| 翻訳と辞書 |
| Defense in Depth (computing) : ウィキペディア英語版 |
Defense in depth (computing)
Defense in Depth (also known as Castle Approach) is an information assurance (IA) concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of ''personnel'', ''procedural'', ''technical'' and ''physical'' for the duration of the system's life cycle.
==Background==
The idea behind the defense in depth approach is to defend a system against any particular attack using several independent methods.〔(Schneier on Security: Security in the Cloud )〕 It is a layering tactic, conceived by the National Security Agency (NSA) as a comprehensive approach to information and electronic security.〔(Defense in Depth: A practical strategy for achieving Information Assurance in today’s highly networked environments. )〕〔(OWASP Wiki: Defense in depth ) 〕
Defense in depth is originally a military strategy that seeks to delay rather than prevent the advance of an attacker by yielding space to buy time. The placement of protection mechanisms, procedures and policies is intended to increase the dependability of an IT system, where multiple layers of defense prevent espionage and direct attacks against critical systems. In terms of computer network defense, defense in depth measures should not only prevent security breaches but also buy an organization time to detect and respond to an attack and so reduce and mitigate the consequences of a breach.
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』
■ウィキペディアで「Defense in depth (computing)」の詳細全文を読む
スポンサード リンク
| 翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|