Vocabulary for Concerns
Closed this issue · 2 comments
We state that the three main consequences are integrity, availability, and confidentiality. But in the section on real incidents, we describe concerns with different terms (i.e. "inaccessible"). In many cases, the concerns are more specific than those three headings, so this may not be straightforward. But some effort to standardize the terminology may be useful: e.g. "Unavailable" vs "Inaccessible".
I think "Consequences" in the second paragraph of Bad Things..., should be "Concerns" and that will address this. E.g.:
_Concerns_ of computing system failure due to malicious tampering have historically been organized into three categories: confidentiality, integrity, and availability.
Proposed solution: rewrite the first sentence of the second paragraph under "bad things" to read: Concerns of malicious tampering have historically been organized into three categories: Integrity (e.g. trust), Availability (e.g. accessibility), and Confidentiality (e.g. privacy.)