Network and IT security plays a major role in organizational structure nowadays as data has become so valuable.
Security objectives are goals an organization strives to achieve through its security efforts.
Any organization has major 7 primary security objectives. Let's understand them one by one.
Confidentiality
Confidentiality is the protection against unauthorized access, while providing authorized users access to resources without obstruction.
Integrity
Integrity is the protection against unauthorized changes, while allowing for authorized changes performed by authorized users.
Availability
Availability is the protection against downtime, loss of data, and blocked access, while providing consistent uptime, protecting data, and supporting authorized access to resources.
Authentication
Authentication is the proof or verification of a user's identity before granting access to a secured area.
Authorization
Authorization is controlling what users are allowed and not allowed to do.
Authorization is dictated by the organization's security structure, which may focus on
discretionary access control (DAC),
mandatory access control (MAC), or
role-based access control (RBAC).
Authorization is also known as access control.
Nonrepudiation
Nonrepudiation is the assurance that someone cannot deny something.
Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated.
To repudiate means to deny.
Auditing and public-key cryptography commonly provide non-repudiation services.
Privacy
Privacy protects the confidentiality, integrity, and availability of personally identifiable or sensitive data.
Information Technology networks security
