1. Confidential
Confidentiality means that network information is not leaked to unauthorized users, entities or programs, which can prevent unauthorized people from obtaining information. For example, the password sensitive information transmitted on the network information system may endanger the overall security of the network system if it is obtained by the attacker through monitoring. For example, if the password information of the network management account is leaked, the network equipment will be out of control. Confidentiality is usually called one of the three characteristics of CIA in network information system, which stands for confidentiality. Security is the key requirement of military information system, e-government information system and commercial information system. Once the information is leaked, the impact is difficult to calculate.
Step 2 be complete
Integrity refers to the characteristic that network information or system cannot be changed without authorization. For example, e-mail cannot be deleted, modified, forged or inserted. During storage or transmission. Integrity is also called one of the three characteristics of network information system, which represents integrity. Honesty is very important for thousands of financial information systems and industrial control systems, which can be described as "a thousand miles away, but a tiny difference".
3. Effectiveness
Availability refers to the characteristics that legally authorized users can obtain network information or services in time. For example, a website can provide users with normal web access services and prevent denial of service attacks. Usability is one of the three characteristics of network information system CIA, which represents usability. Availability is very important for the key information infrastructures of thousands of countries, such as power information systems and telecommunications information systems, which require business continuity and avoid service interruption as much as possible.
Step 4 refuse to resist
Non-repudiation refers to the characteristic of preventing relevant users of network information system from denying their activities. For example, through network audit and digital signature, visitors' activities in the network system can be recorded and tracked. Non-repudiation is also called non-repudiation. The purpose of non-repudiation is to prevent participants from denying their actions. This security feature is usually used in electronic contracts, digital signatures, electronic forensics and other applications.
5. controllability
Controllability refers to the property that the responsible subject of the network information system has the ability to manage and control it, and can effectively master and control the system according to the authorization rules, so that managers can effectively control the behavior of the system and the use of information, which is in line with the system and unified operation objectives.
6. Others
In addition to the common security features of network information systems, there are authenticity, timeliness, compliance, fairness, reliability, survivability and privacy. These security features are applicable to different types of network information systems, and their requirements are different.
Authenticity refers to the consistency of cyberspace information with the objective facts of actual physical space and social space. For example, online rumor information does not conform to the real situation and violates objective facts.
Timeliness means that the information, services and systems in cyberspace can meet the time limit. For example, the intelligent control system for safe driving requires real-time information, which is valid within a specified time range.
Compliance means that network information, services and systems meet the requirements of laws, regulations, policies, standards and norms. For example, online content meets the requirements of laws, regulations and policies.
Step 7 be fair
Fairness refers to the characteristic requirement that all relevant subjects in the network information system handle related tasks in the same position, and no one is dominant. For example, both parties to an electronic contract meet the requirements of fairness and sign a contract at the same time.
8. Reliability
Reliability refers to the characteristics that the network information system can effectively complete the predetermined system functions under the specified conditions and time.
9. Survivability
Survivability refers to the security feature that the network information system can provide minimum and necessary service functions and support the continuous operation of the business under the condition of security damage.
10.privacy
Privacy refers to the security attribute that sensitive information about individuals is not made public, such as personal ID number, address, telephone number, salary income, illness status, social relations, etc.