Security policy
This article needs additional citations for verification. (December 2009) |
Security policy is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys and walls. For systems, the security policy addresses constraints on functions and flow among them, constraints on access by external systems and adversaries including programs and access to data by people.
Significance
If it is important to be secure, then it is important to be sure all of the security policy is enforced by mechanisms that are strong. There are organized methodologies and risk assessment strategies to assure completeness of security policies and assure that they are completely enforced. In complex systems, such as
See also
- Access control
- Computer security policy
- Environmental design
- Information Protection Policy
- Information security policy
- National security policy, Military strategy
- Photo identification
- Physical Security
- Policy
- Remote Access Policy
- Security
- Security engineering
- User Account Policy
References
- OCLC 1087042065.