Information security protects data

Information security is to protect the "availability", "confidentiality", "integrity", "controllability" and "auditability" of data. Information security is to protect computer hardware, software, and data from being damaged, altered, and leaked due to accidental and malicious reasons.

The operating environment of this tutorial: Windows 7 system, Dell G3 computer.

Information security, ISO (International Organization for Standardization) defines it as: the technical and managerial security protection established and adopted for data processing systems in order to protect computer hardware, software, and data from accidental and malicious destroyed, altered and leaked for any reason.

There are 5 criteria to measure whether information is safe:

(1) Integrity of information, ensuring that the information is not exposed to unauthorized users or processes, that is, the original data of the information cannot be illegally obtained or modified. , it is the basis for ensuring the reliability of information;

(2) Availability of information, authorized legal users or processes can access the corresponding authorized information data at any time as long as needed (even if there is an attacker, the attacker cannot Occupying all resources and hindering the work of the authorizer);

(3) Confidentiality of information, only authorized people can modify the data, and deny illegal access;

(4) The controllability of information can control the flow and behavior of information within the scope of authorization;

(5) The reviewability of information can provide the basis and means for investigating network security issues that arise. . These five metrics can only qualitatively measure network security.

Related expansion introduction:

The full name of the International Organization for Standardization (International Organization for standardization) and the abbreviation (ISO) are not exactly the same. In fact, "ISO" is an etymology derived from the Greek word meaning "equal."

From "equal" to "standard", the idea of ​​using "ISO" as the name of the organization seems very logical. In addition, ISO is used as a name to represent the organization throughout the world, thus avoiding the different situations that arise when member groups use different national languages ​​to convert "International Organization for Standardization" into acronyms. No matter which country it is in, The abbreviation of the organization has always been "ISO".

The purpose and purpose of the International Organization for Standardization is:

"To promote the development of standardization work worldwide to facilitate international material exchange and services, and to expand the scope of knowledge, science, technology and Economic cooperation." Its main activities are to formulate international standards, coordinate worldwide standardization work, organize members and technical committees to exchange information, cooperate with other international organizations, and jointly study related standardization issues.

Related recommendations: " Programming Learning Website"

The above is the detailed content of Information security protects data. For more information, please follow other related articles on the PHP Chinese website!