4009 dated 26 April 2010 by Committee on National Security Systems of United States of America:[5] Another authoritative definition is in W3C Web service Glossary [6] adopted by NIST SP 800-95:[7] Information security and Computer security are disciplines that are dealing with the requirements of Confidentiality, Integrity, Availability, the so-called CIA Triad, of information asset of an organization (company or agency) or the information managed by computers respectively.
There are threats that can attack the resources (information or devices to manage it) exploiting one or more vulnerabilities.
The added headers or footers are part of the process used to make it possible to get data from a source to a destination.
[10] The following are considered to be the security services which can be provided optionally within the framework of the OSI Reference Model.
The authentication services require authentication information comprising locally stored information and data that is transferred (credentials) to facilitate the authentication:[1][4] The security services may be provided by means of security mechanism:[1][3][4] The table1/X.800 shows the relationships between services and mechanisms Some of them can be applied to connection oriented protocols, other to connectionless protocols or both.