Information assurance

From Citizendium, the Citizens' Compendium

Jump to: navigation, search


This article is a stub and thus not approved.
Main Article
Talk
Related Articles  [?]
Bibliography  [?]
External Links  [?]
 
http://en.citizendium.org/wiki?title=Information_assurance&printable=yes
This is a draft article, under development and not meant to be cited but you can help to improve it. These unapproved articles are subject to a disclaimer.
See also: cryptography
See also: communications security

Information assurance, or sometimes information security, is a broad term that includes both communications security and computer security, along with the appropriate administrative infrastructure for personnel and physical security. Information assurance is meaningless without a security policy defining threats, management approach to protection, staff responsibilities, and actions to be taken against attacks and failures.

Contents

Access and audit

Among the most fundamental foundations of information security is to establish policies, and, where appropriate, detailed rules, for the allowed uses of resources, by users authorized and whose authorizations are authenticated, to resources whose integrity also may need to be autheticated. In principle, all user-resource informations need to be logged and available for audit.

Computer security

Communications security

See also: Internet Protocol security architectureā€ˇ

References

    Retrieved from "http://en.citizendium.org/wiki/Information_assurance"
    Views
    Personal tools