Difference between revisions of "Information security"
(New page: '''Information security''' is the intentional process of protecting the information from unauthorized viewing or use. Proper information security procedures protect the following properti...) |
m |
||
Line 1: | Line 1: | ||
'''Information security''' is the intentional process of protecting | '''Information security''' is the intentional process of protecting stored information from unauthorized viewing or use. Proper information security procedures protect the following properties of information stores or sources: | ||
* Availability: authorized users are able to access the information when they need it. | * Availability: authorized users are able to access the information when they need it. | ||
* Confidentiality: unauthorized users can not gain access to the information. | * Confidentiality: unauthorized users can not gain access to the information. |
Revision as of 15:18, 10 December 2007
Information security is the intentional process of protecting stored information from unauthorized viewing or use. Proper information security procedures protect the following properties of information stores or sources:
- Availability: authorized users are able to access the information when they need it.
- Confidentiality: unauthorized users can not gain access to the information.
- Integrity: the information is not altered or destroyed in an unauthorized manner.
Proper information security involves physical protection of information stores as well as procedures to identify users attempting to gain acces to information and verify that they are authorized before granting access.
Information security in Star Trek
Federation starships store virtually all information in a central computer system. This system relies primarily on voice-recognition to authenticate users, although users may also set personal passwords to further control access to sensitive data or computer functions.
The Federation has repeatedly demonstrated poor information security protocols. In TNG's "The Hunted", for example, Roga Danar was able to disable a security force field by disabling one of the ship's security personnel and using his communicator to order the computer to drop the force field. He was also able to access consoles in the ship's engineering section to reroute power to transporters and to determine where to plant a bomb to disable the Enterprise-D's sensor network. The ship's computer has also downloaded and executed untrusted code on multiple occasions (examples: TNG "Contagion" and TNG "Masks").
Furthermore, Federation starships are known to allow remote access to their command functions via a prefix code that can be transmitted from other starships, and remote commands can actually override orders issued from the target starships bridge. Why the Federation would include such a dangerous feature in their warships is unclear.
Information security in Star Wars
The access protocols for Republic and Imperial computers are not clear, but their primary weakness seems to be inappropriate authorization settings for low priority systems. The astromech droid R2-D2 was granted access to the Death Star's computer network without legitimate credentials, but he was denied access to some information. For instance, he could remotely deactivate the stations garbage compactors, but he could not remotely cut the power to the station's tractor beams (although he could determine where to disable them manually). Similarly, he was able to determine that Leia Organa was a prisoner on the station and where she was being held, but he could not locate an exit from her cell block other than the main entrance.