Difference between revisions of "Information Security"

From CIPedia
Jump to navigation Jump to search
(Czech Republic)
m (Czech Republic)
Line 21: Line 21:
 
{{definition| Segurança da Informação: proteção dos sistemas de informação contra a negação de serviço a usuários autorizados, assim como contra a intrusão, e a modificação desautorizada de dados ou informações, armazenados, em processamento ou em trânsito, abrangendo, inclusive, a segurança dos recursos humanos, da documentação e do material, das áreas e instalações das comunicações e computacional, assim como as destinadas a prevenir, detectar, deter e documentar eventuais ameaças a seu desenvolvimento. <ref>[http://www.biblioteca.presidencia.gov.br/publicacoes-oficiais-1/catalogo/orgao-essenciais/gabinete-de-seguranca-institucional/guia-de-referencia-para-seguranca-de-infraestruturas-criticas-da-informacao/at_download/file GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.]</ref><br /><br />Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any [[Threat|threats]] to its development.}} <br />
 
{{definition| Segurança da Informação: proteção dos sistemas de informação contra a negação de serviço a usuários autorizados, assim como contra a intrusão, e a modificação desautorizada de dados ou informações, armazenados, em processamento ou em trânsito, abrangendo, inclusive, a segurança dos recursos humanos, da documentação e do material, das áreas e instalações das comunicações e computacional, assim como as destinadas a prevenir, detectar, deter e documentar eventuais ameaças a seu desenvolvimento. <ref>[http://www.biblioteca.presidencia.gov.br/publicacoes-oficiais-1/catalogo/orgao-essenciais/gabinete-de-seguranca-institucional/guia-de-referencia-para-seguranca-de-infraestruturas-criticas-da-informacao/at_download/file GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.]</ref><br /><br />Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any [[Threat|threats]] to its development.}} <br />
 
====Czech Republic====
 
====Czech Republic====
{{definition|Bezpečností informací zajištění důvěrnosti, integrity a dostupnosti informací. <ref>http://www.nbu.cz/download/nodeid-1384/ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)</ref><br/><br/>Security (protection) of [[confidentiality]], [[integrity]] and [[availability]] of information (Zajištění (ochrana) důvěrnosti, integrity a dostupnosti informací). <ref> [http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}
+
{{definition|Bezpečností informací zajištění důvěrnosti, integrity a dostupnosti informací. <ref>http://www.nbu.cz/download/nodeid-1384/ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)</ref><br/><br/>Security (protection) of [[confidentiality]], [[integrity]] and [[availability]] of information. <ref> [http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}
 
<br />
 
<br />
  

Revision as of 17:15, 18 July 2015

Definitions

European Definitions

The protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional. [1]


Other International Definitions

NATO

The protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional (INFOSEC). [2]


UN

Information security is the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. [3]



National Definitions

Austria

Information security or network security are umbrella terms for ICT security, referring to the entire relevant information of an organisation or an enterprise, including information that has not been processed electronically. Hence, it describes the entirety of characteristics of an organisation ensuring the confidentiality, availability and integrity of information. [4]

Informationssicherheit / Netzwerksicherheit ist ein Überbegriff zu IKT-Sicherheit und bezieht sich auf alle relevanten Informationen einer Organisation oder eines Unternehmens einschließlich von nicht elektronisch verarbeiteten Informationen. Es bezeichnet somit die Summe der Eigenschaften einer Organisation, die dem Schutz der Vertraulichkeit, Verfügbarkeit und Integrität der Informationen dienen. [5]

Information may be available as spoken text, paper documents or other directly readable media or as electronically processed data in ICT systems.

Brazil

Segurança da Informação: proteção dos sistemas de informação contra a negação de serviço a usuários autorizados, assim como contra a intrusão, e a modificação desautorizada de dados ou informações, armazenados, em processamento ou em trânsito, abrangendo, inclusive, a segurança dos recursos humanos, da documentação e do material, das áreas e instalações das comunicações e computacional, assim como as destinadas a prevenir, detectar, deter e documentar eventuais ameaças a seu desenvolvimento. [6]

Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any threats to its development.


Czech Republic

Bezpečností informací zajištění důvěrnosti, integrity a dostupnosti informací. [7]

Security (protection) of confidentiality, integrity and availability of information. [8]


Croatia

Informacijska sigurnost – stanje povjerljivosti, cjelovitosti i raspoloživosti podataka koje se postiže primjenom odgovarajućih sigurnosnih mjera.

Information security is the state of confidentiality, integrity and availability of information, which is achieved by implementation of stipulated information security measures and standards and by organisational support for jobs of planning, implementation, assessment and update of measures and standards. [9] [10]


Denmark

Informationssikkerhed er en bred betegnelse for de samlede for - anstaltninger til at sikre informationer i forhold til fortrolighed, integritet (ændring af data) og tilgængelighed. I arbejdet indgår blandt andet organisering af sikkerhedsarbejdet, påvirkning af adfærd, processer for behandling af data, styring af leverandører samt tekniske sikringsforanstaltninger. . [11]


Finland

Tietoturva, tietoturvallisuus: järjestelyt, joilla pyritään varmistamaan tiedon saatavuus, eheys ja luottamuksellisuus.

Information Security are arrangements aiming at ensuring the availability, integrity and confidentiality of information. -unofficial translation- [12]


Germany

IT security is the condition in which availability, integrity and confidentiality of information and Information Technology are ensured by appropriate safeguards. [13]


Jamaica

Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. [14]

Note: The terms information security, computer security and information assurance are understood for these purposes as being interchangeable.

Montenegro

Informaciona bezbjednost podrazumijeva stanje povjerljivosti, cjelovitosti i dostupnosti podataka. Informaciona bezbjednost se fokusira na podatke bez obzira na njihovu formu: elektronski, štampani ili drugi oblici podataka. [15]

Information security means the condition of confidentiality, integrity and availability of data. Information security focuses on data, regardless of their form: electronic, print or other forms of data.


Netherlands

Informatiebeveiliging is het behouden van de vertrouwelijkheid, integriteit en beschikbaarheid van informatie. [16]
  • Integriteit is de eigenschap dat de nauwkeurigheid en volledigheid van bedrijfsmiddelen wordt beveiligd.
  • Vertrouwelijkheid is de eigenschap dat informatie niet beschikbaar wordt gesteld of wordt ontsloten aan onbevoegde personen, entiteiten of processen.
  • Beschikbaarheid is het kenmerk dat iets toegankelijk en bruikbaar is op verzoek van een bevoegde entiteit.

Information security is taking and maintaining a coherent set of measures to guarantee the availability, integrity and confidentiality of information.

Het treffen en onderhouden van een samenhangend pakket aan maatregelen om de beschikbaarheid, integriteit en vertrouwelijkheid te borgen. [17]


Norway

ICT security is how business-critical electronic networks and systems that process data or communicate with each other are protected. [18]
IKT-sikkerhet: Hvordan elektroniske nettverk og systemer som behandler data eller kommuniserer med hverandre, og som virksomhetene er avhengig av for å fungere effektivt, skal beskyttes. [19]


United States

The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. [20]


Standard Definition

ISO/IEC 27000:2014

Preservation of confidentiality, integrity and availability of information. [21]. In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved.


Notes

  1. [http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary
  2. [http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary
  3. [http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary
  4. Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)
  5. Österreichische Strategie für Cyber Sicherheit (2013)
  6. GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.
  7. http://www.nbu.cz/download/nodeid-1384/ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)
  8. Cyber Security Explanatory Glossary (2013)
  9. Article 2 of the Information Security Act
  10. National Cyber Security Strategy draft (2015)
  11. Danish Cyber Security Strategy, 2014
  12. Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
  13. Unpublished working glossary of UP KRITIS and BSI, 2014
  14. Jamaica's National Cyber Security Strategy
  15. Strategija o bezbjednosti 2013-2017 (2012)
  16. NEN-ISO/IEC-27001 en 27002
  17. Zakboekje Preventie Cybercrime (2008
  18. Cyber Security Strategy for Norway (2012)
  19. Nasjonal strategi for informasjonssikkerhet (2012)
  20. NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series
  21. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Information_Security&oldid=3760"