what does it all mean?
what does it all mean?
The trustworthiness of a networked information system includes correctness, reliability, privacy, safety, survivability and security (which, in turn, includes secrecy, confidentiality, integrity and availability). Here are the definitions of these terms and others, from the National Research Council's report, "Trust in Cyberspace."
Assurance: Confidence that a system design meets its requirements, its implementation satisfies specifications, or some specific property is satisfied.
Availability: The property asserting that a resource is usable or operational during a given time period despite attacks or failures.
Confidentiality: Protection of communications traffic or stored data against interception or receipt by unauthorized third parties.
Correctness: Property of being consistent with a specification. The specification may stipulate, for example, that proper outputs are produced by a system for each input.
Cryptographic algorithm: Mathematical procedure, often used with a key, that transforms input into a form that is unintelligible without special knowledge of a key and the algorithm.
Cryptography: Science and technology of establishing or protecting the secrecy, authenticity or integrity of data that might be accessed by unauthorized parties by using a code or cipher.
Fault tolerance: Capability of a system or component to continue operating despite hardware or software faults. It may be expressed in terms of the number of faults that can be tolerated before normal operation is impaired.
Integrity: Property of an object meeting an a priori established set of expectations. In the context of distributed systems or communication security, integrity is assurance that data have not been modified undetectably in transit or storage.
Key: Value used with a cryptographic algorithm.
Privacy: Ensures freedom from unauthorized intrusion.
Reliability: Capability of a computer or of an information or telecommunications system to perform consistently and precisely according to its specifications and design requirements, and to do so with high confidence.
Secrecy: Habit or practice of maintaining privacy; an element of security.
Security: Collection of safeguards that ensure confidentiality of information, protect the system(s) or network(s) used to process it and control access to it. Security typically encompasses secrecy, confidentiality, integrity and availability and is intended to ensure that a system resists potentially correlated attacks.
Survivability: Capability to provide service in adverse or hostile conditions.
Trustworthiness: Assurance that a system deserves to be trusted that it will perform as expected despite environmental disruptions, human and operator error and hostile attacks.