Information sensitivity

Information sensitivity

Sensitive information is information or knowledge that might result in loss of an advantage or level of security if revealed (disclosed) to others who might have low or unknown trustability and/or indeterminable or hostile intentions.

Loss, misuse, modification or unauthorized access to sensitive information can adversely affect the privacy of an individual, trade secrets of a business or even the security, internal and foreign affairs of a nation depending on the level of sensitivity and nature of the information.

Types of sensitive information

The term classified information generally refers to information that is subject to special security classification regulations imposed by many national governments. The term "Unclassified" as used in the table below refers to information that is not subject to security classification regulations.

N
o
n
-
c
l
a
s
s
i
f
i
e
d

Public information
This refers to information that is already a matter of public record or knowledge.

Personal information
This is information belonging to a private individual, but the individual commonly may share with others for personal or business reasons. This generally includes contact information such as addresses, telephone numbers, e-mail addresses, and so on. It may be considered a breach of privacy to disclose such information, but for most people its disclosure is not considered a serious matter.

However, there are situations in which the release of personal information could have a negative effect on its owner. For example, a person trying to avoid a stalker will be inclined to further restrict access to such personal information.


Routine business information
This includes business information that is not subjected to special protection and may be routinely shared with anyone inside or outside of the business.

Private information
Information is "private" if it is associated with an individual and its disclosure might not be in the individual's best interests. This would include a broad range of information that could be exploited to cause a person damage.

A person's SSN, credit card numbers, and other financial information should be considered private, since their disclosure might lead to crimes such as identity theft or fraud.

Some types of private information, including records of a person's health care, education, and employment may be protected by privacy laws in some cases. Disclosing private information can make the perpetrator liable for civil remedies and may in some cases be subject to criminal penalties.


Confidential business information
"Confidential" business information refers to information whose disclosure may harm the business. Such information may include trade secrets as described in the "Economic Espionage Act of 1996 (UnitedStatesCode|18|1831|1839)". In practice, it may include sales and marketing plans, new product plans, and notes associated with patentable inventions. In publicly held companies, confidential information may include "insider" financial data whose disclosure is regulated by the United States Securities and Exchange Commission.

C
l
a
s
s
i
f
i
e
d

RESTRICTED

* Level 2 (light blue)
* requires some protection
* requires level 2 security clearance or higher
* public disclosure could have undesirable effects or do some harm.

CONFIDENTIAL

* Level 3 (blue)
* requires protection
* requires level 3 security clearance or higher to access
* unauthorized disclosure could damage national security e.g. compromise information that indicates the strength of armed forces or disclosure of technical information about weapons, such as performance characteristics, test data, design, and production data.

SECRET

* Level 4 (red)
* requires substantial protection
* requires level 4 security clearance or higher to access
* unauthorized disclosure could seriously damage national security.
* Wrongful disclosure could lead to a disruption of foreign relations, impair a program or policy directly related to national security, reveal significant military plans or intelligence operations, or compromise significant scientific or technological development relating to national security.
* most classified information falls into this category
* penalty can be a large fine and/or a 5 year to life imprisonment sentence

TOP SECRET (TS)

* Level 5 (orange)
* requires the highest degree of protection
* requires level 5 security clearance
* unauthorized disclosure could severely damage national security
* wrongful disclosure could lead to war against a nation or its allies, disrupt vital relations, compromise vital defense plans or cryptologic and communications intelligence systems, reveal sensitive intelligence operations, or could jeopardize a vital advantage in an area of science or technology.
* penalty can range from 5 years to life imprisonment or even the death penalty if considered treason.

"ULTRA SECRET" or SCI

* Level 6 (yellow)
* requires exceptionally high or special protection
* requires level 5 security clearance and special (Q) clearance and or invitation.
* unauthorized disclosure could existentially damage national security, international stability or wartime advantage
* wrongful disclosure could lead to loss or prolongation of a war, provide enemies with secret weapon technology or inform them of compromised top secret information.
* penalty will most likely be capital punishment due to treason.

Information can be reclassified to a different level or declassified (made available to the public) depending on changes of situation or new intelligence.

ensitivity Indicator in the USA

In the intelligence community the sensitivity indicator (aka. sensitivity label) specifies the level of secrecy of a project, document or piece of information by its relevancy to national security. Only those with appropriate security clearance can access information of certain sensitivity and might face additional special access restrictions.

The indicator can also be the name of a classified project such as "Project Blue Book" or "ULTRA", further restricting access to or handling of information.

ee also

* Mandatory Access Control
* Espionage
* RFC1327
* Federal Standard 1037C and the National Information Systems Security Glossary
* Seal of the Confessional

External links

* [http://www.archives.gov/isoo/ ISOO]
* [https://www.cia.gov/library/publications//cia_today/ciatoday_05.shtml CIA]
* [http://www.fbi.gov/clearance/securityclearance.htm FBI Security Clearance FAQ]
* [http://www.bundestag.de/parlament/funktion/gesetze/go_btg/anlage3.html Germany]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Sensitivity — may refer to:* Sensitivity (biology) * Sensitivity (electronics) * Sensitivity (human) * Sensitivity (information) * Sensitivity and specificity are related concepts in statistics * Sensitivity (radio receiver) * Sensitivity analysis *… …   Wikipedia

  • Information — as a concept has a diversity of meanings, from everyday usage to technical settings. Generally speaking, the concept of information is closely related to notions of constraint, communication, control, data, form, instruction, knowledge, meaning,… …   Wikipedia

  • Sensitivity analysis — (SA) is the study of how the variation (uncertainty) in the output of a mathematical model can be apportioned, qualitatively or quantitatively, to different sources of variation in the input of a model Saltelli, A., Ratto, M., Andres, T.,… …   Wikipedia

  • Sensitivity and specificity — are statistical measures of the performance of a binary classification test. The sensitivity or the recall rate measures the proportion of actual positives which are correctly identified as such (i.e. the percentage of sick people who are… …   Wikipedia

  • sensitivity — sen‧si‧tiv‧i‧ty [ˌsensˈtɪvti] noun [uncountable] 1. the degree to which something is likely to be affected by something else: • Because of their sensitivity to aluminum ingot prices, both companies expect a fall in profits. • Particular areas… …   Financial and business terms

  • Information protection policy — is a document which provides guidelines to users on the processing, storage and transmission of sensitive information. Main goal is to ensure information is appropriately protected from modification or disclosure. It may be appropriate to have… …   Wikipedia

  • Information retrieval — This article is about information retrieval in general. For the fictional government department, see Brazil (film). Information retrieval (IR) is the area of study concerned with searching for documents, for information within documents, and for… …   Wikipedia

  • Classified information — Top Secret redirects here. For other uses, see Top Secret (disambiguation). Unclassified redirects here. See also, Unclassified (album). State secrets redirects here. See also, state secrets privilege. A typical classified document. Page 13 of a… …   Wikipedia

  • Classified information in the United Kingdom — Classified information in the United Kingdom, now called Protectively Marked Information, is a system used to protect information from intentional or inadvertent release to unauthorised readers. The system is organised by the Cabinet Office and… …   Wikipedia

  • Compartmentalization (information security) — In matters concerning information security, whether public or private sector, compartmentalization is the limiting of access to information to persons or other entities who have a need to know it in order to perform certain tasks. The concept… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”