The seven principles of security are confidentiality, integrity, availability, accountability, non-repudiation, authentication, and authorization.
- Confidentiality refers to the idea that information should only be accessible to those who are authorized to access it.
- Integrity refers to the concept that information should not be modified without proper authorization.
- Availability refers to the idea that authorized users should have access to the information they need, when they need it.
- Accountability means that there is a clear chain of responsibility for actions taken with regard to information security.
- Non-repudiation means that the actions of an individual or system can be traced back to them and cannot be denied.
- Authentication is the process of verifying that a user is who they claim to be.
- Authorization refers to the process of granting or denying access to resources based on a user’s credentials and permissions.