RESEARCH ARTICLE


Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model



Hamid Moghaddasi*, 1, Samad Sajjadi2, Mehran Kamkarhaghighi3
1 Health Information Management & Medical Informatics, Department of Health Information Technology and Management, Faculty of Paramedical Sciences, Shahid Beheshti University of Medical Sciences. Tehran, Iran
2 Faculty of Paramedical Sciences, Shahid Beheshti University of Medical Sciences. Tehran, Iran
3 Medical Informatics, Faculty of Paramedical Sciences, Shahid Beheshti University of Medical Sciences, Tehran, Iran


Article Metrics

CrossRef Citations:
12
Total Statistics:

Full-Text HTML Views: 6169
Abstract HTML Views: 3039
PDF Downloads: 293
ePub Downloads: 199
Total Views/Downloads: 9700
Unique Statistics:

Full-Text HTML Views: 2893
Abstract HTML Views: 1621
PDF Downloads: 211
ePub Downloads: 158
Total Views/Downloads: 4883



© Moghaddasi et al.; Licensee Bentham Open

open-access license: This is an open access article licensed under the terms of the Creative Commons Attribution-Non-Commercial 4.0 International Public License (CC BY-NC 4.0) (https://creativecommons.org/licenses/by-nc/4.0/legalcode), which permits unrestricted, non-commercial use, distribution and reproduction in any medium, provided the work is properly cited.

* Address correspondence to this author at the Health Information Management & Medical Informatics, Department of Health Information Technology and Management, Faculty of Paramedical Sciences, Shahid Beheshti University of Medical Sciences, Tehran, Iran; Tel: 0098 21 22747373; Fax: 0098 21 22721150; E-mail: moghaddasi@sbmu.ac.ir


Abstract

Introduction:

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology.

Background:

The “data security models” presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the “needs and improvement” cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management.

Findings:

Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability.

Conclusion:

Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

Keywords: CIA Triad Model, Cryptography, Data security, Data security management, Data security theories, Parkerian Hexad Model.