0980925_Task 2

0980925_Task 2 - Student Thai Thi Mai Trinh 0980925...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Student: Thai Thi Mai Trinh _ 0980925 Overview of the information assurance process Information assurance (IA) is the practice of managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes. While focused dominantly on information in digital form, the full range of IA encompasses not only digital but also analogy or physical form. Information assurance as a field has grown from the practice of information security which in turn grew out of practices and procedures of computer security. The IA process has three core and two additional principles to create the 5 Pillars of IA. The three core principles are Confidentiality, Integrity and Availability, and the two additional principles are Authentication and Non-repudiation. Confidentiality: Assurance that information is not disclosed to unauthorized individuals, processes, or devices. Confidential information must only be accessed, used, copied, or disclosed by users who have been authorized, and only when there is a genuine need. A confidentiality breach occurs when information or information systems have been, or may have been, accessed, used, copied, or disclosed, or by someone who was not authorized to have access to the information. Integrity: Quality of an IS reflecting the logical correctness and reliability of the operating system; the logical completeness of the hardware and software implementing the protection mechanisms; and the consistency of the data structures and occurrence of the stored data. Note that, in a formal security mode, integrity is interpreted more narrowly to mean protection against unauthorized modification or destruction of information. Availability: Timely, reliable access to data and information services for authorized users. Availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed. The opposite of availability is the lack thereof, one example of this is a common attack known as a denial of service (DoS) attack. Authentication:
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/31/2011 for the course ECON 101 taught by Professor Klute during the Spring '11 term at MIT.

Page1 / 6

0980925_Task 2 - Student Thai Thi Mai Trinh 0980925...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online