Scribd
Upload
442 views2 pages

MSR Model Overview and Information Assurance

The MSR Model describes three states of information, three essential countermeasures, and five basic services. The model reinforces that senior management is responsible for an organization's information lifecycle. Information assurance concerns maintaining confidentiality, integrity, availability, nonrepudiation, authentication through the information lifecycle. Information security protects information resources against unauthorized access by focusing on confidentiality, integrity, and availability. Information protection is a subset of information security that protects confidentiality and integrity through various controls and classification.

Uploaded by

John Lloyd Galeon
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
442 views2 pages

MSR Model Overview and Information Assurance

The MSR Model describes three states of information, three essential countermeasures, and five basic services. The model reinforces that senior management is responsible for an organization's information lifecycle. Information assurance concerns maintaining confidentiality, integrity, availability, nonrepudiation, authentication through the information lifecycle. Information security protects information resources against unauthorized access by focusing on confidentiality, integrity, and availability. Information protection is a subset of information security that protects confidentiality and integrity through various controls and classification.

Uploaded by

John Lloyd Galeon
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Maconachy-Schou-Ragsdale (MSR) Model

• In 2001, the MSR model described…

» Three State of Information (Storage, Transmission, Processing)

» Three Essential Countermeasures (Availability, Integrity, Authentication)

» Five Basic Services (Availability, Integrity, Authentication, Confidentiality, Nonrepudiation)

• The model reinforces the idea that senior management and senior executives are

responsible for the life cycle of the system and an organization’s information,

from inception to dissolution.

Fundamental Concepts
• Information Assurance

» the overarching approach for identifying, understanding, and managing risk through the
use

of information and information systems.

» is concerned with the life cycle of information in an organization through the objectives of

maintaining the following services attributes:

» Confidentiality

» Integrity

» Availability

» Nonrepudiation

» Authentication

» Information security, information protection, and cybersecurity are subsets of information

assurance.

Information Security
» Subdomain of information assurance.

» is the protection of information resources against unauthorized access.

» Focuses on CIA triad


» Confidentiality – is the assurance of data secrecy where no on is able to read data except

for the intended entity.

» Integrity – is a service that assures that the information in a system has not been altered.

» Availability – is the service that assures data and resources are accessible to authorized

subjects/personnel when required.

» Information protection and cybersecurity are subsets of information security.

Information Protection

» subset of information security.

» Defined as protecting the confidentiality and integrity of information through a variety of

means such as policy, standards, physical controls, technical controls, monitoring, and

information classification or categorization.

» Some laws, regulations, and rules specifically cite information protection as a


requirement

for sensitive information such as personally identifiable information and personal health

information.

You might also like