A revised framework of information security principles
| Main Author: | |
|---|---|
| Publication Date: | 2013 |
| Other Authors: | |
| Language: | eng |
| Source: | Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| Download full: | http://hdl.handle.net/1822/37119 |
Summary: | Confidentiality, Integrity and Availability are referred to as the basic principles of Information Security. These principles have remained virtually un-changed over time, but several authors argue they are clearly insufficient to pro-tect information. Others go a step further and propose new security principles, to update and complement the traditional ones. Prompt by this context, the aim of this work is to revise the framework of Information Security principles, making it more current, complete, and comprehensive. Based on a systematic literature re-view, a set of Information Security principles is identified, defined and character-ized, which, subsequently, leads to a proposal of a Revised Framework of Infor-mation Security Principles. This framework was evaluated in terms of completeness and wholeness by intersecting it with a catalog of threats, which re-sulted from the merger of four existing catalogs. An initial set of security metrics, applied directly to the principles that constitute the framework, is also suggested, allowing, in case of adverse events, to assess the extent to which each principle was compromised and to evaluate the global effectiveness of the information pro-tection efforts. |
| id |
RCAP_d056f5adb392ff9cecf7ab9e241c8bad |
|---|---|
| oai_identifier_str |
oai:repositorium.sdum.uminho.pt:1822/37119 |
| network_acronym_str |
RCAP |
| network_name_str |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| repository_id_str |
https://opendoar.ac.uk/repository/7160 |
| spelling |
A revised framework of information security principlesMathematical Problem with Complementarity ConstraintsInexact RestorationNonLinear ProgrammingConfidentiality, Integrity and Availability are referred to as the basic principles of Information Security. These principles have remained virtually un-changed over time, but several authors argue they are clearly insufficient to pro-tect information. Others go a step further and propose new security principles, to update and complement the traditional ones. Prompt by this context, the aim of this work is to revise the framework of Information Security principles, making it more current, complete, and comprehensive. Based on a systematic literature re-view, a set of Information Security principles is identified, defined and character-ized, which, subsequently, leads to a proposal of a Revised Framework of Infor-mation Security Principles. This framework was evaluated in terms of completeness and wholeness by intersecting it with a catalog of threats, which re-sulted from the merger of four existing catalogs. An initial set of security metrics, applied directly to the principles that constitute the framework, is also suggested, allowing, in case of adverse events, to assess the extent to which each principle was compromised and to evaluate the global effectiveness of the information pro-tection efforts.Programa Operacional Fatores de Competitividade – COMPETE and National funds by FCT – Fundação para a Ciência e Tecnologia under Project FCOMP-01-0124-FEDER-022674.Universidade do MinhoTeixeira, AndréSoares, Filipe de Sá20132013-01-01T00:00:00Zconference paperinfo:eu-repo/semantics/publishedVersionapplication/pdfhttp://hdl.handle.net/1822/37119enginfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2024-05-11T06:32:03Zoai:repositorium.sdum.uminho.pt:1822/37119Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-28T15:56:20.058899Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse |
| dc.title.none.fl_str_mv |
A revised framework of information security principles |
| title |
A revised framework of information security principles |
| spellingShingle |
A revised framework of information security principles Teixeira, André Mathematical Problem with Complementarity Constraints Inexact Restoration NonLinear Programming |
| title_short |
A revised framework of information security principles |
| title_full |
A revised framework of information security principles |
| title_fullStr |
A revised framework of information security principles |
| title_full_unstemmed |
A revised framework of information security principles |
| title_sort |
A revised framework of information security principles |
| author |
Teixeira, André |
| author_facet |
Teixeira, André Soares, Filipe de Sá |
| author_role |
author |
| author2 |
Soares, Filipe de Sá |
| author2_role |
author |
| dc.contributor.none.fl_str_mv |
Universidade do Minho |
| dc.contributor.author.fl_str_mv |
Teixeira, André Soares, Filipe de Sá |
| dc.subject.por.fl_str_mv |
Mathematical Problem with Complementarity Constraints Inexact Restoration NonLinear Programming |
| topic |
Mathematical Problem with Complementarity Constraints Inexact Restoration NonLinear Programming |
| description |
Confidentiality, Integrity and Availability are referred to as the basic principles of Information Security. These principles have remained virtually un-changed over time, but several authors argue they are clearly insufficient to pro-tect information. Others go a step further and propose new security principles, to update and complement the traditional ones. Prompt by this context, the aim of this work is to revise the framework of Information Security principles, making it more current, complete, and comprehensive. Based on a systematic literature re-view, a set of Information Security principles is identified, defined and character-ized, which, subsequently, leads to a proposal of a Revised Framework of Infor-mation Security Principles. This framework was evaluated in terms of completeness and wholeness by intersecting it with a catalog of threats, which re-sulted from the merger of four existing catalogs. An initial set of security metrics, applied directly to the principles that constitute the framework, is also suggested, allowing, in case of adverse events, to assess the extent to which each principle was compromised and to evaluate the global effectiveness of the information pro-tection efforts. |
| publishDate |
2013 |
| dc.date.none.fl_str_mv |
2013 2013-01-01T00:00:00Z |
| dc.type.driver.fl_str_mv |
conference paper |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/1822/37119 |
| url |
http://hdl.handle.net/1822/37119 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.source.none.fl_str_mv |
reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia instacron:RCAAP |
| instname_str |
FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia |
| instacron_str |
RCAAP |
| institution |
RCAAP |
| reponame_str |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| collection |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| repository.name.fl_str_mv |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia |
| repository.mail.fl_str_mv |
info@rcaap.pt |
| _version_ |
1833595633509859328 |