Information Assurance in Networked Enterprises: Definition, Requirements, and Experimental Results.

摘要

With the dramatic growth of information exchanges within and between organizations, major concerns emerge about the assurance of information. Without clear knowledge of the true needs for information assurance, a company may employ local, specialized solutions that are too restrictive, or not comprehensive. On the other hand, cost-effective, variable integrity and variable security may be economically justifiable and adequate for certain situations and decisions. Therefore, a new definition of information assurance has been developed following the TQM approach. It describes assurance as a combination of information security, integrity, and significance. The requirements of information assurance are presented and have been justified on the basis of concrete results obtained from the lab experiments that were conducted. The experiments and results have been briefly discussed in this paper.