Seguridad de la Información

Domain Reference: Access Control Biometrics Report: - Type I Errors: Authorized Individuals were incorrectly rejected - Type II Errors: Unathorized Individuals were incorrectly granted access. SESAME: Secure European System For Applications In a Multivendors Enviroment - Technology bult upon the Kerberos foundation. - SESAME provides different capabilities and uses public key criptography - SESAME differs from Kerberos in that it uses PACS (Privileged Attribute Certificate) for authentication. - Instead of the Kerberos Tickets Exchange Methodology. Access Controls Models Discretionary Access Control (DAC) Mandatory Access Control (MAC Role-Based Access Control (RBAC) Trusted Computer System Evaluation Criteria  ( TCSEC ):  http://en.wikipedia.org/wiki/TCSEC Information Technology Security Evaluation Criteria (ITSEC):  http://en.wikipedia.org/wiki/ITSEC Common Criteria for Information Technology Security Evaluation (CC):  http://en.wikipedia.org/wiki/Common_

Este Grupo de estándares son conocidos como la serie ISO/IEC 27000, siendo las mejores prácticas de la industria para la administración de controles de seguridad de manera transversal en organizaciones de todo el mundo. ISO/IEC 27000: Overview and vocabulary ISO/IEC 27001: ISMS requeriments ISO/IEC 27002: Code of practice for information security management ISO/IEC 27003: Guideline for ISMS implementation ISO/IEC 27004: Guideline for information security management measurement and metrics framework ISO/IEC 27005: Guideline for information security risk management ISO/IEC 27006: Guideline for bodies providing audit and certification of ISMS. ISO/IEC 27011: Information security management guidelines for telecomunications organizations ISO/IEC 27031: Guideline for information and communications technology readiness for business continuity ISO/IEC 27033-1: Guideline for network security ISO 27799: Guide for information security management in health organizations The followin