Security Models

Last updated 2 months ago

Was this helpful?

Security Models

The security models define and enforce security policies to protect information, systems, and networks. They outline how information should be controlled, accessed, and protected based on the specific security requirements of an organization or system.

CIA Triad

Is a fundamental model in cybersecurity that represents the three core principles of information security: Confidentiality, Integrity, and Availability. These principles serve as the foundation for developing security policies, practices, and strategies to protect sensitive information and systems.

Confidentiality: Protection of data from unauthorized access and misuse
Integrity: Information is kept accurate and consistent unless authorized changes are made
Availability: Data must be available and accessible by the user to be useful

MAC Cumber Cube

Establish and evaluate information security initiatives by considering all of the related factors that impact them based on how Mandatory Access Control (MAC) policies can be applied in information security.

Critical information characteristics:
- CIA Triad Elements: Fundamental principles for protecting information.
Information states:
- Processing: The data that is used to operate on a system
- Storage: Data stored in memory or on a permanent storage device
- Transmission: Data traveling between information systems
Security measures:
- Awareness, training, and education: Measures to ensure that users are knowledgeable about potential security threats and the actions to protect systems
- Technology: Software and hardware-based solutions designed to protect information systems
- Policy and procedure: Administrative controls that provide a base for how an organization implements information assurance

SFU Triangle

Define the level of security implemented in a system, emphasizing the balance between critical aspects of security systems: Security, Functionality, and Usability, and how improving one aspect may negatively impact the others.

Security: Stablish the restrictions and protection of systems, networks, and data from unauthorized access, attacks, and breaches
Functionality: The capability of a system or application to perform its intended tasks and meet user needs
Usability: The ease with which users can interact with a system or application, including how intuitive and user-friendly the interface is

PreviousMalware NextMethodologies

Last updated 2 months ago

Was this helpful?

CIA Triad

Confidentiality: Protection of data from unauthorized access and misuse
Integrity: Information is kept accurate and consistent unless authorized changes are made
Availability: Data must be available and accessible by the user to be useful

MAC Cumber Cube

Critical information characteristics:
- CIA Triad Elements: Fundamental principles for protecting information.
Information states:
- Processing: The data that is used to operate on a system
- Storage: Data stored in memory or on a permanent storage device
- Transmission: Data traveling between information systems
Security measures:
- Awareness, training, and education: Measures to ensure that users are knowledgeable about potential security threats and the actions to protect systems
- Technology: Software and hardware-based solutions designed to protect information systems
- Policy and procedure: Administrative controls that provide a base for how an organization implements information assurance

SFU Triangle

Security: Stablish the restrictions and protection of systems, networks, and data from unauthorized access, attacks, and breaches
Functionality: The capability of a system or application to perform its intended tasks and meet user needs
Usability: The ease with which users can interact with a system or application, including how intuitive and user-friendly the interface is