Five Principles Of Information Security

748 Words3 Pages
There are five principles of security which are confidentiality, integrity, authentication, access control and availability. Basically, many articles and books stated that the principle which is a core requirement of information security for the safe utilization, flow, and storage of information is the CIA triad. Confidentiality, integrity, and availability form CIA terms and these are the three main objectives of information security. Confidentiality, in the context of computer systems, allows authorized users to access sensitive and protected data. Specific mechanisms ensure confidentiality and safeguard data from harmful intruders. There are three best practices commonly use in order to ensure confidentiality. The first is refer to authentication…show more content…
The first step is by encryption, which it make the data become unreadable for any third party who might want to hold of it. Encryption is the process of encoding a message so that its meaning is not recognizable whereas decryption is the reverse process that refer to transform an encrypted message back into its original structure. Besides, confidential information can be guard through two-factor authentication. This means that in order to access to the information, you need to pass through two pass code which are physical object (like a card) and immaterial; security code where existence of these is only known by the user. The most important step is to backup the information and make sure that backup is safe and protected. It reflect that the information should be accessible but encrypted and stored in a secure…show more content…
It is important because users must be able to trust information. The untrusted data can make it become less element of integrity. We need to make sure that stored data must remain unchanged within an information system, as well as during transport of data. Attack made by unauthorized parties can be classify into two types, which are passive and active attacks. Passive attacks refer to there is no modification made to the contents of an original message while active attacks; the contents of the original message are altered in some aspects. Events like error and intentional data, storage erosion or system damage can create data changes. For instance, hackers may cause damage by break into systems with malware, including Trojan horses, which overtake computer systems, as well as viruses and worms. It can create company damage through intentionally false data

More about Five Principles Of Information Security

Open Document