larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

Orchestrating and Automating Security for the Internet of Things: Delivering Advanced Security Capabilities from Edge to Cloud for IoT

Best Value Purchase

Book + eBook Bundle

  • Your Price: $86.39
  • List Price: $143.98
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Acrobat® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

Individual Purchases


  • Your Price: $63.99
  • List Price: $79.99
  • Usually ships in 24 hours.

eBook (Watermarked)

  • Your Price: $51.19
  • List Price: $63.99
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Acrobat® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

  • About
  • Description
  • Sample Content
  • Updates


Students will learn to:

  • Leverage SDN, NFV, fog and cloud compute concepts and architectures to deliver unprecedented security in IoT environments
  • Master best-practice IoT security methodologies through real world use cases
  • Overlay advanced IoT security concepts and technologies onto current IoT deployments, and establish a strong architectural foundation for new deployments
  • Preview the future direction of IoT technologies and security

  • Copyright 2018
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 1008
  • Edition: 1st
  • Book
  • ISBN-10: 1-58714-503-0
  • ISBN-13: 978-1-58714-503-2

Master powerful techniques and approaches for securing IoT systems of all kinds–current and emerging

Internet of Things (IoT) technology adoption is accelerating, but IoT presents complex new security challenges. Fortunately, IoT standards and standardized architectures are emerging to help technical professionals systematically harden their IoT environments. In Orchestrating and Automating Security for the Internet of Things, three Cisco experts show how to safeguard current and future IoT systems by delivering security through new NFV and SDN architectures and related IoT security standards.

The authors first review the current state of IoT networks and architectures, identifying key security risks associated with nonstandardized early deployments and showing how early adopters have attempted to respond. Next, they introduce more mature architectures built around NFV and SDN. You’ll discover why these lend themselves well to IoT and IoT security, and master advanced approaches for protecting them. Finally, the authors preview future approaches to improving IoT security and present real-world use case examples.

This is an indispensable resource for all technical and security professionals, business security and risk managers, and consultants who are responsible for systems that incorporate or utilize IoT devices, or expect to be responsible for them.

· Understand the challenges involved in securing current IoT networks and architectures

· Master IoT security fundamentals, standards, and modern best practices

· Systematically plan for IoT security

· Leverage Software-Defined Networking (SDN) and Network Function Virtualization (NFV) to harden IoT networks

· Deploy the advanced IoT platform, and use MANO to manage and orchestrate virtualized network functions

· Implement platform security services including identity, authentication, authorization, and accounting

· Detect threats and protect data in IoT environments

· Secure IoT in the context of remote access and VPNs

· Safeguard the IoT platform itself

· Explore use cases ranging from smart cities and advanced energy systems to the connected car

· Preview evolving concepts that will shape the future of IoT security

Online Sample Chapter

IoT and Security Standards and Best Practices

Sample Pages

Download the sample pages (includes Chapter 4)

Table of Contents

Foreword xxvii

Introduction xxix

Part I Introduction to the Internet of Things (IoT) and IoT Security

Chapter 1 Evolution of the Internet of Things (IoT) 1

Defining the Internet of Things 2

Making Technology and Architectural Decisions 5

Is the Internet of Things Really So Vulnerable? 8

Summary 9

References 10

Chapter 2 Planning for IoT Security 11

The Attack Continuum 11

The IoT System and Security Development Lifecycle 13

Phase 1: Initiation 15

Phase 2: Acquisition and Development 15

Phase 3: Implementation 16

Phase 4: Operations and Maintenance 17

Phase 5: Disposition 17

The End-to-End Considerations 17

Segmentation, Risk, and How to Use Both in Planning the Consumer/Provider Communications Matrix 21

Segmentation 21

New Approach 25

Summary 30

References 30

Chapter 3 IoT Security Fundamentals 31

The Building Blocks of IoT 31

The IoT Hierarchy 35

Primary Attack Targets 37

Layered Security Tiers 43

Summary 46

References 47

Chapter 4 IoT and Security Standards and Best Practices 49

Today’s Standard Is No Standard 49

Defining Standards 53

The Challenge with Standardization 56

IoT “Standards” and “Guidance” Landscape 58

Architectural or Reference Standards 59

Industrial/Market Focused 61

Standards for NFV, SDN, and Data Modeling for Services 63

Data Modeling and Services 67

Communication Protocols for IoT 70

Physical and MAC Layers 73

Network Layer 73

Transport Layer 74

Application Layer 74

Specific Security Standards and Guidelines 75

Summary 79

References 80

Chapter 5 Current IoT Architecture Design and Challenges 83

What, Why, and Where? A Summary 85

Approaches to IoT Architecture Design 88

An X-Centric Approach 91

The People-/User-Centric IoT Approach (Internet of People and Social IoT) 98

The Information-Centric IoT Approach 100

The Data-Centric IoT Approach 104

System Viewpoint: A Cloudy Perspective 106

Middleware 118

Lambda Architecture 119

Full IoT Stack/Universal 120

General Approaches 120

Internet of Things Architecture Reference Architecture (IoT-A RA) 120

ITU-T Y.2060 125

IoT World Forum (IoTWF) Reference Model 126

oneM2M Reference Architecture 129

IEEE P2413 IoT Architecture 132

The OpenFog Consortium Reference Architecture 133

Alliance for the Internet of Things Innovation (AIOTI) 138

Cloud Customer Architecture for IoT 140

Open Connectivity Foundation and IoTivity 142

Industrial/Market Focused 144

The Industrial Internet Consortium (IIC) 144

Industry 4.0 148

OPC Unified Architecture (OPC UA) 150

Cisco and Rockwell Automation Converged Plantwide Ethernet 153

Cisco Smart Grid Reference Model: GridBlocks 153

NFV- and SDN-Based Architectures for IoT 154

Approaches to IoT Security Architecture 156

Purdue Model of Control Hierarchy Reference Model 157

Industrial Internet Security Framework (IISF) IIC Reference Architecture 160

Cloud Security Alliance Security Guidance for IoT 165

Open Web Application Security Project (OWASP) 168

Cisco IoT Security Framework 168

The IoT Platform Design of Today 172

Security for IoT Platforms and Solutions 178

Challenges with Today’s Designs: The Future for IoT Platforms 179

Summary 183

References 183

Part II Leveraging Software-Defined Networking (SDN) and Network Function Virtualization (NFV) for IoT

Chapter 6 Evolution and Benefits of SDX and NFV Technologies and Their Impact on IoT 185

A Bit of History on SDX and NFV and Their Interplay 185

Software-Defined Networking 188

OpenFlow 192

Open Virtual Switch 195

Vector Packet Processing 198

Programming Protocol-Independent Packet Processors (P4) 201

OpenDaylight 203

Extending the Concept of Software-Defined Networks 212

Network Functions Virtualization 217

Virtual Network Functions and Forwarding Graphs 221

ETSI NFV Management and Orchestration (MANO) 225

The Impact of SDX and NFV in IoT and Fog Computing 235

Summary 248

References 249

Chapter 7 Securing SDN and NFV Environments 251

Security Considerations for the SDN Landscape 251

1: Securing the Controller 252

2: Securing Controller Southbound Communications 256

3: Securing the Infrastructure Planes 260

4: Securing Controller Northbound Communications 263

5: Securing Management and Orchestration 268

6: Securing Applications and Services 270

Security Considerations for the NFV Landscape 272

NFV Threat Landscape 273

Secure Boot 274

Secure Crash 275

Private Keys Within Cloned Images 276

Performance Isolation 278

Tenant/User Authentication, Authorization, and Accounting (AAA) 279

Authenticated Time Service 281

Back Doors with Test and Monitor Functions 281

Multi-administrator Isolation 282

Single Root I/O Virtualization (SRIOV) 283

SRIOV Security Concerns 285

Summary 285

References 285

Chapter 8 The Advanced IoT Platform and MANO 287

Next-Generation IoT Platforms: What the Research Says 287

Next-Generation IoT Platform Overview 291

Platform Architecture 294

Platform Building Blocks 295

Platform Intended Outcomes: Delivering Capabilities as an Autonomous End-to-End Service 303

Example Use Case Walkthrough 308

Event-Based Video and Security Use Case 309

Summary 321

References 321

Part III Security Services: For the Platform, by the Platform

Chapter 9 Identity, Authentication, Authorization, and Accounting 323

Introduction to Identity and Access Management for the IoT 324

Device Provisioning and Access Control Building Blocks 326

Naming Conventions to Establish “Uniqueness” 327

Secure Bootstrap 328

Immutable Identity 328

Bootstrapping Remote Secure Key Infrastructures 329

Device Registration and Profile Provisioning 330

Provisioning Example Using AWS IoT 331

Provisioning Example Using Cisco Systems Identity Services Engine 334

Access Control 336

Identifying Devices 336

Endpoint Profiling 337

Profiling Using ISE 337

Device Sensor 340

Methods to Gain Identity from Constrained Devices 345

Energy Limitations 346

Strategy for Using Power for Communication 347

Leveraging Standard IoT Protocols to Identify Constrained Devices 348

Authentication Methods 351

Certificates 351

Trust Stores 355

Revocation Support 356

SSL Pinning 357

Passwords 357

Limitations for Constrained Devices 358

Biometrics 359

AAA and RADIUS 361

A/V Pairs 362

802.1X 363

MAC Address Bypass 365

Flexible Authentication 366

Dynamic Authorization Privileges 367

Cisco Identity Services Engine and TrustSec 368

RADIUS Change of Authorization 368

Access Control Lists 374

TrustSec and Security Group Tags 376

TrustSec Enablement 379


Manufacturer Usage Description 390

Finding a Policy 390

Policy Types 390

The MUD Model 392

AWS Policy-based Authorization with IAM 394

Amazon Cognito 395

AWS Use of IAM 395

Policy-based Authorization 395

Accounting 397

How Does Accounting Relate to Security? 398

Using a Guideline to Create an Accounting Framework 398

Meeting User Accounting Requirements 400

Scaling IoT Identity and Access Management with Federation Approaches 402

IoT IAM Requirements 403

OAuth 2.0 and OpenID Connect 1.0 404

OAuth 2.0 404

OpenID Connect 1.0 405

OAuth2.0 and OpenID Connect Example for IoT 405

Cloud to Cloud 406

Native Applications to the Cloud 408

Device to Device 409

Evolving Concepts: Need for Identity Relationship Management 411

Summary 414

References 415

Chapter 10 Threat Defense 417

Centralized and Distributed Deployment Options for Security Services 418

Centralized 418

Distributed 420

Hybrid 422

Fundamental Network Firewall Technologies 422

ASAv 423

NGFWv 423

Network Address Translation 424

Overlapping 425

Overloading or Port Address Translation 425

Packet Filtering 426

Industrial Protocols and the Need for Deeper Packet Inspection 428

Common Industrial Protocol 428

Lack of Security 429

Potential Solutions: Not Good Enough 430

Alternative Solution: Deep Packet Inspection 430

Sanity Check 431

User Definable 432

Applying the Filter 432

Application Visibility and Control 433

Industrial Communication Protocol Example 435

MODBUS Application Filter Example 436

Intrusion Detection System and Intrusion Prevention System 437

IPS 438

Pattern Matching 438

Protocol Analysis 439

IDS/IPS Weakness 439

Advanced Persistent Threats and Behavioral Analysis 440

Behavior Analysis Solutions 441

Protocols Used to Gain Additional Visibility 442

Network as a Sensor 444

Pairing with Contextual Information and Adaptive Network Control 446

Encrypted Traffic Analytics 450

Malware Protection and Global Threat Intelligence 455

Cisco Advanced Malware Protection and TALOS 456

DNS-Based Security 462

Umbrella (DNS Security + Intelligent Proxy) 463

Centralized Security Services Deployment Example Using NSO, ESC, and OpenStack 466

ETSI MANO Components in the Use Case 468

VMs (Services) Being Instantiated in the Use Case 469

Use Case Explanation 469

Distributed Security Services Deployment Example Using Cisco Network Function Virtualization Infrastructure Software (NFVIS) 486

Solution Components 487


Orchestration 490

vBranch Function Pack 490

Summary 495

References 495

Chapter 11 Data Protection in IoT 499

Data Lifecycle in IoT 507

Data at Rest 518

Data Warehouses 521

Data Lakes 522

Data in Use 524

Data on the Move 527

Protecting Data in IoT 531

Data Plane Protection in IoT 531

Protecting Management Plane Data in IoT 565

Protecting Control Plane Data 566

Considerations When Planning for Data Protection 567

Summary 573

References 574

Chapter 12 Remote Access and Virtual Private Networks (VPN) 575

Virtual Private Network Primer 575

Focus for This Chapter 576

Site-to-Site IPsec VPN 576

IPsec Overview 577

IKEv1 Phase 1 579

IKEv1 Phase 2 582

Internet Key Exchange Protocol Version 2 584

Benefits of IKEv2 over IKEv1 586

Software-Defined Networking-Based IPsec Flow Protection IETF Draft 588

IPsec Databases 589

Use Case: IKE/IPsec Within the NSF 589

Interface Requirements 590

Applying SDN-Based IPsec to IoT 592

Leveraging SDN for Dynamic Decryption (Using IKE for Control Channels and IPsec for Data Channels) 592

Software-Based Extranet Using Orchestration and NFV 594

Traditional Approach 594

Automating Extranet Using Orchestration Techniques and NFV 595

Software-Based Extranet Use Case 597

Remote Access VPN 598

SSL-Based Remote Access VPN 598

Reverse Proxy 599

Clientless and Thin Client VPN 599

Client Based: Cisco AnyConnect Secure Mobility Client 611

Modules 612

Using AnyConnect in Manufacturing: Use Case Example 617

Summary 622

References 622

Chapter 13 Securing the Platform Itself 625

(A) Visualization Dashboards and Multitenancy 627

(B) Back-End Platform 631

Scenario 1: A New Endpoint Needs to Be Connected to the Network 639

Scenario 2: A User Wants to Deploy a New Service Across the Fog, Network, and Data Center Infrastructure 639

Scenario 3: Creating New Data Topics and Enabling Data Sharing Across Tenants 641

Docker Security 653

Kubernetes Security and Best Practices 656

(C) Communications and Networking 658

(D) Fog Nodes 660

(E) End Devices or “Things” 666

Summary 667

References 667

Part IV Use Cases and Emerging Standards and Technologies

Chapter 14 Smart Cities 669

Use Cases Introduction 669

The Evolving Technology Landscape for IoT 670

The Next-Generation IoT Platform for Delivering Use Cases Across Verticals: A Summary 672

Smart Cities 676

Smart Cities Overview 678

The IoT and Secure Orchestration Opportunity in Cities 688

Security in Smart Cities 693

Smart Cities Example Use Cases 696

Use Case Automation Overview and High-Level Architecture 701

Power Monitoring and Control Use Case: Secure Lifecycle Management of Applications in the Fog Nodes 702

Access Control and Sensor Telemetry of City Cabinets: Simple and Complex Sensor Onboarding 705

Event-Based Video: Secure Data Pipeline and Information Exchange 709

Public Service Connectivity on Demand: Secure User Access and Behavioral Analysis 714

Emergency Fleet Integration 718

Automated Deployment of the Use Cases 721

Summary 725

References 727

Chapter 15 Industrial Environments: Oil and Gas 729

Industry Overview 733

The IoT and Secure Automation Opportunity in Oil and Gas 735

The Upstream Environment 738

Overview, Technologies, and Architectures 739

Digitization and New Business Needs 742

Challenges 743

The Midstream Environment 744

Overview, Technologies, and Architectures 744

Digitization and New Business Needs 747

Challenges 748

The Downstream and Processing Environments 749

Overview, Technologies, and Architectures 749

Digitization and New Business Needs 752

Challenges 753

Security in Oil and Gas 754

Oil and Gas Security and Automation Use Cases: Equipment Health Monitoring and Engineering Access 763

Use Case Overview 763

Use Case Description 765

Deploying the Use Case 767

Preconfiguration Checklist 773

Automated Deployment of the Use Cases 777

Securing the Use Case 778

Power of SGT as a CoA 781

Auto-Quarantine Versus Manual Quarantine 782

Leveraging Orchestrated Service Assurance to Monitor KPIs 783

Evolving Architectures to Meet New Use Case Requirements 788

Summary 792

References 794

Chapter 16 The Connected Car 797

Connected Car Overview 800

The IoT and Secure Automation Opportunity for Connected Cars 809

The Evolving Car Architecture 824

Security for Connected Cars 830

Connected Car Vulnerabilities and Security Considerations 838

Connected Car Security and Automation Use Case 849

Use Case Overview 852

Use Case Automation Overview 854

Secure Access/Secure Platform: Boundary Firewall for OTA Secure Updates 855

Secure Network: Segmentation, Zones, and Interzone Communication 857

Secure Content: Intrusion Detection and Prevention 858

Secure Intelligence: Secure Internet Access from the Vehicle 861

The Future: Personalized Experience Based on Identity 862

Federal Sigma VAMA: Emergency Fleet Solution 863

Automated Deployment of the Use Case 867

Summary 871

References 871

Chapter 17 Evolving Concepts That Will Shape the Security Service Future 873

A Smarter, Coordinated Approach to IoT Security 876

Blockchain Overview 880

Blockchain for IoT Security 888

Machine Learning and Artificial Intelligence Overview 890

Machine Learning 893

Deep Learning 894

Natural Language Processing and Understanding 895

Neural Networks 896

Computer Vision 898

Affective Computing 898

Cognitive Computing 898

Contextual Awareness 899

Machine Learning and Artificial Intelligence for IoT Security 899

Summary 900

References 901

9781587145032 TOC 4/25/2018

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive:

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020