Abstract
Previous chapters have emphasized that criminals and spies concentrate on financial account information, trade secrets, and internal organization data. This chapter is all about protecting information assets via the three goals of security, CIA: confidentiality, integrity, and availability. Two additional requirements that may apply include legal and privacy liability. We achieve these goals by classifying information assets and then defining how each class of assets should be protected. That, in a nutshell, is what this chapter is all about.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Macy J, Brown MY (1998) Coming back to life. New Society Publishers, Gabriola Island, p 41
Gottshall JY (2013) Security, privacy, and whistleblowing. In: SC congress Chicago, IL, 20 November 2013
PCI Security Standards Council (2013) Requirements and security assessment procedures, v 3.0, November 2013. www.pcisecuritystandards.org
Harris S (2013) All-in-one CISSP® exam guide, 6th edn. McGraw-Hill Co., New York, NY, pp 109–112, 120–124, 219–226, 369–371
Smith R (2013) Elementary information security. Jones & Bartlett Learning, Burlington, MA, pp 773–780
Grama JL (2011) Legal issues in information security, 2nd edn. Jones & Bartlett Learning, Burlington, MA, pp 188–213
Liulevicius VG (2011) Espionage and covert operations: a global history. The Great Courses, Chantilly, VA, lecture 24
ISACA (2010) CISA review manual 2011. ISACA, Arlington Heights, IL, pp 320–326, 337–342
Stephenson P, Hanlon J, O’Connor K (2014) Product section: SIEM. SC Mag, Haymarket Media 25(3):35–49
Bisdikian C, Sensoy M, Norman TJ, Srivastava MB (2012) Trust and obfuscation principles for quality of information in emerging pervasive environments. In: The 4th international workshop on information quality. Inst. for Electrical and Electronics Eng. (IEEE), http://ieeexplore.ieee.org, pp 44–49
Chakraborty S, Raghavan KR, Srivastava MB, Bisdikian C, Kaplan LM (2012) Balancing value and risk in information sharing through obfuscation. In: 2012 15th International Conf. on Information Fusion (FUSION). IEEE, pp 1615–1622
Novak K, Gottshall, JY (2013) Security, privacy, and whistleblowing. SC Congress Chicago, IL, 20 November 2013
Johansson JM (2014) Security watch island hopping: mitigating undesirable dependencies. http://technet.microsoft.com/en-us/magazine/2008.02.securitywatch.aspx. Accessed 14 Feb 2014
http://Big Data (2014) Big risks: secure your data before it’s too late. pp 1–4. http://enterprise-encryption.vormetric.com/rs/vormetric/images/CSO Vormetric Big Data Security Whitepaper.pdf. Accessed 4 Dec 2014
Dev H, Sen T, Basak M, Ali ME (2012) Approach to protect the privacy of cloud data from data mining based attacks. In: 2012 SC companion: high performance computing, networking, storage and analysis. SC Magazine, pp 1106–1115
Subashini S, Kavitha V (2011) A metadata based storage model for securing data in cloud environment. In: 2011 international conference on cyber-enabled distributed computing and knowledge discovery. IEEE, pp 429–434
HHS (2013) HIPAA administrative simplification regulation text. U.S. Department of Health and Human Services Office for Civil Rights. March 2013, pp 59–115
Li Y, Zhang X (2010) A trust model of TCB subsets. In: IEEE proc. 9th international conf. on machine learning and cybernetics. IEEE, pp 2838–2842
Vetter L, Smith G, Lunt TF (1989) TCB subsets: the next step. In: Fifth annual computer security applications conference. IEEE, pp 216–221
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Lincke, S. (2015). Designing Information Security. In: Security Planning. Springer, Cham. https://doi.org/10.1007/978-3-319-16027-6_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-16027-6_7
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-16026-9
Online ISBN: 978-3-319-16027-6
eBook Packages: Computer ScienceComputer Science (R0)