Security properties for information assets Sample Clauses

Security properties for information assets. Security properties for information assets are typically derived from the information security domain. A well-known and renowned set of standards for Information Security Management is the ISO/IEC 27000 series. The first standard of this series, ISO/IEC 27000:2014 [4], provides the set of definitions and terms. Information security is defined as: Information security – preservation of confidentiality, integrity and availability of information. Note: In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved. Here confidentiality, integrity and availability are defined as follows: Confidentiality – property that information is not made available or disclosed to unauthorized individuals, entities, or processes. Integrity – property of accuracy and completeness. Availability – property of being accessible and usable upon demand by an authorized entity. The property availability is applicable to information as well as to a (information processing) function, process or system. In the context of Smart Grids, availability is often regarded as the most important property [5]. Ensuring availability of the power supply is indeed very important. The availability of information or of an information processing function is not necessarily more important than the integrity of the information to ensure the availability of power supply. Confidentiality can easily be applied within the context of Smart Grids, although the property is often regarded as less important for this domain (see for instance section 6 of [5]). Note that confidentiality of security function data (such as symmetric encryption keys) is important. Integrity is the more difficult, and much debated, property of the three. The definition for integrity from ISO/IEC 27000 is not easy to apply. A more traditional definition for data integrity that was first defined in ISO 7498-2:1989 [6] is: Data integrity – property that data has not been altered or destroyed in an unauthorized manner. A common debate on data integrity is whether it also means that the data is correct. Therefore, correctness integrity is sometimes included as an additional property. Moreover, the authenticity of the origin of information is also not included in the definition above. Data origin integrity or authenticity is commonly addressed as a separate property. Authenticity is defined in ISO/IEC 27000 as follows: Authenticity – property that an entity is what it is claiming ...
Sample 1
AutoNDA by SimpleDocs

Related to Security properties for information assets

  • Accessibility of Web-Based Information and Applications For State Agency Authorized User Acquisitions: Any web-based information and applications development, or programming delivered pursuant to the contract or procurement, will comply with New York State Enterprise IT Policy NYS-P08-005, Accessibility of Web-Based Information and Applications as follows: Any web-based information and applications development, or programming delivered pursuant to the contract or procurement, will comply with New York State Enterprise IT Policy NYS-P08- 005, Accessibility of Web-Based Information and Applications as such policy may be amended, modified or superseded, which requires that state agency web-based information and applications are accessible to persons with disabilities. Web-based information and applications must conform to New York State Enterprise IT Policy NYS-P08-005 as determined by quality assurance testing. Such quality assurance testing will be conducted by the State Agency Authorized User and the results of such testing must be satisfactory to the Authorized User before web-based information and applications will be considered a qualified deliverable under the contract or procurement.

  • Contractor Information The Contractor will provide up to date information for each of the following in the form and manner specified by OGS:

  • Why We Collect Information and For How Long We are collecting your data for several reasons: · To better understand your needs and provide you with the services you have requested; · To fulfill our legitimate interest in improving our services and products; · To send you promotional emails containing information we think you may like when we have your consent to do so; · To contact you to fill out surveys or participate in other types of market research, when we have your consent to do so; · To customize our website according to your online behavior and personal preferences. The data we collect from you will be stored for no longer than necessary. The length of time we retain said information will be determined based upon the following criteria: the length of time your personal information remains relevant; the length of time it is reasonable to keep records to demonstrate that we have fulfilled our duties and obligations; any limitation periods within which claims might be made; any retention periods prescribed by law or recommended by regulators, professional bodies or associations; the type of contract we have with you, the existence of your consent, and our legitimate interest in keeping such information as stated in this Policy.

  • SECURITY OF PERSONAL INFORMATION 19.1 For this clause “personal information” has the meaning given to it in the Privacy Act 1988 (Cth).

  • Vendor Information Vendor understands that as part of Hinsdale Central School District’s obligations under New York Education Law Section 2-d, Vendor is responsible for providing Hinsdale Central School District with Vendor information (see Vendor Information for Data Privacy and Security) to include:

  • Requests for Information (RFI) In the event the Contract Documents are not complete, definite, and clear, the Contractor shall request the Design Professional in writing for additional instructions and shall furnish the Owner a copy of the RFI. With reasonable promptness but not more than five days thereafter, the Design Professional shall furnish complete, definite, and clear instructions in writing, or by means of drawings, or both. In the event such additional instructions are given orally for expediency, they shall be confirmed in writing or by drawings or both within five days following the oral instructions. Any such additional instructions shall be consistent with the Contract Documents and reasonably inferable therefrom. The Work shall be executed in conformity with the aforesaid instructions. The Design Professional shall furnish the Owner a copy of all additional instructions issued to the Contractor. If, because of events beyond its reasonable control, the Design Professional is not able to meet the specified time period, then it is entitled to ask for additional time from the Owner.

  • CONFIDENTIAL NATURE OF DOCUMENTS AND INFORMATION Information and data that is considered proprietary by either Party or that is delivered or disclosed by one Party (“Discloser”) to the other Party (“Recipient”) during the course of performance of the Contract, and that is designated as confidential (“Information”), shall be held in confidence by that Party and shall be handled as follows:

  • RECORDS, INFORMATION AND REPORTS Contractor shall maintain full and accurate records with respect to all matters covered under this Agreement. To the extent permitted by law, County shall have free access at all proper times or until the expiration of four (4) years after the furnishing of services to such records, and the right to examine and audit the same and to make transcripts therefrom, and to inspect all data, documents, proceedings, and activities pertaining to this Agreement. To the extent permitted by law, Contractor shall furnish County such periodic reports as County may request pertaining to the work or services undertaken pursuant to this Agreement. The costs and obligations incurred or to be incurred in connection therewith shall be borne by the Contractor.

  • Security Violations and Accounts Updates Grantee will adhere to the Confidentiality Article requirements and HHS Data Usage Agreement of this contract and immediately contact System Agency if a security violation is detected, or if Grantee has any reason to suspect that the security or integrity of the CMBHS data has been or may be compromised in any way.

  • Requests for Information The Grantee shall fully and promptly comply with all reporting requirements and requests for information issued by the Department or its authorized designee. The Grantee shall provide such information in the format requested by the Department. The Grantee shall ensure that its staff, interns, volunteers, and subcontractors comply in a timely and complete manner with all the Department’s requests for information. The Grantee shall comply in a timely manner with requests by the Department or its authorized designee for financial information, records, and documents related to evaluating costs of programs and ser vices provided by the Grantee’s probation department. The Grantee shall timely submit any files or records of the Grantee’s juvenile probation department, or any facility or program operated by or under the authority of the Grantee, requested by the Department or its authorized designee as a part of the monitoring, auditing, or investigatory process.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!