People can better understand the differences and connections between "data security", "information security" and "network security". We have compiled the definitions of the three agencies by the official agencies, and the netizens also gave their own views. Let's take a look together.
Today, "Internet +" is widely mentioned, security issues are getting more and more attention, but many people are not very clear about the concept of "information security", "data security", "network security". Today, You Xuan will explain to you in detail, the differences and connections between the three, as well as the unique insights of professionals.
Let's take a look at what the official organization defines for the three.
information security
Currently, the common definitions of InformaTIon security are:
1. Definition of the US federal government
Information security is the protection of information systems from accidental or intentional unauthorized disclosure, transmission, modification or destruction.
2. International Organization for Standardization (ISO) definition
Information security is the technical and administrative security that is established and adopted for data processing systems to protect computer hardware, software and data from damaging, altered and leaked for occasional and malicious reasons.
3. Definition of China's State Key Laboratory of Information Security
Information security involves the confidentiality, availability, integrity, and controllability of information. Confidentiality means ensuring that information is not leaked to unauthorized people; availability is to ensure that information and information systems are actually used by authorized users; integrity is against active attacks by opponents, preventing information from being tampered with; controllability is information and information The system implements security monitoring. To sum up, it is to ensure the effectiveness of electronic information.
4. Definition of the field of information science research
Information security means that information is not leaked or destroyed during production, transmission, processing and storage, ensuring the availability, confidentiality, integrity and non-repudiation of information, and ensuring the reliability and controllability of information systems.
From a historical perspective, information security is earlier than network security. With the deepening of information technology, the content of information security and network security is continuously enriched. Information security has set new goals and requirements with the development of the network. Network security technology has also been continuously innovated and developed in this process.
cyber security
Network security not only includes the storage security of network information, but also the security during the generation, transmission and use of information.
In a narrow sense, network security means that the data in the hardware, software, and systems of the network system is protected, and is not damaged, altered, or leaked due to accidental or malicious reasons. The system runs continuously and reliably, and the network service Not interrupted. Network security is essentially information security on the network.
Broadly speaking, all relevant technologies and theories related to the confidentiality, integrity, usability, authenticity and controllability of information on the network are the research fields of network security. Therefore, computer network security in a broad sense also includes the physical security of information equipment, such as site environmental protection, fire prevention measures, static electricity protection, waterproof and moisture proof measures, power supply protection, air conditioning equipment, computer radiation, etc.
From the definition of the two, there are many similarities between information security and network security. Both have the same basic requirements for the production, transmission, storage and use of information (data), such as availability, confidentiality, Integrity and non-repudiation, etc. But there is a difference between the two, whether it is narrow network security - information security on the network, or broad network security is a subset of information security.
Data Security
Data security has two implications:
First, the security of the data itself mainly refers to the active protection of data by modern cryptographic algorithms, such as data confidentiality, data integrity, and two-way strong identity authentication.
Second, the security of data protection is mainly to use the modern information storage means to actively protect data, such as ensuring data security through disk array, data backup, and remote disaster recovery. Data security is an active inclusion measure, the data itself. The security must be based on reliable encryption algorithms and security systems, mainly with symmetric algorithms and public key cryptosystems.
The security of data processing refers to how to effectively prevent data corruption or data loss caused by hardware failure, power failure, crash, human error, program defect, virus or hacker in data entry, processing, statistics or printing. Certain sensitive or confidential data may be read by unqualified personnel or operators, resulting in data breaches and other consequences.
The security of data storage refers to the readability of the database outside the system. Once the database is stolen, even if there is no original system program, you can also write a program to view or modify the stolen database. From this point of view, the unencrypted database is not secure, and it is easy to cause commercial leakage, so as to derive the concept of data leakage prevention, which involves the confidentiality, security and software protection of computer network communication.
Compared with the relatively broad concept of information security, data security is more accurate, and the state attaches more and more importance to data security. The recently introduced Cyber ​​Security Law has also given sufficient attention to data security. The cybersecurity law protects data security mainly in two aspects: First, it requires all organizations to effectively assume the responsibility of ensuring data security, namely confidentiality, integrity, and controllability. The second is to ensure that individuals are safe and controllable about their personal information. With the emphasis on data security from all walks of life in the country and society, the excellent software that is the leader in the data security industry is also determined to deepen its determination in the field of data security.
After clarifying the official definition of these three, let’s take a look at what the professionals know.
Chubby
The three nouns should be the history of information security evolution.
Around 2004, the network was built everywhere, and the structure was a star network. There was no security domain at all, and the personnel were mainly network engineers. After the hacker, the network engineer assumed the role of a security engineer, and naturally thought that the hacker was invaded from the network, then the security perspective of that period of time was the network.
Around 2007, hackers began to use "business" as the main intrusion and modification target. The network began to divide the security domain to ensure the security of the business on the agenda. There is a special security engineer, but only the security product deployment operation and maintenance.
After 10 years, all kinds of pants have begun, and hackers aim at "data", so security has changed from a network intrusion at the beginning to data security.
From the aspect of security products, we can see the development route of information security. In the past, only firewalls, IDS, and host antivirus were still charging. Other security products have no mature product form. Later, there were systems such as IPS, terminal protection, network anti-virus, and traffic cleaning. There are now database audits and various web protections.
The three proper nouns basically represent the headaches from the beginning, the pains of the foot, the development to the present data security-oriented, and the future with the data carrier and the invasion of the invasion may be more novel. A proper noun appears.
Elknot
The concept of information security is the biggest. Network security and data security are parallel concepts. One is the security of communication links, and the other is data lifecycle security.
Haku
Information security includes network security and data security.
Data security is focused on a "static" data security state. Network security is biased towards "dynamic" security, which is the security of information transmission.
“Data†is one of the basic elements that make up information. Data security is the “nuclear security†of information security. By ensuring the security of the data, information security can be achieved.
In many electronic communication equipment and instruments where always use some cable assemblies to connect some electronic units and circuits. Xi'an KNT Scien-tech can use their technology, euqipment, skilled operation, advanced test equipment and method (IEC 9661-4). different connnectors (SMA, SMB, N, TNC, etc. ) and different cables (FLExible cable, semi-flexible cable, Semi-rigid cable, corrugated cable etc.) to offer customer various reasonable price cable assemblies fully with the customer requirements.
SMA cable
Xi'an KNT Scien-tech Co., Ltd , https://www.honorconnector.com