Confidentiality: Confidentiality ensures that only authorized personnel are able access the data. Breaches of Confidentiality can occur when data is not handled in a secure mannerFor example, consider a confidential document of an organization lying on a xerox machine. Such disclosure can take place by word of mouth, by printing, copying, e-mailing or creating documents and other data etc. The classification of the information should determine is confidentiality and hence the appropriate safeguards. Encryption is used for maintaining the confidentiality of information. So that sender will encrypt the information and only the intended receiver will be able to decrypt it.
Integrity. It is an assuarance that the information is not tampered with. Assurance that the information is authentic and complete. Ensuring that information can be relied upon to be sufficiently accurate for its purpose. For example, making copies (say by e-mailing a file) of a sensitive document, threatens both confidentiality and the integrity of the information. Checksums are used for providing integrity of the data. Checksum is output of an algorithm applied to a data. If the data has been tampered with, the output will never be the same.
Availability. Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them. Backup mechanisms provide the facilitty of availability. RAID mechanisms can also be used for the same.
There are 2 more basic factors of security:
Authorization: This ensures that whoever is accessing the data has appropriate permissions to do so. A user may be authenticated in a computer. But he may not be authorized to access some data. File and folder level permissions, access control lists facilitate the authorization of the data.
Non-Repudiation: This is to ensure that a party or a person can not deny that he had sent a message. Digital signatures can be used for maintaining non-repudiation.
No comments:
Post a Comment