Define with explanations the following terms as used in IT security: (i) Confidentiality (ii) Integrity (iii) Availability (iv) Privacy (v) Identification (vi) Authentication (vii) Authorization (viii) Accountability

      

Define with explanations the following terms as used in IT security
i) Confidentiality
ii) Integrity
iii) Availability
iv) Privacy
v) Identification
vi) Authentication
vii) Authorization
viii) Accountability

  

Answers


Lydia
Confidentiality: Confidentiality of information ensures that only those with sufficient privileges may access certain information. When unauthorized individuals or systems can access information, confidentiality is breached. To protect the confidentiality of information, a number of measures are used:
•?Information classification
•?Secure document storage
•?Application of general security policies
•?Education of information custodians and end users
Integrity
Integrity is the quality or state of being whole, complete, and uncorrupted. The integrity of information is threatened when it is exposed to corruption, damage, destruction, or other disruption of its authentic state. Corruption can occur while information is being compiled, stored, or transmitted.
Availability
Availability is the characteristic of information that enables user access to information without interference or obstruction and in a required format. A user in this definition may be either a person or another computer system. Availability does not imply that the information is accessible to any user; rather, it means availability to authorized users.
Privacy
The information that is collected, used, and stored by an organization is to be used only for the purposes stated to the data owner at the time it was collected. This definition of privacy does focus on freedom from observation (the meaning usually associated with the word), but rather means that information will be used only in ways known to the person providing it.
Identification
An information system possesses the characteristic of identification when it is able to recognize individual users. Identification and authentication are essential to establishing the level of access or authorization that an individual is granted.
Authentication
Authentication occurs when a control provides proof that a user possesses the identity that he or she claims.
Authorization
After the identity of a user is authenticated, a process called authorization provides assurance that the user (whether a person or a computer) has been specifically and explicitly authorized by the proper authority to access, update, or delete the contents of an information asset.
Accountability
The characteristic of accountability exists when a control provides assurance that every activity undertaken can be attributed to a named person or automated process. For example, audit logs that track user activity on an information system pro

lydiajane74 answered the question on May 12, 2018 at 08:17


Next: Why is information security policy critical in the protection of information and keeping of information systems and data from danger?
Previous: Under network security infrastructure, what do you understand by term Vulnerability (or Weakness)?

View More Computer Science Questions and Answers | Return to Questions Index


Exams With Marking Schemes

Related Questions