Computer systems have the following three general goals from a security point of view:
The table given below lists all the above goals with their corresponding threads:
|Data confidentiality||Exposure of data|
|Data integrity||Tempering with data|
|System availability||Denial of service|
Now the table given below describes all the three goals that almost every computer system have from security perspective:
|Data integrity||Users that are not authorized, shouldn't be able to modify any data without permission of the owner.
In this context, the modification of data not only change the data, but also remove the data and can add some wrong data as well.
Therefore, if a computer system, that can't guarantee that the data deposited in it remain unchanged until and unless the system owner decides to change them, then it isn't worth much as an information system.
|Data confidentiality||In case of data confidentiality, secret data remains secret.
In other word, you can say that, if the owner of the data has decided that these data are only to be made available to specific or certain people and no any other, then the system should guarantee that release of the data to the people that are not authorized, doesn't occur.
And the owner should be able to specify who can see what, and the system should enforce these specifications.
|System availability||Nobody can disturb the system to make it not usable|
© Copyright 2021. All Rights Reserved.