Principles Of Security
Table of content
This are the 5 principles of security every people should know.
- Confidentiality is probably the most aspect of information security. The principle of confidentiality specifies that only the sender and intended receiver should be able to access the contents of a message that sent.
- Confidentiality gets compromised if an unauthorized person is able to access a message without your permission.
- The protection of confidential pieces of information is required. An organization should be protected from those malicious acts to endanger the confidentiality of its information.
- Example: Accounts of banking customers must be kept secret. Privacy not only applies to information storage but also applies to the transmission of information. When we send a piece of information from a remote computer, we need to hide it during the transmission. Due to interception, there is a loss of message privacy.
- Information needs to be changed constantly Integrity means that changes need to be done only by authorized entities and through authorized mechanisms. When the contents of a message are changed after the sender send it before it reaches the intended recipient it is said that integrity of the message is lost.
- Integrity violation is not necessarily the result of a malicious act; an interruption in the system such as a power surge may also create unwanted changes is some information.
- Modification causes loss of message integrity.
- The principle of availability states that resources should be available to authorized parties at all times. The information created and stored by an organization needs to be available to authorized entities. Information is useless if it is not available.
- Information needs to be changed constantly which mean it must be accessible to authorized entities.
- The unavailability of information is just as harmful for an organization as the lack of confidentiality or integrity.
- Example: The solution can be difficult for a bank if the customer could not access their accounts for transactions.
- Interruption puts the availability of resources in danger.
- The process of verifying that user are who they claim to be when logging onto a system. Generally, the use of user names and password accomplishes this. More sophisticated is the use of smart card and retina scanning.
- The process of authentication does not grant the user access right to resource this is achieved through the authorization process.
- There are the situation where a user sends a message, and later on, refuse that she had sent that message.
- The principle fo non-repudiation defeats such possibilities of denying something, having done it.
READ:- Best Hosting Server
So this is the 5 principle of security
If you have any queries related to the principle of security, comment it in the comment box.