Security

Warning: mkdir() [function.mkdir]: Permission denied in /home/webs/affiliatelib2/CacheManager.php on line 12

Warning: mkdir() [function.mkdir]: No such file or directory in /home/webs/affiliatelib2/CacheManager.php on line 12

Warning: fopen(/home/templatecore2cache//*cluesnet.com/7f/7ffd56cc06bef62e686752f2a3d28bede8dd0361.tc2cache) [function.fopen]: failed to open stream: No such file or directory in /home/webs/affiliatelib2/CacheManager.php on line 130

Warning: fwrite(): supplied argument is not a valid stream resource in /home/webs/affiliatelib2/CacheManager.php on line 131

Warning: fclose(): supplied argument is not a valid stream resource in /home/webs/affiliatelib2/CacheManager.php on line 132

s and metal detectors are used to control what is allowed to pass through an airport security perimeter

in the East End of London

Security is the condition of being protected against danger or loss. In the general sense, security is a concept similar to safety. The nuance between the two is an added emphasis on being protected from dangers that originate from outside. Individuals or actions that encroach upon the condition of protection are responsible for the breach of security.

The word "security" in general usage is synonymous with "safety," but as a technical term "security" means that something not only is secure but that it has been secured. In telecommunications, the term security has the following meanings:

A condition that results from the establishment and repair and maintenance of protective measures that ensure a state of inviolability from hostile acts or influences.
With respect to classified matter, the condition that prevents unauthorized persons from having access to official information that is safeguarded in the interests of national security.
Measures taken by a military unit, an activity or installation to protect itself against all acts designed to, or which may, impair its effectiveness.

Security has to be compared and contrasted with other related concepts: Safety, Wiktionary:continuity, reliability. The key difference between security and reliability is that security must take into account the actions of active malicious agents attempting to cause destruction.

Perceived security compared to real security It is very often true that people's perception of security is not directly related to actual security. For example, a fear of flying is much more common than a fear of driving; however, driving is generally a much more dangerous form of transport. The tool may be mistaken for the effect, for example when multiple computer security programs interfere with each other, so the user assumes the computer is secure when actual security has vanished.

Another side of this is a phenomenon called security theatre where ineffective security measures such as screening of airline passengers based on static databases are introduced with little real increase in security or even, according to the critics of one such measure - Computer Assisted Passenger Prescreening System - with an actual decrease in real security.

Categorising security There is an immense literature on the analysis and categorisation of security. Part of the reason for this is that, in most security systems, the "weakest link in the chain" is the most important. The situation is asymmetric since the defender must cover all points of attack while the attacker need only identify a single weak point upon which to concentrate.

Types of security IT realm

Computer security
Data security
Application security
Information security
Network security

Physical realm

Physical security
Security guard
Airport security
Food security
Home security

Political

International security
National security
Human security

Monetary

Security (finance)

Security concepts Certain concepts recur throughout different fields of security.

Risk - a risk is a possible event which could cause a loss
threat - a threat is a method of triggering a risk event that is dangerous
Countermeasure - a countermeasure is a way to stop a threat from triggering a risk event
Defense in depth - never rely on one single security measure alone
Assurance services - assurance is the level of guarantee that a security system will behave as expected

IT Security standards

ISO/IEC 15443 A framework for IT security assurance (covering many methods, i.e. TCSEC, Common Criteria, ISO/IEC 17799)

ISO/IEC 15443-1: Overview and framework
ISO/IEC 15443-2: Assurance methods
15443-3: Analysis of assurance methods (expected in 2007)

ISO/IEC 15408 refer also to Common Criteria

ISO/IEC 17799:2005 Code of practice for information security management refer also to ISO/IEC 17799

refer also to TCSEC Trusted Computer System Evaluation Criteria (Orange Book)

Security experts

Richard A. Clarke
David H. Holtzman
Bruce Schneier