What are the goals of Information Security?

In Information security, it is a collection of practices intended to convey personal information secure from unapproved access and modification throughout of storing or broadcasting from one place to another place.

Information security is designed and required to secure the print, digital, and some personal, sensitive, and private information from unapproved persons. It very well may be utilized to get information from being misused, affirmation, destruction, modification, and interruption.

There are the major goals of information security which are as follows −

Confidentiality − The goals of confidentiality is that only the sender and the predetermined recipient should be adequate to approach the element of a message. Confidentiality have negotiate if an unauthorized person is capable to create the message.

For example, it can be a confidential email message sent by user A to user B, which is penetrated by user C without the authorization or knowledge of A and B. This kind of attack is known as interception.

Integrity − When the element of a message are transformed after the sender sends it, but since it reaches the intended recipient, and it can said that the principle of the message is lost.

For example, consider that user A sends message to user B and User C alter with a message basically sent by user A, which is absolutely intended for user B.

User C somehow handles to access it, modify its elements and send the changed message to user B. User B has no method of understanding that the element of the message changed after user A had sent it. User A also does not understand about this change. This kind of attack is known as modification.

Availability − The main goals of information security is availability. It is that resources must be available to authorized parties at all times.

For instance, because of the intentional actions of an unauthorized user C, an authorized user A cannot allow contact a server B. This can overthrow the principle of availability. Such an attack is known as interruption.

Message Nonrepudiation − Message nonrepudiation represent that a sender should not manage to refuse sending a message that they send. The burden of data avalanche on the receiver.

Entity Authentication − In entity authentication, the entity or user is authentic prior to approach to the system resources.

For example, a user who is needed to approach the university resources is needed to be authenticated during the logging procedure. This can satisfy the interests of the university and the user.

Access Control − The goals of access control determines who should be able to approach what.

For instance, it should be able to describe that user A can view the information in a database, but cannot refresh them. User A can be enabled to make updates as well. An access-control structure can be establish to support this.

Updated on: 10-Mar-2022

8K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started