Information security, sometimes shortened to infosec



Download 0,67 Mb.
Pdf ko'rish
bet5/35
Sana07.08.2021
Hajmi0,67 Mb.
#140828
1   2   3   4   5   6   7   8   9   ...   35
Bog'liq
Information security - Wikipedia

Key concepts
Basic principles

Poster promoting information security by the
Russian 
Ministry of Defence


The CIA triad of confidentiality, integrity,
and availability is at the heart of
information security.
[27]
 (The members of
the classic InfoSec triad—confidentiality,
integrity and availability—are
interchangeably referred to in the
literature as security attributes,
properties, security goals, fundamental
aspects, information criteria, critical
information characteristics and basic
building blocks.) However, debate
continues about whether or not this CIA
triad is sufficient to address rapidly
changing technology and business
requirements, with recommendations to
consider expanding on the intersections
between availability and confidentiality,


as well as the relationship between
security and privacy.
[10]
 Other principles
such as "accountability" have sometimes
been proposed; it has been pointed out
that issues such as non-repudiation do
not fit well within the three core
concepts.
[28]
The triad seems to have first been
mentioned in a NIST publication in
1977.
[29]
In 1992 and revised in 2002, the OECD's
Guidelines for the Security of Information
Systems and Networks
[30]
 proposed the
nine generally accepted principles:
awareness, responsibility, response,
ethics, democracy, risk assessment,


security design and implementation,
security management, and
reassessment. Building upon those, in
2004 the NIST's Engineering Principles for
Information Technology Security
[28]
proposed 33 principles. From each of
these derived guidelines and practices.
In 1998, Donn Parker proposed an
alternative model for the classic CIA triad
that he called the six atomic elements of
information. The elements are
confidentiality, possession, integrity,
authenticity, availability, and utility. The
merits of the Parkerian Hexad are a
subject of debate amongst security
professionals.
[31]


In 2011, The Open Group published the
information security management
standard O-ISM3.
[32]
 This standard
proposed an operational definition of the
key concepts of security, with elements
called "security objectives", related to
access control (9), availability (3), data
quality (1), compliance and technical (4).
In 2009, DoD Software Protection
Initiative  released the Three Tenets of
Cybersecurity  which are System
Susceptibility, Access to the Flaw, and
Capability to Exploit the Flaw.
[33][34][35]
Neither of these models are widely
adopted.

Download 0,67 Mb.

Do'stlaringiz bilan baham:
1   2   3   4   5   6   7   8   9   ...   35




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2025
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish