This article is a derivative of a wikipedia entry and consequently is itself available under the Creative Commons licence.
Computer information security is the ongoing process of exercising due care and due diligence to protect information systems, from unauthorised access, use, disclosure, destruction, modification, or disruption or distribution.
Core Computer Security components, or qualities, can be considered within three areas; Confidentiality, Integrity and Availability (the so called “CIA triad”).
Governments, military, corporations, financial institutions, hospitals, and private businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on computers and transmitted across computer networks to other computers.
Should confidential information about a business' customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business. Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement.
Integrity
In information security, integrity means that data cannot be modified without authorisation.
Integrity is violated when, for example, an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a computer. Or when an employee is able to modify his own salary in a payroll database or an unauthorised user vandalises a web site, and so on.
There are many ways in which integrity could be violated without malicious intent. In the simplest case, a user on a system could mis-type someone's address.
On a larger scale, if an automated process is not written and tested correctly, bulk updates to a database could alter data in an incorrect way, leaving the integrity of the data compromised.
|
Integrity
