Data Security and Privacy Legislation

Breach of Data at TJX: An Instructional Case Used to Study COSO and COBIT, with a Focus on Computer Controls, Data Security, and Privacy Legislation

Issues in Accounting Education ◽

10.2308/iace-50031 ◽

2011 ◽

Vol 26 (3) ◽

pp. 521-545 ◽

Cited By ~ 14

Author(s):

Sandra J. Cereola ◽

Ronald J. Cereola

Keyword(s):

Information System ◽

Internal Control ◽

Data Security ◽

Securities And Exchange Commission ◽

Internal Controls ◽

Security And Privacy ◽

Free Enterprise ◽

Sarbanes Oxley ◽

Real World Problem ◽

Privacy Legislation

ABSTRACT Internal control frameworks (ICF) provide a basis for understanding controls in an organization and for making judgments about the effectiveness of controls. The Sarbanes-Oxley Act of 2002 (SOX) requires companies to report, on an ongoing basis, the effectiveness of their internal controls in their annual filings. The Securities and Exchange Commission (SEC) recommends companies use ICF to help achieve compliance with SOX. ICF provide a useful tool for management and auditors evaluating and addressing the adequacy of controls in their organization. As there is no such thing as a “risk-free” enterprise, developing an understanding of ICF is important for students entering the accounting profession. This instructional case provides students the opportunity to assess internal control risks within an organization's information system using a “real-world” problem following COSO (SEC-recommended ICF) and/or COBIT as a guide. Students then evaluate the organization's overall level of internal control risks and formulate recommendations for mitigating such risks.

Download Full-text

Valuing Data Security and Privacy Using Cyber Insurance

SSRN Electronic Journal ◽

10.2139/ssrn.2658069 ◽

2015 ◽

Author(s):

Anand Shah ◽

Shishir Dahake ◽

Sri Hari Haran J

Keyword(s):

Data Security ◽

Security And Privacy ◽

Cyber Insurance

Download Full-text

A Data Security And Privacy Risk Management Framework For WBAN Based Healthcare Applications*

2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops) ◽

10.1109/percomworkshops51409.2021.9431069 ◽

2021 ◽

Author(s):

Pangkaj Chandra Paul ◽

John Loane ◽

Fergal McCaffery ◽

Gilbert Regan

Keyword(s):

Risk Management ◽

Data Security ◽

Security And Privacy ◽

Privacy Risk ◽

Healthcare Applications ◽

Management Framework ◽

Risk Management Framework

Download Full-text

A Comparative Study of User Data Security and Privacy in Native and Cross Platform Android Mobile Banking Applications

2019 International Conference on Cyber Security and Internet of Things (ICSIoT) ◽

10.1109/icsiot47925.2019.00007 ◽

2019 ◽

Cited By ~ 1

Author(s):

Edward Danso Ansong ◽

Thomas Quansah Synaepa-Addision

Keyword(s):

Comparative Study ◽

Data Security ◽

Security And Privacy ◽

Mobile Banking ◽

User Data ◽

Cross Platform ◽

Mobile Banking Applications

Download Full-text

IoT Big Data Security and Privacy Versus Innovation

IEEE Internet of Things Journal ◽

10.1109/jiot.2019.2898113 ◽

2019 ◽

Vol 6 (2) ◽

pp. 1628-1635 ◽

Cited By ~ 18

Author(s):

Karen R. Sollins

Keyword(s):

Big Data ◽

Data Security ◽

Security And Privacy

Download Full-text

Challenges and techniques in Big data security and privacy: A review

Security and Privacy ◽

10.1002/spy2.13 ◽

2018 ◽

Vol 1 (4) ◽

pp. e13 ◽

Cited By ~ 1

Author(s):

Rongxin Bao ◽

Zhikui Chen ◽

Mohammad S. Obaidat

Keyword(s):

Big Data ◽

Data Security ◽

Security And Privacy

Download Full-text

Data Security and Privacy in Cloud Computing

International Journal of Distributed Sensor Networks ◽

10.1155/2014/190903 ◽

2014 ◽

Vol 10 (7) ◽

pp. 190903 ◽

Cited By ~ 65

Author(s):

Yunchuan Sun ◽

Junsheng Zhang ◽

Yongping Xiong ◽

Guangyu Zhu

Keyword(s):

Cloud Computing ◽

Data Security ◽

Security And Privacy

Download Full-text

RBP: a website fingerprinting obfuscation method against intelligent fingerprinting attacks

Journal of Cloud Computing Advances Systems and Applications ◽

10.1186/s13677-021-00244-8 ◽

2021 ◽

Vol 10 (1) ◽

Author(s):

Tao Luo ◽

LiangMin Wang ◽

ShangNan Yin ◽

Hao Shentu ◽

Hui Zhao

Keyword(s):

Data Security ◽

Arrival Time ◽

State Of The Art ◽

Web Security ◽

Security And Privacy ◽

Low Delay ◽

Defense Technology ◽

The Difference ◽

Bandwidth Overhead ◽

Traffic Analysis Attack

AbstractEdge computing has developed rapidly in recent years due to its advantages of low bandwidth overhead and low delay, but it also brings challenges in data security and privacy. Website fingerprinting (WF) is a passive traffic analysis attack that threatens website privacy which poses a great threat to user’s privacy and web security. It collects network packets generated while a user accesses website, and then uses a series of techniques to discover patterns of network packets to infer the type of website user accesses. Many anonymous networks such as Tor can meet the need of hide identity from users in network activities, but they are also threatened by WF attacks. In this paper, we propose a website fingerprinting obfuscation method against intelligent fingerprinting attacks, called Random Bidirectional Padding (RBP). It is a novel website fingerprinting defense technology based on time sampling and random bidirectional packets padding, which can covert the real packets distribution to destroy the Inter-Arrival Time (IAT) features in the traffic sequence and increase the difference between the datasets with random bidirectional virtual packets padding. We evaluate the defense against state-of-the-art website fingerprinting attacks in real scenarios, and show its effectiveness.

Download Full-text