(I).Information security has 5 basic element, they are confidentiality, integrity, availability, controllability and auditability.
1.confidentiality: ensure that the information is not exposed to unauthorized entities or processes.
2.integrity: people who can only be allowed to can modify data, and can determine whether the data has been tampered with somebody.
3.availability: authoried entities can access data when needed.
4.controllability: can control the flow of information within the authoried area and the behavior.
5.auditability: provide the basis of and means of investigation on emerging security issues.
Computer security is a very broad subject covering both hardware,sofrware and technology, including safety planning, safety management and safety oversight.
Computer security, including security management, communications and network security, cryptography, security architecture and models, fault tolerance and disaster recovery, security-related applications and systems development, legal, crime and ethics and other fields.
(II).Computer security level
Three types of computer system security refers to technology security, management security, policies and laws security.
Some important guidelines for safety assessment as follows,
1.TCSEC
2.CTCPEC
3.FC
4.ITSEC
5.ISO/IEC 15408-1999
(III).Security threats
Security threats fall into two categories:
1.intentional ,such as hackers penetration;
2.accidental ,such as information sent to the wrong address.
Typical threats:License violations, denial of service, eavesdropping, information disclosure, interception/modification, fake, denial, illegal use,negligence, damage the integrity of the media clean-up, physical intrusion and resource depletion.
(IV).The factors affecting data security
1.Internal factors: a variety of techniques can be used for data encryption;develop data security plan; a secure storage system, including capacity, fault tolerant data protection, data backup, etc. the establishment of emergency plans and disaster recovery measures; emphasis on safety management, draw data security management specificaion down.
2.External factors: the data can be divided into different classifications, the provisions of the extenal use of staff privileges.Set authentication, password,passwords, fingerprints, handwriting and other Voiceprint authentication.Set up a firewall, for the computer to establish a barrier to prevent external attacks against the data.The establishment of intrusion detection, auditing and tracking to defense computer.At the same time, it also includes the computer's physical environment protection, radiation protection, waterproof, fire prevention measures, etc.
