Abstract
This paper deals with some fundamental concepts within the area of information security, both their definitions and their relationships. The included concepts are information asset, confidentiality, integrity, availability, threat, incident, damage, security mechanism, vulnerability and risk. The concepts and their relations are modeled graphically in order to increase the understanding of conceptual fundamentals within the area of information security.
Chapter PDF
Similar content being viewed by others
Key words
References
Björck F (2001). Security Scandinavian Style — Interpreting the Practice of Managing Information Security in Organisations. Licentiate Thesis, Department of Computer and Systems Sciences, Stockholm University/Royal Institute of Technology, Stockholm
Gollman D (1999). Computer Security. Wiley
Harris S (2002). CISSP Certification Exam Guide. McGraw-Hill/Osbourne
Jonsson E (1995). A Quantitative Approach to Computer Security from a Dependability Perspective. Doctoral Dissertation, Department of Computer Engineering, Chalmers University of Technology, Göteborg
Olovsson T (1992). A Structured Approach to Computer Security. Technical Report No 122, Department of Computer Engineering, Chalmers University of Technology, Göteborg
Oscarson P (2001). Informationssäkerhet i verksamheter. (Information Security in Organizations — in Swedish). Licentiate Thesis, Department of Computer and Information Science, Linköping University
Ozier W (2000) Risk Analysis and Assessment, in Information Security Handbook, Tipton H F & Krause M, Auerbach publications
Parker D B (1981). Computer Security Management, Prentice Hall
Pfleeger C P (1996). Security in Computing. Prentice-Hall
SIG Security (1999). Säkerhetsarkitekturer (Security Architectures, in Swedish). SIG Security, Studentlitteratur
ISO/IEC 17799 (2001). Information Technology — Code of Practice for Information Security Management. International Organization for Standardization
Statskontoret (1997). Handbok i IT-säkerhet ( IT Security Handbook, in Swedish ), The Swedish Agency for Public Management
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer Science+Business Media New York
About this paper
Cite this paper
Oscarson, P. (2003). Information Security Fundamentals. In: Irvine, C., Armstrong, H. (eds) Security Education and Critical Infrastructures. WISE 2003. IFIP Advances in Information and Communication Technology, vol 125. Springer, New York, NY. https://doi.org/10.1007/978-0-387-35694-5_9
Download citation
DOI: https://doi.org/10.1007/978-0-387-35694-5_9
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4757-6491-8
Online ISBN: 978-0-387-35694-5
eBook Packages: Springer Book Archive