Please enable JavaScript.
Coggle requires JavaScript to display documents.
Confidentiality And Privacy Controls - Coggle Diagram
Confidentiality And Privacy Controls
Preserving Confidentiality
Identifying and classify information to be protected
Protecting confidentiality with encryption
Controlling access to sensitive information
Information rights management (IRM)
Software that offers the capability not only to limit access to specific files or documents but also to specify the actions that individuals who are granted access to that resource can perform
Data loss prevention (DLP)
Software which works like antivirus programs in reverse, blocking outgoing messages that contain key words or phrases associated with intellectual property or other sensitive data the organizations want to protect
Digital watermark
Code embedded in documents that enables an organization to identify confidential information that has been disclosed
Training
Privacy
Privacy controls
Data masking
Protecting privacy by replacing sensitive personal information with fake data. Also called tokenization
Privacy concerns
Spam
Unsolicited e-mail that contains either advertising or offensive content
Identify theft
Assuming someone's identity, usually for economic gain
Privacy regulations and generally accepted privacy principles
Management
Notice
Choice and consent
Collection
Use, retention and disposal
Access
Disclosure to third parties
Security
Quality
Monitoring and enforcement
Encryption
The process of transforming normal text, called plaintext, into unreadable gibberish, called ciphertext
Plaintext
Normal text that has not been encrypted
Factors that influence encryption strength
Key length
Encryption algorithm
Policies for managing cryptographic keys
Types of encryption systems
Systematic encryption systems
Asymmetric encryption systems
Public key
Private key
Hashing
Transforming plaintext of any length into a short code called a harsh
Hash
Plaintext that has been transformed into short code
Digital signatures
nonrepudiation
Creating legally binding agreements that cannot be unilaterally repudiated by either party
Digital signature
A hash encrypted with hash creator's private key
Digital certificates and public key infrastructure
Digital certificate
Certificate authority
Public key infrastructure
Virtual private networks (VPNS)
Using encryption and authentication to securely transfer information over the internet, thereby creating a virtual private network
Ciphertext
Plaintext that was transformed into unreadable gibberish using encryption
Decryption
Transforming ciphertext back into plaintext