Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2019 Apr;25(2):419-441.
doi: 10.1007/s11948-017-9992-1. Epub 2017 Nov 15.

Defining Information Security

Björn Lundgren  1 Niklas Möller  2
Affiliations

Defining Information Security

Björn Lundgren et al. Sci Eng Ethics. 2019 Apr.

Abstract

This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

Keywords: Appropriate access; CIA definition; Defining information security; Ethical aspects on information security; Human aspects on information security; Information security.

PubMed Disclaimer

References

    1. Adriaans, P. (2013). Information. In E. N. Zalta (Ed.), The Stanford encyclopedia of philosophy (Fall 2013 ed.). http://plato.stanford.edu/archives/fall2013/entries/information/.
    1. Bishop M. Introduction to computer security. Boston: Addison-Wesley; 2005.
    1. Chapman MT. Wireless security mayhem: Restraining the insanity of convenience. In: Tipton HF, Krause M, editors. Information security management handbook. 5. Boca Raton: Auerbach; 2004.
    1. Dhillon G. Violations of safegaurds by trusted personnel and understanding related information security concerns. Computers & Security. 2001;20:165–172. doi: 10.1016/S0167-4048(01)00209-7. - DOI
    1. Dhillon G. Challenges in managing information security in the new millennium. In: Dhillon G, editor. Information security management: Global challenges in the new millennium. Hershey, PA: IGI Global; 2001. pp. 1–9.

Publication types

LinkOut - more resources