Acrónimos: SoD
Práctica que
consiste en dividir los pasos de una función entre varias personas para evitar
que un solo individuo pueda arruinar todo el proceso.
http://es.pcisecuritystandards.org
1. Proceso
que utiliza dos o más entidades separadas (normalmente personas), que operan
concertadamente para proteger funciones sensibles o informaciones, de modo que
ninguna persona aislada sea capaz de acceder o utilizar un recurso, por ejemplo
una clave criptográfica (ISO-8732).
2, Procedimiento
de seguridad que exige la concurrencia de dos o más personas para realizar
tareas críticas. De este modo, se anula la posibilidad de que un solo individuo
autorizado pueda abusar de sus derechos para cometer alguna acción ilícita.
[Ribagorda:1997]
A basic internal control
that prevents or detects errors and irregularities by assigning to separate
individuals the responsibility for initiating and recording transactions and
for the custody of assets
Scope Note:
Segregation/separation of duties is commonly used in large IT organizations so
that no single person is in a position to introduce fraudulent or malicious
code without detection.
ISACA, Cybersecurity
Glossary, 2014
(I) The practice of dividing
the steps in a system process among different individual entities (i.e.,
different users or different roles) so as to prevent a single entity acting
alone from being able to subvert the process. Usage: a.k.a. "separation of
privilege". (See: administrative security, dual control.) [RFC4949:2007]
A basic internal control
that prevents or detects errors and irregularities by assigning to separate
individuals responsibility for initiating and recording transactions and
custody of assets. [COBIT:2006]
Practice of dividing steps
in a function among different individuals, so as to keep a single individual
from being able to subvert the process.
https://www.pcisecuritystandards.org/security_standards/glossary.php
Separation of duties is the
principle of splitting privileges among multiple individuals or systems.
http://www.sans.org/security-resources/glossary-of-terms/
Pratique consistant à
répartir les divers aspects d’une fonction entre divers individus, afin
d’éviter qu’une personne seule ne puisse corrompre l’ensemble du processus.
http://fr.pcisecuritystandards.org/