The remainder of the information attributes are those that are directly or substantially influenced by the transport mechanism. In Exhibit 1, they are shown in the right-hand column.
Authorization
Authorization applies to the legitimacy of the user or viewer of the information,
“…the granting or denying of access rights to a user, program, or process”
[Stoneburner, 2001]. The concern here is that information should be available only to those who possess the proper permissions to access it. This attribute is related to authenticity discussed earlier. Whereas authenticity applies to the sender, authorization applies to the receiver.
Confidentiality
Confidentiality is the ability to ensure that only authorized individuals are able to read specific information. This attribute is critical to preventing disclosure of information to outsiders who may choose to attack or exploit information assets. Confidentiality is primarily concerned with the ability to read or view information. Concepts for ensuring confidentiality through encryption are mature; concepts for ensuring confidentiality through trusted computing tech- nology are available and mature at lower levels of assurance. The concept of confidentiality is akin to authorization.
Confidentiality (of data and key system information) is the security goal generating the requirement for protection from intentional or accidental attempts to perform unauthorized reads, and applies to data in storage, during processing, and while in transit [Stoneburner, 2001]. Data in transit over the network or in storage (such as files on a personal computer or credit card numbers on a Web server or back-end database) should not be disclosed to unauthorized persons [Entrust, 2000].
Integrity
The ability to ensure that the information is protected from unauthorized modification is generally considered to be the integrity of the information.
This attribute is important to supporting evidence of correctness and authen- ticity, and is primarily concerned with the ability to write information. Concepts for ensuring information integrity are mature in the area of trusted technology.
16 Building A Global Information Assurance Program
Integrity (of the system and the data residing on that system) is the security goal that generates the requirement for protection against either intentional or accidental attempts to violate either [Stoneburner, 2001]:
䡲 Data integrity: The property that data has not been altered in an unau- thorized manner while in storage, during processing, or while in transit.
䡲 System integrity: The quality that a system has when it performs its intended function in an unimpaired manner, free from unauthorized manipulation.
Data (such as e-mail messages and signed forms) should not be changed, altered, tampered with, or compromised by unauthorized manipulation [Entrust, 2000].
All of these information attributes culminate in a certain level of confidence that we can place in the information; an assurance that our information is timely, accurate, authentic, and thus reliable.
Confidence
Confidence, then, is based on some measure of the “goodness” of the other information attributes. It is a level of trust that all of the other attributes have been satisfied to a level that is appropriate under the circumstances. Confidence is more emotion than fact; thus, given the same information with the same attributes, no two individuals are likely to react in exactly the same way.
Confidence in electronic interactions can be significantly increased by solutions that address the basic requirements of integrity, confidentiality, authentication, authorization, and access management or access control [Entrust, 2000].
Assurance
Information assurance is the term applied to the entire collection of attributes that we have been discussing and the measure of effectiveness of each.
Assurance is grounds for confidence that the other security goals (integrity, availability, confidentiality, accountability, etc.) have been “adequately met”
by a specific implementation [Stoneburner, 2001]:
䡲 Functionality performs correctly
䡲 Sufficient protection against unintentional errors (by users or software) 䡲 Sufficient resistance to malicious penetration or bypass
Reach and Richness
The concept of information reach and richness originated with Philip B. Evans and Thomas S. Wurster in 1997 [Evans, 1997]. They described reach as “…the number of people, at home or at work, exchanging information.” Reach is a measure of distribution (how far and how many) or the degree to which information is shared.
Richness, on the other hand, was defined by three aspects of the information itself: (1) bandwidth (the amount of information), (2) the degree to which the information is customized, and (3) interactivity (the extent of two-way com- munication).
In June, 2000, at the Command and Control Research and Technology Symposium (CCRTS), Dr. David Alberts presented a modified version of reach and richness as they might apply to today’s information environment. While the concept of reach was unchanged, Dr. Alberts modified the definition of richness as follows:
Information richness is an aggregate measure of the quality of battlespace information, and the quality of the interactions among entities [Alberts, 2000].
As shown in Exhibit 2, he specifically enumerates four of the “ilities” that we discussed previously, namely, content, accuracy, timeliness, and relevance, but it seems clear that all information attributes contribute to richness.
While Evans and Wurster did discuss the impact of networks on reach and richness, they did not include them in the original version of Exhibit 2. As we can see, however, Dr. Alberts has enhanced the original, summarizing the contribution of networks. According to Dr. Alberts [2000], networks create value by:
䡲 Bringing together information from multiple sources to be fused and thus enhance richness
䡲 Providing access to and facilitating the sharing of information which enhances reach and creates shared awareness
䡲 Enabling collaboration which transforms shared awareness into actions that can achieve a competitive advantage
Exhibit 2 Reach and Richness [Alberts, 2000]
18 Building A Global Information Assurance Program
In summary, Exhibit 1 lists the information attributes and groupings we have been discussing: so-called pure information attributes are shown on the left, attributes that can be influenced by the system are shown in the middle (partial or indirect influence) and on the right (direct or substantial influence).
These are the attributes most often identified in the literature. We also note that the attributes specifically mentioned as components of richness are also included. These attributes pop up in various combinations from author to author. All of the attributes support one another and many are interdependent.
Exhibit 3 shows some of these interdependencies as described by the National
Exhibit 3 Information Attribute Interdependencies [ISSEP, 2000]
Confidentiality
Integrity
Assurance
If integrity is lost, confidentiality cannot be expected
Security quality is the goal - "assurance" is both techniques to achieve it and metrics to measure it
Depends on
Integrity
Confidentiality
Assurance If confidentiality is lost,
integrity is threatened
Security quality is the goal - "assurance" is both techniques to achieve it and metrics to measure it
Depends on
Availability
Confidentiality Integrity
Assurance
If confidentiality or integrity is lost, availability is threatened
Security quality is the goal - "assurance" is both techniques to achieve it and metrics to measure it Depends
on
Accountability
Confidentiality Integrity
Assurance
If confidentiality or integrity is lost, accountability is threatened
Security quality is the goal - "assurance" is both techniques to achieve it and metrics to measure it Depends
on
information that we have; that “warm fuzzy” feeling that we can use the information with some level of assurance that all, or at least most, of the attributes discussed here have been adequately satisfied. i.e., the information is timely, accurate, relevant, authentic, etc.