- Confidentiality
- Integrity
- Availability
Integrity - Data consistency and not modified by unauthorized person. This must be upheld when data is in rest (not altered by db admin e.g.), in process (altered by e.g. trojan on server) and in transit (man in the middle attack)
Availability - information is timely accessible by authorized persons.
Different organizations value these goals differently.
Some value more Confidentiality (keeping secret secrets), e.g. military secrets or company trade secrets.
Other upholding Integrity, e.g. financial transaction values.
And other value more Availability , e.g. e-commerce web sites.
No comments:
Post a Comment