There are three main objectives of security.
- Integrity
-Availability
-Confidentiality
Integrity from a security perspective means that there is assurance that information provided by the system is reliable and accurate. This also means that modification that is unauthorized, or not supposed to happen, is prevented.
The second main objective, availability, means that authorized users are able to access their data and resources in a timely manner. Proper precautions should be in place that will prevent outsiders from affecting availability of data and resources.
Confidentiality refers to the goal of only allowing authorized individuals the ability to view and edit parts of the system that they should see. It should prevail while data is hanging out in a system, being moved around, as well as when it is received by another person or system.
All three are of equal importance and sort of "feed" off one another.
No comments:
Post a Comment