Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 9-1.

Published byOscar Carpenter Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 9-1."— Presentation transcript:

1 Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 9-1

2 Copyright © 2015 Pearson Education, Inc. Learning Objectives Identify and explain controls designed to protect the confidentiality of sensitive information. Identify and explain controls designed to protect the privacy of customers’ personal information. Explain how the two basic types of encryption systems work. 9-2

3 Copyright © 2015 Pearson Education, Inc. Protecting Confidentiality and Privacy of Sensitive Information Identify and classify information to protect Where is it located and who has access? Classify value of information to organization Encryption Protect information in transit and in storage Access controls Controlling outgoing information (confidentiality) Digital watermarks (confidentiality) Data masking (privacy) Training 9-3

4 Copyright © 2015 Pearson Education, Inc. Generally Accepted Privacy Principles Management ▫Procedures and policies with assigned responsibility and accountability Notice ▫Provide notice of privacy policies and practices prior to collecting data Choice and consent ▫Opt-in versus opt-out approaches Collection ▫Only collect needed information Use and retention ▫Use information only for stated business purpose Access ▫Customer should be able to review, correct, or delete information collected on them Disclosure to third parties Security Protect from loss or unauthorized access Quality Monitoring and enforcement Procedures in responding to complaints Compliance 9-4

5 Copyright © 2015 Pearson Education, Inc. Encryption Preventative control Factors that influence encryption strength: ▫Key length (longer = stronger) ▫Algorithm ▫Management policies  Stored securely 9-5

6 Copyright © 2015 Pearson Education, Inc. Encryption Steps Takes plain text and with an encryption key and algorithm, converts to unreadable ciphertext (sender of message) To read ciphertext, encryption key reverses process to make information readable (receiver of message) 9-6

7 Copyright © 2015 Pearson Education, Inc. Types of Encryption SymmetricAsymmetric Uses one key to encrypt and decrypt Both parties need to know the key ▫Need to securely communicate the shared key ▫Cannot share key with multiple parties, they get their own (different) key from the organization Uses two keys ▫Public—everyone has access ▫Private—used to decrypt (only known by you) ▫Public key can be used by all your trading partners Can create digital signatures 9-7

8 Copyright © 2015 Pearson Education, Inc. Virtual Private Network Securely transmits encrypted data between sender and receiver ▫Sender and receiver have the appropriate encryption and decryption keys. 9-8

9 Copyright © 2015 Pearson Education, Inc. Key Terms Information rights management (IRM) Data loss prevention (DLP) Digital watermark Data masking Spam Identity theft Cookie Encryption Plaintext Ciphertext Decryption Symmetric encryption systems Asymmetric encryption systems Public key Private key Key escrow Hashing Hash Nonrepudiation Digital signature Digital certificate Certificate of authority Public key infrastructure (PKI) Virtual private network (VPN) 9-9

Download ppt "Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 9-1."

Similar presentations

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Confidentiality and Privacy Controls

Confidentiality and Privacy Controls
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Information Security 1 Information Security: Lecture no 7 Jeffy Mwakalinga.

Information Security 1 Information Security: Lecture no 7 Jeffy Mwakalinga.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Cryptographic Technologies

Cryptographic Technologies
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 1.

Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 1.
Chapter 19 Security.

Chapter 19 Security.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott

Similar presentations

Ads by Google