Propiedad de la información que se mantiene
inaccesible y no se revela a individuos, entidades o procesos no autorizados. [UNE-ISO/IEC 27000:2014]
Propiedad o
característica consistente en que la información ni se pone a disposición ni se
revela a individuos, entidades o procesos no autorizados. [UNE-71504:2008]
(Diseño del
Servicio) Principio de seguridad que requiere que los datos deberían únicamente
ser accedidos por el personal autorizado a tal efecto. [ITIL:2007]
Este servicio
se puede utilizar para obtener la protección de los datos frente a buscadores
no autorizados. El servicio de confidencialidad de datos está soportado por un
marco de autenticación. Se puede utilizar para la protección contra la
interceptación de datos. [X.509:2005]
Propiedad de
los elementos esenciales de ser accesibles sólo para los usuarios autorizados
cuando éstos lo requieran. [EBIOS:2005]
1. Propiedad
de la información que impide que ésta esté disponible o sea revelada a
individuos, entidades o procesos no autorizados (ISO-7498-2). Según esta norma
la confidencialidad es un servicio de seguridad.
2. Prevención
de la revelación no autorizada de información (ITSEC).
3. Característica
de los datos e informaciones que son revelados sólo a los usuarios, entidades o
procesos en el tiempo y forma autorizados (OCDE).
El
mantenimiento de la confidencialidad, junto con el de la integridad y
disponibilidad, constituye el objetivo de la seguridad de la información.
[Ribagorda:1997]
Servicio de
seguridad destinado a prevenir el análisis del tráfico de datos (ISO-7498-2).
El mecanismo responsable de suministrar este servicio se denomina rellenado de
tráfico. [Ribagorda:1997]
Servicio de
seguridad que asegura que una información no puede estar disponible o ser
descubierta por o para personas, entidades o procesos no autorizados. Puede
proteger toda la información que circula por un enlace, determinados campos de
ella o contra análisis del flujo de tráfico. [CESID:1997]
Propiedad de
una información que no está disponible ni es divulgada a personas, entidades o
procesos no autorizados. [ISO-7498-2:1989]
property that information is
not made available or disclosed to unauthorized individuals, entities, or
processes [ISO/IEC 27000:2014]
The term `confidentiality'
means preserving authorized restrictions on access and disclosure, including
means for protecting personal privacy and proprietary information.
Cyber Intelligence Sharing
and Protection Act. H.R. 624. 2013.
The property that
information is not disclosed to system entities (users, processes, devices)
unless they have been authorized to access the information.
NIST SP 800.53: Preserving
authorized restrictions on information access and disclosure, including means
for protecting personal privacy and proprietary information.
[CNSSI_4009:2010]
1. (I) The property that
data is not disclosed to system entities unless they have been authorized to
know the data. (See: Bell- LaPadula model, classification, data confidentiality
service, secret. Compare: privacy.)
2. (D) "The property
that information is not made available or disclosed to unauthorized
individuals, entities, or processes [i.e., to any unauthorized system
entity]." [ISO-7498-2].
[RFC4949:2007]
(Service Design) A security
principle that requires that data should only be accessed by authorised people.
[ITIL:2007]
The property that sensitive
information is not disclosed to unauthorized entities. [NIST-SP800-57:2007]
Preserving authorized restrictions
on information access and disclosure, including means for protecting personal
privacy and proprietary information.
U.S. Code 44, Sec. 3542.
Definitions, 2007
the property that sensitive
information is not disclosed to unauthorized individuals, entities, or
processes. [ISO-18028-2:2006]
The property that prevents
disclosure of information to unauthorized individuals, entities, or processes.
[H.235:2005]
This service can be used to
provide for protection of data from unauthorized disclosure. The authentication
framework supports the data confidentiality service. It can be used to protect
against data interception. [X.509:2005]
Property of essential
elements making them only accessible to authorised users. [EBIOS:2005]
Preserving authorized
restrictions on information access and disclosure, including means for
protecting personal privacy and proprietary information. [FIPS-199:2004] [NIST-SP800-60V2:2004]
The security goal that
generates the requirement for protection from intentional or accidental
attempts to perform unauthorized data reads. Confidentiality covers data in
storage, during processing, and while in transit. [NIST-SP800-27:2004]
The Data Confidentiality
Security Dimension protects data from unauthorized disclosure. Data
Confidentiality ensures that the data content cannot be understood by
unauthorized entities. Encryption, access control lists, and file permissions
are methods often used to provide data confidentiality. [X.805:2003]
The requirement of keeping
proprietary, sensitive, or personal information private and inaccessible to
anyone that is not authorized to see it. [Octave:2003]
The security objective that
generates the requirement for protection from intentional or accidental
attempts to perform unauthorized data reads. Confidentiality covers data in
storage, during processing, and while in transit. [NIST-SP800-33:2001]
the property that sensitive
information is not disclosed to unauthorized individuals, entities, or
processes. [FIPS-140-2:2001]
The concept of holding
sensitive data in confidence, limited to an appropriate set of individuals or
organizations. [IRM-5239-8:1995]
the prevention of the
unauthorised disclosure of information. [ITSEC:1991]
The property that
information is not made available or disclosed to unauthorized individuals,
entities, or processes. [ISO-7498-2:1989]
Confidentiality is the need
to ensure that information is disclosed only to those who are authorized to
view it.
http://www.sans.org/security-resources/glossary-of-terms/
A characteristic applied to
information to signify that it can only be disclosed to authorized individuals
to prevent injury to national or other interests.
http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16578
(Conception de
services) Principe de sécurité nécessitant que les données ne soient
accessibles qu’à des personnes autorisées. [ITIL:2007]
ce service peut être
utilisé pour protéger des données contre une divulgation non autorisée. Le
service de confidentialité des données est pris en charge par le cadre
d'authentification. Il peut être utilisé pour protéger des données contre les
interceptions. [X.509:2005]
Propriété des éléments
essentiels de n'être accessibles qu'aux utilisateurs autorisés. [EBIOS:2005]
La propriété qu'une
information n'est pas rendue disponible ni révélée à des personnes, des entités
ou des processus non autorisés. [ISO-7498-2:1989]
Qualité conférée à des
renseignements pour signifier qu'ils ne peuvent être divulgués qu'à des
personnes autorisées, afin de prévenir tout préjudice à l'intérêt national ou à
d'autres intérêts.
http://www.tbs-sct.gc.ca/pol/doc-fra.aspx?id=16578