shopify visitor statistics

Page last updated: 4/6/23
All my books and other Pearson books available via this Web site at a greater discount than online bookstores. Go to discount book purchase.

PrivacyInformation Privacy Engineering and Privacy by Design

This book provides a practical guide to designing and implementing information privacy in IT systems. The book introduces information privacy concepts and discusses privacy requirements, threats, and vulnerabilities. The book the discusses in detail the implementation of privacy controls, privacy management, and privacy monitoring and auditing. Finally, the book discusses legal and regulatory requirements, especially the EU General Data Protection Regulation and the body of U.S. privacy laws and regulations. Here is the Table of Contents and Preface. The Pearson Site for this book includes PPT slides and answers to review questions for instructors.

page22-www_iconUseful Links
page22-orangeball Computer Science Student Resource Site: Help and advice for students and professionals.
page22-orangeball Errata sheet: Latest list of errors, updated at most monthly. If you spot any errors, please contact me at page23-email. So far, no errors spotted.

Chapter 1 - Security and Cryptography Concepts

page22-orangeball NIST Cybersecurity Site: A range of resources related to NIST programs and documents on cybersecurity.
orangeball NIST Block Ciphers: NIST documents on AES and DES.
page22-orangeball NIST Secure Hashing Page: SHA FIPS and related documents.
orangeball NSA Commercial National Security Algorithm Suite Description of the cryptographic standards approved for for the Secure Sharing of Information Among National Security Systems. The suite lists approved algorithms to be used during a transition period to quantum resistant algorithms.
orangeball Cryptographic Key Length Recommendation: Useful summary of recommendations of various organizations for key length for various cryptographic algorithms.
orangeball IEEE Technical Committee on Security and Privacy: Home of the electronic newsletter Cipher, which provides book reviews, new crypto and security links, and links to reports and papers available online.
orangeball Center for Internet Security: Provides freeware benchmark and scoring tools for evaluating security of operating systems, network devices, and applications. Includes case studies and technical papers.
orangeball Crypto Resources A good collection of pointers. Especially useful is a list of open source crypto software libraries.

Chapter 2 - Information Privacy Concepts

page22-orangeball Online Guide to Privacy Resources: From the Electronic Privacy Information Center (EPIC). A comprehensive collection of links.
page22-orangeball Stanford Encyclopedia of Philosophy - Privacy: A lengthy and information discussion of privacy.
page22-orangeball Electronic Frontier Foundation Privacy Page: Covers a wide variety of privacy topics.
page22-orangeball Federal Privacy Council: A number of U.S. government resources related to privacy, including an extensive collection of links to federal privacy laws.
page22-orangeball Office of Privacy and Open Government: An excellent U.S. government privacy resource. Includes links to numerous privacy laws and regulations, as well as guidance on various areas of privacy management, including privacy impact assessment.
page22-orangeball International Association of Privacy Professionals: The worlds largest information privacy organization. A superb and growing collection of resources, links, and white papers concerning privacy.
page22-orangeball World Privacy Forum: Dedicated to reimagining privacy in a digital era through groundbreaking, in-depth privacy research, analysis, and consumer education of the highest quality. Contains numerous reports and privacy-related links.
page22-orangeball Privacy Topics: From the Office of the Privacy Commissioner of Canada. A large collection of useful documents.

Chapter 5 - System Access

orangeball NIST Trusted Identities Group: Documents related to user authentication and password usage.
page22-orangeball NIST Image Group: Researches measurement and evaluation methods and develop standards to advance the use of image-based biometric technologies; current modalities include fingerprint, face, iris, and tattoo. Good resource.
page22-orangeball NIST RBAC site: Includes numerous documents, standards, and software on RBAC.

Chapter 6 - Malicious Software and Intruderss

page22-orangeball Vmyths: Dedicated to exposing virus hoaxes and dispelling misconceptions about real viruses.
page22-orangeball SecureList: Information about viruses, hackers, and spam.
page22-orangeball Symantec Internet Threat Security Report: Annual report on the Internet threat landscape by commercial antivirus software provider Symantec.
page4-page22-orangeball-32 Symantec Security Center: Site maintained by commercial antivirus software provider Symantec, with much useful information on current malware risks.
page22-orangeball DataLossDB project Compiles a wide variety of statistics, charts, graphs, and incident report.
page22-orangeball Honeynet Project: A research project studying the techniques of predatory hackers and developing honeypot products
page22-orangeball Honeypots: A good collection of research papers and technical articles.
page22-orangeball Snort: Web site for Snort, an open source network intrusion prevention and detection system.


page22-orangeball Privacy Patterns: Privacy patterns are design solutions to common privacy problems — a way to translate "privacy-by-design" into practical advice for software engineering. This site contains a growing collection of privacy patterns.
page22-orangeball PRIPARE: An EU-funded project to: Facilitate the application of a privacy and security-by-design methodology, support its practice by the ICT research community to prepare for industry practice; and foster risk management culture through educational material targeted to a diversity of stakeholders.
page22-orangeball Internet Privacy Engineering Network (IPEN): Its purpose is to promote and advance the state-of-the-art of privacy engineering. It supports engineers working on (re-)usable building blocks, design patterns and other tools for selected internet use cases where privacy is at stake.
page22-orangeball NIST Privacy Engineering Program: Its mission is to support the development of trustworthy information systems by applying measurement science and system engineering principles to the creation of frameworks, risk models, guidance, tools, and standards that protect privacy and, by extension, civil liberties. Good source of privacy-related documents.

Chapter 8 - Online Privacy

page22-orangeball Privacy Alliance: A lot of useful and practical information on online privacy.