Suitability components of network security
Making the safety of information systems is to ensure that whoever alters or search data system has permission and he can do properly because the service is available.
• Confidentiality: the information exchanged between two correspondents cannot be accessed by a third.
• Authentication: people using a resource corresponding to usernames.
• The availability or non-repudiation: the data and resources information system are accessible by those who need it whenever they have utility.
• Integrity: information is modified only by persons having the right, and voluntarily.
• Access control: a resource is accessible only by authorized persons.
Objectives of Information Security
To achieve the required security, computer security is fixed for the following purpose:
- Security is expensive and difficult.
- Security cannot be 100% sure it is completely ineffective.
- The security policy is complex and based on human judgments.
- Organizations willing to take the risk, security is not a priority.
- New technologies (and vulnerabilities) are emerging constantly.
- The security systems are made, managed and configured by men (human error).
- There is no infrastructure for keys and other elements of cryptography.
- Prohibition of cryptography in some cases
Vulnerability Information Systems
1) Why systems are vulnerable?