Cyber Security Characteristic

December. 21,2021
Cyber Security Characteristic

In the US National Information Infrastructure (NII) literature, five attributes of security are clearly given: confidentiality, integrity, availability, controllability, and non-repudiation. These five attributes are applicable to a wide range of fields such as education, entertainment, medical care, transportation, national security, power supply, and communications of the national information infrastructure.

Confidentiality

Network security solutions

Network security solutions

The feature that information is not disclosed to unauthorized users, entities, or processes, or used by them.

Confidentiality means that information in the network is not obtained and used by unauthorized entities (including users and processes, etc.). This information includes not only state secrets, but also business secrets and work secrets of enterprises and social organizations, as well as personal information. People naturally require the network to provide confidential services when using the network, and the confidential information includes both the information transmitted in the network and the information stored in the computer system. Just as a telephone can be tapped, so too can information transmitted over the Internet. The solution is to encrypt the transmitted information. The confidentiality of stored information is mainly achieved through access control, and different users have different permissions for different data.

Completeness

The characteristic that data cannot be changed without authorization. That is to say, the information remains unmodified, undamaged, and lost during storage or transmission. Data integrity refers to ensuring that the data and information on the computer system are in a complete and undamaged state, which means that data will not be changed or lost due to intentional or unintentional events. In addition to the fact that the data itself cannot be destroyed, the integrity of the data also requires the correctness and credibility of the source of the data, that is to say, it is necessary to verify that the data is authentic and credible first, and then verify whether the data is corrupted. The main factor that affects data integrity is deliberate and deliberate destruction, as well as damage to data caused by factors such as equipment failures and natural disasters.

Availability

Availability refers to the expected use of information or resources, that is, the characteristics of authorized entities or users to access and use information as required. Simply put, it is to ensure that the information can be used by the authorized person when needed, and to prevent the system from denying service due to subjective and objective factors. For example, denial of service in the network environment, damage to the normal operation of the network and related systems, etc. are all attacks on availability. Internet worms rely on a large number of copies and spreads on the network, occupying a large amount of CPU processing time, causing the system to become slower and slower. Until the network crashes, the user's normal data request cannot be processed. This is a typical "denial of service" attack. Of course, the unavailability of data may also be caused by software defects. For example, Microsoft Windows is always found to have defects.

Controllability

Controllability is the ability of people to control the propagation path, scope and content of information, that is, not allowing bad content to be transmitted through public networks, so that the information can be effectively controlled by legitimate users.

Non-repudiation

Non-repudiation is also called non-repudiation. In the process of information exchange, be sure of the true identity of the participants, that is, all participants cannot deny and deny the operations and promises they have completed. Simply put, the sender cannot deny that the information has been sent, and the receiver of the information cannot deny that it has received the information. The use of information source evidence can prevent the sender from denying that the information has been sent, and the use of receiving evidence can prevent the recipient from denying that the information has been received afterwards. Data signature technology is one of the important means to solve non-repudiation.