The complete book of data anonymization: from planning to implementation
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
Boca Raton [u.a.]
CRC Press
2013
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Beschreibung: | Includes bibliographical references and index |
| Beschreibung: | XIX, 247 S. Ill. |
| ISBN: | 9781439877302 |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV041086502 | ||
| 003 | DE-604 | ||
| 005 | 20130708 | ||
| 007 | t | ||
| 008 | 130613s2013 a||| |||| 00||| eng d | ||
| 010 | |a 2012030990 | ||
| 020 | |a 9781439877302 |c hardcover : alk. paper |9 978-1-4398-7730-2 | ||
| 035 | |a (OCoLC)854727063 | ||
| 035 | |a (DE-599)GBV729310310 | ||
| 040 | |a DE-604 |b ger |e aacr | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-473 |a DE-11 |a DE-739 | ||
| 084 | |a ST 277 |0 (DE-625)143643: |2 rvk | ||
| 100 | 1 | |a Raghunathan, Balaji |e Verfasser |0 (DE-588)1036615146 |4 aut | |
| 245 | 1 | 0 | |a The complete book of data anonymization |b from planning to implementation |c Balaji Raghunathan |
| 264 | 1 | |a Boca Raton [u.a.] |b CRC Press |c 2013 | |
| 300 | |a XIX, 247 S. |b Ill. | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 500 | |a Includes bibliographical references and index | ||
| 650 | 0 | 7 | |a Datenschutz |0 (DE-588)4011134-9 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Daten |0 (DE-588)4135391-2 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Anonymisierung |0 (DE-588)4139362-4 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Datenschutz |0 (DE-588)4011134-9 |D s |
| 689 | 0 | |5 DE-604 | |
| 689 | 1 | 0 | |a Daten |0 (DE-588)4135391-2 |D s |
| 689 | 1 | 1 | |a Anonymisierung |0 (DE-588)4139362-4 |D s |
| 689 | 1 | |5 DE-604 | |
| 776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe |z 978-1-4398-7731-9 |
| 856 | 4 | 2 | |m Digitalisierung UB Bamberg |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026063185&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 943 | 1 | |a oai:aleph.bib-bvb.de:BVB01-026063185 | |
Datensatz im Suchindex
| _version_ | 1806775960721162240 |
|---|---|
| adam_text |
Contents
Introduction
xiii
Acknowledgments
xv
About the Author
xix
Chapter
1
Overview of Data Anonymization
1
Points to Ponder
1
PII
2
PHI
4
What Is Data Anonymization?
4
What Are the Drivers for Data Anonymization?
S
The Need to Protect Sensitive Data Handled as Part of
Business
5
Increasing Instances of Insider Data Leakage, Misuse of
Personal Data, and the Lure of Money for Mischievous
Insiders
6
Astronomical Cost to the Business Due to Misuse of
Personal Data
7
Risks Arising out of Operational Factors Such as
Outsourcing and Partner Collaboration
8
Legal and Compliance Requirements
8
Will Procuring and Implementing a Data Anonymization
Tool by Itself Ensure Protection of Privacy of Sensitive Data?
9
Ambiguity of Operational Aspects
10
Allowing the Same Users to Access Both Masked
and Unmasked Environments
10
Lack of Buy-In from IT Application Developers,
Testers, and End-Users
10
VI
CONTENTS
Compartmentalized
Approach to Data Anonymization
11
Absence of Data Privacy Protection Policies or
Weak Enforcement of Data Privacy Policies
11
Benefits of Data Anonymization Implementation
11
Conclusion
12
References
12
Part I Data Anonymization Program
Sponsor's Guidebook
Chapter
2
Enterprise Data Privacy Governance Model
19
Points to Ponder
19
Chief Privacy Officer
20
Unit/Department Privacy Compliance Officers
22
The Steering Committee for Data Privacy Protection Initiatives
22
Management Representatives
23
Information Security and Risk Department Representatives
23
Representatives from the Departmental Security and
Privacy Compliance Officers
24
Incident Response Team
24
The Role of the Employee in Privacy Protection
25
The Role of the CIO
26
Typical Ways Enterprises Enforce Privacy Policies
26
Conclusion
26
Chapter
3
Enterprise Data Classification Policy
and Privacy Laws
29
Points to Ponder
29
Regulatory Compliance
30
Enterprise Data Classification
34
Points to Consider
36
Controls for Each Class of Enterprise Data
36
Conclusion
37
Chapter
4
Operational Processes, Guidelines, and
Controls for Enterprise Data Privacy
Protection
39
Points to Ponder
39
Privacy Incident Management
43
Planning for Incident Resolution
44
Preparation
45
Incident Capture
46
Incident Response
47
Post Incident Analysis
47
Guidelines and Best Practices
48
PII/PHI Collection Guidelines
48
Guidelines for Storage and Transmission of PII/PHI
49
PII/PHI Usage Guidelines
49
CONTENTS
VII
Guidelines for Storing PII/PHI on Portable Devices
and Storage Devices
50
Guidelines for Staff
50
Conclusion
50
References
51
Chapter
5
The Different Phases of a Data
Anonymization Program
53
Points to Ponder
53
How Should I Go about the Enterprise Data
Anonymization Program?
53
The Assessment Phase
54
Tool Evaluation and Solution Definition Phase
56
Data Anonymization Implementation Phase
56
Operations Phase or the Steady-State Phase
57
Food for Thought
58
When Should the Organization Invest in a Data
Anonymization Exercise?
58
The Organization's Security Policies Mandate
Authorization to Be Built into Every Application. Won't
this Be Sufficient? Why is Data Anonymization Needed?
58
Is There a Business Case for a Data Anonymization
Program in My Organization?
59
Wben Can a Data Anonymization Program Be Called
a Successful One?
60
Why Should I Go for a Data Anonymization Tool
When SQL Encryption Scripts Can Be Used to
Anonymize Data?
61
Challenges with Using the SQL Encryption Scripts
Approach for Data Anonymization
61
What Are the Benefits Provided by Data Masking Tools
for Data Anonymization?
62
Why Is a Tool Evaluation Phase Needed?
62
Who Should Implement Data Anonymization? Should
It Be the Tool Vendor, the IT Service Partner, External
Consultants, or Internal Employees?
63
How Many Rounds of Testing Must Be Planned to
Certify That Application Behavior Is Unchanged with
Use of Anonymized Data?
64
Conclusion
64
Reference
65
Chapter
6
Departments Involved in Enterprise Data
Anonymization Program
67
Points to Ponder
67
The Role of the Information Security and Risk Department
67
The Role of the Legal Department
68
The Role of Application Owners and Business Analysts
70
Vlil
CONTENTS
Ilu- Role ot
'Administrators
Ilu-
Rule of
t
lu- Project
Management
Orfice (l'MO)
'Ilu-
Rolf of the
ľin.uue
Department
Steering Committee
Conclusion
Chapter
7
Privacy Meter—Assessing the Maturity
of Data Privacy Protection Practices in
the Organization
l'oints
to Ponder
Planning
.1
Data Anonymi/.ition Implementation
Conclusion
Chapter
8
Enterprise Data Anonymization Execution
Model
Points to Ponder
Decentralized Model
Centralized Anonvmization Setup
Shared Services Model
Conclusion
Chapter
9
Tools and Technology
Points to Ponder
Shortlisting Tools for Evaluation
Tool Evaluation and Selection
Functional Capabilities
Technical Capabilities
Operational Capabilities
Financial Parameters
Scoring Criteria for Evaluation
Conclusion
Chapter
10
Anonymization Implementation
—
Activities
and Effort
Points to Ponder
Anonymization Implementation Activities for an Application
Application Anonymization Analysis and Design
Anonymization Environment Setup
Application Anonymization Configuration and Build
Anonymized Application Testing
Complexity Criteria
Application Characteristics
Environment Dependencies
Arriving at an Effort Estimation Model
Case Study
Context
Estimation Approach
Application Characteristics for LOANADM
70
71
71
71
72
n
75
7S
79
S3
83
8-f
85
86
87
89
89
91
92
92
96
99
99
101
101
103
103
104
104
105
105
105
105
106
106
107
108
108
109
110
CONTENTS
IX
Arriving at
a
Ball Park
Estimate
110
Conclusion
Ш
Chapter
11
The Next Wave of Data Privacy
Challenges
ИЗ
Part II Data Anonymization Practitioner's
Guide
Chapter
12
Data Anonymization Patterns
119
Points to Ponder
119
Pattern Overview
119
Conclusion
121
Chapter
13
Data State Anonymization Patterns
123
Points to Ponder
123
Principles of Anonymization
123
Static Masking Patterns
124
EAL Pattern (Extract-Anonymize-Load Pattern)
125
ELA
Pattern (Extract-Load-Anonymize Pattern)
125
Data Subsetting
126
Dynamic Masking
128
Dynamic Masking Patterns
128
Interception Pattern
129
When Should Interception Patterns be Selected and on
What Basis?
130
Challenges Faced When Implementing Dynamic
Masking Leveraging Interception Patterns
132
Invocation Pattern
132
Application of Dynamic Masking Patterns
133
Dynamic Masking versus Static Masking
133
Conclusion
134
Chapter
14
Anonymization Environment Patterns
137
Points to Ponder
137
Application Environments in an Enterprise
137
Testing Environments
139
Standalone Environment
140
Integration Environment
141
Automated Integration Test Environment
144
Scaled-Down Integration Test Environment
148
Conclusion
150
Chapter
15
Data Flow Patterns across Environments
153
Points to Ponder
15
ţ
Flow of Data from Production Environment Databases to
Nonproduction Environment Databases
1
s
ţ
Controls Followed l^
χ
CONTENTS
Movement of Anonymized Files from Production
Environment to Nonproduction Environments
155
Controls
157
Masked Environment for Integration Testing
—
Case Study
157
Objectives of the Anonymization Solution
158
Key Anonymization Solution Principles
158
Solution Implementation
159
Anonymization Environment Design
160
Anonymization Solution
161
Anonymization Solution for the Regression Test/
Functional Testing Environment
163
Anonymization Solution for an Integration Testing
Environment
163
Anonymization Solution for UAT Environment
164
Anonymization Solution for Preproduction Environment
164
Anonymization Solution for Performance Test
Environment
165
Anonymization Solution for Training Environment
166
Reusing the Anonymization Infrastructure across
the Various Environments
166
Conclusion
169
Anonymization Environment Design
169
Chapter
16
Data Anonymization Techniques
171
Points to Ponder
171
Basic Anonymization Techniques
172
Substitution
172
Shuffling
174
Number Variance
176
Date Variance
177
Character Masking
181
Cryptographic Techniques
182
Partial Sensitivity and Partial Masking
185
Masking Based on External Dependancy
185
Auxiliary Anonymization Techniques
186
Alternate Classification of Data Anonymization Techniques
189
Leveraging Data Anonymization Techniques
190
Case Study
191
Input File Structure
191
AppTable Structure
191
Output File Structure
194
Solution
194
Conclusion
195
Data Anonymization Mandatory and Optional Principles
196
Reference
196
Chapter
17
Data Anonymization Implementation
197
Points to Ponder
197
CONTENTS
XI
Prerequisites before Starting Anonymization
Implementation Activities
199
Sensitivity Definition Readiness
—
What Is Considered
Sensitive Data by the Organization?
199
Sensitive Data Discovery
—
Where Do Sensitive Data
Exist?
200
Application Architecture Analysis
200
Application Sensitivity Analysis
202
What Is the Sensitivity Level and How Do
We Prioritize Sensitive Fields for Treatment?
203
Case Study
204
Anonymization Design Phase
208
Choosing an Anomymization Technique for
Anonymization of Each Sensitive Field
208
Choosing a Pattern for Anonymization
209
Anonymization Implementation, Testing, and Rollout Phase
211
Anonymization Controls
212
Anonymization Operations
213
Incorporation of Privacy Protection Procedures as Part
of Software Development Life Cycle and Application Life
Cycle for New Applications
214
Impact on SDLC Team
216
Challenges Faced as Part of Any Data Anonymization
Implementation
216
General Challenges
216
Functional, Technical, and Process Challenges
217
People Challenges
219
Best Practices to Ensure Success of Anonymization Projects
220
Creation of an Enterprise-Sensitive Data Repository
220
Engaging Multiple Stakeholders Early
220
Incorporating Privacy Protection Practices into SDLC
and Application Life Cycle
220
Conclusion
221
References
221
Appendix A: Glossary
223
Index
229 |
| any_adam_object | 1 |
| author | Raghunathan, Balaji |
| author_GND | (DE-588)1036615146 |
| author_facet | Raghunathan, Balaji |
| author_role | aut |
| author_sort | Raghunathan, Balaji |
| author_variant | b r br |
| building | Verbundindex |
| bvnumber | BV041086502 |
| classification_rvk | ST 277 |
| ctrlnum | (OCoLC)854727063 (DE-599)GBV729310310 |
| discipline | Informatik |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>00000nam a2200000 c 4500</leader><controlfield tag="001">BV041086502</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20130708</controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">130613s2013 a||| |||| 00||| eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a">2012030990</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781439877302</subfield><subfield code="c">hardcover : alk. paper</subfield><subfield code="9">978-1-4398-7730-2</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)854727063</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBV729310310</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-473</subfield><subfield code="a">DE-11</subfield><subfield code="a">DE-739</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Raghunathan, Balaji</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1036615146</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">The complete book of data anonymization</subfield><subfield code="b">from planning to implementation</subfield><subfield code="c">Balaji Raghunathan</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boca Raton [u.a.]</subfield><subfield code="b">CRC Press</subfield><subfield code="c">2013</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XIX, 247 S.</subfield><subfield code="b">Ill.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references and index</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Datenschutz</subfield><subfield code="0">(DE-588)4011134-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Daten</subfield><subfield code="0">(DE-588)4135391-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Anonymisierung</subfield><subfield code="0">(DE-588)4139362-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Datenschutz</subfield><subfield code="0">(DE-588)4011134-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">Daten</subfield><subfield code="0">(DE-588)4135391-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="1"><subfield code="a">Anonymisierung</subfield><subfield code="0">(DE-588)4139362-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe</subfield><subfield code="z">978-1-4398-7731-9</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Bamberg</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026063185&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-026063185</subfield></datafield></record></collection> |
| id | DE-604.BV041086502 |
| illustrated | Illustrated |
| indexdate | 2024-08-08T00:10:28Z |
| institution | BVB |
| isbn | 9781439877302 |
| language | English |
| lccn | 2012030990 |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-026063185 |
| oclc_num | 854727063 |
| open_access_boolean | |
| owner | DE-473 DE-BY-UBG DE-11 DE-739 |
| owner_facet | DE-473 DE-BY-UBG DE-11 DE-739 |
| physical | XIX, 247 S. Ill. |
| publishDate | 2013 |
| publishDateSearch | 2013 |
| publishDateSort | 2013 |
| publisher | CRC Press |
| record_format | marc |
| spelling | Raghunathan, Balaji Verfasser (DE-588)1036615146 aut The complete book of data anonymization from planning to implementation Balaji Raghunathan Boca Raton [u.a.] CRC Press 2013 XIX, 247 S. Ill. txt rdacontent n rdamedia nc rdacarrier Includes bibliographical references and index Datenschutz (DE-588)4011134-9 gnd rswk-swf Daten (DE-588)4135391-2 gnd rswk-swf Anonymisierung (DE-588)4139362-4 gnd rswk-swf Datenschutz (DE-588)4011134-9 s DE-604 Daten (DE-588)4135391-2 s Anonymisierung (DE-588)4139362-4 s Erscheint auch als Online-Ausgabe 978-1-4398-7731-9 Digitalisierung UB Bamberg application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026063185&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
| spellingShingle | Raghunathan, Balaji The complete book of data anonymization from planning to implementation Datenschutz (DE-588)4011134-9 gnd Daten (DE-588)4135391-2 gnd Anonymisierung (DE-588)4139362-4 gnd |
| subject_GND | (DE-588)4011134-9 (DE-588)4135391-2 (DE-588)4139362-4 |
| title | The complete book of data anonymization from planning to implementation |
| title_auth | The complete book of data anonymization from planning to implementation |
| title_exact_search | The complete book of data anonymization from planning to implementation |
| title_full | The complete book of data anonymization from planning to implementation Balaji Raghunathan |
| title_fullStr | The complete book of data anonymization from planning to implementation Balaji Raghunathan |
| title_full_unstemmed | The complete book of data anonymization from planning to implementation Balaji Raghunathan |
| title_short | The complete book of data anonymization |
| title_sort | the complete book of data anonymization from planning to implementation |
| title_sub | from planning to implementation |
| topic | Datenschutz (DE-588)4011134-9 gnd Daten (DE-588)4135391-2 gnd Anonymisierung (DE-588)4139362-4 gnd |
| topic_facet | Datenschutz Daten Anonymisierung |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026063185&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT raghunathanbalaji thecompletebookofdataanonymizationfromplanningtoimplementation |