FIPS 199

IT위키
인쇄용 판은 더 이상 지원되지 않으며 렌더링 오류가 있을 수 있습니다. 브라우저 북마크를 업데이트해 주시고 기본 브라우저 인쇄 기능을 대신 사용해 주십시오.
보안의 CIA 개념을 설명하는 NIST의 미국 공식 표준 문서

공식적 정의

  • 기밀성(Confidentiality)
    • Preserving authorized restrictions on information access and disclosure, including means for protecting persona privacy and proprietary information
  • 무결성(Integrity)
    • Guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity
  • 가용성(Integrity)
    • Ensuring timely and reliable access to and use of information

3단계 보안성

구분 낮음(Low) 중간(Moderate) 높음(High)
기밀성 The unauthorized disclosure of information could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. The unauthorized disclosure of information could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. The unauthorized disclosure of information could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
무결성 The unauthorized modification or destruction of information could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. The unauthorized modification or destruction of information could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. The unauthorized modification or destruction of information could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
가용성 The disruption of access to or use of information or an information system could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. The disruption of access to or use of information or an information system could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. The disruption of access to or use of information or an information system could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
원본 주소 "https://itwiki.kr/index.php?title=FIPS_199&oldid=4515"