Confidentiality

From CIPedia
Jump to: navigation, search


Definitions

International definitions

IAEA

Confidentiality is the property that information is not made available or disclosed to unauthorized individuals, entities, or processes. [1]


ITU-T

Confidentiality is the property that information is not made available or disclosed to unauthorized individuals, entities, or processes. [2]

Confidentialité: Propriété d'une information qui n'est ni disponible, ni divulguée aux personnes, entités ou processus non autorisés. [3]

Confidencialidad: Propiedad que garantiza que la información no se pone a disposición ni se divulga a personas, entidades o procesos no utorizados. [4]

机密性: 防止信息提供或泄露给未经授权的个人、实体或过程的特性. [5]


National Definitions

Argentina

Confidencialidad: se garantiza que la información sea accesible sólo a aquellas personas autorizadas a tener acceso a la misma. [6]


Australia

Confidentiality: The limiting of official information to authorised users for approved purposes the confidentiality requirement is determined by reference to the likely consequences of unauthorised disclosure of official information. [7]


Bolivia

Confidencialidad: Se refiere a la protección de la información del acceso por grupos, entidades o procesos no autorizados. [8]


Brazil

Confidencialidade: propriedade de que a informação não esteja disponível ou revelada a pessoa física, sistema, órgão ou entidade não autorizado e credenciado. [9]
Confidentiality is the property that information is not available or disclosed to an unauthorized and non-accredited individual, system, agency or entity.

Burkina-Faso

Confidentialité: Propriété cruciale associée aux données sensibles (mot de passe, …) et à certaines applications (EDI, messageries électroniques, …). [10]
Elle est généralement assurée par les techniques de cryptage.

Cameroon (Cameroun)

Confidentialité: maintien du secret des informations et des transactions afin de prévenir la divulgation non autorisée d’informations aux non destinataires permettant la lecture, l’écoute, la copie illicite d’origine intentionnelle ou accidentelle durant leur stockage, traitement ou transfert. [11]

Canada

Confidentiality: The ability to protect sensitive information from being accessed by unauthorized people. [12]

Confidentialité: Caractéristique de l'information sensible protégée contre tout accès non autorisé. [13]



Colombia

Confidencialidad: Propiedad de la información que determina que esté disponible a personas autorizadas. [14]

Confidencialidad: Propiedad de la información, por la que se garantiza que está accesible únicamente a personal autorizado a acceder a dicha información. [15]


Czech Republic

Vlastnost, že informace není dostupná nebo není odhalena neautorizovaným jednotlivcům, entitám nebo procesům. [16]

Characteristic that information is not available or is not disclosed to unauthorized individuals, entities or processes. [17]


Ecuador

Confidencialidad: Se garantiza que la información sea accesible sólo a aquellas personas autorizadas a tener acceso a la misma. [18]


France

Confidentialité: Propriété d’une information qui n’est ni disponible, ni divulguée aux personnes, entités ou processus non autorisés. [19]


Confidentialité: Caractère reserve d’une information ou d’untraitement don't l’accès est limité aux seules personnes admises à la (le) connaître pour les besoins du service, ou aux entités ou processus autorisés. [20]

Confidentiality: Private aspect of data or of a process, to which access is restricted solely to certain individuals in view of requirements of the service, or to authorised entities or processes. [21]


Guatemala

Confidencialidad: Propiedad que la información no está disponible o divulgada a personas o entidades no autorizadas. Fuente: ISO/IEC 27000:20016 [22]


Hong Kong

機密性 : 確保數據受到保護及只向獲授權一方披露的情況。

Confidentiality: Confidentiality is the need to ensure that information is disclosed only to those who are authorised to view it. [23]


Iceland

Leynd: Vernd upplýsinga gegn óviðkomandi aðgangi, bæði á meðan þær eru sendar milli staða og þar sem þær eru vistaðar. [24]
.

India

The condition in which sensitive data is kept secret and disclosed only to authorized parties. [25]

Islamic Republic of Afghanistan

Confidentiality: Authorized persons or systems only can access information systems and data, and the confidential information pertaining to information systems or confidential information in the system will not be disclosed by unauthorized persons or systems. [26]

Japan

データの守秘性: (例えば、権限のない任意のシステム主体に対して)情報が利用されない、または権限のない個人、主体、またはプロセスに開示されない特性.

The property that information is not made available or disclosed to unauthorized individuals, entities, or processes. [27]

Kingdom of Saudi Arabia

Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. (NISTIR 7298r2 Glossary of Key Information Security Terms) [28]

Confidentiality: Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. [29]
(NISTIR 7298r2 Glossary of Key Information Security Terms)

Luxembourg

Confidentialité: propriété d’une information qui n’est ni disponible, ni divulguée aux personnes, entités ou processus non autorisés. [30]

Netherlands

Met vertrouwelijkheid wordt gedoeld op het waarborgen dat informatie alleen toegankelijk is voor degenen, die hiertoe zijn geautoriseerd. [31] [32]

Vertrouwelijkheid is de mate waarin toegang tot informatie beperkt is tot degenen die daartoe bevoegd zijn. [33]

Mexico

Confidencialidad: Las dependencias y entidades deben garantizar, en términos de las disposiciones jurídicas aplicables, la no divulgación de datos o información a terceros o a sistemas no autorizados. [34]


Morocco

Confidentialité: Objectif de sécurité permettant de s’assurer que les informations transmises ou stockés ne sont accessibles qu’aux personnes autorisées à en prendre connaissance. [35]

Norway

Assurance that specific information is not disclosed to unauthorised persons, and that only authorised persons have access. [36]
Konfidensialitet: Sikkerhet for at nærmere angitt informasjon ikke avsløres for uvedkommende, og at kun autoriserte personer får tilgang til denne. [37]

Oman

Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it. [38]


Peru

Confiabilidad: Se define como el grado en que un equipo o sistema físico realiza la función que se espera de él, bajo condiciones y rangos de operación definidos. [39]


Philippines

Confidentiality: Protect information/data from breaches, unauthorised disclosures, loss of or unauthorised viewing. [40]



Senegal

Confidentialité: le fait de s'assurer que l'information n'est accessible qu'à ceux dont l'accès est autorisé. [41]


Serbia

тајност је својство које значи да податак није доступан неовлашћеним лицима. [42]


Spain

Confidencialidad Propiedad o característica consistente en que la información ni se pone a disposición, ni se revela a individuos, entidades o procesos no autorizados. (Igual definición en Ley 18/2011). [43]


Sri Lanka

Confidentiality: In network security, the protection of any type of message from being intercepted or read by anyone other then its intended recipient. [44]



Tanzania

Data confidentiality - means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. [45]


Turkey

Gizlilik: Bilginin yetkisiz kişiler, varlıklar ya da süreçlere kullanılabilir yapılmama ya da açıklanmama özelliğini. [46]

Confidentiality: The characteristic of preventing the use or disclosure of information to unauthorized persons, entities or processes. [47]

Information systems and data can be accessed by authorized persons or systems only, and the confidential information pertaining to information systems or confidential information in the system will not be disclosed by unauthorized persons or systems. [48]

Gizlilik: Bilişim sistem ve verilerine sadece yetkili kişi veya sistemlerce erişilebilmesini; bilişim sistemlerine ait veya sistemdeki gizli verinin yetkisiz kişi veya sistemlerce ifşa edilmemesini. [49]

United States

DHS
Confidentiality is a property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information. [50]

FISMA
Confidentiality means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information. [51]

NIST
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. [52]

The property that sensitive information is not disclosed to unauthorized individuals, entities, or processes. [53]

A requirement that private or confidential information not be disclosed to unauthorized individuals. (from: NIST SP 800-12) [53]

The security goal that generates the requirement for protection from intentional or accidental attempts to perform unauthorized data reads. (from: NIST SP 800-27 rev A.) [53]

The term 'confidentiality' means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information. (from: NIST SP 800-59) [53]

The security objective that generates the requirement for protection from intentional or accidental attempts to perform unauthorized data reads. Confidentiality covers data in storage, during processing, and while in transit. (from: NIST SP 800-33) [53]


Standard Definition

IETF

(Data) The property that data is not disclosed to system entities unless they have been authorized to know the data. [54]


ISA-62443-*

Confidentiality is preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. [55]


ISO/IEC 27000:2014

Property that information is not made available or disclosed to unauthorized individuals, entities, or processes. [56]


See also

Notes

  1. IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
  2. ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T X-800.
  3. Sécurité dans les télécommunications et les technologies de l’information: Aperçu des problèmes et présentation des Recommandations UIT-T existantes sur la sécurité dans les télécommunications, ITU-T, Geneva (2012) - ITU-T X.800.
  4. Seguridad de las telecomunicaciones y las tecnologías de la información: Exposición general de asuntos relacionados con la seguridad de las telecomunicaciones y la aplicación de las Recomendaciones vigentes del UIT-T, ITU-T, Geneva (2012) - ITU-T X.800.
  5. 关于电信安全的若干议题综述 及相关ITU-T建议书应用简介, ITU-T, Geneva (2012) - ITU-T H.235.
  6. Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
  7. Protective Security Policy Framework - Glossary Oct 2017
  8. Glosario. AGETIC: Agencia de Gobierno Electrónico y Tecnologías de la Información y Comunicación del Estado Plurinacional de Bolivia (CTIC-EPB)
  9. GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ Instrução Normativa Nº 1, de 13 de junho de 2008. Gabinete de Segurança Institucional da Presidência da República.
  10. CIRT-BF Glossary
  11. LOI N°2010/012 DU 21 DECEMBRE 2010 RELATIVE A LA CYBERSECURITE ET LA CYBERCRIMINALITE AU CAMEROUN
  12. Glossary - Canadian Centre for Cyber Security
  13. Glossaire - Centre Canadien pour la Cybersécurité
  14. Glosario MINTIC – ICT Ministry of Colombia
  15. Glosario Policia Colombia
  16. Výkladový slovník kybernetické bezpečnosti (2013)
  17. Cyber Security Explanatory Glossary (2013)
  18. ESQUEMA GUBERNAMENTAL DE SEGURIDAD DE LA INFORMACION EGSI 2013
  19. ANSSI Glossaire
  20. Méthode de classification et mesures principales, ANSSI (2014)
  21. Classification Method and Key Measures, ANSSI (2014)
  22. La Estrategia Nacional de Seguridad Cibernética (June 2018)
  23. Glossary for Information Security Terms/資訊保安詞彙表
  24. [1]
  25. India's DGQA Cyber Security Policy (2015)
  26. National Cyber Security Strategy of Afghanistan (2014)
  27. http://www.ipa.go.jp/security/rfc/RFC2828EN.html RFC2828 (Japanese translation)
  28. Cyber Security Framework Saudi Arabian Monetary Authority Version 1.0 May 2017
  29. [ http://www.sama.gov.sa/en-US/Laws/BankingRules/SAMA%20Cyber%20Security%20Framework.pdf Saudi Arabian Monetary Authority (2017)]
  30. [From French Glossary]
  31. Cyber Security Beeld Nederland 2018
  32. ABDO 2017
  33. Zakboekje Preventie Cybercrime (2008
  34. Glosario - El portal único del gobierno. | gob.mx, Mexico
  35. DIRECTIVE NATIONALE DE LA SECURITE DES SYSTEMES D'INFORMATION, Marocco 2013
  36. Cyber Security Strategy for Norway (2012)
  37. Nasjonal strategi for informasjonssikkerhet (2012)
  38. Oman CERT Glossary
  39. RESOLUCIÓN DE CONSEJO DIRECTIVO ORGANISMO SUPERVISOR DE LA INVERSIÓN EN ENERGÍA OSINERG Nº 270-2014-OS/CD
  40. NHS Cyber security glossary
  41. STRATÉGIE NATIONALE DE CYBERSÉCURITÉ DU SÉNÉGAL (SNC2022)
  42. ЗАКОН О ИНФОРМАЦИОНОЈ БЕЗБЕДНОСТИ (Law on Information Security), Serbia
  43. Diccionario de términos y conceptos de la Administración Electrónica, Ministerio de Hacienda y Función Pública Secretaría General Técnica, 2017
  44. National Centre for Cyber Security, Information Security Policy Domains #19: Glossary
  45. [THE UNITED REPUBLIC OF TANZANIA/MINISTRY OF FINANCE -ICT SECURITY GUIDELINES (2012)]
  46. 2016-2019 UlUSAL SİBER GÜVENLİk STRATEJİSİ (Sept. 2016)
  47. Turkey's National Cyber Security Strategy 2016-2019 (2016)
  48. Turkey's National Cyber Security Strategy and 2013-2014 Action Plan
  49. UlUSAL SİBER GÜVENLİk STRATEJİSİ VE
  50. DHS/NICSS Glossary
  51. The Federal Information Security Modernization Act of 2014 (FISMA)44 U.S.C. § 3552(b)(2).
  52. NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013) / 44 U.S.C., Sec. 3542
  53. 53.0 53.1 53.2 53.3 53.4 NIST Glossary
  54. IETF RFC449 Internet Security Glossary 2
  55. ISA-62443 series
  56. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary