You are here: Foswiki>LDAP Web>LdapSecurity (09 May 2017, AdminUser)Edit Attach

LDAP Security

Requirements

Section 2.19 of ISO/IEC 27000:2009 [ISO27000] defines information security as "preservation of confidentiality, integrity and availability of information". It also notes that other properties, such as authenticity, accountability, non-repudiation, and reliability are relevant.

Following up the definitions of those terms, we find:

Confidentiality is the property that information is not made available or disclosed to unauthorized individuals, entities, or processes.

Integrity is the property of protecting the accuracy and completeness of assets, where asset is given the very broad definition "anything that has value to the organization" - a synonym for 'data' in the context of this site.

Availability is the property of "being accessible and usable upon demand by an authorized entity".

Controls

A Control is "a means of\ managing risk, including policies, procedures, guidelines, practices or organizational structures,\xA0which\xA0can\xA0be\xA0administrative,\xA0technical,\xA0management,\xA0or\xA0legal\xA0in\xA0 nature".

Controls have been grouped into categories here. Feel free to add more or to move things around:

-- AndrewFindlay - 06 Oct 2011
Topic revision: r2 - 09 May 2017, AdminUser - This page was cached on 21 Jan 2021 - 03:27.

This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback