Professional Documents
Culture Documents
Unit I CAMI19 - 03.02.2021
Unit I CAMI19 - 03.02.2021
Security
Objectives
• Understand the definition of information
security
• Comprehend the history of computer security
and how it evolved into information security
• Understand the key terms and concepts of
information security
• Outline the phases of the security systems
development life cycle
• Understand the roles of professionals
involved in information security within an
organization
Introduction
This graphic informs the fundamental approach of the chapter and can be used
to illustrate the intersection of information states (x-axis), key objectives of
C.I.A. (y-axis) and the three primary means to implement (policy, education and
technology).
How to measure the value of
information - CIA Triangle
The value of information comes from the
characteristics it possesses
Identification
Authentication
Authorization
Privacy
Accountability
Confidentiality
Identification
– An information system possesses the
characteristic of identification when it is able to
recognize individual users
– Identification and authentication are essential
to establishing the level of access or
authorization that an individual is granted
Authentication
– Occurs when a control proves that a user
possesses the identity that he or she claims
Authorization
Assures that the user has been specifically
and explicitly authorized by the proper
authority to access, update, or delete the
contents of an information asset
•
Balancing Information Security and Access
• Security
Functionality Usability
•
Components of an Information System