Verfügbarkeit: Complete guide to security and privacy metrics

Complete guide to security and privacy metrics: measuring regulatory compliance, operational resilience, and ROI

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Herrmann, Debra S. (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Boca Raton [u.a.] Auerbach Publ. 2007
Schlagworte:	Telecommunication > Security measures > Evaluation Computer security > Evaluation Public records > Access control > Evaluation Computer crimes > Prevention > Measurement Datenschutz Datensicherung
Online-Zugang:	Publisher description Inhaltsverzeichnis
Beschreibung:	Includes bibliographical references and index
Beschreibung:	XXI, 824 S.
ISBN:	9780849354021 0849354021

Internformat

MARC


LEADER	00000nam a2200000zc 4500
001	BV022270392
003	DE-604
005	20070320
007	t
008	070214s2007 xxu \|\|\|\| 00\|\|\| eng d
010			\|a 2006048710
020			\|a 9780849354021 \|9 978-0-8493-5402-1
020			\|a 0849354021 \|9 0-8493-5402-1
035			\|a (OCoLC)71348751
035			\|a (DE-599)BVBBV022270392
040			\|a DE-604 \|b ger \|e aacr
041	0		\|a eng
044			\|a xxu \|c US
049			\|a DE-473
050		0	\|a TK5102.85
082	0		\|a 005.8
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
100	1		\|a Herrmann, Debra S. \|e Verfasser \|4 aut
245	1	0	\|a Complete guide to security and privacy metrics \|b measuring regulatory compliance, operational resilience, and ROI \|c Debra S. Herrmann
264		1	\|a Boca Raton [u.a.] \|b Auerbach Publ. \|c 2007
300			\|a XXI, 824 S.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
500			\|a Includes bibliographical references and index
650		4	\|a Telecommunication \|x Security measures \|x Evaluation
650		4	\|a Computer security \|x Evaluation
650		4	\|a Public records \|x Access control \|x Evaluation
650		4	\|a Computer crimes \|x Prevention \|x Measurement
650	0	7	\|a Datenschutz \|0 (DE-588)4011134-9 \|2 gnd \|9 rswk-swf
650	0	7	\|a Datensicherung \|0 (DE-588)4011144-1 \|2 gnd \|9 rswk-swf
689	0	0	\|a Datenschutz \|0 (DE-588)4011134-9 \|D s
689	0		\|5 DE-604
689	1	0	\|a Datensicherung \|0 (DE-588)4011144-1 \|D s
689	1		\|5 DE-604
856	4		\|u http://www.loc.gov/catdir/enhancements/fy0668/2006048710-d.html \|3 Publisher description
856	4	2	\|m HBZ Datenaustausch \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015480885&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-015480885

Datensatz im Suchindex

_version_	1804136274239422464
adam_text	Titel: Complete guide to security and privacy metrics Autor: Herrmann, Debra S Jahr: 2007 Contents List of Tables...................................................................................................xv List of Figures................................................................................................xix Other Books by the Author..........................................................................xx About the Author..........................................................................................xxi 1 Introduction.............................................................................................1 1.1 Background...............................................................................1 1.2 Purpose......................................................................................4 1.3 Scope.......................................................................................10 1.4 How to Get the Most Out of This Book.............................12 1.5 Acknowledgments..................................................................20 2 The Whats and Whys of Metrics..........................................................21 2.1 Introduction.............................................................................21 2.2 Measurement Basics...............................................................23 2.3 Data Collection and Validation..............................................34 2.4 Defining Measurement Boundaries.......................................39 2.5 Whose Metrics?.......................................................................46 2.6 Uses and Limits of Metrics....................................................50 2.7 Avoiding the Temptation to Bury Your Organization in Metrics.................................................................................57 2.8 Relation to Risk Management................................................66 2.9 Examples from Reliability Engineering.................................80 Operational Security Availability......................................88 Achieved Security Availability...........................................89 Requirements Compliance................................................90 Cumulative Failure Profile.................................................92 Defect Density...................................................................92 Defect Indices....................................................................93 Functional Test Coverage..................................................95 Fault Days..........................................................................95 Staff Hours per Defect Detected......................................96 2.10 Examples from Safety Engineering.......................................97 Block Recovery................................................................102 Boundary Value Analysis................................................102 Defensive Programming..................................................104 Information Hiding..........................................................105 Partitioning.......................................................................106 Equivalence Class Partitioning........................................107 HAZOP Studies................................................................107 Root Cause Analysis........................................................108 Audits, Reviews, and Inspections...................................109 2.11 Examples from Software Engineering.................................111 Cyclomatic or Static Complexity.....................................120 Data or Information Flow Complexity..........................121 Design Integrity...............................................................121 Design Structure Complexity..........................................122 Performance Measures....................................................123 Software Maturity Index..................................................124 Design Integrity (Tailored)..............................................125 Design Structure Complexity (Tailored)........................126 Performance Measures (Tailored)...................................127 Software Maturity Index (Tailored)................................128 2.12 The Universe of Security and Privacy Metrics...................129 NIST SP 800-55................................................................129 Security Metrics Consortium (secmet.org).....................131 Information Security Governance...................................132 Corporate Information Security Working Group...........133 The Universe of Security and Privacy Metrics..............135 2.13 Summary................................................................................139 2.14 Discussion Problems............................................................144 3 Measuring Compliance with Security and Privacy- Regulations and Standards.................................................................147 3-1 Introduction...........................................................................147 FINANCIAL INDUSTRY....................................................................154 3.2 Gramm-Leach-Bliley (GLB) Act — United States..............154 Safeguarding Customer Information...............................164 Privacy Policies................................................................165 Disclosure of Nonpublic Personal Information.............165 Regulatory Enforcement Actions....................................165 Fraudulent Access to Financial Information..................166 3.3 Sarbanes-Oxley Act — United States..................................166 HEALTHCARE...................................................................................178 3.4 Health Insurance Portability and Accountability Act (HIPAA) — United States.....................................................179 Security Rule....................................................................181 Privacy Rule.....................................................................193 Security Rule....................................................................197 Privacy Rule.....................................................................200 3.5 Personal Health Information Act (PHIA) — Canada.........202 Part 2................................................................................210 Part 3................................................................................211 Part 4................................................................................211 Part 5................................................................................211 Part 6................................................................................212 PERSONAL PRIVACY........................................................................212 3.6 Organization for Economic Cooperation and Development (OECD) Privacy, Cryptography, and Security Guidelines...............................................................212 Collection Limitation Principle........................................215 Data Quality Principle.....................................................215 Purpose Specification Principle......................................216 Use Limitation Principle..................................................216 Security Safeguards Principle..........................................216 Openness Principle..........................................................216 Individual Participation Principle...................................217 Accountability Principle...................................................217 Trust in Cryptographic Methods.....................................219 Choice of Cryptographic Methods.................................219 Market-Driven Development of Cryptographic Methods............................................................................220 Standards for Cryptographic Methods............................220 Protection of Privacy and Personal Data.......................220 Lawful Access...................................................................221 Liability.............................................................................222 International Cooperation...............................................222 Awareness.........................................................................224 Responsibility...................................................................224 Response..........................................................................225 Ethics................................................................................225 Democracy.......................................................................226 Risk Assessment...............................................................226 Security Design and Implementation.............................227 Security Management......................................................227 Reassessment....................................................................228 Limitations on Data Controllers and Data Processors.........................................................................229 Individuals Rights and Expectations..............................230 Roles and Responsibilities of Public and Private Sector Organizations...........................................231 Use and Implementation of Technical and Organizational Security Controls....................................232 3.7 Data Protection Directive — E.C........................................233 Data Integrity...................................................................238 Consent, Notification, and Legitimate Processing.........238 Prohibited Processing, Inadequate Safeguards, and Other Violations...............................................................239 3.8 Data Protection Act — United Kingdom............................241 Data Integrity...................................................................244 Consent, Notification, and Legitimate Processing.........245 Prohibited Processing, Inadequate Safeguards, and Other Violations...............................................................245 Action Taken in the Public Interest...............................246 3.9 Personal Information Protection and Electronic Documents Act (PIPEDA) — Canada.................................247 Accountability...................................................................249 Identifying Purposes........................................................250 Consent.............................................................................251 Limiting Collection...........................................................252 Limiting Use, Disclosure, and Retention........................253 Accuracy...........................................................................254 Safeguards........................................................................255 Openness..........................................................................256 Individual Access.............................................................257 Challenging Compliance.................................................258 3.10 Privacy Act — United States...............................................260 Background......................................................................26l Agency Responsibilities...................................................266 Individual Rights..............................................................269 Organizational Roles and Responsibilities.....................272 Comparison of Privacy Regulations...............................276 HOMELAND SECURITY...................................................................279 3.11 Federal Information Security Management Act (FISMA) — United States.....................................................279 Director of the OMB.......................................................281 Federal Agencies..............................................................282 Federal Information Security Center..............................290 National Institute of Standards and Technology...........290 3.12 Homeland Security Presidential Directives (HSPDs) — United States....................................................293 3.13 North American Electrical Reliability Council (NERC) Cyber Security Standards.....................................................307 CIP-002-1 — Cyber Security — Critical Cyber Assets................................................................................311 CIP-003-1 — Cyber Security — Security Management Controls......................................................312 CIP-004-1 — Cyber Security — Personnel Training.............................................................................314 CIP-005-1 — Cyber Security — Electronic Security.....316 CIP-006-1 — Cyber Security — Physical Security........317 CIP-007-1 — Cyber Security — Systems Security Management.....................................................................318 CIP-008-1 — Cyber Security — Incident Reporting and Response Planning...................................................321 CIP-009-1 — Cyber Security — Recovery Plans...........322 3.14 The Patriot Act — United States.........................................326 Background......................................................................327 Government Roles and Responsibilities........................329 Private Sector Roles and Responsibilities......................345 Individual Rights..............................................................349 3.15 Summary................................................................................351 3.16 Discussion Problems............................................................365 4 Measuring Resilience of Physical, Personnel, IT, and Operational Security Controls............................................................367 4.1 Introduction...........................................................................367 4.2 Physical Security...................................................................370 Facility Protection............................................................377 Asset Protection...............................................................408 Mission Protection...........................................................422 Physical Security Metrics Reports...................................424 4.3 Personnel Security................................................................429 Accountability...................................................................433 Background Investigations..............................................439 Competence.....................................................................454 Separation of Duties........................................................46l Workforce Analysis..........................................................469 Personnel Security Metrics Reports................................477 4.4 IT Security.............................................................................485 IT Security Control System..................................................488 Logical Access Control....................................................488 Data Authentication, Non-Repudiation..........................495 Encryption, Cryptographic Support................................498 Flow Control....................................................................506 Identification and Authentication...................................510 Maintainability, Supportability........................................518 Privacy..............................................................................523 Residual Information Protection.....................................526 Security Management......................................................528 IT Security Protection System..............................................535 Audit Trail, Alarm Generation........................................535 Availability........................................................................541 Error, Exception, and Incident Handling.......................551 Fail Safe/Fail Secure, Fail Operational/Fail Soft/Graceful Degradation/Degraded Mode Operations........................................................................556 Integrity............................................................................56l Domain Separation..........................................................567 Resource Management....................................................572 IT Security Metrics Reports.............................................578 4.5 Operational Security.............................................................584 Security Engineering Life-Cycle Activities...........................588 Concept Formulation.......................................................588 Security Requirements Analysis and Specification........593 Security Architecture and Design...................................599 Development and Implementation.................................607 Security Test and Evaluation (ST E), Certification and Accreditation (C A), Independent Validation and Verification (IV V)...................................................615 Delivery, Installation, and Deployment.........................624 Operations and Maintenance..........................................627 Decommissioning.............................................................632 Ongoing Security Risk Management Activities...................637 Vulnerability Assessment.................................................637 Security Policy Management...........................................644 Security Audits and Reviews..........................................652 Security Impact Analysis, Privacy Impact Assessment, Configuration Management, Patch Management...........656 Security Awareness and Training, Guidance Documents.......................................................................665 Stakeholder, Strategic Partner, Supplier Relationships....................................................................669 Operational Security Metrics Reports.............................672 4.6 Summary................................................................................673 4.7 Discussion Problems............................................................684 5 Measuring Return on Investment (ROI) in Physical, Personnel, IT, and Operational Security Controls...............................................687 5.1 Introduction...........................................................................687 5.2 Security ROI Model..............................................................689 Problem Identification and Characterization.................691 Total Cost of Security Feature, Function, or Control... 698 Depreciation Period.........................................................698 Tangible Benefits.............................................................699 Intangible Benefits...........................................................703 Payback Period................................................................712 Comparative Analysis......................................................713 Assumptions.....................................................................715 5.3 Security ROI Primitives, Metrics, and Reports...................716 Part I — Problem Identification and Characterization.... 716 Part II — Total Cost of Security Feature, Function, or Control, and Part III — Depreciation Period...........719 Part IV — Tangible Benefits...........................................722 Part V — Intangible Benefits..........................................727 Part VI — Payback Period..............................................735 Part VII — Comparative Analysis...................................735 Part VIII — Assumptions................................................738 5.4 Summary................................................................................748 5.5 Discussion Problems............................................................751 Annexes A Glossary of Terms, Acronyms, and Abbreviations...........................753 B Additional Resources...........................................................................777 B.l Standards...............................................................................777 International.....................................................................777 United States....................................................................779 B.2 Policies, Regulations, and Other Government Documents............................................................................780 International.....................................................................780 United States....................................................................781 B.3 Publications...........................................................................783 Index.............................................................................................................791
adam_txt	Titel: Complete guide to security and privacy metrics Autor: Herrmann, Debra S Jahr: 2007 Contents List of Tables.xv List of Figures.xix Other Books by the Author.xx About the Author.xxi 1 Introduction.1 1.1 Background.1 1.2 Purpose.4 1.3 Scope.10 1.4 How to Get the Most Out of This Book.12 1.5 Acknowledgments.20 2 The Whats and Whys of Metrics.21 2.1 Introduction.21 2.2 Measurement Basics.23 2.3 Data Collection and Validation.34 2.4 Defining Measurement Boundaries.39 2.5 Whose Metrics?.46 2.6 Uses and Limits of Metrics.50 2.7 Avoiding the Temptation to Bury Your Organization in Metrics.57 2.8 Relation to Risk Management.66 2.9 Examples from Reliability Engineering.80 Operational Security Availability.88 Achieved Security Availability.89 Requirements Compliance.90 Cumulative Failure Profile.92 Defect Density.92 Defect Indices.93 Functional Test Coverage.95 Fault Days.95 Staff Hours per Defect Detected.96 2.10 Examples from Safety Engineering.97 Block Recovery.102 Boundary Value Analysis.102 Defensive Programming.104 Information Hiding.105 Partitioning.106 Equivalence Class Partitioning.107 HAZOP Studies.107 Root Cause Analysis.108 Audits, Reviews, and Inspections.109 2.11 Examples from Software Engineering.111 Cyclomatic or Static Complexity.120 Data or Information Flow Complexity.121 Design Integrity.121 Design Structure Complexity.122 Performance Measures.123 Software Maturity Index.124 Design Integrity (Tailored).125 Design Structure Complexity (Tailored).126 Performance Measures (Tailored).127 Software Maturity Index (Tailored).128 2.12 The Universe of Security and Privacy Metrics.129 NIST SP 800-55.129 Security Metrics Consortium (secmet.org).131 Information Security Governance.132 Corporate Information Security Working Group.133 The Universe of Security and Privacy Metrics.135 2.13 Summary.139 2.14 Discussion Problems.144 3 Measuring Compliance with Security and Privacy- Regulations and Standards.147 3-1 Introduction.147 FINANCIAL INDUSTRY.154 3.2 Gramm-Leach-Bliley (GLB) Act — United States.154 Safeguarding Customer Information.164 Privacy Policies.165 Disclosure of Nonpublic Personal Information.165 Regulatory Enforcement Actions.165 Fraudulent Access to Financial Information.166 3.3 Sarbanes-Oxley Act — United States.166 HEALTHCARE.178 3.4 Health Insurance Portability and Accountability Act (HIPAA) — United States.179 Security Rule.181 Privacy Rule.193 Security Rule.197 Privacy Rule.200 3.5 Personal Health Information Act (PHIA) — Canada.202 Part 2.210 Part 3.211 Part 4.211 Part 5.211 Part 6.212 PERSONAL PRIVACY.212 3.6 Organization for Economic Cooperation and Development (OECD) Privacy, Cryptography, and Security Guidelines.212 Collection Limitation Principle.215 Data Quality Principle.215 Purpose Specification Principle.216 Use Limitation Principle.216 Security Safeguards Principle.216 Openness Principle.216 Individual Participation Principle.217 Accountability Principle.217 Trust in Cryptographic Methods.219 Choice of Cryptographic Methods.219 Market-Driven Development of Cryptographic Methods.220 Standards for Cryptographic Methods.220 Protection of Privacy and Personal Data.220 Lawful Access.221 Liability.222 International Cooperation.222 Awareness.224 Responsibility.224 Response.225 Ethics.225 Democracy.226 Risk Assessment.226 Security Design and Implementation.227 Security Management.227 Reassessment.228 Limitations on Data Controllers and Data Processors.229 Individuals Rights and Expectations.230 Roles and Responsibilities of Public and Private Sector Organizations.231 Use and Implementation of Technical and Organizational Security Controls.232 3.7 Data Protection Directive — E.C.233 Data Integrity.238 Consent, Notification, and Legitimate Processing.238 Prohibited Processing, Inadequate Safeguards, and Other Violations.239 3.8 Data Protection Act — United Kingdom.241 Data Integrity.244 Consent, Notification, and Legitimate Processing.245 Prohibited Processing, Inadequate Safeguards, and Other Violations.245 Action Taken in the Public Interest.246 3.9 Personal Information Protection and Electronic Documents Act (PIPEDA) — Canada.247 Accountability.249 Identifying Purposes.250 Consent.251 Limiting Collection.252 Limiting Use, Disclosure, and Retention.253 Accuracy.254 Safeguards.255 Openness.256 Individual Access.257 Challenging Compliance.258 3.10 Privacy Act — United States.260 Background.26l Agency Responsibilities.266 Individual Rights.269 Organizational Roles and Responsibilities.272 Comparison of Privacy Regulations.276 HOMELAND SECURITY.279 3.11 Federal Information Security Management Act (FISMA) — United States.279 Director of the OMB.281 Federal Agencies.282 Federal Information Security Center.290 National Institute of Standards and Technology.290 3.12 Homeland Security Presidential Directives (HSPDs) — United States.293 3.13 North American Electrical Reliability Council (NERC) Cyber Security Standards.307 CIP-002-1 — Cyber Security — Critical Cyber Assets.311 CIP-003-1 — Cyber Security — Security Management Controls.312 CIP-004-1 — Cyber Security — Personnel Training.314 CIP-005-1 — Cyber Security — Electronic Security.316 CIP-006-1 — Cyber Security — Physical Security.317 CIP-007-1 — Cyber Security — Systems Security Management.318 CIP-008-1 — Cyber Security — Incident Reporting and Response Planning.321 CIP-009-1 — Cyber Security — Recovery Plans.322 3.14 The Patriot Act — United States.326 Background.327 Government Roles and Responsibilities.329 Private Sector Roles and Responsibilities.345 Individual Rights.349 3.15 Summary.351 3.16 Discussion Problems.365 4 Measuring Resilience of Physical, Personnel, IT, and Operational Security Controls.367 4.1 Introduction.367 4.2 Physical Security.370 Facility Protection.377 Asset Protection.408 Mission Protection.422 Physical Security Metrics Reports.424 4.3 Personnel Security.429 Accountability.433 Background Investigations.439 Competence.454 Separation of Duties.46l Workforce Analysis.469 Personnel Security Metrics Reports.477 4.4 IT Security.485 IT Security Control System.488 Logical Access Control.488 Data Authentication, Non-Repudiation.495 Encryption, Cryptographic Support.498 Flow Control.506 Identification and Authentication.510 Maintainability, Supportability.518 Privacy.523 Residual Information Protection.526 Security Management.528 IT Security Protection System.535 Audit Trail, Alarm Generation.535 Availability.541 Error, Exception, and Incident Handling.551 Fail Safe/Fail Secure, Fail Operational/Fail Soft/Graceful Degradation/Degraded Mode Operations.556 Integrity.56l Domain Separation.567 Resource Management.572 IT Security Metrics Reports.578 4.5 Operational Security.584 Security Engineering Life-Cycle Activities.588 Concept Formulation.588 Security Requirements Analysis and Specification.593 Security Architecture and Design.599 Development and Implementation.607 Security Test and Evaluation (ST E), Certification and Accreditation (C A), Independent Validation and Verification (IV V).615 Delivery, Installation, and Deployment.624 Operations and Maintenance.627 Decommissioning.632 Ongoing Security Risk Management Activities.637 Vulnerability Assessment.637 Security Policy Management.644 Security Audits and Reviews.652 Security Impact Analysis, Privacy Impact Assessment, Configuration Management, Patch Management.656 Security Awareness and Training, Guidance Documents.665 Stakeholder, Strategic Partner, Supplier Relationships.669 Operational Security Metrics Reports.672 4.6 Summary.673 4.7 Discussion Problems.684 5 Measuring Return on Investment (ROI) in Physical, Personnel, IT, and Operational Security Controls.687 5.1 Introduction.687 5.2 Security ROI Model.689 Problem Identification and Characterization.691 Total Cost of Security Feature, Function, or Control. 698 Depreciation Period.698 Tangible Benefits.699 Intangible Benefits.703 Payback Period.712 Comparative Analysis.713 Assumptions.715 5.3 Security ROI Primitives, Metrics, and Reports.716 Part I — Problem Identification and Characterization. 716 Part II — Total Cost of Security Feature, Function, or Control, and Part III — Depreciation Period.719 Part IV — Tangible Benefits.722 Part V — Intangible Benefits.727 Part VI — Payback Period.735 Part VII — Comparative Analysis.735 Part VIII — Assumptions.738 5.4 Summary.748 5.5 Discussion Problems.751 Annexes A Glossary of Terms, Acronyms, and Abbreviations.753 B Additional Resources.777 B.l Standards.777 International.777 United States.779 B.2 Policies, Regulations, and Other Government Documents.780 International.780 United States.781 B.3 Publications.783 Index.791
any_adam_object	1
any_adam_object_boolean	1
author	Herrmann, Debra S.
author_facet	Herrmann, Debra S.
author_role	aut
author_sort	Herrmann, Debra S.
author_variant	d s h ds dsh
building	Verbundindex
bvnumber	BV022270392
callnumber-first	T - Technology
callnumber-label	TK5102
callnumber-raw	TK5102.85
callnumber-search	TK5102.85
callnumber-sort	TK 45102.85
callnumber-subject	TK - Electrical and Nuclear Engineering
classification_rvk	ST 277
ctrlnum	(OCoLC)71348751 (DE-599)BVBBV022270392
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
discipline_str_mv	Informatik
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01888nam a2200481zc 4500</leader><controlfield tag="001">BV022270392</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20070320 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">070214s2007 xxu \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a">2006048710</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780849354021</subfield><subfield code="9">978-0-8493-5402-1</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0849354021</subfield><subfield code="9">0-8493-5402-1</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)71348751</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV022270392</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">xxu</subfield><subfield code="c">US</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-473</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK5102.85</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Herrmann, Debra S.</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Complete guide to security and privacy metrics</subfield><subfield code="b">measuring regulatory compliance, operational resilience, and ROI</subfield><subfield code="c">Debra S. Herrmann</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boca Raton [u.a.]</subfield><subfield code="b">Auerbach Publ.</subfield><subfield code="c">2007</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXI, 824 S.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references and index</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Telecommunication</subfield><subfield code="x">Security measures</subfield><subfield code="x">Evaluation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield><subfield code="x">Evaluation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Public records</subfield><subfield code="x">Access control</subfield><subfield code="x">Evaluation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer crimes</subfield><subfield code="x">Prevention</subfield><subfield code="x">Measurement</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Datenschutz</subfield><subfield code="0">(DE-588)4011134-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Datenschutz</subfield><subfield code="0">(DE-588)4011134-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2=" "><subfield code="u">http://www.loc.gov/catdir/enhancements/fy0668/2006048710-d.html</subfield><subfield code="3">Publisher description</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HBZ Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015480885&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-015480885</subfield></datafield></record></collection>
id	DE-604.BV022270392
illustrated	Not Illustrated
index_date	2024-07-02T16:45:57Z
indexdate	2024-07-09T20:53:48Z
institution	BVB
isbn	9780849354021 0849354021
language	English
lccn	2006048710
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-015480885
oclc_num	71348751
open_access_boolean
owner	DE-473 DE-BY-UBG
owner_facet	DE-473 DE-BY-UBG
physical	XXI, 824 S.
publishDate	2007
publishDateSearch	2007
publishDateSort	2007
publisher	Auerbach Publ.
record_format	marc
spelling	Herrmann, Debra S. Verfasser aut Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI Debra S. Herrmann Boca Raton [u.a.] Auerbach Publ. 2007 XXI, 824 S. txt rdacontent n rdamedia nc rdacarrier Includes bibliographical references and index Telecommunication Security measures Evaluation Computer security Evaluation Public records Access control Evaluation Computer crimes Prevention Measurement Datenschutz (DE-588)4011134-9 gnd rswk-swf Datensicherung (DE-588)4011144-1 gnd rswk-swf Datenschutz (DE-588)4011134-9 s DE-604 Datensicherung (DE-588)4011144-1 s http://www.loc.gov/catdir/enhancements/fy0668/2006048710-d.html Publisher description HBZ Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015480885&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Herrmann, Debra S. Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI Telecommunication Security measures Evaluation Computer security Evaluation Public records Access control Evaluation Computer crimes Prevention Measurement Datenschutz (DE-588)4011134-9 gnd Datensicherung (DE-588)4011144-1 gnd
subject_GND	(DE-588)4011134-9 (DE-588)4011144-1
title	Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI
title_auth	Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI
title_exact_search	Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI
title_exact_search_txtP	Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI
title_full	Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI Debra S. Herrmann
title_fullStr	Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI Debra S. Herrmann
title_full_unstemmed	Complete guide to security and privacy metrics measuring regulatory compliance, operational resilience, and ROI Debra S. Herrmann
title_short	Complete guide to security and privacy metrics
title_sort	complete guide to security and privacy metrics measuring regulatory compliance operational resilience and roi
title_sub	measuring regulatory compliance, operational resilience, and ROI
topic	Telecommunication Security measures Evaluation Computer security Evaluation Public records Access control Evaluation Computer crimes Prevention Measurement Datenschutz (DE-588)4011134-9 gnd Datensicherung (DE-588)4011144-1 gnd
topic_facet	Telecommunication Security measures Evaluation Computer security Evaluation Public records Access control Evaluation Computer crimes Prevention Measurement Datenschutz Datensicherung
url	http://www.loc.gov/catdir/enhancements/fy0668/2006048710-d.html http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015480885&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT herrmanndebras completeguidetosecurityandprivacymetricsmeasuringregulatorycomplianceoperationalresilienceandroi

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge