Assurance Model Of Information In Cyber Security

About Information Assurance

It concerns the implementation of methods that are focused on protecting and safeguarding critical information with relevant information systems by assuring confidentiality, integrity, availability, and non-repudiation.

• It can be said to be a strategic approach, which focuses more on the deployment of policies rather than the formation of infrastructure.

Models Of Information Assurance

Next, we are going to take you to some models of information assurance

You must be aware of the fact that security models are multi-dimensional and are based on the following dimensions.

1. Information states

Information is also considered as the interpretation of data, which can be discovered in three-three states stored, processed, and transmitted.

• Security services

It can be said to be a fundamental pillar of the model, which offers security to the system and consists of five services mainly availability, integrity, confidentiality, authentication, and repudiation.

• Security countermeasures

It consists of functionalities to save the system from immediate vulnerability by accounting technology, policy & practice, and people.

• Time

You can view this dimension in several ways. Data can be available at any time in the online or offline mode.

• Information and systems may be in flux, which introduces the risk of unauthorized access.
• Within every phase of the system development cycle, every model of information assurance must be defined well and implemented to minimize the risk of unauthorized access.

Transmission States

1. Transmission

It deals in time wherein data in between of processing steps

For example- it performs transit over networks when the user transfers e-mail to readers, which includes memory and storage encountered during the delivery.

• Storage

It deals in time when the data is saved on mediums like a hard drive.

• Processing

It underlines the time when data is in the processing state.

Security Services

These are some security services that have been categorized as per the need of the customer.

1. Confidentiality-

It makes sure that the system of information does not get disclosed to unauthorized access, is read, and interpreted by authorized figures.

• The protection of confidentiality avoids malicious access as well as accidental disclosure of information.
• The information which is considered to be confidential is named as sensitive information.
• For ensuring the confidentiality of the data, it is categorized into different categories on the basis of severity of damage and then accordingly rigid measures are taken.

• Integrity

It affirms the accuracy of sensitive data with trustworthiness.

• It cannot be created, changed, or deleted without proper authorization.
• Maintenance of integrity involves modification or destruction of information through unauthorized access.
• For the assurance of integrity, backups must be planned and implemented for restoring the affected area in case of a security breach.

• Availability

It can guarantee reliability and constant access to sensitive data through authorized users.

• It includes measures for sustaining access to data in spite of system failure and source of interference.
• For ensuring availability, corrupted data must be eliminated, recovery time must be speeding up, improvement must be made in infrastructure.

• Authentication

It is a service, which is designed for the establishment of the validity of the transmission of messages by the verification of individual identity for receiving specific information.

• A single method of factor authentication utilizes a single parameter to verify a user’s identity and two-factor authentication makes use of multiple factors.

• Non-repudiation

It is a mechanism that ensures that the sender or receiver cannot deny the fact that they are a part of data transmission.

• When the sender sends data to the receiver, it receives the confirmation.

Countermeasures Of Security

Here are some countermeasures that can help you in dealing with the security of sensitive information.

1. People

The fact cannot be denied that people are the heart of the system.

• The administrators and users of the information system must not miss out on following policies and practices for designing a good system.
• They need to be informed regularly about information systems.

• Policy and practice

All organizations have a set of rules, which are defined in the form of policies that every individual must follow within the organization.

• The policies must be practiced for handling sensitive information whenever systems get compromised.

• Technology

With the help of appropriate technology like firewalls, routers, and intrusion detection must be used for defending the system from vulnerabilities and threats.

The technology must be used for facilitating fast responses whenever the security of information gets compromised.

Wrapping Up

Assurance of the security of information is crucial in today’s time, especially in the time where cyber threats are evolving at a fast pace. It is important to be equipped with strategic measures for the security of sensitive information. Moreover, people of all fields must be vigilant about all the security measures that need to be put in place.

About The Author