Ver:
Conjunto de
técnicas y controles de seguridad que se implementan en el interior de los
propios equipos y sistemas de tecnologías de la información, sea en el hardware
o sea en el software, para proteger, principalmente, los programas y los datos
que procesan, almacenan y transmiten, aunque en ocasiones también prevengan de
las amenazas sobre el propio hardware.
Por prevenir
de los ataques al hardware y al software es preferible al término seguridad
técnica al de seguridad lógica, que algunos emplean.
[Ribagorda:1997]
(I) Security
mechanisms and procedures that are implemented in and executed by computer
hardware, firmware, or software to provide automated protection for a system. (See: security architecture.
Compare: administrative security.) [RFC4949:2007]
The discovery,
elimination, and mitigation of security vulnerabilities that can be exploited
by technical means. It includes all facets of security that involve the
detection and/or neutralization of technical collection threats or the application
of security technology; the traditional fields of TEMPEST and technical
surveillance countermeasures (TSCM); and extends to new techniques, technology,
and instrumentation that may allow exploitation of security vulnerabilities by
technical means. [NSA/CSS
REG 90-6]
An evaluation of
all factors related to potential vulnerabilities of technical penetration of a
facility, system, network, product, or equipment. Typical considerations
include security against acoustical, optical, audio frequency, radio frequency,
and other methods of penetration as well as adequacy of electronic protection.
A TSE includes TSCM, TEMPEST, and TEAPOT considerations. [NSA/CSS REG 90-6]
Temas relacionados