The characteristics of information security are: 1. Integrity, that is, maintaining the integrity of information so that information can be correctly generated, stored, and transmitted; 2. Confidentiality, that is, preventing leakage of useful information to unauthorized individuals or entities; 3. Availability; 4. Non-repudiation; 5. Controllability, that is, any information in the network system must be controllable within a certain transmission range and storage space.
The operating environment of this tutorial: Windows 7 system, Dell G3 computer.
Information security, ISO (International Organization for Standardization) defines it as: the technical and managerial security protection established and adopted for data processing systems in order to protect computer hardware, software, and data from accidental and malicious destroyed, altered and leaked for any reason.
So what are the characteristics of information security?
The five major characteristics of network information security are: ①integrity, ②confidentiality, ③availability, ④non-repudiation, and ⑤controllability. Taken together, they ensure the effectiveness of electronic information.
1. Integrity
refers to the characteristics of information maintaining non-modification, non-destruction and non-loss during transmission, exchange, storage and processing, that is, maintaining the originality of information , so that information can be correctly generated, stored, and transmitted, which is the most basic security feature.
Integrity implementation:
There are two basic methods for data integrity protection: one is the access control method, which restricts unauthorized entities from modifying the protected data; the other is the damage-detection method, which This method cannot prevent data corruption, but it can ensure that these corruptions can be detected and corrected or alarmed. Integrity protection is generally achieved through a message authentication code (MAC) or digital signature mechanism. When it is confirmed that the hash value cannot be modified, a simple hash algorithm can also be used to protect the integrity of the data. For example, hash values used for system image integrity protection are often stored in trusted computing modules or one-time programmable ROMs.
2. Confidentiality
means that information will not be leaked to unauthorized individuals or entities according to given requirements, that is, to prevent useful information from being leaked to unauthorized individuals or entities. Emphasize that useful information can only be used by authorized objects.
Confidentiality implementation:
There are three basic methods to achieve confidentiality protection: one is access control method to prevent enemies from accessing sensitive information; the other is information hiding method to prevent enemies from discovering sensitive information existence; the third is the method of information encryption, which allows the enemy to observe the representation of the information, but cannot obtain the original information content or extract useful information from the representation.
3. Availability
refers to the characteristics that network information can be correctly accessed by authorized entities and can be used normally as required or can be restored to use under abnormal circumstances, that is, The required information can be correctly accessed when the system is running. When the system is attacked or damaged, it can be quickly restored and put into use. Availability is a measure of the security performance of network information systems for users (enabling information to be used normally according to user requirements).
Availability implementation:
The basic methods to achieve availability protection are redundancy and backup.
4. Non-repudiation
means that during the information exchange process, both parties in communication are convinced of the true identity of the participants themselves and the information provided by the participants, that is, It is impossible for any participant to deny or deny his or her true identity, the authenticity of the information provided, and the completed operations and commitments.
Non-repudiation implementation:
Using the non-repudiation function, although it cannot prevent communication participants from denying the occurrence of communication exchanges, it can provide credible evidence when disputes arise, which is conducive to dispute resolution. . Non-repudiation in the network environment can be divided into non-repudiation of origin and non-repudiation of delivery, which are mainly realized through digital signature technology.
5. Controllability
refers to the characteristics that can effectively control the dissemination and specific content of information circulating in the network system, that is, any information in the network system It must be controllable within a certain transmission range and storage space.
Controllability implementation:
In addition to the conventional monitoring of dissemination sites and dissemination content, the most typical custody policy such as passwords, when the encryption algorithm is managed by a third party , must be controlled and implemented strictly in accordance with regulations.
For more related knowledge, please visit theFAQcolumn!
The above is the detailed content of What are the characteristics of information security. For more information, please follow other related articles on the PHP Chinese website!