NSTISSC SECURITY MODEL
‘National
Security Telecommunications & Information systems security committee’
document.
It is now
called the National Training Standard
for Information security professionals.
The
NSTISSC Security Model provides a more detailed perspective on security.
While the
NSTISSC model covers the three dimensions of information security, it omits
discussion of detailed guidelines and policies that direct the implementation
of controls.
Another
weakness of using this model with too limited an approach is to view it from a
single perspective.
ü The 3
dimensions of each axis become a 3x3x3 cube with 27 cells representing areas
that must be addressed to secure today’s Information systems.
ü To ensure
system security, each of the 27 cells must be properly addressed during the
security process.
ü For
example, the intersection between technology, Integrity & storage areas
requires a control or safeguard that addresses the need to use technology to
protect the Integrity of information while in storage.
Understanding the technical aspects of information security requires that you know the definitions of certain information technology terms and concepts. In general, security is defined as “the quality or state of being secure—to be free from danger.”
Security is often achieved by means of several strategies
usually undertaken simultaneously or used in combination with one another.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.