Difference between revisions of "Defence-in-Depth"
Jump to navigation
Jump to search
| Line 12: | Line 12: | ||
====[[Oman]]==== | ====[[Oman]]==== | ||
{{definition|Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component. <ref>[http://www.cert.gov.om/library_information_glossary.aspx Oman CERT Glossary]</ref>}}<br /><br/> | {{definition|Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component. <ref>[http://www.cert.gov.om/library_information_glossary.aspx Oman CERT Glossary]</ref>}}<br /><br/> | ||
| + | ==== [[Philippines]] ==== | ||
| + | {{definition|Defence in Depth (DID): The application of multiple security measures that span multiple domains (physical, personnel, technical, etc.) to protect an asset or data or system. <ref>[https://digital.nhs.uk/services/data-and-cyber-security-protecting-information-and-data-in-health-and-care/cyber-and-data-security-policy-and-good-practice-in-health-and-care/cyber-and-data-security-resources/cyber-security-glossary NHS Cyber security glossary]</ref>}}<br/><br/> | ||
| + | |||
| + | |||
==== [[United Arab Emirates]] ==== | ==== [[United Arab Emirates]] ==== | ||
| − | {{definition|Defence in Depth: The strategy of forming layers of protection for an [[asset]]. <ref>[http://www.upc.gov.ae/sspm/common/docs/SSPM-UPC-Eng.pdf Abu Dhabi Safety and Security Planning Manual]</ref>}}<br/><br /> | + | {{definition|Defence in Depth: The strategy of forming layers of protection for an [[asset]]. <ref>[http://www.upc.gov.ae/sspm/common/docs/SSPM-UPC-Eng.pdf Abu Dhabi Safety and Security Planning Manual]</ref>}}<br/><br/> |
==== [[United States]]==== | ==== [[United States]]==== | ||
| Line 37: | Line 41: | ||
* Test reference. --> | * Test reference. --> | ||
[[Category:Security]] | [[Category:Security]] | ||
| − | {{#set:defined by=IAEA|defined by=Hong Kong|defined by=Oman|defined by=United Arab Emirates|defined by=United States|defined by=NIST|defined by=OWASP|defined by=ISA}} | + | {{#set:defined by=IAEA|defined by=Hong Kong|defined by=Oman|defined by= Philippines|defined by=United Arab Emirates|defined by=United States|defined by=NIST|defined by=OWASP|defined by=ISA}} |
Revision as of 00:05, 27 March 2019
Contents
Definitions
International Definitions
IAEA
Defence in depth is implementing several layers of defence, including both administrative aspects (procedures, instructions, sanctions, access control rules, confidentiality rules) and technical aspects (multiple layers of protection together with measures for detection and delay) that adversaries would have to overcome or circumvent to achieve their objectives. [1]
Defence in depth is the combination of multiple layers of systems and measures that have to be overcome or circumvented before nuclear security is compromised.
Defence in depth is the combination of multiple layers of systems and measures that have to be overcome or circumvented before nuclear security is compromised.
National Definitions
Hong Kong
縱深防禦是利用多層次的資訊保安措施,以在單一保安組件發 生故障時作出保護。
Defence-in-Depth is the approach of using multiple layers of security to guard against failure of a single security component. [2]
Defence-in-Depth is the approach of using multiple layers of security to guard against failure of a single security component. [2]
Oman
Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component. [3]
Philippines
Defence in Depth (DID): The application of multiple security measures that span multiple domains (physical, personnel, technical, etc.) to protect an asset or data or system. [4]
United Arab Emirates
United States
NIST
Defense-in-Depth is an information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization. [6]
Standard Definition
ISA-62443-1-1
Defense-in-depth is the provision of multiple security protocols, especially in layers, with the intent to delay if not prevent an attack. [7]
Other definitions
OWASP
Defense-in-depth: A principle for building systems stating that multiple defensive mechanisms at different layers of a system are usually more secure than a single layer of defense. [8]
See also
Notes
- ↑ IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
- ↑ Information Security Glossary
- ↑ Oman CERT Glossary
- ↑ NHS Cyber security glossary
- ↑ Abu Dhabi Safety and Security Planning Manual
- ↑ NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
- ↑ ISA99 Committee Master Glossary.
- ↑ OWASP Glossary
