Information security is the type of study or practice to prevent unauthorised access to any specific information. The breach of information can happen in various ways, which is why covering of all aspects of information breach comes under network security.
What are the main goals of information security?
The main step for information security is to deploy the defined security policies efficiently and then keep every process under the defined policies. Although, in professional terms, there is no facilitation of 100% guaranteed security because there is always a loophole in a system and even there are few loopholes in the models that are defined for information security.
Some of the main components of information security include confidentiality, integrity and availability.
Confidentiality is the protection of information from unauthorised users. To achieve confidentiality the information must need to be stored hidden or encrypted. A good example is a cryptography, which is traditionally used to protect secret messages. But cryptography is traditionally used to protect data, not resources. Resources are protected by limiting information, for example by using firewalls or address translation mechanisms.
Integrity is basically to keep information protected from any modifications. In this case, modifications have several goals, such as ensure the information integrity with respect to the original information, ensure a source of data, and protect information from any incorrect modifications.
A good example is of an interrupted database transaction, leaving the database in an inconsistent state. The trustworthiness of both data and origin affects integrity. Cryptography provides mechanisms for detecting violations of integrity, but not preventing them (e.g., a digital signature can be used to determine if data has been changed).
Availability ensures that authorised users are getting access to the information. This is usually defined in terms of “quality of service” in which authorised users are expected to receive a specific level of service. Denial of service (DOS) attack is an attempt to block availability.
Some main goals of information security are the detection, prevention, and recovery of information in case of any security breach.
It is the prevention of attacks from violating security policies. Prevention is ideal, as there would not be any successful attacks in the first place. Prevention need to be very strong because the other goals are dependent on it.
As the name suggests, it detects the attacker’s violation of security. The mechanism determines that a violation of the policy has occurred (or is underway), and reports it. The system (or system security officer) must then respond appropriately. At this stage, there is still the possibility to avoid too much damage if the right steps are applied.
Stop the attack and start repairing the already done damage. Recovery means that the system continues to function correctly, possibly after a period of time during which it fails to function correctly.
If the system functions correctly after the attack, but possibly with degraded services, it is said to be intrusion tolerant. Usually, recovery means that the attack is caught and the system is being fixed (which may involve shutting down the system for some time, or making it unavailable to all users except the system security officers), and then the system resumes operations.