Information Security

Eight fundamental concepts in security:
– Identification (user ID, application ID, or system ID. IDs are used to indicate to a system who or what is trying to gain access)
– Authentication (validate the claimed identity of a user or resource)
– Authorization (determine if an entity is permitted access to a particular resource)
– Confidentiality (ensure that only authorized parties have access to sensitive data. Privacy is a concept related to personal information, whereas confidentiality is a mechanism or a goal)
– Integrity (verification that data has not been garbled, modified, or lost inadvertently, system has not been tampered with)
– Availability (DDOS, performance)
– Non-Repudiation (legally admissible proof that a transaction occurred, such that neither participant in a transaction can later deny having participated)
– Accountability (processes and technologies necessary to track system usage, identify inappropriate actions, and address the problem)

Comments (0)

› No comments yet.

Leave a Reply

Allowed Tags - You may use these HTML tags and attributes in your comment.

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Pingbacks (0)

› No pingbacks yet.