Information content security can be defined in many ways. The most common way is to determine the confidentiality, integrity, and availability of information.
Confidentiality defines the privacy level of the information and the importance of its content to critical operations. There may be different levels of confidentiality, which are defined by the author and the policies of the system. Information that is not classified as confidential is considered public.
Integrity classifies information according to its importance to operations. At the highest level of integrity, the information should remain intact at all times, without fragmentation or delays in updates.
Availability is the most important factor if the information must be accessible without interruption for operational reasons.
By applying cryptography to the elements above, you can introduce additional security features, such as traceability, access control, authentication, and repudiation.
Any data that is stored in the application \private\<SID>\
folder
can be considered safe, since other applications need the AllFiles
capability to read
or write to this location.
The following aspects of content security are covered in this section: