1.1 KiB
| title | aliases | tags | |
|---|---|---|---|
| information-security |
|
Information security is the science of protecting information assets. These include data, systems, equipment, and infrastructure.
[!Definition] "The preservation of confidentiality, integrity and availability of information; in addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved.” (ISO27000 Information Security Management Systems – Overview and Vocabulary)
There is a continuous need for IS as the environement around it is rapidly changing.
Information systems have 6 main components
- data
- people
- hardware
- software
- network
- procedures
IS can be split into three main components, called the cia-triad. The components are:
- Confidentiality
- Availability
- Integrity
People often use the mccumber-cube to think about the security of their system and identify potential vulnerabilities.
It is impossible to create a "perfectly secure system". There exists a access-security-tradeoff