What is Information Assurance Model in Cyber Security

InfosecTrain
0

What is Information Assurance?

Information Assurance refers to the practice of ensuring the confidentiality, integrity, availability, and non-repudiation of important information and information systems. It's a long-term strategy that prioritizes policy implementation over infrastructure development.

Information Assurance Model in Cyber Security

The information assurance security model is a multi-dimensional model which is based on four dimensions:

1.      Information States

Information states are defined as the interpretation of data, which exists in three states: stored, processed, and transmitted.

       Storage: It specifies the amount of time that data is saved on a device such as a hard drive.

       Processing: It specifies the amount of time when data is being processed.

       Transmission: It specifies the period when data is transferred between two parties.

2.    Security Services

Security services are the assurance model's fundamental component that delivers system security and includes the following services:  Confidentiality, Integrity, Availability, Authentication, and Non-repudiation.

       Confidentiality: Confidentiality ensures that unauthorized parties do not access system information, and only those who are permitted can read and interpret it. Confidentiality protection prevents malicious access and unintended information leakage.

       Integrity: It ensures that personal information is reliable and accurate and that it can't be formed, altered, or deleted without authorization.

       Availability: It ensures that only authorized users have consistent and reliable access to sensitive data. It entails taking steps to maintain data access in the face of system problems and other sources of intervention.

       Authentication: It is a protective measure that establishes the authenticity of message transmission by verifying an individual's identity in order to collect a specific type of information.

       Non-repudiation: It is a method of ensuring that neither the sender nor the receiver can deny their participation in data transmission. When a communicator sends data to a recipient, the recipient receives a delivery verification. When a recipient receives a message, it contains all of the information about the sender.

3.    Security Countermeasures

This dimension includes features and functionality that protect the system from immediate vulnerability by considering technology, policy, practice, and people.

       Technology: To protect the system from vulnerabilities and threats, appropriate firewalls, routers, and intrusion detection must be used.

       Policy and Practice: Every firm has policies that establish norms that everyone who works there must follow. If a system is breached, these policies must be followed to handle sensitive data.

       People: The human being is at the center of the information system. Users and administrators of information systems must adhere to policies and procedures to create effective systems. They must be trained about the information system regularly and be prepared to act effectively to protect it.

4.   Time

This component can be interpreted in a variety of ways. Data may be available offline or online at any time, and information and systems may be in turmoil, posing a risk of unauthorized access. As a result, to limit the risk of security breaches, every component of the Information Assurance model must be thoroughly specified and executed at every level of the System Development Cycle.

Cyber Security with InfosecTrain

InfosecTrain is well-known training company that offers information security training courses. Join us for a great experience with our industry experts to gain a solid understanding of cybersecurity concepts.

Post a Comment

0Comments

Post a Comment (0)