Types of information security

Information security is accomplished through compliance to a number of security principles.
There is debate in the field about the number of security principles and their nature, but there are some established and less debated principles to understand.
Confidentiality
Confidentiality is the principle of protecting information from disclosure to unauthorized entities. Access control, and cryptographic encryption of data over a network or on a storage device are common techniques for achieving confidentiality.
Integrity
Integrity is the principle of protecting information against improper modification. You can detect if data has been tampered with by using message digests or checksums that are computed from data at two different times, such as at either ends of a transmission.
Authenticity
Authenticity is the principle of certifying the identity of a party. Digital certificates and certificate authorities are commonly used to identify and prove the claimed identity of a participant in an information transaction.
Tip: Secure Sockets Layer (SSL), the underpinning of the Hypertext Transfer Protocol Secure (HTTPS), achieves all three principles.

Feedback