The Open Medical Informatics Journal

2016, 10 : 4-10
Published online 2016 October 28. DOI: 10.2174/1874431101610010004
Publisher ID: TOMINFOJ-10-4

RESEARCH ARTICLE
Reasons in Support of Data Security and Data Security Management as Two Independent Concepts:

Hamid Moghaddasi, *,1 , Samad Sajjadi2 and Mehran Kamkarhaghighi3
1 Health Information Management & Medical Informatics, Department of Health Information Technology and Management, Faculty of Paramedical Sciences, Shahid Beheshti University of Medical Sciences. Tehran,
2 Faculty of Paramedical Sciences, Shahid Beheshti University of Medical Sciences. Tehran, Iran
3 Medical Informatics, Faculty of Paramedical Sciences, Shahid Beheshti University of Medical Sciences, Tehran, Iran

* Address correspondence to this author at the Health Information Management & Medical Informatics, Department of Health Information Technology and Management, Faculty of Paramedical Sciences, Shahid Beheshti University of Medical Sciences, Tehran, Iran; Tel: 0098 21 22747373; Fax: 0098 21 22721150; E-mail: moghaddasi@sbmu.ac.ir

ABSTRACT

Introduction:

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology.

Background:

The “data security models” presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the “needs and improvement” cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management.

Findings:

Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability.

Conclusion:

Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

Keywords:

CIA Triad Model, Cryptography, Data security, Data security management, Data security theories, Parkerian Hexad Model.