Information assurance: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Howard C. Berkowitz
No edit summary
mNo edit summary
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{subpages}}
{{PropDel}}<br><br>{{subpages}}
{{seealso | cryptography}}
'''Information assurance''', or sometimes '''information security''', is a broad term that includes both communications security and computer security, along with the appropriate administrative infrastructure for personnel and physical security. Information assurance is meaningless without a security policy defining threats, management approach to protection, staff responsibilities, and actions to be taken against attacks and failures.
{{seealso | communications security}}
'''Information assurance''', or sometimes '''information security''', is a broad term that includes both [[communications security]] and [[computer security]], along with the appropriate administrative infrastructure for personnel and physical security. Information assurance is meaningless without a [[security policy]] defining threats, management approach to protection, staff responsibilities, and actions to be taken against attacks and failures.


==Access and audit==
==Access and audit==
Among the most fundamental foundations of information security is to establish policies, and, where appropriate, detailed rules, for the allowed uses of resources, by users authorized and whose authorizations are authenticated, to resources whose integrity also may need to be autheticated. In principle, all user-resource informations need to be logged and available for audit.  
Among the most fundamental foundations of information security is to establish policies, and, where appropriate, detailed rules, for the allowed uses of resources, by users authorized and whose authorizations are authenticated, to resources whose integrity also may need to be autheticated. In principle, all user-resource interactions need to be logged and available for audit.  


==Computer security==
==Computer security==
{{seealso|Computer security}}
{{seealso|Computer security}}
Properly, computer security deals with the policies, procedures and technologies used to protect end computer systems, rather than the networks interconnecting to them, although the two are often grouped together. Complicating the definition is that many components of networks, such as [[router]]s and [[firewall]]s, are themselves computers and need stringent computer security practices.
Properly, computer security deals with the policies, procedures and technologies used to protect end computer systems, rather than the networks interconnecting to them, although the two are often grouped together. Complicating the definition is that many components of networks, such as routers and firewalls, are themselves computers and need stringent computer security practices.
==Communications security==
==Communications security==
{{seealso|Internet Protocol security architecture‎}}
{{seealso|Internet Protocol security architecture‎}}
Also called telecommunications security, this subject addresses both non-computer and computer security, although the boundaries are blurring. A World War II radio would have to connect to an external encryption device, while modern radios, such as the [[Joint Tactical Radio System]], are apt to be computer-controlled and have integrated encryption.  
Also called telecommunications security, this subject addresses both non-computer and computer security, although the boundaries are blurring. A World War II radio would have to connect to an external encryption device, while modern radios, such as the Joint Tactical Radio System, are apt to be computer-controlled and have integrated encryption.  
==References==
==References==
{{reflist}}
{{reflist}}[[Category:Suggestion Bot Tag]]

Latest revision as of 06:01, 1 September 2024

This article may be deleted soon.
To oppose or discuss a nomination, please go to CZ:Proposed for deletion and follow the instructions.

For the monthly nomination lists, see
Category:Articles for deletion.


This article is a stub and thus not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

Information assurance, or sometimes information security, is a broad term that includes both communications security and computer security, along with the appropriate administrative infrastructure for personnel and physical security. Information assurance is meaningless without a security policy defining threats, management approach to protection, staff responsibilities, and actions to be taken against attacks and failures.

Access and audit

Among the most fundamental foundations of information security is to establish policies, and, where appropriate, detailed rules, for the allowed uses of resources, by users authorized and whose authorizations are authenticated, to resources whose integrity also may need to be autheticated. In principle, all user-resource interactions need to be logged and available for audit.

Computer security

See also: Computer security

Properly, computer security deals with the policies, procedures and technologies used to protect end computer systems, rather than the networks interconnecting to them, although the two are often grouped together. Complicating the definition is that many components of networks, such as routers and firewalls, are themselves computers and need stringent computer security practices.

Communications security

See also: Internet Protocol security architecture‎

Also called telecommunications security, this subject addresses both non-computer and computer security, although the boundaries are blurring. A World War II radio would have to connect to an external encryption device, while modern radios, such as the Joint Tactical Radio System, are apt to be computer-controlled and have integrated encryption.

References