CIPT - Certified Information Privacy Technologist
Terms in this set (57)
There are four basic types of countermeasures
1. Preventative - These work by keeping something from happening in the
first place. Examples of this include: security awareness training, firewall,
anti-virus, security guard and IPS.
2. Reactive - Reactive countermeasures come into effect only after an event
has already occurred.
3. Detective - Examples of detective counter measures include: system
monitoring, IDS, anti-virus, motion detectors and IPS.
4. Administrative - These controls are the process of developing and
ensuring compliance with policy and procedures. These use policy to
protect an asset.
PCI DSS has three main stages of compliance
Collecting and Storing - This involves the secure collection and tamper-proof storage
of log data so that it is available for analysis.
Reporting - This is the ability to prove compliance should an audit arise. The
organization should also show evidence that data protection controls are in place.
Monitoring and Alerting - This involves implementing systems to enable
administrators to monitor access and usage of data. There should also be evidence that
log data is being collected and stored.
re-identification refers to using data from a single entity holding the data.
Symmetric key cryptography refers to using the same key for encrypting as well as
decrypting. It is also referred to as shared secret, secret-key or private key. This key is
not distributed, rather is kept secret by the sending and receiving parties
Asymmetric cryptography is also referred to as public-key cryptography. Public key
depends on a key pair for the processes of encryption and decryption. Unlike private
keys, public keys are distributed freely and publicly. Data that has been encrypted with a
public key can only be decrypted with a private key.
Opt-in = requires affirmative consent of individual
Opt-out = requires implicit consent of individual
Mandatory data collection - necessary to complete the immediate transaction (vs.
optional data collection, which will not prevent the transaction from being completed)
Choice and consent are regulated by CAN-SPAM Act of 2003, European Data Directive
(Articles 7 and 8
Process in which sensitive data is treated in such a way that the individual cannot be
End-user license agreement (AKA software license agreement)
EULA = contract between licensor and purchaser; establishes purchaser's right to use
Simple text file that contains name-value pairs. Types of cookies include persistent
cookies and session cookies. Cookies can be used for:
Online behavioral advertising/online behavioral marketing
Via third-party tracking (e.g. web cookie) to collect and compile user information
Computer program-level services that include controls for location and time data
E.g. social networking, entertainment, many via mobile devices
Issues: data collection, consent, data sharing
P3P Privacy Policies
P3P = Platform for Privacy Preferences Project, designed by the World Wide Web
Consortium (aka W3C)
P3P - a protocol that turns a website's text-based privacy policies into a machinereadable
When must a PIA be conducted
Prior to developing or obtaining and IT system or process which collects,
stores or discloses personally identifiable information
Do Not Track
Do Not Track protection is a feature that is being worked on by the World Wide Web Consortium tracking protection working group.
The four major browsers - Safari, Firefox, Chrome and Internet Explorer - have incorporated the Do Not Track feature.
Site blocking tools such as Adblock Plus, DoNotTrackMe and Internet Explorer's tracking protection feature block cookies and the connection between third-party sites and your browser.
Tor and similar services permit you to browse the internet anonymously. Tor works by directing traffic between two endpoints through multiple intermediate nodes.
There are several tools like MaskMe and Lockify that allow you to protect your email. MaskMe lets you create a fake e-mail address that you can use when signing up for web services so you won't receive their spam
Homomorphic encryption makes it possible to perform mathematical functions on encrypted data. This reduces the risk of data exposure while maintaining its utility
Cross-site scripting (XSS
Cross-site scripting embeds client-side script into a webpage.
The script executes when a user visits the page
Spam often refers to legitimate but unwanted e-mail. Spam can also contain phishing, malware or viruses.
SQL injection is where SQL commands are embedded into a form or website.
Pharming is when a person types a legitimate URL into a browser but is rerouted to a fake website.
Whaling is a type of phishing targeted at people who have lots of money, power or
information, such as C-level executives
Phishing is where what seems to be reputable company sends an e-mail to an individual with a link that goes to a fake site that looks like a real site.
Application Preference Exchange Language Application Preference Exchange Language, known as APPEL, is a complimentary specification to P3P that enables users to express their privacy preferences in an XML document. B
Enterprise Privacy Authorization Language Enterprise Privacy Authorization Language, known as EPAL, was a language developed by IBM based on the Privacy Rights Markup Language from Zero Knowledge Systems.
Security Assertion Markup Language Security Assertion Markup Language, or SAML, is an XML- based format that exchanges data about the identity, attributes and entitlements of an individual to an application or service
Pseudonymous means that while you don't actually know who a person is, you can tell when
different pieces of data are about the same unidentified person.
Anonymous basically means you have no idea who the person is or who the data belongs to, and
no way to figure out that information.
Basel III Encryption
Basel III mandates encryption of financial data for EU companies. HIPAA mandates the encryption of sensitive health information for American companies
Symmetric encryption uses the same key for encrypting and decrypting data. It's a great means for encrypting data that needs to be sent to multiple people.
asymmetric encryption or Public Key
Asymmetric encryption uses one key for encrypting data and a different key for decrypting the same data.
Hashing enables you to encrypt data in a way that can't be decrypted.
Web beacons are practically invisible. They are used to either drop web cookies or track individuals using their IP address.
Locally shared objects
Locally shared objects come in different forms: HTML5 storage, civilized storage and flash storage are a few examples. In
• Open ID is the most common single sign-on mechanism used over the Internet. It is used by LinkedIn, Facebook and Google to provide authentication services
Role-based access control
Users are placed into security groups that match their roles in the organization, and those groups are provided access to resources.
User-based access control
user-based access control provides a simple and effective control mechanism. However, an administrator is required to add, edit or remove users or to change access levels.
Least privilege access
Granting the lowest possible access
Individuals must be able to consent or reject to certain uses of their personal information, particularly with regard to secondary uses and marketing purposes
Require affirmative consent from the individual. In other words, action must be taken by the individual to START the processing of personal information for secondary uses or disclosures.
Requires the implicit consent of the individual. Here consent is assumed because the individual has not stated a desire otherwise.
An individual must be able to view the data an entity has on record
Data must be accurate, up-to-date, complete and not stored longer than necessary.
An individual must be able to file complaints with the entity have their issues addressed
Persistent Data Storage
Data stored beyond current transaction Transaction history can be stored and retrieved later
Transient Data Storage
Data stored for the current transaction, deleted afterwards
Fewer privacy implications than persistent storage
Such techniques are focused on making an individual's identity or personal information not identifiable
In order to make it more difficult to link de-identified information back to individuals, obfuscation-based techniques disguise location and time information by decreasing precision/accuracy and adding confusion to the data.
De-identification refers to the process in which sensitive data is treated in such a way that the individual cannot be identified
Data mining companies will often gather personal information from dentists, doctors, nurses or pharmacists.
Privacy by Policy
.Notice and choice‖ approach founded on FTC Fair Information Practice Principles
o Inform users on data being collected
o Present choices for sharing data (e.g. secondary uses of data)
o Give users access to data for review/correction/removal purposes
o Protect security of data
Privacy by Architecture
Designs for the non-identifiability of users, provides strong guarantees of privacy
Relies on anonymity- and obfuscation-based techniques
Multifactor device, hard or soft token to authenticate
enables users to authenticate themselves to a computer using physical attributes. fingers, eyes,
The more sensitive the system the more false negative
the less sensitive the system the more false negative