dido:public:ra:1.4_req:2_nonfunc:25_security
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
dido:public:ra:1.4_req:2_nonfunc:25_security [2021/10/09 13:08] nick |
dido:public:ra:1.4_req:2_nonfunc:25_security [2022/04/12 15:20] (current) nick |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ===== About ===== | ===== About ===== | ||
| + | [[[[dido:public:ra:1.4_req:2_nonfunc:25_security | Return to Top]] | ||
| + | |||
| Security is not a single "thing" that can be added to a system. To be truly secure, the entire [[dido:public:ra:xapend:xapend.a_glossary:e:e2esolution]] needs to be secure and needs to be considered during the entire [[dido:public:ra:xapend:xapend.a_glossary:s:syslifecycle]]. As shown in Figure {{ref>layerSecure}}, a layered approach is used to help isolate the security needs. Each layer represents a portion of the [[dido:public:ra:xapend:xapend.a_glossary:i:infotech]] stack, including the people who use and have access to the IT stack. | Security is not a single "thing" that can be added to a system. To be truly secure, the entire [[dido:public:ra:xapend:xapend.a_glossary:e:e2esolution]] needs to be secure and needs to be considered during the entire [[dido:public:ra:xapend:xapend.a_glossary:s:syslifecycle]]. As shown in Figure {{ref>layerSecure}}, a layered approach is used to help isolate the security needs. Each layer represents a portion of the [[dido:public:ra:xapend:xapend.a_glossary:i:infotech]] stack, including the people who use and have access to the IT stack. | ||
| Line 16: | Line 18: | ||
| The physical security is concerned with preventing physical harm to the [[dido:public:ra:xapend:xapend.a_glossary:c:computerplaform]] (e.g., theft, fire, flooding, etc.), as well as, preventing access to the physical platform via "back doors" thereby allowing breaches by potentially malicious actors (e.g., using pluggable USB drives, adding wire sniffers to the network, or the internal threat posed by employees with access). | The physical security is concerned with preventing physical harm to the [[dido:public:ra:xapend:xapend.a_glossary:c:computerplaform]] (e.g., theft, fire, flooding, etc.), as well as, preventing access to the physical platform via "back doors" thereby allowing breaches by potentially malicious actors (e.g., using pluggable USB drives, adding wire sniffers to the network, or the internal threat posed by employees with access). | ||
| - | * [[dido:public:ra:xapend:xapend.a_glossary:z:zero-trust_model]] | + | * [[[dido:public:ra:xapend:xapend.a_glossary:c:coldboot_atack]] |
| - | * [[dido:public:ra:xapend:xapend.a_glossary:z:zta]] | + | * [[dido:public:ra:xapend:xapend.a_glossary:d:data_remanence]] |
| - | * [[dido:public:ra:xapend:xapend.a_glossary:t:tor]] | + | |
| </WRAP>| | </WRAP>| | ||
| ^ [[dido:public:ra:xapend:xapend.a_glossary:d:datasecurity]] |<WRAP>Data security ensures that [[dido:public:ra:xapend:xapend.a_glossary:d:dataatrest]], [[dido:public:ra:xapend:xapend.a_glossary:d:data_in_motion]], or [[dido:public:ra:xapend:xapend.a_glossary:d:data_in_use]] remains intact (i.e., completeness, accuracy and consistency). For example, allowing incomplete data to be stored (i.e., date of a transaction, or //authorized by// fields). [[dido:public:ra:xapend:xapend.a_glossary:r:roundofferror]] can also affect the accuracy of the data. Modifying a bank account balance introduces inconsistencies that can be detected. | ^ [[dido:public:ra:xapend:xapend.a_glossary:d:datasecurity]] |<WRAP>Data security ensures that [[dido:public:ra:xapend:xapend.a_glossary:d:dataatrest]], [[dido:public:ra:xapend:xapend.a_glossary:d:data_in_motion]], or [[dido:public:ra:xapend:xapend.a_glossary:d:data_in_use]] remains intact (i.e., completeness, accuracy and consistency). For example, allowing incomplete data to be stored (i.e., date of a transaction, or //authorized by// fields). [[dido:public:ra:xapend:xapend.a_glossary:r:roundofferror]] can also affect the accuracy of the data. Modifying a bank account balance introduces inconsistencies that can be detected. | ||
dido/public/ra/1.4_req/2_nonfunc/25_security.1633799293.txt.gz · Last modified: 2021/10/09 13:08 by nick
