| This contest is fueled by the following news: |
| | The world's largest software manufacturer, Microsoft, has warned (on Tuesday) that a trio of critical rated flaws in the Windows operating system could permit hackers to sneak around in a personal computer and swipe sensitive data. A security warning was announced as part of the monthly Microsoft security bulletin. There is a software patch that is designed to fix the problem. Microsoft is urging its own customers to take advantage of the Windows Update Service to obtain necessary security patches and have them installed automatically.
Information security is the protection of information, ensuring its formation, use and development in the organization and enterprise.
Definitions:
While information security is security of information, information protection is an activity to prevent leaks of protected information and the unauthorized and unintended access of protected information, i.e., the process, directed towards the achievement of information security.
Criteria of information security:
Often, the model from three categories is cast as the standard security model:
* Confidentiality;
* Integrity;
* Availability.
Information access to specific persons is understood under confidentiality and the guarantee of information existing in the initial form is the integrity and possibility of accessing the information to the authorized user at a required time is understood under availability.
Other security model categories also exist:
* Authenticity — the possibility of setting up an information author;
* Authorization Appeal — the possibility to prove that the author is the same person, who claimed to be and none other than him.
Standards in the field of information security:
* BS 7799-1:2005 — British standard BS 7799 first part. BS 7799 Part 1 — Code of Practice for Information Security Management (practical rules for management of information security) 127 control mechanisms, required for designing an information security management system for an organization, defined on the basis of best examples of best practices in a given area. This document serves as a practical handbook for the creation of ISMS.
* ISO/IEC 17799:2005 — “Information technologies — Security technologies — Practical rules for management of information security”. The international standard, which is based on BS 7799-1:2005.
Information security is a security of national interests in the information sphere, defined by the balanced set of personal interests, society and the state.
|
|
|
|
|
|
