SECURITY TESTING
Confidentiality
§ A security measure which protects against the disclosure of information to parties other than the intended recipient that is by no means the only way of ensuring the security
§ A measure intended to allow the receiver to determine that the information which it receives has not been altered in transit or by other than the originator of the information.
§ Integrity schemes often use some of the same underlying technologies as confidentiality schemes, but they usually involve adding additional information to a communication to form the basis of an algorithmic check rather than the encoding all of the communication.
secure programming practise
§ A measure designed to establish the validity of a transmission, message, or originator.
§ Allows a receiver to have confidence that information it receives originated from a specific known source.
§ The process of determining that a requester is allowed to receive a service or perform an operation.
§ Access control is an example of authorization.
§ Assuring information and communications services will be ready for use when expected.
§ Information must be kept available to authorized persons when they need it.
Also authority to operate
§ A measure intended to prevent the later denial that an action happened, or a communication that took place etc.
§ In communication terms this often involves the interchange of authentication information combined with some form of provable time stamp.