2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet184/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   180   181   182   183   184   185   186   187   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Pseudonymization
Two technical security controls that organizations can implement are encryption and pseud-
onymization. As mentioned previously, all sensitive data in transit and sensitive data at rest 
should be encrypted. When pseudonymization is performed effectively, it can result in less 
stringent requirements that would otherwise apply under the GDPR.
A pseudonym is an alias. As an example, 
Harry Potter
author J. K. Rowling published a 
book titled 
The Cuckoo’s Calling
under the pseudonym of Robert Galbraith. If you know 
the pseudonym, you’ll know that any future books authored by Robert Galbraith are writ-
ten by J. K. Rowling.
Pseudonymization
refers to the process of using pseudonyms to represent other data. It 
can be done to prevent the data from directly identifying an entity, such as a person. As an 
example, consider a medical record held by a doctor’s office. Instead of including personal 
information such as the patient’s name, address, and phone number, it could just refer to 
the patient as Patient 23456 in the medical record. The doctor’s office still needs this per-
sonal information, and it could be held in another database linking it to the patient
pseudonym (Patient 23456).
Note that in the example, the pseudonym (Patient 23456) refers to several pieces of 
information on the person. It’s also possible for a pseudonym to be used for a single piece 
of information. For example, you can use one pseudonym for a first name and another 
pseudonym for a last name. The key is to have another resource (such as another database) 
that allows you to identify the original data using the pseudonym.

Determining Ownership 
183
The GDPR refers to pseudonymization as replacing data with
artifi cial identifi ers
. These 
artifi cial identifi ers are pseudonyms. 
Tokenization is similar to pseudonymization.
Pseudonymization
uses 
pseudonyms to represent other data.
Tokenization
uses tokens to represent 
other data. Neither the pseudonym nor the token has any meaning or value 
outside the process that creates them and links them to the other data. 
Additionally, both methods can be reversed to make the data meaningful.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   180   181   182   183   184   185   186   187   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish