Security

Last updated March 17, 2024

Security is protection from, or resilience against, potential harm (or other unwanted coercion). Beneficiaries (technically referents) of security may be persons and social groups, objects and institutions, ecosystems, or any other entity or phenomenon vulnerable to unwanted change.

Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g., freedom from want); as the presence of an essential good (e.g., food security); as resilience against potential damage or harm (e.g. secure foundations); as secrecy (e.g., a secure telephone line); as containment (e.g., a secure room or cell); and as a state of mind (e.g., emotional security).

The term is also used to refer to acts and systems whose purpose may be to provide security (security company, security police, security forces, security service, security agency, security guard, cyber security systems, security cameras, remote guarding). Security can be physical and virtual.

Etymology

The word 'secure' entered the English language in the 16th century.^[1] It is derived from Latin securus, meaning freedom from anxiety: se (without) + cura (care, anxiety).^[1]

Overview

Referent

A security referent is the focus of a security policy or discourse; for example, a referent may be a potential beneficiary (or victim) of a security policy or system.

Security referents may be persons or social groups, objects, institutions, ecosystems, or any other phenomenon vulnerable to unwanted change by the forces of its environment.^[2] The referent in question may combine many referents in the same way that, for example, a nation-state is composed of many individual citizens.^[3]

Context

The security context is the relationships between a security referent and its environment.^[2] From this perspective, security and insecurity depend first on whether the environment is beneficial or hostile to the referent and also on how capable the referent is of responding to their environment in order to survive and thrive.^[3]

Capabilities

The means by which a referent provides for security (or is provided for) vary widely. They include, for example:

Coercive capabilities, including the capacity to project coercive power into the environment (e.g., aircraft carriers, handguns, firearms);
Protective systems (e.g., lock, fence, wall, antivirus software, air defence system, armour)
Warning systems (e.g., alarm, radar)
Diplomatic and social action intended to prevent insecurity from developing (e.g. conflict prevention and transformation strategies); and
Policy intended to develop the lasting economic, physical, ecological, and other conditions of security (e.g., economic reform, ecological protection, progressive demilitarization, militarization).

Effects

Any action intended to provide security may have multiple effects. For example, an action may have a wide benefit, enhancing security for several or all security referents in the context; alternatively, the action may be effective only temporarily, benefit one referent at the expense of another, or be entirely ineffective or counterproductive.

Contested approaches

Approaches to security are contested and the subject of debate. For example, in debate about national security strategies, some argue that security depends principally on developing protective and coercive capabilities in order to protect the security referent in a hostile environment (and potentially to project that power into its environment, and dominate it to the point of strategic supremacy).^[4]^[5]^[6] Others argue that security depends principally on building the conditions in which equitable relationships can develop, partly by reducing antagonism between actors, ensuring that fundamental needs can be met, and also ensuring that differences of interest can be negotiated effectively.^[7]^[3]^[8]

Contexts of security (examples)

The table shows some of the main domains where security concerns are prominent.

The range of security contexts is illustrated by the following examples (in alphabetical order):

Computer security

Computer security, also known as cybersecurity or IT security, refers to the security of computing devices such as computers and smartphones, as well as computer networks such as private and public networks, and the Internet. The field has growing importance due to the increasing reliance on computer systems in most societies.^[9] It concerns the protection of hardware, software, data, people, and also the procedures by which systems are accessed. The means of computer security include the physical security of systems and the security of information held on them.

Corporate security

Corporate security refers to the resilience of corporations against espionage, theft, damage, and other threats. The security of corporations has become more complex as reliance on IT systems has increased, and their physical presence has become more highly distributed across several countries, including environments that are, or may rapidly become, hostile to them.

X-ray machines and metal detectors are used to control what is allowed to pass through an airport security perimeter. Flughafenkontrolle.jpg — X-ray machines and metal detectors are used to control what is allowed to pass through an airport security perimeter.

Environmental security

Environmental security, also known as ecological security, refers to the integrity of ecosystems and the biosphere, particularly in relation to their capacity to sustain a diversity of life-forms (including human life). The security of ecosystems has attracted greater attention as the impact of ecological damage by humans has grown.^[10]

Food security

Food security refers to the ready supply of, and access to, safe and nutritious food.^[11] Food security is gaining in importance as the world's population has grown and productive land has diminished through overuse and climate change.^[12]^[13]

Home security

Home security normally refers to the security systems used on a property used as a dwelling (commonly including doors, locks, alarm systems, lighting, fencing); and personal security practices (such as ensuring doors are locked, alarms are activated, windows are closed etc.)

Human security

Human security is an emerging paradigm that, in response to traditional emphasis on the right of nation-states to protect themselves,^[14] has focused on the primacy of the security of people (individuals and communities).^[15] The concept is supported by the United Nations General Assembly, which has stressed "the right of people to live in freedom and dignity" and recognized "that all individuals, in particular vulnerable people, are entitled to freedom from fear and freedom from want".^[16]

National security

National security refers to the security of a nation-state, including its people, economy, and institutions. In practice, state governments rely on a wide range of means, including diplomacy, economic power, and military capabilities.

Perceptions of security

Since it is not possible to know with precision the extent to which something is 'secure' (and a measure of vulnerability is unavoidable), perceptions of security vary, often greatly.^[3]^[17] For example, a fear of death by earthquake is common in the United States (US), but slipping on the bathroom floor kills more people;^[17] and in France, the United Kingdom, and the US, there are far fewer deaths caused by terrorism than there are women killed by their partners in the home.^[18]^[19]^[20]^[21]

Another problem of perception is the common assumption that the mere presence of a security system (such as armed forces or antivirus software) implies security. For example, two computer security programs installed on the same device can prevent each other from working properly, while the user assumes that he or she benefits from twice the protection that only one program would afford.

Security theater is a critical term for measures that change perceptions of security without necessarily affecting security itself. For example, visual signs of security protections, such as a home that advertises its alarm system, may deter an intruder, whether or not the system functions properly. Similarly, the increased presence of military personnel on the streets of a city after a terrorist attack may help to reassure the public, whether or not it diminishes the risk of further attacks.

Security concepts (examples)

Certain concepts recur throughout different fields of security:

Access control – the selective restriction of access to a place or other resource.
Assurance – an expression of confidence that a security measure will perform as expected.
Authorization – the function of specifying access rights/privileges to resources related to information security and computer security in general and to access control in particular.
Cipher – an algorithm that defines a set of steps to encrypt or decrypt information so that it is incomprehensible.
Countermeasure – a means of preventing an act or system from having its intended effect.
Defense in depth – a school of thought holding that a wider range of security measures will enhance security.
Exploit (noun) – a means of capitalizing on a vulnerability in a security system (usually a cyber-security system).
Identity management – enables the right individuals to access the right resources at the right times and for the right reasons.
Password – secret data, typically a string of characters, usually used to confirm a user's identity.
Resilience – the degree to which a person, community, nation or system is able to resist adverse external forces.
Risk – a possible event which could lead to damage, harm, or loss.
Security management – identification of an organization's assets (including people, buildings, machines, systems and information assets), followed by the development, documentation, and implementation of policies and procedures for protecting these assets.
Threat – a potential source of harm.
Vulnerability – the degree to which something may be changed (usually in an unwanted manner) by external forces.

Related Research Articles

Computer security, cybersecurity, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types.

In physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.

The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification. It is currently in version 3.1 revision 5.

<span class="mw-page-title-main">Physical security</span> Measures designed to deny unauthorized access

Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment, and resources and to protect personnel and property from damage or harm. Physical security involves the use of multiple layers of interdependent systems that can include CCTV surveillance, security guards, protective barriers, locks, access control, perimeter intrusion detection, deterrent systems, fire protection, and other systems designed to protect persons and property.

SCADA is a control system architecture comprising computers, networked data communications and graphical user interfaces for high-level supervision of machines and processes. It also covers sensors and other devices, such as programmable logic controllers, which interface with process plant or machinery.

Food security is the availability of food in a country and the ability of individuals within that country (region) to access, afford, and source adequate foodstuff. The availability of food irrespective of class, gender or region is another element of food security. Similarly, household food security is considered to exist when all the members of a family, at all times, have access to enough food for an active, healthy life. Individuals who are food secure do not live in hunger or fear of starvation. Food insecurity, on the other hand, is defined as a situation of " limited or uncertain availability of nutritionally adequate and safe foods or limited or uncertain ability to acquire acceptable foods in socially acceptable ways." Food security incorporates a measure of resilience to future disruption or unavailability of critical food supply due to various risk factors including droughts, shipping disruptions, fuel shortages, economic instability, and wars.

National security, or national defence, is the security and defence of a sovereign state, including its citizens, economy, and institutions, which is regarded as a duty of government. Originally conceived as protection against military attack, national security is widely understood to include also non-military dimensions, such as the security from terrorism, minimization of crime, economic security, energy security, environmental security, food security, and cyber-security. Similarly, national security risks include, in addition to the actions of other nation states, action by violent non-state actors, by narcotic cartels, organized crime, by multinational corporations, and also the effects of natural disasters.

Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by a threat actor, such as an attacker, to cross privilege boundaries within a computer system. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerabilities are also known as the attack surface. Constructs in programming languages that are difficult to use properly can also manifest large numbers of vulnerabilities.

In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading. The isolation metaphor is taken from the idea of children who do not play well together, so each is given his or her own sandbox to play in alone. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as storage and memory scratch space. Network access, the ability to inspect the host system, or read from input devices are usually disallowed or heavily restricted.

Climate change adaptation is the process of adjusting to the effects of climate change. These can be both current or expected impacts. Adaptation aims to moderate or avoid harm for people. It also aims to exploit opportunities. Humans may also intervene to help adjustment for natural systems. There are many adaptation strategies or options. They can help manage impacts and risks to people and nature. The four types of adaptation actions are infrastructural, institutional, behavioural and nature-based options.

Climate risk is the potential for negative consequences for human or ecological systems from the impacts of climate change. It refers to risk assessments based on formal analysis of the consequences, likelihoods and responses to these impacts and how societal constraints shape adaptation options. However, the science also recognises different values and preferences around risk, and the importance of risk perception.

<span class="mw-page-title-main">Ecological resilience</span> Capacity of ecosystems to resist and recover from change

In ecology, resilience is the capacity of an ecosystem to respond to a perturbation or disturbance by resisting damage and subsequently recovering. Such perturbations and disturbances can include stochastic events such as fires, flooding, windstorms, insect population explosions, and human activities such as deforestation, fracking of the ground for oil extraction, pesticide sprayed in soil, and the introduction of exotic plant or animal species. Disturbances of sufficient magnitude or duration can profoundly affect an ecosystem and may force an ecosystem to reach a threshold beyond which a different regime of processes and structures predominates. When such thresholds are associated with a critical or bifurcation point, these regime shifts may also be referred to as critical transitions.

A zero-day is a vulnerability or security hole in a computer system unknown to its owners, developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit, or zero-day attack.

The aim of water security is to make the most of water's benefits for humans and ecosystems. The second aim is to limit the risks of destructive impacts of water to an acceptable level. These risks include for example too much water (flood), too little water or poor quality (polluted) water. People who live with a high level of water security always have access to "an acceptable quantity and quality of water for health, livelihoods and production". For example, access to water, sanitation and hygiene services is one part of water security. Some organizations use the term water security more narrowly for water supply aspects only.

In computer security a countermeasure is an action, device, procedure, or technique that reduces a threat, vulnerability, or attack, eliminating or preventing it by minimizing the harm it can cause. It can also include discovering and reporting vunerabilities so that corrective action can be taken.

In computer security, a threat is a potential negative action or event facilitated by a vulnerability that results in an unwanted impact to a computer system or application.

Climate resilience is defined as the "capacity of social, economic and ecosystems to cope with a hazardous event or trend or disturbance". This is done by "responding or reorganising in ways that maintain their essential function, identity and structure while also maintaining the capacity for adaptation, learning and transformation". The key focus of increasing climate resilience is to reduce the climate vulnerability that communities, states, and countries currently have with regards to the many effects of climate change. Efforts to build climate resilience encompass social, economic, technological, and political strategies that are being implemented at all scales of society. From local community action to global treaties, addressing climate resilience is becoming a priority, although it could be argued that a significant amount of the theory has yet to be translated into practice.

The following outline is provided as an overview of and topical guide to computer security:

Nature-based solutions is the sustainable management and use of natural features and processes to tackle socio-environmental issues. These issues include for example climate change, water security, food security, preservation of biodiversity, and disaster risk reduction. Through the use of NBS healthy, resilient, and diverse ecosystems can provide solutions for the benefit of both societies and overall biodiversity. The 2019 UN Climate Action Summit highlighted nature-based solutions as an effective method to combat climate change. For example, NBS in the context of climate action can include natural flood management, restoring natural coastal defences, providing local cooling, restoring natural fire regimes.

References

1 2 Online Etymology Dictionary. "Origin and meaning of secure". etymonline.com. Retrieved 2017-12-17.
1 2 Barry Buzan, Ole Wæver, and Jaap de Wilde, Security: A New Framework for Analysis (Boulder: Lynne Rienner Publishers, 1998), p. 32
1 2 3 4 Gee, D (2016). "Rethinking Security: A discussion paper" (PDF). rethinkingsecurity.org.uk. Ammerdown Group. Archived (PDF) from the original on 2022-10-09. Retrieved 2017-12-17.
↑ US, Department of Defense (2000). "Joint Vision 2020 Emphasizes Full-spectrum Dominance". archive.defense.gov. Retrieved 2017-12-17.
↑ House of Commons Defence Committee (2015). "Re-thinking defence to meet new threats". publications.parliament.uk. Retrieved 2017-12-17.
↑ General Sir Nicholas Houghton (2015). "Building a British military fit for future challenges rather than past conflicts". gov.uk. Retrieved 2017-12-17.
↑ FCNL (2015). "Peace Through Shared Security" . Retrieved 2017-12-17.
↑ Rogers, P (2010). Losing control : global security in the twenty-first century (3rd ed.). London: Pluto Press. ISBN 9780745329376. OCLC 658007519.
↑ "Reliance spells end of road for ICT amateurs", May 07, 2013, The Australian
↑ United Nations General Assembly (2010). "Resolution adopted by the General Assembly on 20 December 2010". un.org. Retrieved 2017-12-17.
↑ United Nations. "Hunger and food security". United Nations Sustainable Development. Retrieved 2017-12-17.
↑ Food and Agriculture Organization (2013). "Greater focus on soil health needed to feed a hungry planet". fao.org. Retrieved 2017-12-17.
↑ Arsenault, C (2014). "Only 60 Years of Farming Left If Soil Degradation Continues". Scientific American. Retrieved 2017-12-17.
↑ United Nations (1945). "Charter of the United Nations, Chapter VII". un.org. Retrieved 2017-12-17.
↑ United Nations. "UN Trust Fund for Human Security". un.org. Retrieved 2017-12-17.
↑ United Nations General Assembly (2005). "Resolution adopted by the General Assembly 60/1: World Summit Outcome" (PDF). Archived (PDF) from the original on 2022-10-09. Retrieved 2017-12-17.
1 2 Bruce Schneier, Beyond Fear: Thinking about Security in an Uncertain World, Copernicus Books, pages 26–27
↑ David Anderson QC (2012). "The Terrorism Acts in 2011" (PDF). Archived (PDF) from the original on 2022-10-09. Retrieved 2017-12-17.
↑ "What is femicide?". Women's Aid. Retrieved 2017-12-17.
↑ "Don't Believe In The War On Women? Would A Body Count Change Your Mind?". Upworthy. Retrieved 2017-12-17.
↑ "Violences conjugales: 118 femmes tuées en 2014". Libération.fr (in French). Retrieved 2017-12-17.

External links

Media related to Security at Wikimedia Commons

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[:0-1] 1 2 Online Etymology Dictionary. "Origin and meaning of secure". etymonline.com. Retrieved 2017-12-17.

[:1-2] 1 2 Barry Buzan, Ole Wæver, and Jaap de Wilde, Security: A New Framework for Analysis (Boulder: Lynne Rienner Publishers, 1998), p. 32

[:2-3] 1 2 3 4 Gee, D (2016). "Rethinking Security: A discussion paper" (PDF). rethinkingsecurity.org.uk. Ammerdown Group. Archived (PDF) from the original on 2022-10-09. Retrieved 2017-12-17.

[4] US, Department of Defense (2000). "Joint Vision 2020 Emphasizes Full-spectrum Dominance". archive.defense.gov. Retrieved 2017-12-17.

[5] House of Commons Defence Committee (2015). "Re-thinking defence to meet new threats". publications.parliament.uk. Retrieved 2017-12-17.

[6] General Sir Nicholas Houghton (2015). "Building a British military fit for future challenges rather than past conflicts". gov.uk. Retrieved 2017-12-17.

[7] FCNL (2015). "Peace Through Shared Security" . Retrieved 2017-12-17.

[8] Rogers, P (2010). Losing control : global security in the twenty-first century (3rd ed.). London: Pluto Press. ISBN 9780745329376. OCLC 658007519.

[9] "Reliance spells end of road for ICT amateurs", May 07, 2013, The Australian

[10] United Nations General Assembly (2010). "Resolution adopted by the General Assembly on 20 December 2010". un.org. Retrieved 2017-12-17.

[11] United Nations. "Hunger and food security". United Nations Sustainable Development. Retrieved 2017-12-17.

[12] Food and Agriculture Organization (2013). "Greater focus on soil health needed to feed a hungry planet". fao.org. Retrieved 2017-12-17.

[13] Arsenault, C (2014). "Only 60 Years of Farming Left If Soil Degradation Continues". Scientific American. Retrieved 2017-12-17.

[14] United Nations (1945). "Charter of the United Nations, Chapter VII". un.org. Retrieved 2017-12-17.

[15] United Nations. "UN Trust Fund for Human Security". un.org. Retrieved 2017-12-17.

[16] United Nations General Assembly (2005). "Resolution adopted by the General Assembly 60/1: World Summit Outcome" (PDF). Archived (PDF) from the original on 2022-10-09. Retrieved 2017-12-17.

[:3-17] 1 2 Bruce Schneier, Beyond Fear: Thinking about Security in an Uncertain World, Copernicus Books, pages 26–27

[18] David Anderson QC (2012). "The Terrorism Acts in 2011" (PDF). Archived (PDF) from the original on 2022-10-09. Retrieved 2017-12-17.

[19] "What is femicide?". Women's Aid. Retrieved 2017-12-17.

[20] "Don't Believe In The War On Women? Would A Body Count Change Your Mind?". Upworthy. Retrieved 2017-12-17.

[21] "Violences conjugales: 118 femmes tuées en 2014". Libération.fr (in French). Retrieved 2017-12-17.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

Authority control databases
National	France BnF data Germany Poland
Other	Encyclopedia of Modern Ukraine