Home >Common Problem >The main purpose of information security is to ensure the security of information

The main purpose of information security is to ensure the security of information

青灯夜游
青灯夜游Original
2022-07-21 15:58:0344542browse

The basic goal of information security is to ensure the integrity, confidentiality, availability, and controllability of information. Integrity refers to ensuring that information is tampered with by unauthorized users during storage, use and transmission, ensuring that information is consistent internally and externally, and preventing authorized users from tampering with inappropriate information. Confidentiality means that network information is not disclosed to unauthorized users, entities or processes. Availability refers to the characteristic that information resources can be accessed by authorized entities as required, used normally, or restored to use under abnormal circumstances. Controllability refers to the ability to control network systems and information transmission.

The main purpose of information security is to ensure the security of information

The operating environment of this tutorial: Windows 7 system, Dell G3 computer.

Information security, ISO (International Organization for Standardization) defines it as: the technical and managerial security protection established and adopted for data processing systems in order to protect computer hardware, software, and data from accidental and malicious destroyed, altered and leaked for any reason.

The basic goal of information security is to ensure the integrity, confidentiality, availability, and controllability of information.

Integrity

Ensure that information is tampered with by unauthorized users during storage, use and transmission; ensure that information is consistent internally and externally to avoid tampering by authorized users Inappropriate information. The integrity of information means that there are no changes, losses, errors, etc. in the use, sending, and storage of information; the integrity of information is mainly guaranteed by message digest and encryption technology.

With the help of various information technologies such as encryption and hash functions, network information systems can effectively block illegal and spam information and improve the security of the entire system.

Confidentiality

Confidentiality (confidentiality) refers to the fact that network information is not disclosed to unauthorized users, entities or processes. That is, the information is only available to authorized users. Confidentiality is an important means to ensure network information security based on reliability and availability.

Confidentiality in network information security refers to the characteristics of information not being leaked to unauthorized individuals, entities or processes according to given requirements, or providing its utilization, that is, preventing useful information from being leaked to unauthorized individuals or entities. Emphasize that useful information can only be used by authorized objects.

With the application of encryption technology, the network information system can delete users who apply for access, allowing users with permissions to access network information, while rejecting access applications from users without permissions.

Availability

Also known as validity, refers to the characteristics that information resources can be accessed by authorized entities as required, used normally, or can be restored to use under abnormal circumstances (system Security features for user services). Correctly access the required information while the system is running. When the system is accidentally attacked or damaged, it can be quickly restored and put into use. It is a measure of the user-oriented security performance of network information systems to ensure the provision of services to users.

The availability of network information resources is not only to provide valuable information resources to end users, but also to quickly restore information resources when the system is damaged to meet user needs.

Controllability

refers to the degree of controllability of network systems and information within the transmission range and storage space. It is the control capability characteristic of network systems and information transmission.

From a national level, the controllability of information security is not only related to the controllability of information, but also closely related to the controllability of security products, markets, etc. The controllability of information is mainly ensured by the access control technology based on PKI/PMI.

In addition, information security also has the following additional attributes:

  • Non-repudiation: The non-repudiation of information is also called non-repudiation, Non-repudiation.

This is the undeniable expansion of traditional needs and requirements in the information society. Various commercial and government affairs activities in human society are based on trust. In the past, seals, seals, signatures, etc. were important measures to achieve non-repudiation. The same is true for information non-repudiation, which is to avoid non-recognition of entities. Behavior. Non-repudiation is divided into non-repudiation of nuclear power plants and non-repudiation of reception. The former is to prevent the sender from admitting the data and data content it sends, and the latter is to prevent the receiver from recognizing the data and data content received. Non-repudiation is mainly guaranteed by authentication technology.

  • Reliability: It is a characteristic of information users being satisfied with the quality and continuous service to users. However, some people think that reliability requires information systems, but not the information itself.

For more related knowledge, please visit the FAQ column!

The above is the detailed content of The main purpose of information security is to ensure the security of information. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn