cott What is "Information System"? · Bearer of|nfo 一例:烽火台 ·周幽王烽火戏诸侯 12 復大软件学院
12 What is “Information System”? • Bearer of Info – 例: 烽火台 • 周幽王烽火戏诸侯
cott What is "Information System"? Computer system is the one All aspects(bearer of Info) Hardware Software Data(at rest and in transit People? C, L A+ Authentication Non-repudiation 13 復大软件学院
13 What is “Information System”? • Computer system is the one • All aspects (bearer of Info) – Hardware – Software – Data (at rest and in transit) – People? • C, I, A + Authentication & Non-repudiation
cott What is "Information System"? Computer system is the one All aspects(bearer of Info) Hardware Software Data(at rest and in transit People? Assets-the valuable stuff(not everything is an asset) 復大软件学院
14 What is “Information System”? • Computer system is the one • All aspects (bearer of Info) – Hardware – Software – Data (at rest and in transit) – People? • Assets – the valuable stuff (not everything is an asset)
What is“ Security Confidentiality assets accessed only by authorized parties Integri assets modified only by authorized parties or in authorized ways Information is precise, accurate, consistent, meaningful Availability assets accessible to authorized parties at appropriate times provide timely response, fair allocation of resources, quality of service opposite? denial of service 15 復大软件学院
15 What is “Security” • Confidentiality – assets accessed only by authorized parties • Integrity – assets modified only by authorized parties or in authorized ways – Information is precise, accurate, consistent, meaningful • Availability – assets accessible to authorized parties at appropriate times – provide timely response, fair allocation of resources, quality of service – opposite? denial of service
What is“ Security Basic goals Confidentialit Integrity Availability Added when people talk about" Information Assurance Non-repudiation: Messages or actions are accompanied by proof which cannot be denied Authentication: Establishing the validity of a transmission, message, or originator(including verifying the identity of a participant 復大软件学院
16 What is “Security” • Basic Goals – Confidentiality – Integrity – Availability • Added when people talk about “Information Assurance” – Non-repudiation: Messages or actions are accompanied by proof which cannot be denied – Authentication: Establishing the validity of a transmission, message, or originator (including verifying the identity of a participant)