Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Information security
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Other models === In 1992 and revised in 2002, the [[OECD]]'s ''Guidelines for the Security of Information Systems and Networks''<ref>{{cite web|url=http://www.oecd.org/dataoecd/16/22/15582260.pdf |title=oecd.org |access-date=2014-01-17 |url-status=dead |archive-url=https://web.archive.org/web/20110516085505/http://www.oecd.org/dataoecd/16/22/15582260.pdf |archive-date=May 16, 2011 }}</ref> proposed the nine generally accepted principles: [[information security awareness|awareness]], responsibility, response, ethics, democracy, risk assessment, security design and implementation, security management, and reassessment.<ref>{{Cite journal|date=January 1996|title=GSSP (Generally-Accepted system Security Principles): A trip to abilene|url=http://dx.doi.org/10.1016/0167-4048(96)82630-7|journal=Computers & Security|volume=15|issue=5|pages=417|doi=10.1016/0167-4048(96)82630-7|issn=0167-4048|url-access=subscription}}</ref> Building upon those, in 2004 the [[NIST]]'s ''Engineering Principles for Information Technology Security''<ref name="NIST" /> proposed 33 principles. In 1998, [[Donn Parker]] proposed an alternative model for the classic "CIA" triad that he called the [[Parkerian Hexad|six atomic elements of information]]. The elements are [[confidentiality]], [[ownership|possession]], [[integrity]], [[authentication|authenticity]], [[availability]], and [[utility]]. The merits of the [[Parkerian Hexad]] are a subject of debate amongst security professionals.<ref>{{cite web|last=Slade|first=Rob|url=http://blog.isc2.org/isc2_blog/2008/12/cia-triad-versus-parkerian-hexad.html|title=(ICS)2 Blog|access-date=November 17, 2017|archive-date=November 17, 2017|archive-url=https://web.archive.org/web/20171117003743/http://blog.isc2.org/isc2_blog/2008/12/cia-triad-versus-parkerian-hexad.html|url-status=dead}}</ref> In 2011, [[The Open Group]] published the information security management standard [[Open Information Security Maturity Model|O-ISM3]].<ref>{{cite web|last=Aceituno|first=Vicente|title=Open Information Security Maturity Model|url=http://www.ism3.com/node/39|access-date=12 February 2017}}</ref> This standard proposed an [[operational definition]] of the key concepts of security, with elements called "security objectives", related to [[access control]] (9), [[availability]] (3), [[data quality]] (1), compliance, and technical (4).
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)