Information Security

From CIPedia
Revision as of 15:22, 22 July 2015 by Eluiijf (talk | contribs) (Notes)
Jump to navigation Jump to search

Definitions

European Definitions

The protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional. [1]


Other International Definitions

NATO

The protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional (INFOSEC). [2]


United Nations

Information security is the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. [3]



National Definitions

Austria

Information security or network security are umbrella terms for ICT security, referring to the entire relevant information of an organisation or an enterprise, including information that has not been processed electronically. Hence, it describes the entirety of characteristics of an organisation ensuring the confidentiality, availability and integrity of information. [4]

Informationssicherheit / Netzwerksicherheit ist ein Überbegriff zu IKT-Sicherheit und bezieht sich auf alle relevanten Informationen einer Organisation oder eines Unternehmens einschließlich von nicht elektronisch verarbeiteten Informationen. Es bezeichnet somit die Summe der Eigenschaften einer Organisation, die dem Schutz der Vertraulichkeit, Verfügbarkeit und Integrität der Informationen dienen. [5]

Information may be available as spoken text, paper documents or other directly readable media or as electronically processed data in ICT systems.

Brazil

Segurança da Informação: proteção dos sistemas de informação contra a negação de serviço a usuários autorizados, assim como contra a intrusão, e a modificação desautorizada de dados ou informações, armazenados, em processamento ou em trânsito, abrangendo, inclusive, a segurança dos recursos humanos, da documentação e do material, das áreas e instalações das comunicações e computacional, assim como as destinadas a prevenir, detectar, deter e documentar eventuais ameaças a seu desenvolvimento. [6]

Information Security is the protection of information systems against denial of service to authorised users, as well as against intrusion and unauthorised modification of data or information stored in processing or in transit, covering even the safety of human resources, documentation and material, of the areas and facilities of communications and computing, as well as to prevent, detect, deter and document any threats to its development.


Croatia

Informacijska sigurnost – stanje povjerljivosti, cjelovitosti i raspoloživosti podataka koje se postiže primjenom odgovarajućih sigurnosnih mjera.

Information security is the state of confidentiality, integrity and availability of information, which is achieved by implementation of stipulated information security measures and standards and by organisational support for jobs of planning, implementation, assessment and update of measures and standards. [7] [8]


Czech Republic

Bezpečností informací zajištění důvěrnosti, integrity a dostupnosti informací. [9]

Security (protection) of confidentiality, integrity and availability of information. [10]



Denmark

Informationssikkerhed er en bred betegnelse for de samlede for - anstaltninger til at sikre informationer i forhold til fortrolighed, integritet (ændring af data) og tilgængelighed. I arbejdet indgår blandt andet organisering af sikkerhedsarbejdet, påvirkning af adfærd, processer for behandling af data, styring af leverandører samt tekniske sikringsforanstaltninger. . [11]


Finland

Tietoturva, tietoturvallisuus: järjestelyt, joilla pyritään varmistamaan tiedon saatavuus, eheys ja luottamuksellisuus.

Information Security are arrangements aiming at ensuring the availability, integrity and confidentiality of information. -unofficial translation- [12]


Germany

IT security is the condition in which availability, integrity and confidentiality of information and Information Technology are ensured by appropriate safeguards. [13]


Georgia

ინფორმაციული უსაფრთხოება – საქმიანობა, რომელიც იცავს ინფორმაციას და ინფორმაციულ სისტემებს მისაწვდომობის, ერთიანობის, აუთენტიფიკაციის, კონფიდენციალურობის და განგრძობადი მუშაობის უზრუნველყოფით. [14]

Information security - an activity that protects information and information systems' access, integrity, authentication, confidentiality, and the continuing of work.
(raw translation - CIPedia looks for a proper translation in English)


Jamaica

Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. [15]

Note: The terms information security, computer security and information assurance are understood for these purposes as being interchangeable.

Montenegro]

Informaciona bezbjednost podrazumijeva stanje povjerljivosti, cjelovitosti i dostupnosti podataka. Informaciona bezbjednost se fokusira na podatke bez obzira na njihovu formu: elektronski, štampani ili drugi oblici podataka. [16]

Information security means the condition of confidentiality, integrity and availability of data. Information security focuses on data, regardless of their form: electronic, print or other forms of data.


Netherlands

Informatiebeveiliging is het behouden van de vertrouwelijkheid, integriteit en beschikbaarheid van informatie. [17]
  • Integriteit is de eigenschap dat de nauwkeurigheid en volledigheid van bedrijfsmiddelen wordt beveiligd.
  • Vertrouwelijkheid is de eigenschap dat informatie niet beschikbaar wordt gesteld of wordt ontsloten aan onbevoegde personen, entiteiten of processen.
  • Beschikbaarheid is het kenmerk dat iets toegankelijk en bruikbaar is op verzoek van een bevoegde entiteit.

Information security is taking and maintaining a coherent set of measures to guarantee the availability, integrity and confidentiality of information.

Het treffen en onderhouden van een samenhangend pakket aan maatregelen om de beschikbaarheid, integriteit en vertrouwelijkheid te borgen. [18]


Norway

IKT-sikkerhet: Hvordan elektroniske nettverk og systemer som behandler data eller kommuniserer med hverandre, og som virksomhetene er avhengig av for å fungere effektivt, skal beskyttes. [19]

ICT security is how business-critical electronic networks and systems that process data or communicate with each other are protected. [20]


United States

The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. [21]


Standard Definition

ISO/IEC 27000:2014

Preservation of confidentiality, integrity and availability of information. [22]. In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved.


Notes

  1. [http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary
  2. [http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary
  3. [http://www.cimic-coe.org/wp-content/uploads/2014/06/NATO-EU-UN-glossary-on-DCB-and-CP.pdf NATO - EU - UN glossary
  4. Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)
  5. Österreichische Strategie für Cyber Sicherheit (2013)
  6. GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Decreto Nº 3.505, de 13 de junho de 2000. Presidência da República, Casa Civil, Subchefia para Assuntos Jurídicos. Institui a Política de Segurança da Informação nos órgãos e entidades da Administração Pública Federal. Brasília, 2000.
  7. Article 2 of the Information Security Act
  8. National Cyber Security Strategy draft (2015)
  9. http://www.nbu.cz/download/nodeid-1384/ Zákon č. 181/2014 Sb. o kybernetické bezpečnosti a o změně souvisejících zákonů (zákon o kybernetické bezpečnosti)
  10. Cyber Security Explanatory Glossary (2013)
  11. Danish Cyber Security Strategy, 2014
  12. Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
  13. Unpublished working glossary of UP KRITIS and BSI, 2014
  14. http://csbd.gov.ge/doc/cyber_security_politics.docx cyber_security_politics.docx (2012)
  15. Jamaica's National Cyber Security Strategy
  16. Strategija o bezbjednosti 2013-2017 (2012)
  17. NEN-ISO/IEC-27001 en 27002
  18. Zakboekje Preventie Cybercrime (2008
  19. Nasjonal strategi for informasjonssikkerhet (2012)
  20. Cyber Security Strategy for Norway (2012)
  21. NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series
  22. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary