Information assurance: Difference between revisions
imported>Howard C. Berkowitz (New page: {{subpages}} '''Information assurance''', or sometimes '''information security''', is a broad term that includes both communications security and computer security, along with the ...) |
imported>Howard C. Berkowitz (Adding subheadings) |
||
Line 1: | Line 1: | ||
{{subpages}} | {{subpages}} | ||
'''Information assurance''', or sometimes '''information security''', is a broad term that includes both [[communications security]] and [[computer security]], along with the appropriate administrative infrastructure for personnel and physical security. | {{seealso | cryptography}} | ||
{{seealso | communications security}} | |||
'''Information assurance''', or sometimes '''information security''', is a broad term that includes both [[communications security]] and [[computer security]], along with the appropriate administrative infrastructure for personnel and physical security. Information assurance is meaningless without a [[security policy]] defining threats, management approach to protection, staff responsibilities, and actions to be taken against attacks and failures. | |||
==Access and audit== | |||
Among the most fundamental foundations of information security is to establish policies, and, where appropriate, detailed rules, for the allowed uses of resources, by users authorized and whose authorizations are authenticated, to resources whose integrity also may need to be autheticated. In principle, all user-resource informations need to be logged and available for audit. | |||
==Computer security== | |||
==Communications security== | |||
{{seealso|Internet Protocol security architecture}} | |||
==References== | |||
{{reflist}} |
Revision as of 09:37, 3 September 2008
- See also: cryptography
- See also: communications security
Information assurance, or sometimes information security, is a broad term that includes both communications security and computer security, along with the appropriate administrative infrastructure for personnel and physical security. Information assurance is meaningless without a security policy defining threats, management approach to protection, staff responsibilities, and actions to be taken against attacks and failures.
Access and audit
Among the most fundamental foundations of information security is to establish policies, and, where appropriate, detailed rules, for the allowed uses of resources, by users authorized and whose authorizations are authenticated, to resources whose integrity also may need to be autheticated. In principle, all user-resource informations need to be logged and available for audit.
Computer security
Communications security
- See also: Internet Protocol security architecture