Confidentiality And Privacy Controls

Preserving Confidentiality

Identifying and classify information to be protected

Protecting confidentiality with encryption

Controlling access to sensitive information

Information rights management (IRM)

Software that offers the capability not only to limit access to specific files or documents but also to specify the actions that individuals who are granted access to that resource can perform

Data loss prevention (DLP)

Software which works like antivirus programs in reverse, blocking outgoing messages that contain key words or phrases associated with intellectual property or other sensitive data the organizations want to protect

Digital watermark

Code embedded in documents that enables an organization to identify confidential information that has been disclosed

Training

Privacy

Privacy controls

Data masking

Protecting privacy by replacing sensitive personal information with fake data. Also called tokenization

Privacy concerns

Spam

Unsolicited e-mail that contains either advertising or offensive content

Identify theft

Assuming someone's identity, usually for economic gain

Privacy regulations and generally accepted privacy principles

Management

Notice

Choice and consent

Collection

Use, retention and disposal

Access

Disclosure to third parties

Security

Quality

Monitoring and enforcement

Encryption

The process of transforming normal text, called plaintext, into unreadable gibberish, called ciphertext

Plaintext

Normal text that has not been encrypted

Ciphertext

Plaintext that was transformed into unreadable gibberish using encryption

Decryption

Transforming ciphertext back into plaintext

Factors that influence encryption strength

Key length

Encryption algorithm

Policies for managing cryptographic keys

Types of encryption systems

Systematic encryption systems

Asymmetric encryption systems

Public key

Private key

Hashing

Transforming plaintext of any length into a short code called a harsh

Hash

Plaintext that has been transformed into short code

Digital signatures

nonrepudiation

Creating legally binding agreements that cannot be unilaterally repudiated by either party

Digital signature

A hash encrypted with hash creator's private key

Digital certificates and public key infrastructure

Digital certificate

Certificate authority

Public key infrastructure

Virtual private networks (VPNS)

Using encryption and authentication to securely transfer information over the internet, thereby creating a virtual private network