Difference between revisions of "Defence-in-Depth"

From CIPedia
Jump to navigation Jump to search
Line 6: Line 6:
  
 
=== National Definitions ===
 
=== National Definitions ===
 +
====[[Belgium]]====
 +
{{definition|[Nuclear] "verdediging in de diepte": een hiërarchische inzet van verschillende niveaus van diverse apparatuur en procedures om de escalatie van verwachte operationele gebeurtenissen te voorkomen en de doeltreffendheid van de fysieke barrières, die geplaatst zijn tussen een stralingsbron of een radioactief materiaal en de werkers, het publiek en de lucht, het water en de bodem, te handhaven in gewone bedrijfsomstandigheden en, wat sommige barrières betreft, in ongevalssituaties. <ref>[http://docs.vlaamsparlement.be/eudocs/2016/COM_2013_343_NL.pdf EU RICHTLIJN VAN DE RAAD
 +
houdende wijziging van Richtlijn 2009/71/EURATOM tot vaststelling van een communautair kader voor de nucleaire veiligheid van kerninstallaties COM 2013/343]</ref>}}<br/><br/>
 +
 
====[[Hong Kong]]====
 
====[[Hong Kong]]====
 
{{definition|縱深防禦是利用多層次的資訊保安措施,以在單一保安組件發 生故障時作出保護。 <br/><br/>Defence-in-Depth is the approach of using multiple layers of security to guard against failure of a single security component.  <ref>[https://www.infosec.gov.hk/english/glossary/files/InfoSecGlossary_eng.pdf Information Security Glossary]</ref>}}<br/><br/>
 
{{definition|縱深防禦是利用多層次的資訊保安措施,以在單一保安組件發 生故障時作出保護。 <br/><br/>Defence-in-Depth is the approach of using multiple layers of security to guard against failure of a single security component.  <ref>[https://www.infosec.gov.hk/english/glossary/files/InfoSecGlossary_eng.pdf Information Security Glossary]</ref>}}<br/><br/>
Line 41: Line 45:
 
* Test reference. -->
 
* Test reference. -->
 
[[Category:Security]]
 
[[Category:Security]]
{{#set:defined by=IAEA|defined by=Hong Kong|defined by=Oman|defined by= Philippines|defined by=United Arab Emirates|defined by=United States|defined by=NIST|defined by=OWASP|defined by=ISA}}
+
{{#set:defined by=IAEA|defined by=Belgium|defined by=Hong Kong|defined by=Oman|defined by= Philippines|defined by=United Arab Emirates|defined by=United States|defined by=NIST|defined by=OWASP|defined by=ISA}}
 
{{#set: Showmainpage=Yes}}
 
{{#set: Showmainpage=Yes}}

Revision as of 21:16, 29 June 2019


Definitions

International Definitions

IAEA

Defence in depth is implementing several layers of defence, including both administrative aspects (procedures, instructions, sanctions, access control rules, confidentiality rules) and technical aspects (multiple layers of protection together with measures for detection and delay) that adversaries would have to overcome or circumvent to achieve their objectives. [1]

Defence in depth is the combination of multiple layers of systems and measures that have to be overcome or circumvented before nuclear security is compromised.



National Definitions

Belgium

[Nuclear] "verdediging in de diepte": een hiërarchische inzet van verschillende niveaus van diverse apparatuur en procedures om de escalatie van verwachte operationele gebeurtenissen te voorkomen en de doeltreffendheid van de fysieke barrières, die geplaatst zijn tussen een stralingsbron of een radioactief materiaal en de werkers, het publiek en de lucht, het water en de bodem, te handhaven in gewone bedrijfsomstandigheden en, wat sommige barrières betreft, in ongevalssituaties. [2]



Hong Kong

縱深防禦是利用多層次的資訊保安措施,以在單一保安組件發 生故障時作出保護。

Defence-in-Depth is the approach of using multiple layers of security to guard against failure of a single security component. [3]




Oman

Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component. [4]



Philippines

Defence in Depth (DID): The application of multiple security measures that span multiple domains (physical, personnel, technical, etc.) to protect an asset or data or system. [5]




United Arab Emirates

Defence in Depth: The strategy of forming layers of protection for an asset. [6]



United States

NIST
Defense-in-Depth is an information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization. [7]



Standard Definition

ISA-62443-1-1

Defense-in-depth is the provision of multiple security protocols, especially in layers, with the intent to delay if not prevent an attack. [8]


Other definitions

OWASP

Defense-in-depth: A principle for building systems stating that multiple defensive mechanisms at different layers of a system are usually more secure than a single layer of defense. [9]



See also

Notes