World Library  
Flag as Inappropriate
Email this Article
 

Security

X-ray machines and metal detectors are used to control what is allowed to pass through an airport security perimeter.
Security spikes protect a gated community in the East End of London.
Security checkpoint at the entrance to the Delta Air Lines corporate headquarters in Atlanta

Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization.

As noted by the Institute for Security and Open Methodologies (ISECOM) in the OSSTMM 3, security provides "a form of protection where a separation is created between the assets and the threat." These separations are generically called "controls," and sometimes include changes to the asset or the threat.[1]

Contents

  • Perceived security compared to real security 1
  • Categorizing security 2
  • Security concepts 3
  • Security at home 4
  • Security management in organizations 5
  • See also 6
  • References 7
  • External links 8

Perceived security compared to real security

Perception of security may be poorly mapped to measureable objective security. For example, the fear of earthquakes has been reported to be more common than the fear of slipping on the bathroom floor although the latter kills many more people than the former.[2] Similarly, the perceived effectiveness of security measures is sometimes different from the actual security provided by those measures. The presence of security protections may even be taken for security itself. For example, two computer security programs could be interfering with each other and even cancelling each other's effect, while the owner believes s/he is getting double the protection.

Security theater is a critical term for deployment of measures primarily aimed at raising subjective security without a genuine or commensurate concern for the effects of that measure on objective security. For example, some consider the screening of airline passengers based on static databases to have been Security Theater and Computer Assisted Passenger Prescreening System to have created a decrease in objective security.

Perception of security can increase objective security when it affects or deters malicious behavior, as with visual signs of security protections, such as video surveillance, alarm systems in a home, or an anti-theft system in a car such as a vehicle tracking system or warning sign. Since some intruders will decide not to attempt to break into such areas or vehicles, there can actually be less damage to windows in addition to protection of valuable objects inside. Without such advertisement, an intruder might, for example, approach a car, break the window, and then flee in response to an alarm being triggered. Either way, perhaps the car itself and the objects inside aren't stolen, but with perceived security even the windows of the car have a lower chance of being damaged.

Categorizing security

There is an immense literature on the analysis and categorization of security. Part of the reason for this is that, in most security systems, the "weakest link in the chain" is the most important. The situation is asymmetric since the 'defender' must cover all points of attack while the attacker need only identify a single weak point upon which to concentrate.

  • Aviation security is a combination of material and human resources and measures intended to counter unlawful interference with aviation.
  • [3]

Security concepts

Certain concepts recur throughout different fields of security:

  • Assurance - assurance is the level of guarantee that a security system will behave as expected
  • Countermeasure - a countermeasure is a way to stop a threat from triggering a risk event
  • Defense in depth - never rely on one single security measure alone
  • Risk - a risk is a possible event which could cause a loss
  • Threat - a threat is a method of triggering a risk event that is dangerous
  • Vulnerability - a weakness in a target that can potentially be exploited by a security threat
  • Exploit - a vulnerability that has been triggered by a threat - a risk of 1.0 (100%)

Security at home

Security at home is something applicable to all of us and involves the hardware in place on a property, and personal security practices. The hardware would be the doors, locks, alarm systems, lighting that is installed on your property. Personal security practices would be ensuring doors are locked, alarms activated, windows closed and many other routine tasks which act to prevent a burglary.

Security management in organizations

In the corporate world, various aspects of security are historically addressed separately - notably by distinct and often noncommunicating departments for IT security, physical security, and fraud prevention. Today there is a greater recognition of the interconnected nature of security requirements,[4] an approach variously known as holistic security, "all hazards" management, and other terms.

Inciting factors in the convergence of security disciplines include the development of digital video surveillance technologies (see Professional video over IP) and the digitization and networking of physical control systems (see SCADA).[5][6] Greater interdisciplinary cooperation is further evidenced by the February 2005 creation of the Alliance for Enterprise Security Risk Management, a joint venture including leading associations in security (ASIS), information security (ISSA, the Information Systems Security Association), and IT audit (ISACA, the Information Systems Audit and Control Association).

In 2007 the International Organisation for Standardization (ISO) released ISO 28000 - Security Management Systems for the supply chain. Although the title supply chain is included, this Standard specifies the requirements for a security management system, including those aspects critical to security assurance for any organisation or enterprise wishing to manage the security of the organisation and its activities. ISO 28000 is the foremost risk based security system and is suitable for managing both public and private regulatory security, customs and industry based security schemes and requirements.

See also

References

  1. ^ "ISECOM - Open Source Security Testing Methodology Manual (OSSTMM)". Retrieved 20 September 2014. 
  2. ^ Bruce Schneier, Beyond Fear: Thinking about Security in an Uncertain World, Copernicus Books, pages 26-27
  3. ^ OSPA. "The Operations Security Professional's Association- OPSEC Training, tools and Awareness". Opsecprofessionals.org. Retrieved 2012-09-30. 
  4. ^ "Security in a Changing Landscape". Dell.com. Retrieved 2012-03-27. 
  5. ^ Taming the Two-Headed Beast, CSOonline, September 2002
  6. ^ Security 2.0, CSOonline, April 2005

External links

  • Internet Identity Card Systems
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 



Copyright © World Library Foundation. All rights reserved. eBooks from World Library are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.