Ver:
Conjunto de
técnicas y controles de seguridad que se implementan en el interior de los
propios equipos y sistemas de tecnologías de la información, sea en el hardware
o sea en el software, para proteger, principalmente, los programas y los datos
que procesan, almacenan y transmiten, aunque en ocasiones también prevengan de
las amenazas sobre el propio hardware.
Por prevenir
de los ataques al hardware y al software es preferible al término seguridad
técnica al de seguridad lógica, que algunos emplean.
[Ribagorda:1997]
(I) Security mechanisms and
procedures that are implemented in and executed by computer hardware, firmware,
or software to provide automated protection for a system. (See: security architecture.
Compare: administrative security.) [RFC4949:2007]
The discovery, elimination,
and mitigation of security vulnerabilities that can be exploited by technical
means. It includes all facets of security that involve the detection and/or
neutralization of technical collection threats or the application of security
technology; the traditional fields of TEMPEST and technical surveillance
countermeasures (TSCM); and extends to new techniques, technology, and
instrumentation that may allow exploitation of security vulnerabilities by
technical means. [NSA/CSS
REG 90-6]
An evaluation of all factors
related to potential vulnerabilities of technical penetration of a facility,
system, network, product, or equipment. Typical considerations include security
against acoustical, optical, audio frequency, radio frequency, and other
methods of penetration as well as adequacy of electronic protection. A TSE
includes TSCM, TEMPEST, and TEAPOT considerations. [NSA/CSS REG 90-6]