability Database and Common Vulnerability Scoring System     110
    4.7 Key Terms and Review Questions     114
        Key Terms     114
        Review Questions     115
    4.8 References     116
    PART III:  TECHNICAL SECURITY CONTROLS FOR PRIVACY     117
    Chapter 5:  System Access     118

    5.1 System Access Concepts     119
        Privileges     119
        System Access Functions     120
        Privacy Considerations for System Access     121
    5.2 Authorization     122
        Privacy Authorization     123
    5.3 User Authentication     124
        Means of Authentication     125
        Multifactor Authentication     126
        A Model for Electronic User Authentication     127
    5.4 Access Control     129
        Subjects, Objects, and Access Rights     130
        Access Control Policies     131
        Discretionary Access Control     131
        Role-Based Access Control     133
        Attribute-Based Access Control     135
    5.5 Identity and Access Management     140
        IAM Architecture     140
        Federated Identity Management     142
    5.6 Key Terms and Review Questions     144
        Key Terms     144
        Review Questions     145
    5.7 Reference     145
    Chapter 6:  Malicious Software and Intruders     146
    6.1 Malware Protection Activities     147
        Types of Malware     147
        The Nature of the Malware Threat     149
        Practical Malware Protection     150
    6.2 Malware Protection Software     153
        Capabilities of Malware Protection Software     153
        Managing Malware Protection Software     154
    6.3 Firewalls     155
        Firewall Characteristics     155
        Types of Firewalls     156
        Next-Generation Firewalls     163
        DMZ Networks     164
        The Modern IT Perimeter     165
    6.4 Intrusion Detection     166
        Basic Intrusion Detection Principles     167
        Approaches to Intrusion Detection     167
        Host-Based Intrusion Detection Techniques     169
        Network-Based Intrusion Detection Systems     169
        IDS Best Practices     171
    6.5 Key Terms and Review Questions     172
        Key Terms     172
        Review Questions     173
    6.6 References     174
    PART IV:  PRIVACY ENHANCING TECHNOLOGIES     175
    Chapter 7:  Privacy in Databases     176

    7.1 Basic Concepts     178
        Personal Data Attributes     179
        Types of Data Files     180
    7.2 Re-Identification Attacks     183
        Types of Attacks     184
        Potential Attackers     186
        Disclosure Risks     186
        Applicability to Privacy Threats     187
    7.3 De-Identification of Direct Identifiers     188
        Anonymization     189
        Pseudonymization     189
    7.4 De-Identification of Quasi-Identifiers in Microdata Files     190
        Privacy-Preserving Data Publishing     192
        Disclosure Risk Versus Data Utility     193
        PPDP Techniques     194
    7.5 K-Anonymity, L-Diversity, and T-Closeness     196
        K-Anonymity     196
        L-Diversity     198
        T-Closeness     199
    7.6 Summary Table Protection     199
        Frequency Tables     200
        Magnitude Tables     203
    7.7 Privacy in Queryable Databases     204
        Privacy Threats     205
        Protecting Queryable Databases     206
    7.8 Key Terms and Review Questions     211
        Key Terms     211
        Review Questions     212
    7.9 References     212
    Chapter 8:  Online Privacy     214
    8.1 The Online Ecosystem for Personal Data     215
    8.2 Web Security and Privacy     217
        Web Server Security and Privacy     218
        Web Application Security and Privacy     219
        Web Browser Security and Privacy     222
    8.3 Mobile App Security     224
        Mobile Ecosystem     224
        Mobile Device Vulnerabilities     225
        BYOD Policies     227
        Mobile Application Vetting     229
        Resources for Mobile Device Security     230
    8.4 Online Privacy Threats     231
        Web Application Privacy     231
        Mobile App Privacy     232
    8.5 Online Privacy Requirements     234
        Online Privacy Principles     234
        Online Privacy Framework     236
        Simplified Consumer Choice     241
        Transparency of Data Practices     241
    8.6 Privacy Notices     242
        Notice Requirements     243
        Notice Content     243
        Notice Structure     246
        Mobile App Privacy Notices     246
        Privacy Notice Design Space     248
    8.7 Tracking     250
        Cookies     250
        Other Tracking Technologies     253
        Do Not Track     254
    8.8 Key Terms and Review Questions     254
        Key Terms     254
        Review Questions     255
    8.9 References     255
    Chapter 9:  Other PET Topics     258
    9.1 Data Loss Prevention     258
        Data Classification and Identification     259
        Data States     260
        DLP for Email     262
        DLP Model     263
    9.2 The Internet of Things     266
        Things on the Internet of Things     266
        Components of IoT-Enabled Things     266
        IoT and Cloud Context     267
    9.3 IoT Security     270
        IoT Device Capabilities     270
        Security Challenges of the IoT Ecosystem     271
        IoT Security Objectives     273
    9.4 IoT Privacy     274
        An IoT Model     275
        Privacy Engineering Objectives and Risks     276
        Challenges for Organizations     278
    9.5 Cloud Computing     280
        Cloud Computing Elements     280
        Threats for Cloud Service Users     284
    9.6 Cloud Privacy     285
        Data Collection     286
        Storage     287
        Sharing and Processing     290
        Deletion     290
    9.7 Key Terms and Review Questions     290
        Key Terms     290
        Review Questions     291
    9.8 References     291
    PART V:  INFORMATION PRIVACY MANAGEMENT     293
    Chapter 10:  Information Privacy Governance and Management     294

    10.1 Information Security Governance     295
        Information Security Management System     295
        Information Security Governance Concepts     295
        Security Governance Components     298
        Integration with Enterprise Architecture     303
        Policies and Guidance     307
    10.2 Information Privacy Governance     308
        Information Privacy Roles     308
        The Privacy Program Plan     312
    10.3 Information Privacy Management     315
        Key Areas of Privacy Management     316
        Privacy Planning     317
        Privacy Policy     319
    10.4 OASIS Privacy Management Reference Model     322
        Privacy Management Reference Model and Methodology (PMRM)     322
        Privacy by Design Documentation for Software Engineers     328
    10.5 Key Terms and Review Questions     331
        Key Terms     331
        Review Questions     331
    10.6 Reference     332
    Chapter 11:  Risk Management and Privacy Impact Assessment     334
    11.1 Risk Assessment     335
        Risk Assessment Process     335
        Risk Assessment Challenges     339
        Quantitative Risk Assessment     340
        Qualitative Risk Assessment     342
    11.2 Risk Management     346
        NIST Risk Management Framework     347
        ISO 27005: Information Security Risk Management     348
        Risk Evaluation     351
        Risk Treatment     352
    11.3 Privacy Risk Assessment     353
        Privacy Impact     356
        Likelihood     361
        Assessing Privacy Risk     363
    11.4 Privacy Impact Assessment     365
        Privacy Threshold Analysis     365
        Preparing for a PIA     366
        Identify PII Information Flows     367
        Identify Potential User Behavior     367
        Determine Relevant Privacy Safeguarding Requirements     368
        Assess Privacy Risk     368
        Determine Risk Treatment     368
        The PIA Report     369
        Implement Risk Treatment     370
        Review/Audit Implementation     370
        Examples     371
    11.5 Key Terms and Review Questions     371
        Key Terms     371
        Review Questions     372
    11.6 References     372
    Chapter 12:  Privacy Awareness, Training, and Education     374
    12.1 Information Privacy Awareness     376
        Awareness Topics     377
        Awareness Program Communication Materials     378
        Awareness Program Evaluation     379
    12.2 Privacy Training and Education     380
        Cybersecurity Essentials     380
        Role-Based Training     381
        Education and Certification     383
    12.3 Acceptable Use Policies     384
        Information Security Acceptable Use Policy     384
        PII Acceptable Use Policy     386
    12.4 Key Terms and Review Questions     386
        Key Terms     386
        Review Questions     387
    12.5 References     387
    Chapter 13:  Event Monitoring, Auditing, and Incident Response     388
    13.1 Event Monitoring     388
        Security Event Logging     389
        Security Event Management     391
        Event Logging Related to PII     392
    13.2 Information Security Auditing     393
        Data to Collect for Auditing     394
        Internal and External Audits     395
        Security Audit Controls     396
    13.3 Information Privacy Auditing     398
        Privacy Audit Checklist     398
        Privacy Controls     400
    13.4 Privacy Incident Management and Response     401
        Objectives of Privacy Incident Management     401
        Privacy Incident Response Team     402
        Preparing for Privacy Incident Response     403
        Detection and Analysis     405
        Containment, Eradication, and Recovery     406
        Notification to Affected Individuals     407
        Post-Incident Activity     408
    13.5 Key Terms and Review Questions     409
        Key Terms     409
        Review Questions     410
    13.6 References     410
    Part VI:  Legal and Regulatory Requirements     411
    Chapter 14:  The EU General Data Protection Regulation     412

    14.1 Key Roles and Terms in the GDPR     413
    14.2 Structure of the GDPR     415
    14.3 GDPR Objectives and Scope     417
        Objectives     417
        Scope of the GDPR     418
    14.4 GDPR Principles     420
        Fairness421
        Lawful     422
        Transparency     423
    14.5 Restrictions on Certain Types of Personal Data     423
        Children’s Personal Data     423
        Special Categories of Personal Data     424
    14.6 Rights of the Data Subject     426
    14.7 Controller, Processor, and Data Protection Officer     428
        Data Protection by Design and Default     428
        Records of Processing Activities     429
        Security of Processing     431
        Data Protection Officer     431
    14.8 Data Protection Impact Assessment     433
        Risk and High Risk     433
        Determining Whether a DPIA Is Needed     434
        DPIA Process     436
        GDPR Requirements     438
        Criteria for an Acceptable DPIA     439
    14.9 Key Terms and Review Questions     441
        Key Terms     441
        Review Questions     441
    14.10 References     442
    Chapter 15:  U.S. Privacy Laws     444
    15.1 A Survey of Federal U.S. Privacy Laws     445
    15.2 Health Insurance Portability and Accountability Act     449
        HIPAA Overview     449
        HIPAA Privacy Rule     450
    15.3 Health Information Technology for Economic and Clinical Health Act     456
        Breach Notification     456
        Encryption of PHI     457
        Data Destruction     459
    15.4 Children’s Online Privacy Protection Act     460
        General Provisions     460
        The COPPA Final Rule     461
    15.5 California Consumer Privacy Act     462
        Basic Concepts     462
        Rights of Consumers     466
        Comparison with the GDPR     468
    15.6 Key Terms and Review Questions     470
        Key Terms     470
        Review Questions     470
    15.7 References     471
    Index     472
    Appendix (Online Only): Answers to Review Questions