Information security
Communications security are the set of protective measures applied to information that traverses a telecommunications network or computer network. There are a wide range of such measures, and not all are needed in every situation.
Many years ago, Dennis Bransted, then with the U.S. National Institute of Standards and Technology coined the "5-S mnemonic that described attributes of a secure communication. We have additional threats today, but this is an excellent start about deciding if a given application needs all of these properties, or if some are not needed. For example, it may be important that a stock market transaction be protected against modification, but, since it will soon be announced, secrecy is not terribly important.
- Sealed: cannot be modified without detection
- Sequenced: protected against loss, replaying, or reordering of messages
- Secret: protected against unauthorized disclosure
- Signed: confirmed as coming from the sender
- Stamped: the sender cannot deny sending and the receiver cannot deny receiving
One eternal truth about security is that it does not exist unless every action affecting a secure event can be audited. A reliable (often replicated) tamper-proof log is essential.