Information Security


Share/Save/Bookmark

Hartel, Pieter and Suryana Herman, Nanna (2012) Information Security. In: Cyber Safety: An Introduction. Eleven International Publishers, The Hague, the Netherlands, pp. 281-291. ISBN 9789490947750

[img]
Preview
PDF
70Kb
Abstract:Information security is all about the protection of digital assets, such as digital content, personal health records, state secrets etc. These assets can be handled by a party who is authorised to access and control the asset or a party who is not authorised to do so. Authorisation determines who is trusted to actually handle an asset. Two concepts complement authorisation. Authentication deter-mines who makes a request to handle an asset. To decide who is authorised, a system needs to au-thenticate the user. There are three different ways in which users can be authenticated. You can use something you know (e.g. password, pin code), something you have (e.g. smart card, RFID tag) or something are (e.g. finger print, your gait). These methods can be combined to provide stronger au-thentication than when they are applied individually. Auditing makes it possible to determine who handled an asset and how, so that ultimately an attacker can be prosecuted. The three concepts are known collectively as the ‘gold standard’, since ‘Au’ is the chemical symbol for gold (Lampson, 2004). There are three important security properties of digital assets. Confidentiality is the ability of a system to stop unauthorised users from handling protected assets. Integrity is the assurance that every asset or system component is exactly as the last authorised party to modify it has left it. Availability is the assurance that authorised users may find the system to work as they expect it to, when they expect it to. These properties (collectively know as the CIA) are true security properties and the focus of this chapter.
Item Type:Book Section
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/81855
Publisher URL:http://www.elevenpub.com/criminology/catalogus/cyber-safety-an-introduction-1
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page