Professional Documents
Culture Documents
Lec 1+2 (Foundations of InfoSec)
Lec 1+2 (Foundations of InfoSec)
Security (InfoSec)
Lecture – 1+2
(Foundations of InfoSec)
What is information Security (InfoSec)?
Foundations of InfoSec:
Confidentiality Accountability
Integrity Non-repudiation
Availability Reliability
1. Confidentiality
• Confidentiality in information security refers to the principle of ensuring
that sensitive data is only accessible to authorized individuals, entities, or
systems.
• It aims to prevent unauthorized disclosure or access to information,
protecting it from being viewed, modified, or used by those who are not
authorized to do so.
Access Controls:
• Implementing access controls involves defining and enforcing policies and
mechanisms that restrict access to sensitive information based on the
identity and permissions of users or systems.
Network Security:
• This can include measures such as shredding physical documents, securely erasing
digital data, and using secure communication channels.
2. Integrity
Integrity in information security refers to the assurance that data remains
accurate, complete, and unaltered during storage, transmission, and
processing.
The integrity of data is crucial for ensuring its reliability and trustworthiness,
as well as maintaining the overall quality and consistency of information
within an organization.
Access Controls:
Fault Tolerance:
Access Controls:
Account Management:
Audit Trails:
Consistency Scalability
Resilience Testing and Validation
Performance Compliance
Consistency:
• Reliable security measures consistently enforce policies and controls to
protect information assets from unauthorized access, disclosure, or
modification.
• This requires implementing security controls that operate reliably
across different environments and conditions, without unexpected
failures or vulnerabilities.
Resilience:
Scalability:
Compliance: