Defense in Depth Principle to Ensure Information Security

Authors: Ionut – Daniel BARBU, Gabriel PETRICA

Published: IJISC Volume 4, Issue 1, Year 2015

Abstract:

The primary scope of the principle of layered security is to achieve a multi-level protection on the data in both at rest or in transit states. A successful approach implies inserting several security barriers to defend against various types of threats. This article presents an overview of Defense in Depth technique applied according to risk analysis performed to ensure data security. Throughout it, several examples of “layers” of protection are detailed and information security is analyzed in the case of three types of cyber-attacks.

References:

[1]. O. Santos, End-to-End Network Security. Defense in Depth, Cisco Press, 2008.

[2]. M. Rosenquist, Defense in Depth Strategy Optimizes Security, Intel Corporation White Paper, 2008.

[3]. National Security Agency, Defense in Depth. A practical strategy for achieving Information Assurance in today’s highly networked environments, [Online] Available: https://www.nsa.gov/ia/_files/support/ defenseindepth.pdf

[4]. Defense in depth, (2015, Mar. 08) [Online] Available: https://www.owasp.org/ index.php/Defense_in_depth

[5]. T. McGuiness, Defense In Depth, White Paper, SANS Institute Reading Room, [Online] Available: http://www.sans.org/reading-room/whitepapers/basics/defense -in-depth-525

[6]. Defense in depth – Computing, (2015, Mar. 22) [Online] Available: http://en.wikipedia.org/wiki/Defense_in_depth_(computing)

Advertisements

Leave a comment

Filed under General

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s