Digital Privacy : Theory, Technologies, and Practices
Alessandro Acquisti, Stefanos Gritzalis, Costos Lambrinoudakis, Sabrina di Vimercatiقیمت نهایی
- تخفیف زماندار−۵٬۰۰۰ تومان
۵٬۰۰۰ تومان صرفهجویی نسبت به قیمت اصلی
نسخه اصلی و اورجینال
بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.
مشخصات کتاب
- سال انتشار
- ۲۰۰۷
- فرمت
- زبان
- انگلیسی
- تعداد صفحات
- ۳٬۲۰۰ صفحه
- حجم فایل
- ۷٫۹ مگابایت
دربارهٔ کتاب
While information security is an ever-present challenge for all types of organizations today, most focus on providing security without addressing the necessities of staff, time, or budget in a practical manner.
Information Security Cost Management offers a pragmatic approach to implementing information security, taking budgetary and real-world constraints into consideration. By providing frameworks, step-by-step processes, and project management breakdowns, this book demonstrates how to design the best security strategy with the resources you have available.
Organized into five sections, the book-
- Focuses on setting the right road map so that you can be most effective in your information security implementations
- Discusses cost-effective staffing, the single biggest expense to the security organization
- Presents practical ways to build and manage the documentation that details strategy, provides resources for operating annual audits, and illustrates how to advertise accomplishments to senior management effectively
- Identifies high-risk areas, focusing limited resources on the most imminent and severe threats
- Describes how to manage the key access controls when faced with manual user management, how to automate user management tasks in a cost effective manner, and how to deal with security breaches
Demonstrating strategies to maximize a limited security budget without compromising the quality of risk management initiatives, Information Security Cost Management helps you save your organization time and money. It provides the tools required to implement policies, processes, and training that are crucial to the success of a company's security.
Effective security rules and procedures do not exist for their own sake-they are put in place to protect critical assets, thereby supporting overall business objectives. Recognizing security as a business enabler is the first step in building a successful program.
Information Security Fundamentals allows future security professionals to gain a solid understanding of the foundations of the field and the entire range of issues that practitioners must address. This book enables students to understand the key elements that comprise a successful information security program and eventually apply these concepts to their own efforts. The book examines the elements of computer security, employee roles and responsibilities, and common threats. It examines the need for management controls, policies and procedures, and risk analysis, and also presents a comprehensive list of tasks and objectives that make up a typical information protection program.
The volume discusses organizationwide policies and their documentation, and legal and business requirements. It explains policy format, focusing on global, topic-specific, and application-specific policies. Following a review of asset classification, the book explores access control, the components of physical security, and the foundations and processes of risk analysis and risk management. Information Security Fundamentals concludes by describing business continuity planning, including preventive controls, recovery strategies, and ways to conduct a business impact analysis.
Port-based authentication is a "network access control" concept in which a particular device is evaluated before being permitted to communicate with other devices located on the network. "802.1X Port-Based Authentication" examines how this concept can be applied and the effects of its application to the majority of computer networks in existence today. 802.1X is a standard that extends the Extensible Authentication Protocol (EAP) over a Local Area Network (LAN) through a process called Extensible Authentication Protocol Over LANs (EAPOL). The text presents an introductory overview of port-based authentication including a description of 802.1X port-based authentication, a history of the standard and the technical documents published, and details of the connections among the three network components. It focuses on the technical aspect of 802.1X and the related protocols and components involved in implementing it in a network. The book provides an in-depth discussion of technology, design, and implementation with a specific focus on Cisco devices. Including examples derived from the 802.1X implementation, it also addresses troubleshooting issues in a Cisco environment.; Each chapter contains a subject overview. Incorporating theoretical and practical approaches, "802.1X Port-Based Authentication" seeks to define this complex concept in accessible terms. It explores various applications to today's computer networks using this particular network protocolAs regulation and legislation evolve, the critical need for cost-effective and efficient IT audit and monitoring solutions will continue to grow. Audit and Trace Log Management: Consolidation and Analysis offers a comprehensive introduction and explanation of requirements and problem definition, and also delivers a multidimensional solution set with broad applicability across a wide range of organizations.
Itprovidesa wealth of information in the form of processwalkthroughs. These include problem determination, requirements gathering,scope definition, risk assessment, compliance objectives, systemdesign and architecture, implementation and operational challenges, productand solution evaluation, communication plans, project managementchallenges, and determining Return on Investment (ROI). By using templates, tools, and samples that enhance your understanding of processes and solution sets, the author successfully emphasizes the core themes of the book. He also includes many diagrams throughout his discussion that aid in a clear communication of process and solution recommendations.
This volume enables you to gain the knowledge, perspective, and insight needed to independently implement a successful audit and monitoring management system tailored to the unique requirements of your organization.
"Information Security Fundamentals allows security professionals to gain a solid understanding of the foundations of the field and the entire range of issues that practitioners must address. This book enables you to understand the key elements that comprise a successful information security program and apply these concepts into your own efforts. The book examines the elements of computer security, employee roles and responsibilities, and common threats. It examines the need for management controls, policies and procedures, and risk analysis, and also presents a comprehensive list of tasks and objectives that make up a typical information protection program."--Jacket During recent years, a continuously increasing amount of personal data has been made available through different websites around the world. Although the availability of personal information has created several advantages, it can be easily misused and may lead to violations of privacy. With growing interest in this area, Digital Privacy: Theory, Technologies, and Practices addresses this timely issue, providing information on state-of-the-art technologies, best practices, and research results, as well as legal, regulatory, and ethical issues. This book features contributions from experts in academia, industry, and government. Audit and Trace Log Management enables companies to improve their security infrastructure by effective management of corporate security audit/trace logs. The book addresses electronic audit logging practices and reveals, from a real world perspective, various methods to consolidate these electronic audit log requirements and streamline the audit process while still maintaining accountability and meeting industry requirements. The author provides a sound view of the issues and potential solutions when explaining electronic audit logging and reporting requirements for today's large enterprises. Maier; Phillip Q "Digital Privacy: Theory, Techniques, and Practices covers state-of-the-art technologies, best practices, and research results, as well as legal, regulatory, and ethical issues. The editors draw on contributions from experts in academia, industry, and government to delineate theoretical, technical and practical aspects of digital privacy. They provide an up-to-date, integrated approach to privacy issues that spells out what digital privacy is and covers the threats, rights, and provisions of the legal framework in terms of technical counter measures for the protection of an individual's privacy."--BOOK JACKET The purpose of information protection is to protect an organization's valuable resources. Through the selection and application of appropriate safeguards, security helps an organization to meet its business objectives by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets. This book examines the elements of computer security, employee roles and responsibilities, and common threats. It also examines the need for management controls, policies and procedures, and risk analysis. Finally it presents a comprehensive list of THE PRIVACY SPACE Privacy Enhancing Technologies for the Internet III: Ten Years Later, I. Goldberg Communication Privacy, A. Pfitzmann, A. Juschka, A.-K. Stange, S. Steinbrecher, and S. Köpsell, and Privacy-Preserving Cryptographic Protocols, M.J. Atallah and K.B. Frikken PRIVACY ATTACKS Byzantine Attacks on Anonymity Systems, N. Borisov, G. Danezis, and P. Tabriz Introducing Traffic Analysis, G. Danezis and R. Clayton Privacy, Profiling, Targeted Marketing, and Data Mining, J. Vaidya and V. Atluri PRIVACY ENHANCING TECHNOLOGIES Enterprise Privacy Policies and Languages, M. Backes and "Port-based authentication is a "network access control" concept in which a particular device is evaluated before it is permitted to communicate with other devices located on the network. 802.1X Port-Based Authentication examines how this concept can be applied and the effects of its application to the majority of computer networks in existence today. 802.1X is a standard that extends the Extensible Authentication Protocol (EAP) over a local area network (LAN) through a process called Extensible Authentication Protocol Over LANs (EAPOL)."--JacketConsidered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page stand-alone reference is organized under the CISSP Common Body of Knowledge domains and has been updated yearly. Volumes 2, 3, and this year’s Volume 4 reflect the changes to the CBK in response to new laws and evolving technology.
Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page, 4 volume stand-alone reference is organized under the CISSP Common Body of Knowledge domains and has been updated yearly. Each annual update, the latest is Volume 6, reflects the changes to the CBK in response to new laws and evolving technology. As regulation and legislation evolve, the need for cost-effective audit and monitoring solutions will grow. This book offers an introduction of requirements and problem definition, and delivers a multidimensional solution set with applicability across a range of organizations. It provides information in the form of process walkthroughs. Shows how to strategically maximize a limited security budget without compromising the quality of risk management initiatives. This book describes how to manage the key access controls when faced with manual user management, how to automate user management tasks in a cost effective manner, and how to deal with security breaches. The 'Information Security Management Handbook' serves not only as an everyday reference for information security practitioners, but also as an important document for conducting the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination Examining elements of computer security, as well as employee roles and responsibilities, this text shows organisations how to protect their valuable resources. It also discusses the needs for management controls, policies and procedures, as well as the need for risk assessments The purpose of information protection is to protect an organization's valuable resources, such as information, hardware, and software.کتابهای مشابه
Digital Privacy : Theory, Technologies, and Practices
۴۹٬۰۰۰ تومان

حریم خصوصی دیجیتال: نظریه، فناوریها و شیوهها
۴۹٬۰۰۰ تومان
Digital Death, Digital Assets and Post-mortem Privacy : Theory, Technology and the Law
۴۹٬۰۰۰ تومان
Digital Death, Digital Assets and Post-mortem Privacy : Theory, Technology and the Law
۴۹٬۰۰۰ تومان
Digital Identification: Privacy, Security, and Technology
۴۹٬۰۰۰ تومان
Digital Identification: Privacy, Security, and Technology
۴۹٬۰۰۰ تومان
Engaging privacy and information technology in a digital age
۴۹٬۰۰۰ تومان
The Digital Person : Technology and Privacy in the Information Age
۴۹٬۰۰۰ تومان
Ethical Digital Technology in Practice
۴۹٬۰۰۰ تومان
Digital Technology and Democratic Theory
۴۹٬۰۰۰ تومان
Digital Technology and Democratic Theory
۴۹٬۰۰۰ تومان
Digital Privacy and Security Using Windows : A Practical Guide
۴۹٬۰۰۰ تومان
قیمت نهایی
۴۴٬۰۰۰ تومان
