Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 9-1.

Slides:

Advertisements

Similar presentations

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Confidentiality and Privacy Controls

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

Principles of Information Security, 2nd edition1 Cryptography.

Information Security 1 Information Security: Lecture no 7 Jeffy Mwakalinga.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Cryptographic Technologies

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 1.

Chapter 19 Security.

Encryption Methods By: Michael A. Scott

 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

James Higdon, Sameer Sherwani

Cryptography Chapter 14. Learning Objectives Understand the basics of algorithms and how they are used in modern cryptography Identify the differences.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Types of Electronic Infection

Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.

Ch 13 Trustworthiness Myungchul Kim

CSI-09 COMMUNICATION TECHNOLOGY SECURITY MECHANISMS IN A NETWORK AUTHOR - V. V. SUBRAHMANYAM.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Encryption Name : Maryam Mohammed Alshami ID:H

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.

Component 9 – Networking and Health Information Exchange Unit 9-1 Privacy, Confidentiality, and Security Issues and Standards This material was developed.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Encryption u “Encryption basically involves running a readable message known as “plaintext” through a computer program that translates the message according.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.

Security Issues in Information Technology

Crypto in information security

Security Design.

IS3230 Access Security Unit 9 PKI and Encryption

Confidentiality and Privacy Controls

Chapter 5 Electronic Commerce | Encryption

Public-Key, Digital Signatures, Management, Security

Session 1 – Introduction to Information Security

10/7/2019 Created by Omeed Mustafa 1 st Semester M.Sc (Computer Science department) Cyber-Security.

Presentation transcript:

Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter 9 9-1

Copyright © 2015 Pearson Education, Inc. Learning Objectives Identify and explain controls designed to protect the confidentiality of sensitive information. Identify and explain controls designed to protect the privacy of customers’ personal information. Explain how the two basic types of encryption systems work. 9-2

Copyright © 2015 Pearson Education, Inc. Protecting Confidentiality and Privacy of Sensitive Information Identify and classify information to protect Where is it located and who has access? Classify value of information to organization Encryption Protect information in transit and in storage Access controls Controlling outgoing information (confidentiality) Digital watermarks (confidentiality) Data masking (privacy) Training 9-3

Copyright © 2015 Pearson Education, Inc. Generally Accepted Privacy Principles Management ▫Procedures and policies with assigned responsibility and accountability Notice ▫Provide notice of privacy policies and practices prior to collecting data Choice and consent ▫Opt-in versus opt-out approaches Collection ▫Only collect needed information Use and retention ▫Use information only for stated business purpose Access ▫Customer should be able to review, correct, or delete information collected on them Disclosure to third parties Security Protect from loss or unauthorized access Quality Monitoring and enforcement Procedures in responding to complaints Compliance 9-4

Copyright © 2015 Pearson Education, Inc. Encryption Preventative control Factors that influence encryption strength: ▫Key length (longer = stronger) ▫Algorithm ▫Management policies  Stored securely 9-5

Copyright © 2015 Pearson Education, Inc. Encryption Steps Takes plain text and with an encryption key and algorithm, converts to unreadable ciphertext (sender of message) To read ciphertext, encryption key reverses process to make information readable (receiver of message) 9-6

Copyright © 2015 Pearson Education, Inc. Types of Encryption SymmetricAsymmetric Uses one key to encrypt and decrypt Both parties need to know the key ▫Need to securely communicate the shared key ▫Cannot share key with multiple parties, they get their own (different) key from the organization Uses two keys ▫Public—everyone has access ▫Private—used to decrypt (only known by you) ▫Public key can be used by all your trading partners Can create digital signatures 9-7

Copyright © 2015 Pearson Education, Inc. Virtual Private Network Securely transmits encrypted data between sender and receiver ▫Sender and receiver have the appropriate encryption and decryption keys. 9-8

Copyright © 2015 Pearson Education, Inc. Key Terms Information rights management (IRM) Data loss prevention (DLP) Digital watermark Data masking Spam Identity theft Cookie Encryption Plaintext Ciphertext Decryption Symmetric encryption systems Asymmetric encryption systems Public key Private key Key escrow Hashing Hash Nonrepudiation Digital signature Digital certificate Certificate of authority Public key infrastructure (PKI) Virtual private network (VPN) 9-9