Difference between revisions of "Information Security"
Jump to navigation
Jump to search
| Line 67: | Line 67: | ||
==== [[Philippines]] ==== | ==== [[Philippines]] ==== | ||
{{definition|Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide [[confidentiality]], [[integrity]], and [[availability]]. <ref>[http://www.dnd.gov.ph/miss/PDF/downloadables/Cybersecurity%20Glossary%20(Edited).pdf DND GLOSSARY OF CYBER SECURITY TERMS (v.4)]</ref>}}<br/><br/> | {{definition|Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide [[confidentiality]], [[integrity]], and [[availability]]. <ref>[http://www.dnd.gov.ph/miss/PDF/downloadables/Cybersecurity%20Glossary%20(Edited).pdf DND GLOSSARY OF CYBER SECURITY TERMS (v.4)]</ref>}}<br/><br/> | ||
| + | ====[[Portugal]] ==== | ||
| + | {{definition|[Definição] INFOSEC: A aplicação de medidas de segurança para proteger a informação processada, armazenada ou transmitida em Sistemas de Tecnologia da Informação e Comunicações contra a perda de confidencialidade, integridade ou disponibilidade, acidental ou intencional, e para prevenir a perda de integridade ou disponibilidade dos sistemas. <ref>[https://www.cncs.gov.pt/recursos/glossario/ Glossário Centro National de Cibersegurança Portugal]</ref>}}<br /><br/> | ||
| + | |||
==== [[Russian Federation]] ==== | ==== [[Russian Federation]] ==== | ||
{{definition|информационная безопасность ''Российской Федерации'' (далее - информационная безопасность) - состояние защищенности личности, общества и государства от внутренних и внешних информационных угроз, при котором обеспечиваются реализация конституционных прав и свобод человека и гражданина, достойные качество и уровень жизни граждан, суверенитет, территориальная целостность и устойчивое социально-экономическое развитие ''Российской Федерации'', оборона и безопасность государства <ref>[http://publication.pravo.gov.ru/Document/GetFile/0001201612060002?type=pdf Указ Президента Российской Федерации от 05.12.2016 № 646 "Об утверждении Доктрины информационной безопасности Российской Федерации" <br/>(Presidential Decree of 12.5.2016 number 646 "On approval of the Doctrine of the Russian Federation Information Security")]</ref>}}(raw translation) Information security ''of the Russian Federation'' (hereinafter - information security) - the state of protection of the individual, society and state from internal and external IT threats, which provide realisation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development ''of the Russian Federation'', the defense and security of the state. | {{definition|информационная безопасность ''Российской Федерации'' (далее - информационная безопасность) - состояние защищенности личности, общества и государства от внутренних и внешних информационных угроз, при котором обеспечиваются реализация конституционных прав и свобод человека и гражданина, достойные качество и уровень жизни граждан, суверенитет, территориальная целостность и устойчивое социально-экономическое развитие ''Российской Федерации'', оборона и безопасность государства <ref>[http://publication.pravo.gov.ru/Document/GetFile/0001201612060002?type=pdf Указ Президента Российской Федерации от 05.12.2016 № 646 "Об утверждении Доктрины информационной безопасности Российской Федерации" <br/>(Presidential Decree of 12.5.2016 number 646 "On approval of the Doctrine of the Russian Federation Information Security")]</ref>}}(raw translation) Information security ''of the Russian Federation'' (hereinafter - information security) - the state of protection of the individual, society and state from internal and external IT threats, which provide realisation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development ''of the Russian Federation'', the defense and security of the state. | ||
| Line 102: | Line 105: | ||
[[Category:Protection]] | [[Category:Protection]] | ||
[[Category:Resilience]] | [[Category:Resilience]] | ||
| − | {{#set:defined by=EU|defined by=NATO|defined by=UN|defined by=Albania|defined by=Argentina|defined by=Austria|defined by=Brazil|defined by=Croatia|defined by=Czech Republic|defined by=Denmark|defined by=Finland|defined by=France|defined by=Germany|defined by=Georgia|defined by=Jamaica|defined by=Montenegro|defined by=Netherlands|defined by=Norway|defined by=Philippines|defined by=Russian Federation|defined by=Uganda|defined by=United States|defined by=Uruguay|defined by=ISO|defined by=NIST}} | + | {{#set:defined by=EU|defined by=NATO|defined by=UN|defined by=Albania|defined by=Argentina|defined by=Austria|defined by=Brazil|defined by=Croatia|defined by=Czech Republic|defined by=Denmark|defined by=Finland|defined by=France|defined by=Germany|defined by=Georgia|defined by=Jamaica|defined by=Montenegro|defined by=Netherlands|defined by=Norway|defined by=Philippines|defined by=Portugal|defined by=Russian Federation|defined by=Uganda|defined by=United States|defined by=Uruguay|defined by=ISO|defined by=NIST}} |
Revision as of 02:12, 18 December 2016
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 Other International Definitions
- 1.3 National Definitions
- 1.3.1 Albania
- 1.3.2 Argentina
- 1.3.3 Austria
- 1.3.4 Brazil
- 1.3.5 Croatia
- 1.3.6 Czech Republic
- 1.3.7 Denmark
- 1.3.8 Finland
- 1.3.9 France
- 1.3.10 Germany
- 1.3.11 Georgia
- 1.3.12 Jamaica
- 1.3.13 Montenegro
- 1.3.14 Netherlands
- 1.3.15 Norway
- 1.3.16 Philippines
- 1.3.17 Portugal
- 1.3.18 Russian Federation
- 1.3.19 Uganda
- 1.3.20 United States
- 1.3.21 Uruguay
- 1.4 Standard Definition
- 2 Notes
Definitions
European Definitions
The protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional. [1]
Other International Definitions
NATO
The protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional (INFOSEC). [2]
United Nations
Information security is the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. [3]
National Definitions
Albania
Siguria e informacionit , do të thotë sigurimi i konfidencialitetit, integritetit dhe disponueshmërisë së informacionit. [4]
Argentina
Seguridad: contemplas los requisitos de Integridad, Confidencialidad y Disponibilidad de las Aplicaciones, por ejemplo asegurando que las aplicaciones disponibles a través de redes de acceso público (ej.: Internet) no puedan ser alteradas en su contenido, infectadas con código ni susceptibles a vulnerabilidades derivadas de malas prácticas de desarrollo. [5]
Austria
Information security or network security are umbrella terms for ICT security, referring to the entire relevant information of an organisation or an enterprise, including information that has not been processed electronically. Hence, it describes the entirety of characteristics of an organisation ensuring the confidentiality, availability and integrity of information. [6]
Informationssicherheit / Netzwerksicherheit ist ein Überbegriff zu IKT-Sicherheit und bezieht sich auf alle relevanten Informationen einer Organisation oder eines Unternehmens einschließlich von nicht elektronisch verarbeiteten Informationen. Es bezeichnet somit die Summe der Eigenschaften einer Organisation, die dem Schutz der Vertraulichkeit, Verfügbarkeit und Integrität der Informationen dienen. [7]
Informationssicherheit / Netzwerksicherheit ist ein Überbegriff zu IKT-Sicherheit und bezieht sich auf alle relevanten Informationen einer Organisation oder eines Unternehmens einschließlich von nicht elektronisch verarbeiteten Informationen. Es bezeichnet somit die Summe der Eigenschaften einer Organisation, die dem Schutz der Vertraulichkeit, Verfügbarkeit und Integrität der Informationen dienen. [7]
Information may be available as spoken text, paper documents or other directly readable media or as electronically processed data in ICT systems.
Brazil
Segurança da Informação: proteção dos sistemas de informação contra a negação de serviço a usuários autorizados, assim como contra a intrusão, e a modificação desautorizada de dados ou informações, armazenados, em processamento ou em trânsito, abrangendo, inclusive, a segurança dos recursos humanos, da documentação e do material, das áreas e instalações das comunicações e computacional, assim como as destinadas a prevenir, detectar, deter e documentar eventuais ameaças a seu desenvolvimento. [8]
Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any threats to its development.
Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any threats to its development.
Croatia
Informacijska sigurnost – stanje povjerljivosti, cjelovitosti i raspoloživosti podataka koje se postiže primjenom odgovarajućih sigurnosnih mjera.
Information security is the state of confidentiality, integrity and availability of information, which is achieved by implementation of stipulated information security measures and standards and by organisational support for jobs of planning, implementation, assessment and update of measures and standards. [9] [10]
Information security is the state of confidentiality, integrity and availability of information, which is achieved by implementation of stipulated information security measures and standards and by organisational support for jobs of planning, implementation, assessment and update of measures and standards. [9] [10]
Czech Republic
Bezpečností informací zajištění důvěrnosti, integrity a dostupnosti informací. [11]
Security (protection) of confidentiality, integrity and availability of information. [12]
Security (protection) of confidentiality, integrity and availability of information. [12]
Denmark
Informationssikkerhed er en bred betegnelse for de samlede for - anstaltninger til at sikre informationer i forhold til fortrolighed, integritet (ændring af data) og tilgængelighed. I arbejdet indgår blandt andet organisering af sikkerhedsarbejdet, påvirkning af adfærd, processer for behandling af data, styring af leverandører samt tekniske sikringsforanstaltninger. . [13]
Finland
Tietoturva, tietoturvallisuus: järjestelyt, joilla pyritään varmistamaan tiedon saatavuus, eheys ja luottamuksellisuus.
Information Security are arrangements aiming at ensuring the availability, integrity and confidentiality of information. -unofficial translation- [14]
Information Security are arrangements aiming at ensuring the availability, integrity and confidentiality of information. -unofficial translation- [14]
France
Information systems security: All technical and non-technical protective measures enabling an information system to withstand events likely to compromise the availability, integrity or confidentiality of stored, processed or transmitted data and of the related services that these systems offer or make accessible. [15]
Sécurité des systèmes d’information: Ensemble des mesures techniques et non techniques de protection permettant à un système d’information de résister à des événements susceptibles de compromettre la disponibilité, l’intégrité ou la confidentialité des données stockées, traitées ou transmises et des services connexes que ces systèmes offrent ou qu’ils rendent accessibles. [16]
Sécurité des systèmes d’information: Ensemble des mesures techniques et non techniques de protection permettant à un système d’information de résister à des événements susceptibles de compromettre la disponibilité, l’intégrité ou la confidentialité des données stockées, traitées ou transmises et des services connexes que ces systèmes offrent ou qu’ils rendent accessibles. [16]
Germany
IT-Sicherheit (oder Informationssicherheit) ist die Unversehrtheit der Authentizität,
Vertraulichkeit, Integrität und Verfügbarkeit eines informationstechnischen Systems und der darin verarbeiteten und gespeicherten Daten. (2016) [17]
IT security is the condition in which availability, integrity and confidentiality of information and Information Technology are ensured by appropriate safeguards. [18]
IT security is the condition in which availability, integrity and confidentiality of information and Information Technology are ensured by appropriate safeguards. [18]
Georgia
ინფორმაციული უსაფრთხოება – საქმიანობა, რომელიც იცავს ინფორმაციას და ინფორმაციულ სისტემებს მისაწვდომობის, ერთიანობის, აუთენტიფიკაციის, კონფიდენციალურობის და განგრძობადი მუშაობის უზრუნველყოფით. [19]
Information security - an activity that protects information and information systems' access, integrity, authentication, confidentiality, and the continuing of work.
(raw translation - CIPedia looks for a proper translation in English)
Information security - an activity that protects information and information systems' access, integrity, authentication, confidentiality, and the continuing of work.
(raw translation - CIPedia looks for a proper translation in English)
Jamaica
Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. [20]
Note: The terms information security, computer security and information assurance are understood for these purposes as being interchangeable.
Montenegro
Informaciona bezbjednost podrazumijeva stanje povjerljivosti, cjelovitosti i dostupnosti podataka. Informaciona bezbjednost se fokusira na podatke bez obzira na njihovu formu: elektronski, štampani ili drugi oblici podataka. [21]
Information security means the condition of confidentiality, integrity and availability of data. Information security focuses on data, regardless of their form: electronic, print or other forms of data.
Information security means the condition of confidentiality, integrity and availability of data. Information security focuses on data, regardless of their form: electronic, print or other forms of data.
Netherlands
Informatiebeveiliging is het behouden van de vertrouwelijkheid, integriteit en beschikbaarheid van informatie. [22]
- Integriteit is de eigenschap dat de nauwkeurigheid en volledigheid van bedrijfsmiddelen wordt beveiligd.
- Vertrouwelijkheid is de eigenschap dat informatie niet beschikbaar wordt gesteld of wordt ontsloten aan onbevoegde personen, entiteiten of processen.
- Beschikbaarheid is het kenmerk dat iets toegankelijk en bruikbaar is op verzoek van een bevoegde entiteit.
Information security is taking and maintaining a coherent set of measures to guarantee the availability, integrity and confidentiality of information.
Het treffen en onderhouden van een samenhangend pakket aan maatregelen om de beschikbaarheid, integriteit en vertrouwelijkheid te borgen. [23]
Het treffen en onderhouden van een samenhangend pakket aan maatregelen om de beschikbaarheid, integriteit en vertrouwelijkheid te borgen. [23]
Informatiebeveiliging is het proces van vaststellen van de vereiste kwaliteit van informatie(systemen) in termen van vertrouwelijkheid, beschikbaarheid, integriteit, onweerlegbaarheid en controleerbaarheid alsook het treffen, onderhouden en controleren van een samenhangend packet van bijbehorende (fysieke, organisatorische en logische) beveiligingsmaatregelen. [24]
Norway
IKT-sikkerhet: Hvordan elektroniske nettverk og systemer som behandler data eller kommuniserer med hverandre, og som virksomhetene er avhengig av for å fungere effektivt, skal beskyttes. [25]
ICT security is how business-critical electronic networks and systems that process data or communicate with each other are protected. [26]
ICT security is how business-critical electronic networks and systems that process data or communicate with each other are protected. [26]
Philippines
Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. [27]
Portugal
[Definição] INFOSEC: A aplicação de medidas de segurança para proteger a informação processada, armazenada ou transmitida em Sistemas de Tecnologia da Informação e Comunicações contra a perda de confidencialidade, integridade ou disponibilidade, acidental ou intencional, e para prevenir a perda de integridade ou disponibilidade dos sistemas. [28]
Russian Federation
информационная безопасность Российской Федерации (далее - информационная безопасность) - состояние защищенности личности, общества и государства от внутренних и внешних информационных угроз, при котором обеспечиваются реализация конституционных прав и свобод человека и гражданина, достойные качество и уровень жизни граждан, суверенитет, территориальная целостность и устойчивое социально-экономическое развитие Российской Федерации, оборона и безопасность государства [29]
(raw translation) Information security of the Russian Federation (hereinafter - information security) - the state of protection of the individual, society and state from internal and external IT threats, which provide realisation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, the defense and security of the state.
информационная безопасность – состояние защищенности личности, организации и государства и их интересов от угроз, деструктивных и иных негативных воздействий в информационном пространстве [30]
Information security (raw translation): the state of protection of the individual, the organization and the state and their interests from threats, destructive and other negative impacts in the information space.
Information security (raw translation): the state of protection of the individual, the organization and the state and their interests from threats, destructive and other negative impacts in the information space.
Uganda
Information security is the protection information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. [31]
United States
FISMA
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide - (A) integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; (B) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and (C) availability, which means ensuring timely and reliable access to and use of information. [32]
NIST
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. [33]
An embedded, integral part of the enterprise architecture that describes the structure and behavior for an enterprise’s security processes, information security systems, personnel and organizational subunits, showing their alignment with the enterprise’s mission and strategic plans. [34]
Uruguay
Seguridad informática: Conjunto de medidas preventivas y reactivas que tienen como objetivo mantener la confidencialidad, disponibilidad e integridad de la información soportada en medios informáticos. [35]
Standard Definition
ISO/IEC 27000:2014
Preservation of confidentiality, integrity and availability of information. [36]. In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved.
Notes
- ↑ NATO - EU - UN glossary
- ↑ NATO - EU - UN glossary
- ↑ NATO - EU - UN glossary
- ↑ PROJEKT LIGJ PËR SIGURINË KIBERNETIKE
- ↑ Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
- ↑ Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)
- ↑ Österreichische Strategie für Cyber Sicherheit (2013)
- ↑ GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.
- ↑ Article 2 of the Information Security Act
- ↑ National Cyber Security Strategy draft (2015)
- ↑ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)
- ↑ Cyber Security Explanatory Glossary (2013)
- ↑ Danish Cyber Security Strategy, 2014
- ↑ Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
- ↑ Information systems defence and security: France's Strategy
- ↑ La Stratégie de la France en matière de défense et de sécurité des systèmes d’information (2011)
- ↑ Cyber-Sicherheitsstrategie für Deutschland 2016
- ↑ Unpublished working glossary of UP KRITIS and BSI, 2014
- ↑ cyber_security_politics.docx (2012)
- ↑ Jamaica's National Cyber Security Strategy
- ↑ Strategija o bezbjednosti 2013-2017 (2012)
- ↑ NEN-ISO/IEC-27001 en 27002
- ↑ Zakboekje Preventie Cybercrime (2008
- ↑ Cybersecuritybeeld Nederland 2016
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ Cyber Security Strategy for Norway (2012)
- ↑ DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
- ↑ Glossário Centro National de Cibersegurança Portugal
- ↑ Указ Президента Российской Федерации от 05.12.2016 № 646 "Об утверждении Доктрины информационной безопасности Российской Федерации"
(Presidential Decree of 12.5.2016 number 646 "On approval of the Doctrine of the Russian Federation Information Security") - ↑ КОНЦЕПЦИЯ СТРАТЕГИИ КИБЕРБЕЗОПАСНОСТИ РОССИЙСКОЙ ФЕДЕРАЦИИ (Draft Cyber Security Strategy 2016)
- ↑ National Information Security Policy (2011)
- ↑ The Federal Information Security Modernization Act of 2014 (FISMA)44 U.S.C. § 3552(b)(2).
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series
- ↑ NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
- ↑ Glossary CERTuy
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
