1. Control Objectives for Information Technology Version 4.1, IT Governance Institute, DS5.3 and DS11, 2007: p 118 and 143.

2. Stepping Through the InfoSec Program;Bayuk,2007

3. Bilger, O’Connor, Schunter, Swimmer, Zunic, Data-centric security. Enabling business objectives to drive security, December 2006. IBM Global Services.

4. Data Security Standard Requirements and Security Assessment Procedures version 1.2, Payment Card Industry Security Standards Council, October 2008.

5. File encryption technology methods have been in well known and in practical use since the mid-nineties. Kaufman, Charlie, Radia Perlman and Mike Speciner, Network Security, Private Communication in a Public World, Prentice Hall, 1995. These have been incrementally improved, and catalogued by the Information Technology Laboratory at the US National Institute of Standards and Technology, see Federal Information, Processing Standards Publication 140-2, Security Requirements for Cryptographic Modules, Most recent update 12-03-2002.