Printer Friendly


Security is being free from danger. The term can be used with reference to crime, accidents of all kinds, etc. Security is a vast topic 'including security of countries against terrorist attack, security of computers against crackers, home security against burglars and other intruders, financial security against economic collapse and many other related situations.

Defining the word security

The word "security" in general usage is synonymous with "safety," but as a technical term "security" means that something not only is secure but that it has been secured For example, In telecommunication, the term security has the following meanings:

* A condition that results from the establishment and maintenance of protective measures that ensure a state of inviolability from hostile acts or influences.

* With respect to classified matter, the condition that prevents unauthorized persons from having access to official information that is safeguarded in the interests of national security.

* Measures taken by a military unit an activity or installation to protect itself against all acts designed to, or which may, impair its effectiveness.

Sources: from Federal Standard 1037C and adapted from the Department of defense Dictionary of military and Associated Terms

Another proposed alternative definition:

When our expectations are met, we can say that quality has been met. When our expectations are met once and again, despite of errors, catastrophes and attacks which in principle could prevent our expectations to be met, we can say that security has been met. Security is not falsifiable (Popper). We can prove that there has been a security failure, but we can't prove that there hasn't. Security measures improve the likeliness of expectations to be met, and therefore improve security. With respect to classified matter there is an expectation of the classified matter to remain secret for as long as we wish. A control access system is the security measure that helps this expectation to be accomplished.

The key problem in defining security is that it is an inherently fuzzy concept. If someone offers you a cigarette, should your bodyguard stop him? This is a method of making your death more likely, but, since you want to smoke the cigarette you would consider it bad to be deprived. If, on the other hand, the cigarette was poisoned, this would be a clear breach of security. Most security measures also involve compromise. If you want to be safe from poisoned cigarettes, you must also accept that you will lose access to free cigarettes from strangers. If you want to be even safer, you must stop smoking.

Security has to be compared and contrasted with other related concepts: Safety, continuity, reliability. The key difference between security and reliability is that security must take into account the actions of active malicious agents attempting to cause destruction.

A simple and clear definition of effective security could be a secure system is a system which does exactly what we want it to do and nothing that we don't want it to do even when someone else tries to make it behave differently.

Perceived security compared to real security

It is very often true that people's perception of security is not directly related to the actual security. For example, a fear of flying is much more common than a fear of driving; however, driving is generally a much more dangerous form of transport.

Another side of this is a phenomenon called security theatre where ineffective security measures such as screening of airline passengers based on static databases are introduced with little real increase in security or even, according to the critics of one such measure--CAPPS--with an actual decrease in real security.

Categorising security

There is an immense literature on the analysis and categorisation of security. Part of the reason for this Is that, in most security systems, it Is the "weakest link in the chain" which is the most important. The situation is asymmetric since defender must cover all points of attack whilst the attacker must only identify one weak point and concentrate on that.

Types of security

* physical security * information security * Computing security * financial security * human security

Security concepts

Certain concepts recur throughout different fields of security.

* risk--a risk is a possible event which could cause a loss

* threat--a threat is a method of triggering a risk event

* countermeasure--a countermeasure is a way to stop a threat from triggering a risk event

* defense in depth--never rely on one single security measure alone

* assurance--assurance is the level of guarantee that a security system will behave as expected

Security standards

* TCSEC (Orange Book)

* Common Criteria

* ISO 17799:2000 Code of practice for information security management ( /CatalogueDetailPage.CatalogueDetail?CSNUMBER=33441&1CSI=35)

* The newer ISO 17799:2005 Code of practice for information security management ( /CatalogueDetailPage.CatalogueDetail?CSNUMBER=39612&ICSI=35&ICS2=40&ICS3=)
COPYRIGHT 2006 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2006, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Publication:Database and Network Journal
Date:Feb 1, 2006
Previous Article:How computer viruses work.
Next Article:Security Risk Management--the answer to your security prayers.

Related Articles
CompTIA Security+(TM) Certification Surpasses New Milestone: More than 20,000 IT Professionals Certified Worldwide; Adoption of certification grows...
RKON Technologies Standardizes on eIQnetworks' Enterprise Security Analyzer to Deliver Comprehensive Security Operations Management Services.
Fifth Annual ASG Security Expo Focuses on Integration of IT and Physical Security; More Than 250 Attendees Get Glimpse of Latest Security Trends and...
The Chinese Telecom Operator Security Service Outsourcing Market is Expected to Be Worth RMB 600 Million by 2008.
For Vendors of It Security Products and Services, the 2006 It Security Study is a Valuable Source of Information for Understanding Market...
Lawrence Livermore National Laboratory to Partner with The Security Network; Membership Underscores Reach and Power of Collaboration and...
Check Point Sets New Standard in Unified Security Management; Integration of Endpoint Security Enables Single Console Management of All Check Point...

Terms of use | Copyright © 2016 Farlex, Inc. | Feedback | For webmasters