What are the characteristics of information security
The characteristics of information security are: 1. Integrity, that is, maintaining the integrity of information so that information can be correctly generated, stored, and transmitted; 2. Confidentiality, that is, preventing leakage of useful information to unauthorized individuals or entities; 3. Availability; 4. Non-repudiation; 5. Controllability, that is, any information in the network system must be controllable within a certain transmission range and storage space.
The operating environment of this tutorial: Windows 7 system, Dell G3 computer.
Information security, ISO (International Organization for Standardization) defines it as: the technical and managerial security protection established and adopted for data processing systems in order to protect computer hardware, software, and data from accidental and malicious destroyed, altered and leaked for any reason.
So what are the characteristics of information security?
The five major characteristics of network information security are: ①integrity, ②confidentiality, ③availability, ④non-repudiation, and ⑤controllability. Taken together, they ensure the effectiveness of electronic information.
1. Integrity
refers to the characteristics of information maintaining non-modification, non-destruction and non-loss during transmission, exchange, storage and processing, that is, maintaining the originality of information , so that information can be correctly generated, stored, and transmitted, which is the most basic security feature.
Integrity implementation:
There are two basic methods for data integrity protection: one is the access control method, which restricts unauthorized entities from modifying the protected data; the other is the damage-detection method, which This method cannot prevent data corruption, but it can ensure that these corruptions can be detected and corrected or alarmed. Integrity protection is generally achieved through a message authentication code (MAC) or digital signature mechanism. When it is confirmed that the hash value cannot be modified, a simple hash algorithm can also be used to protect the integrity of the data. For example, hash values used for system image integrity protection are often stored in trusted computing modules or one-time programmable ROMs.
2. Confidentiality
means that information will not be leaked to unauthorized individuals or entities according to given requirements, that is, to prevent useful information from being leaked to unauthorized individuals or entities. Emphasize that useful information can only be used by authorized objects.
Confidentiality implementation:
There are three basic methods to achieve confidentiality protection: one is access control method to prevent enemies from accessing sensitive information; the other is information hiding method to prevent enemies from discovering sensitive information existence; the third is the method of information encryption, which allows the enemy to observe the representation of the information, but cannot obtain the original information content or extract useful information from the representation.
3. Availability
refers to the characteristics that network information can be correctly accessed by authorized entities and can be used normally as required or can be restored to use under abnormal circumstances, that is, The required information can be correctly accessed when the system is running. When the system is attacked or damaged, it can be quickly restored and put into use. Availability is a measure of the security performance of network information systems for users (enabling information to be used normally according to user requirements).
Availability implementation:
The basic methods to achieve availability protection are redundancy and backup.
4. Non-repudiation
means that during the information exchange process, both parties in communication are convinced of the true identity of the participants themselves and the information provided by the participants, that is, It is impossible for any participant to deny or deny his or her true identity, the authenticity of the information provided, and the completed operations and commitments.
Non-repudiation implementation:
Using the non-repudiation function, although it cannot prevent communication participants from denying the occurrence of communication exchanges, it can provide credible evidence when disputes arise, which is conducive to dispute resolution. . Non-repudiation in the network environment can be divided into non-repudiation of origin and non-repudiation of delivery, which are mainly realized through digital signature technology.
5. Controllability
refers to the characteristics that can effectively control the dissemination and specific content of information circulating in the network system, that is, any information in the network system It must be controllable within a certain transmission range and storage space.
Controllability implementation:
In addition to the conventional monitoring of dissemination sites and dissemination content, the most typical custody policy such as passwords, when the encryption algorithm is managed by a third party , must be controlled and implemented strictly in accordance with regulations.
For more related knowledge, please visit the FAQ column!
The above is the detailed content of What are the characteristics of information security. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
What does edr mean in network security?
Aug 29, 2022 pm 02:25 PM
In network security, EDR refers to "Endpoint Detection and Response". It is a proactive endpoint security solution that includes real-time monitoring and the use of automatic threat response mechanisms to collect endpoint security data; by recording terminal and network events, this information is stored locally. stored on endpoints or centrally in a database. EDR will collect known attack indicators, behavioral analysis databases to continuously search data and machine learning technology to monitor any possible security threats and respond quickly to these security threats.
What level of information is transmitted using an encrypted fax machine?
Aug 31, 2022 pm 02:31 PM
"Confidential" and "Secret". Do not use ordinary telephones or fax machines to discuss or transmit confidential information. To fax confidential information, you must use an encrypted fax machine approved by the national cryptography management department. It is strictly forbidden to use an unencrypted fax machine to transmit state secrets. Encrypted fax machines can only transmit confidential and confidential information, and top-secret information should be sent to local confidential departments for translation.
What are the five basic elements of information security?
Sep 13, 2023 pm 02:35 PM
The five basic elements of information security are confidentiality, integrity, availability, non-repudiation and auditability. Detailed introduction: 1. Confidentiality is to ensure that information can only be accessed and used by authorized people or entities to prevent unauthorized disclosure or disclosure. In order to maintain confidentiality, encryption technology can be used to encrypt sensitive information and only authorized personnel To decrypt and access; 2. Integrity refers to ensuring the accuracy and integrity of information during storage, transmission and processing, and preventing information from being tampered with, modified or damaged. In order to maintain integrity, data integrity checks can be used, etc. .
What is the difference between cybersecurity and information security?
Jun 11, 2023 pm 04:21 PM
With the advent of the digital age, network security and information security have become indispensable topics. However, many people are not clear about the difference between these two concepts. This article will provide a detailed analysis in terms of definition, scope, threats, etc. 1. Definition and Category Differences Network security refers to a technology that protects the security of the network and the hardware, software, data and other resources involved in its operation. Specifically, network security includes the following aspects: network infrastructure, network application services, network data and information flow, network security management and monitoring, network protocols and transmission security.
What are the characteristics of information security
Aug 15, 2023 pm 03:40 PM
Characteristics of information security: 1. Confidentiality, information can only be accessed and used by authorized persons or entities, and cannot be obtained by unauthorized persons; 2. Integrity, information remains complete and accurate during transmission, storage and processing ; 3. Availability, the information is available and accessible when needed; 4. Credibility, the source and content of the information are trustworthy to prevent the spread of false or malicious information; 5. Non-repudiation, the sender of the information and the recipient cannot deny their behavior or communication; 6. Auditability, traceability and auditability of information security; 7. Privacy protection, etc.
10 iPhone privacy settings to enhance security
Apr 23, 2023 pm 09:46 PM
The iPhone is widely regarded as a ubiquitous smartphone that provides users with a host of computer-like features. However, cybercriminals often target smartphones, including iPhones, to extract sensitive data and personal information. Given the convenience of performing daily tasks on the go, the iPhone also poses a potential vulnerability to user privacy. Even tech-savvy people can be at risk if their device's security settings are not configured properly. Fortunately, users can take precautions to prevent unauthorized access to their iPhone. This guide outlines 10 important iPhone privacy settings that users should adjust to enhance the security of their device. Your iPhone is not what you think it is
What are the elements of information security?
Aug 18, 2023 pm 05:17 PM
The elements of information security include confidentiality, integrity, availability, authenticity, non-repudiation, auditability and recoverability. Detailed introduction: 1. Confidentiality refers to ensuring that information can only be accessed and used by authorized people or entities, which means that information should be encrypted during transmission and storage, and only verified users can access the information; 2. Completeness Safety refers to ensuring that information is not tampered with or damaged during transmission and storage; 3. Availability refers to ensuring that information can be used timely and reliably when needed, which requires the use of data integrity checks and verification mechanisms, etc.
Methodological analysis of enterprise information security management
Jun 11, 2023 am 11:39 AM
With the rapid development of information technology, enterprises are facing more and more information security risks. Information security problems may come from internal sources, such as employee negligence, poor management, malicious operations, etc.; they may also come from external sources, such as hacker attacks, virus infections, phishing, etc. Ensuring corporate information security not only involves the economic interests of the company, but also involves customer trust and brand value. Therefore, enterprises should pay attention to information security management and adopt scientific and effective methods to conduct information security management. In this article, we will analyze enterprise information security from a methodological perspective.