Prerequisite – Information Security
Availability is one of the three basic functions of security management that are present in all systems. Availability is the assertion that a computer system is available or accessible by an authorized user whenever it is needed. Systems have high order of availability to ensures that the system operates as expected when needed. Availability provides building of fault tolerance system in the products. It also ensures the backup processing by including hot and cold sites in the disaster recovery planning.
There are mainly two threats to availability of the system which are as follows:
1. Denial of Service 2. Loss of Data Processing Capabilities
The above two facets of availability are explained as following below:
1. Denial of Service:
Denial of Service specifies to actions that lock up computing services in a way that the authorized users is unable to use the system whenever needed. Availability is also blocked in case, if a security office unintentionally locks up an access control of database during the routine maintenance of the system thus for a period of time authorized users are block to access. In the computer systems, internet worm overloaded about 10% of the system on the network, causing them to be non responsive to the need of users is an example of denial of service.
2. Loss of Data Processing Capabilities:
The loss of data processing capabilities are generally caused by the natural disasters or human actions is perhaps more common. Contingency planning is the measure to counter such type of losses, which helps in minimizing the time for that a data processing capability remains unavailable. Contingency planning provides an alternative means of processing which involves business resumption planning, alternative site processing or simply disaster recovery planning thereby ensures data availability.
Security aspects of Availability:
Generally, three basic issues are aspects of security initiatives that are used to address availability, they are:
- Physical issues:
The physical issues includes access controls that prevent unauthorized persons from coming into contact with computing resources, various fire and water control mechanisms, hot and cold sites for use in alternative site processing, and backup storage facilities.
- Technical issues:
Technical issues includes the fault-tolerance mechanisms, electronic vaulting (automatically backup to a secure location) and access control software to restrict unauthorized users from disrupting services. Fault tolerance mechanisms involves hardware redundancy, disk mirroring and application checkpoint restart.
- Administrative issues:
The issues comes in the administrative aspect of availability are access control policies, operating procedures, contingency planning and user training. Proper training of operators, programmers and security personnel can help avoid many computing stages that leads to the loss of availability.
- Difference between Cyber Security and Information Security
- Principal of Information System Security : Security System Development Life Cycle
- Need Of Information Security
- What is Information Security?
- Information System and Security
- Information Security | Integrity
- Information Security | Confidentiality
- Threats to Information Security
- Risk Management for Information Security | Set-2
- Information Security and Computer Forensics
- Risk Management for Information Security | Set-1
- Digital Forensics in Information Security
- Information Security and Cyber Laws
- Principle of Information System Security
- Message Digest in Information security
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.