Threefold Defense

7
Confidentiality, Jordan Faris CMGT|400 Intro to Information Assurance and Security Prof. Richard Zinne 11/20/2013 Integrity, and Availability

Transcript of Threefold Defense

Page 1: Threefold Defense

Confidentiality,

Jordan FarisCMGT|400 Intro to Information Assurance and SecurityProf. Richard Zinne11/20/2013

Integrity, and Availability

Page 2: Threefold Defense

Confidentiality, Integrity, and AvailabilityOriginal “CIA” of Security

• How do confidentiality, integrity and availability all play key roles in protecting information?

Page 3: Threefold Defense

Three-fold Goal of Security

• Availability• Integrity

• Confidentiality

• Security

Security is an over-arching set of protocols, techniques and tools.

Confidentiality is

concerned with barring unauthorized

access.

Availability refers to

prompt data access by

the authorized

user.

Integrity is concerned with the protection of data.

Page 4: Threefold Defense

Confidentiality"...To ensure that

only those individuals who

have the authority to view a piece of information may do

so. No unauthorized

individual should ever be able to

view data they are not entitled to

access."(Conklin et al. "Principles of

Computer Security, p.22)

Page 5: Threefold Defense

Integrity"[...] deals with the generation and modification of data. Only authorized individuals should

ever be able to create or change (or delete) information."

(Conklin et al. "Principles of Computer Security, p.22)

.

Page 6: Threefold Defense

Availability"The goal of

availability is to ensure that the data, or the system itself, is

available for use when the

authorized user wants it."

(Conklin et al. "Principles of

Computer Security, p.22)

Page 7: Threefold Defense

Summary and Notes

Professional

Safeguards

Professional

EthicsProtectio

n

Confidentiality, Integrity and Availability are the basic security principles that form the backbone of most security hardware, software, policies and procedures.Due to increased e-commerce, two recent additions have been incorporated into the CIA of security: • Authentication attempts to ensure that an individual is who they claim to be. • Related to this is nonrepudiation, which deals with the ability to verify that a

message has been sent and received and that the sender can be identified and verified. • Recent emphasis on systems assurance has raised the potential inclusion of the term

auditability, which refers to whether a control can be verified to be functioning properly.


IN DEFENSE OF BACON* - PhilArchive

IN DEFENSE OF BACON* - PhilArchive

Ifirla - Defense Technical Information Center

Ifirla - Defense Technical Information Center

Untitled - Defense Technical Information Center

Untitled - Defense Technical Information Center

SELF DEFENSE MECHANISM SEBAGAI STRATEGI ...

SELF DEFENSE MECHANISM SEBAGAI STRATEGI ...

Compensation Administration - Defense Civilian Intelligence ...

Compensation Administration - Defense Civilian Intelligence ...

IIiL ~ - Defense Technical Information Center

IIiL ~ - Defense Technical Information Center

Defense and Clearing Drills

Defense and Clearing Drills

293 - Defense Logistics Agency

293 - Defense Logistics Agency

Reprogramming Aerospace and Defense, 2004.

Reprogramming Aerospace and Defense, 2004.

mmhmhl - Defense Technical Information Center

mmhmhl - Defense Technical Information Center

DEFENSE OF JAPAN 2020

DEFENSE OF JAPAN 2020

Florida Defense Alliance Newsletter

Florida Defense Alliance Newsletter

airbreathing propulsion for defense

airbreathing propulsion for defense

View Issue - Department of Defense

View Issue - Department of Defense

Defense Security Service - AcqNotes

Defense Security Service - AcqNotes

Defense Business Transformation - DTIC

Defense Business Transformation - DTIC

In Defense of Representation

In Defense of Representation

In Defense of Beauty

In Defense of Beauty

THE DETROIT PISTONS “50” DEFENSE

THE DETROIT PISTONS “50” DEFENSE

Indissoluble Marriage: A Defense

Indissoluble Marriage: A Defense