What is information security?

Information security refers to the protection of information systems (including hardware, software, data, personnel, physical environment and its infrastructure) from being damaged, changed or leaked by accidents or malicious reasons, the system runs continuously and reliably, and the information service is uninterrupted, so as to finally realize business continuity.

Information security itself contains a wide range, including how to prevent the disclosure of secrets of commercial enterprises, prevent teenagers from browsing bad information, and disclose personal information. The information security system under the network environment is the key to ensure information security, including computer security operating system, various security protocols and even security systems. As long as there are security loopholes, it can threaten global security.

Information security in a narrow sense is a computer security field based on cryptography, which is usually used as a benchmark by early information security majors in China, supplemented by computer technology, communication network technology and programming.

Information security in a broad sense is a comprehensive subject. From traditional computer security to information security, it is not only a change of name, but also an extension of security development. Safety is a purely technical problem, but the product of the combination of management, technology, law and other issues.

Characteristics of information security

Integrity: refers to the characteristics that information remains unchanged, undamaged and lost in the process of transmission, exchange, storage and processing, that is, maintaining the integrity of information so that information can be generated, stored and transmitted correctly, which is the most basic security feature.

Confidentiality: refers to the characteristic that information is not disclosed to unauthorized individuals, entities or processes according to given requirements, or provided for use, that is, it prevents useful information from being disclosed to unauthorized individuals or entities, and emphasizes the characteristic that useful information is only used by authorized objects.

Availability: refers to the characteristics that network information can be correctly accessed by authorized entities, and can be used normally or recovered under abnormal conditions as needed, that is, the required information can be correctly accessed when the system is running, and it can be quickly recovered and put into use when the system is attacked or destroyed. Availability is a measure of the user-oriented security performance of network information system.