Security Concepts Flashcards
What are the 3 Security Principals
Confidentiality, Integrity, and Availability
Assurance that information is not disclosed to unauthorized persons, processes, or devices either stored, during processing, or in transit.
Confidentiality Principle
Data and systems are protected from unintentional, unauthorized, or accidental changes.
Integrity Principle
Information is known to be good, and that the information can be trusted as being complete, consistent, and accurate.
Data Integrity
The system will work as intended
System Integrity
Information, systems, and supporting infra are operating and accessible when needed.
Availability Principle
The process of tracing actions to the source.
Accountability - Supporting Principal
(who did what)
The property of being:
- Genuine.
- Able to be verified & trusted.
- Confidence in the validity of a transmission, message, or message originator.
Authenticity - Supporting Principle
Protection against those falsely denying having performed a particular action.
- Creating information
- Sending a message
- Approving information
- Receiving a message
Non-Repudiation - Supporting Principle
(can’t say it wasn’t me)
Measure of confidence that intended secuirty controls are effective in their application.
Assurance - Supporting Principle
(controls are working the way we expect them to work)
Principle that focuses on protection from unintentional, accidental, or inadvertant change.
Integrity Principle
Protection against an individual falsely denying having performed a particular action.
Non-repudiation
Principle that information is not disclosed to unautorized persons, processes, or devices.
Confidentiality
Measure of confidence that intended security controls are effective in their application.
Assurance
Principle that information, systems, and supporting infrastructure are operating and accessible when needed.
Availability Principle
