I got a question from a reader of my blog. He wanted me to define the different aspects of security in layman terms. Here is a definition I often use where I divide security into three components: Integrity, Availability and Secrecy. (Others sometimes other words to describe the same thing)
Availability: I define this as the systems ability to give service to authorised users. The information users needs should be available when the users have the need. For companies that are dependent on Internet as a source of income, availability is a major concern.
Secrecy: The systems ability to provide access to information or services only to identified and approved users on a need to know basis.
Integrity: The systems ability to maintain the "correctness" of the information. How do you know if the information not has been tampered with?
Different organisations will value these factors differently and therefore it is hard to compare security solutions between different organisations. Added to that different organisations have different threat levels to live with.
There are more factors that can be taken into account but I think that these are the most important ones.
Subscribe to:
Post Comments (Atom)
3 comments:
What about confidentiality?
I used the word secrecy instead..there is no real reason for that...I am just used to do that
I agree with the definition you have provided in this article about security. All these three components describes the complete importance and meaning of security.
electronic signature
Post a Comment