C838 - Managing Cloud Security STUDY
SET /GWU COURSE
International Traffic in Arms Regulation (ITAR) -(ANSW)- USA -
state dept prohibitions on defense related exports. This can include
cryptographic systems.
Export Administration Regulations -(ANSW)- Department of
Commerce
Control: dual-use goods/software/technology predominately civilian in
nature but may include military applications.
Also: Anti-boycott provisions
The Wassenaar Arrangement -(ANSW)- A group of 41 countries who
have an agreement to let the others know when military shipments are
made to non-member countries.
Brewer-Nash model -(ANSW)- Regarding employees in a shared
datacenter - the employees' previous access to data determines their
future access levels. This involves their access to customer data. If they
had access to customer A's data in the past, they should not get access to
, Customer A's competitors after that. (Also known as the Chinese Wall
model)
The Electronic Communication Privacy Act (ECPA) -(ANSW)-
Enhance laws restricting the government from putting wire taps on
phone calls, updating them to include electronic communication in the
form of data.
The Stored Communications Act (SCA, Title II of the Electronic
Communications Privacy Act) -(ANSW)- Restrict government from
forcing ISPs to disclose customer data the ISP might possess.
Graham- Leach-Bliley Act (GLBA) -(ANSW)- Allow banks to merge
with and own insurance companies. Included in the law were
stipulations that customer account information be kept secure and
private, and that customers be allowed to opt out of any information-
sharing arrangements the bank or insurer might engage in.
Sarbanes-Oxley Act (SOX) -(ANSW)- Increase transparency into
publicly traded corporations' financial activities. Includes provisions for
securing data and expressly names the traits of confidentiality, integrity,
and availability.
Health Insurance Portability and Accountability Act (HIPAA) -
(ANSW)- Protect patient records and data, known as electronic
protected health information (ePHI).
SET /GWU COURSE
International Traffic in Arms Regulation (ITAR) -(ANSW)- USA -
state dept prohibitions on defense related exports. This can include
cryptographic systems.
Export Administration Regulations -(ANSW)- Department of
Commerce
Control: dual-use goods/software/technology predominately civilian in
nature but may include military applications.
Also: Anti-boycott provisions
The Wassenaar Arrangement -(ANSW)- A group of 41 countries who
have an agreement to let the others know when military shipments are
made to non-member countries.
Brewer-Nash model -(ANSW)- Regarding employees in a shared
datacenter - the employees' previous access to data determines their
future access levels. This involves their access to customer data. If they
had access to customer A's data in the past, they should not get access to
, Customer A's competitors after that. (Also known as the Chinese Wall
model)
The Electronic Communication Privacy Act (ECPA) -(ANSW)-
Enhance laws restricting the government from putting wire taps on
phone calls, updating them to include electronic communication in the
form of data.
The Stored Communications Act (SCA, Title II of the Electronic
Communications Privacy Act) -(ANSW)- Restrict government from
forcing ISPs to disclose customer data the ISP might possess.
Graham- Leach-Bliley Act (GLBA) -(ANSW)- Allow banks to merge
with and own insurance companies. Included in the law were
stipulations that customer account information be kept secure and
private, and that customers be allowed to opt out of any information-
sharing arrangements the bank or insurer might engage in.
Sarbanes-Oxley Act (SOX) -(ANSW)- Increase transparency into
publicly traded corporations' financial activities. Includes provisions for
securing data and expressly names the traits of confidentiality, integrity,
and availability.
Health Insurance Portability and Accountability Act (HIPAA) -
(ANSW)- Protect patient records and data, known as electronic
protected health information (ePHI).
