• HOME
  • DiscountBookPurchase
  • Biography
  • Site Map
  • Papers
  • New & Forthcoming
• BusinessDataComm
  • BDC6e-student
  • BDC7e-student
  • BDC6e-instructor
  • BDC7e-instructor
• 5G
• ComputerSecurity
  • CompSec2e-Student
  • CompSec3e-Student
  • CompSec4e-Student
  • CompSec5e
  • CompSec1e-Instructor
  • CompSec2e-Instructor
  • CompSec3e-Instructor
  • CompSec4e-Instructor
  • CompSec1e-Student
• Network
• Cybersecurity
• Privacy
• Cryptography
  • Crypto5e-Student
  • Crypto6e-Student
  • Crypto7e-Student
  • Crypto8e-Student
  • Crypto5e-Instructor
  • Crypto6e-Instructor
  • Crypto7e-Instructor
• DataComm
  • DCC9e-Student
  • DCC10e-Student
  • DCC9e-Instructor
  • DCC10e-Instructor
• NetworkSecurity
  • NetSec4e-Student
  • NetSec6e-Student
  • NetSec5e-Student
  • NetSec4e-Instructor
  • NetSec5e-Instructor
  • NetSec6e-Instructor
• OperatingSystems
  • OS7e-Student
  • OS8e-Student
  • OS9e-Student
  • OS7e-Instructor
  • OS8e-Instructor
  • OS9e-Instructor
• WirelessComm
  • Wireless2e-Student
  • Wireless2e-Instructor
• ComputerOrganization
  • COA8e-student
  • COA9e-student
  • COA10e-student
  • COA11e-student
  • COA8e-Instructor
  • COA9e-Instructor
  • COA10e-Instructor

Page last updated: 3/4/24
All my books and other Pearson books available via this Web site at a greater discount than online bookstores. Go to discount book purchase.




Information Privacy Engineering and Privacy by Design

This book provides a practical guide to designing and implementing information privacy in IT systems. The book introduces information privacy concepts and discusses privacy requirements, threats, and vulnerabilities. The book the discusses in detail the implementation of privacy controls, privacy management, and privacy monitoring and auditing. Finally, the book discusses legal and regulatory requirements, especially the EU General Data Protection Regulation and the body of U.S. privacy laws and regulations. Here is the Table of Contents and Preface. The Pearson Site for this book includes PPT slides and answers to review questions for instructors.


Useful Links
Computer Science Student Resource Site: Help and advice for students and professionals.
Errata sheet: Latest list of errors, updated at most monthly. If you spot any errors, please contact me at . So far, no errors spotted.

Chapter 1 - Security and Cryptography Concepts

NIST Cybersecurity Site: A range of resources related to NIST programs and documents on cybersecurity.
NIST Block Ciphers: NIST documents on AES and DES.
NIST Secure Hashing Page: SHA FIPS and related documents.
NSA Commercial National Security Algorithm Suite Description of the cryptographic standards approved for for the Secure Sharing of Information Among National Security Systems. The suite lists approved algorithms to be used during a transition period to quantum resistant algorithms.
Cryptographic Key Length Recommendation: Useful summary of recommendations of various organizations for key length for various cryptographic algorithms.
IEEE Technical Committee on Security and Privacy: Home of the electronic newsletter Cipher, which provides book reviews, new crypto and security links, and links to reports and papers available online.
Center for Internet Security: Provides freeware benchmark and scoring tools for evaluating security of operating systems, network devices, and applications. Includes case studies and technical papers.
Crypto Resources A good collection of pointers. Especially useful is a list of open source crypto software libraries.

Chapter 2 - Information Privacy Concepts

Online Guide to Privacy Resources: From the Electronic Privacy Information Center (EPIC). A comprehensive collection of links.
Stanford Encyclopedia of Philosophy - Privacy: A lengthy and information discussion of privacy.
Electronic Frontier Foundation Privacy Page: Covers a wide variety of privacy topics.
Federal Privacy Council: A number of U.S. government resources related to privacy, including an extensive collection of links to federal privacy laws.
Office of Privacy and Open Government: An excellent U.S. government privacy resource. Includes links to numerous privacy laws and regulations, as well as guidance on various areas of privacy management, including privacy impact assessment.
International Association of Privacy Professionals: The worlds largest information privacy organization. A superb and growing collection of resources, links, and white papers concerning privacy.
World Privacy Forum: Dedicated to reimagining privacy in a digital era through groundbreaking, in-depth privacy research, analysis, and consumer education of the highest quality. Contains numerous reports and privacy-related links.
Privacy Topics: From the Office of the Privacy Commissioner of Canada. A large collection of useful documents.

Chapter 5 - System Access

NIST Trusted Identities Group: Documents related to user authentication and password usage.
NIST Image Group: Researches measurement and evaluation methods and develop standards to advance the use of image-based biometric technologies; current modalities include fingerprint, face, iris, and tattoo. Good resource.
NIST RBAC site: Includes numerous documents, standards, and software on RBAC.

Chapter 6 - Malicious Software and Intruderss

Vmyths: Dedicated to exposing virus hoaxes and dispelling misconceptions about real viruses.
SecureList: Information about viruses, hackers, and spam.
Symantec Internet Threat Security Report: Annual report on the Internet threat landscape by commercial antivirus software provider Symantec.
Symantec Security Center: Site maintained by commercial antivirus software provider Symantec, with much useful information on current malware risks.
DataLossDB project Compiles a wide variety of statistics, charts, graphs, and incident report.
Honeynet Project: A research project studying the techniques of predatory hackers and developing honeypot products
Honeypots: A good collection of research papers and technical articles.
Snort: Web site for Snort, an open source network intrusion prevention and detection system.

PART 4 - PRIVACY ENHANCING TECHNOLOGIES

Privacy Patterns: Privacy patterns are design solutions to common privacy problems — a way to translate "privacy-by-design" into practical advice for software engineering. This site contains a growing collection of privacy patterns.
PRIPARE: An EU-funded project to: Facilitate the application of a privacy and security-by-design methodology, support its practice by the ICT research community to prepare for industry practice; and foster risk management culture through educational material targeted to a diversity of stakeholders.
Internet Privacy Engineering Network (IPEN): Its purpose is to promote and advance the state-of-the-art of privacy engineering. It supports engineers working on (re-)usable building blocks, design patterns and other tools for selected internet use cases where privacy is at stake.
NIST Privacy Engineering Program: Its mission is to support the development of trustworthy information systems by applying measurement science and system engineering principles to the creation of frameworks, risk models, guidance, tools, and standards that protect privacy and, by extension, civil liberties. Good source of privacy-related documents.

Chapter 8 - Online Privacy

Privacy Alliance: A lot of useful and practical information on online privacy.