Skip to main content
SpringerLink
Log in

Designing Information Security

  • Chapter
Security Planning

  • 2938 Accesses

Abstract

Previous chapters have emphasized that criminals and spies concentrate on financial account information, trade secrets, and internal organization data. This chapter is all about protecting information assets via the three goals of security, CIA: confidentiality, integrity, and availability. Two additional requirements that may apply include legal and privacy liability. We achieve these goals by classifying information assets and then defining how each class of assets should be protected. That, in a nutshell, is what this chapter is all about.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Macy J, Brown MY (1998) Coming back to life. New Society Publishers, Gabriola Island, p 41

    Google Scholar 

  2. Gottshall JY (2013) Security, privacy, and whistleblowing. In: SC congress Chicago, IL, 20 November 2013

    Google Scholar 

  3. PCI Security Standards Council (2013) Requirements and security assessment procedures, v 3.0, November 2013. www.pcisecuritystandards.org

  4. Harris S (2013) All-in-one CISSP® exam guide, 6th edn. McGraw-Hill Co., New York, NY, pp 109–112, 120–124, 219–226, 369–371

    Google Scholar 

  5. Smith R (2013) Elementary information security. Jones & Bartlett Learning, Burlington, MA, pp 773–780

    Google Scholar 

  6. Grama JL (2011) Legal issues in information security, 2nd edn. Jones & Bartlett Learning, Burlington, MA, pp 188–213

    Google Scholar 

  7. Liulevicius VG (2011) Espionage and covert operations: a global history. The Great Courses, Chantilly, VA, lecture 24

    Google Scholar 

  8. ISACA (2010) CISA review manual 2011. ISACA, Arlington Heights, IL, pp 320–326, 337–342

    Google Scholar 

  9. Stephenson P, Hanlon J, O’Connor K (2014) Product section: SIEM. SC Mag, Haymarket Media 25(3):35–49

    Google Scholar 

  10. Bisdikian C, Sensoy M, Norman TJ, Srivastava MB (2012) Trust and obfuscation principles for quality of information in emerging pervasive environments. In: The 4th international workshop on information quality. Inst. for Electrical and Electronics Eng. (IEEE), http://ieeexplore.ieee.org, pp 44–49

  11. Chakraborty S, Raghavan KR, Srivastava MB, Bisdikian C, Kaplan LM (2012) Balancing value and risk in information sharing through obfuscation. In: 2012 15th International Conf. on Information Fusion (FUSION). IEEE, pp 1615–1622

    Google Scholar 

  12. Novak K, Gottshall, JY (2013) Security, privacy, and whistleblowing. SC Congress Chicago, IL, 20 November 2013

    Google Scholar 

  13. Johansson JM (2014) Security watch island hopping: mitigating undesirable dependencies. http://technet.microsoft.com/en-us/magazine/2008.02.securitywatch.aspx. Accessed 14 Feb 2014

  14. http://Big Data (2014) Big risks: secure your data before it’s too late. pp 1–4. http://enterprise-encryption.vormetric.com/rs/vormetric/images/CSO Vormetric Big Data Security Whitepaper.pdf. Accessed 4 Dec 2014

    Google Scholar 

  15. Dev H, Sen T, Basak M, Ali ME (2012) Approach to protect the privacy of cloud data from data mining based attacks. In: 2012 SC companion: high performance computing, networking, storage and analysis. SC Magazine, pp 1106–1115

    Google Scholar 

  16. Subashini S, Kavitha V (2011) A metadata based storage model for securing data in cloud environment. In: 2011 international conference on cyber-enabled distributed computing and knowledge discovery. IEEE, pp 429–434

    Google Scholar 

  17. HHS (2013) HIPAA administrative simplification regulation text. U.S. Department of Health and Human Services Office for Civil Rights. March 2013, pp 59–115

    Google Scholar 

  18. Li Y, Zhang X (2010) A trust model of TCB subsets. In: IEEE proc. 9th international conf. on machine learning and cybernetics. IEEE, pp 2838–2842

    Google Scholar 

  19. Vetter L, Smith G, Lunt TF (1989) TCB subsets: the next step. In: Fifth annual computer security applications conference. IEEE, pp 216–221

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Wisconsin-Parkside, Kenosha, WI, USA

    Susan Lincke

Authors
  1. Susan Lincke
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Lincke, S. (2015). Designing Information Security. In: Security Planning. Springer, Cham. https://doi.org/10.1007/978-3-319-16027-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-16027-6_7

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-16026-9

  • Online ISBN: 978-3-319-16027-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation