Definition: Confidentiality is a non-functional requirement that ensures that sensitive information is protected from unauthorized access, disclosure, or modification. It is essential for maintaining the privacy and security of data, especially in industries such as healthcare, finance, and government. Confidentiality can be achieved through various measures, such as encryption, access controls, and secure communication channels. It is crucial to ensure that confidential information is only accessible to authorized personnel and is not compromised in any way.
Source: TOGAF
Source reference: https://pubs.opengroup.org/architecture/togaf9-doc/arch/chap03.html
Additional information: According to the TOGAF specification, confidentiality is a non-functional requirement that refers to the protection of sensitive information from unauthorized access, disclosure, or modification. This requirement is critical for ensuring the privacy and security of data, particularly in systems that handle sensitive or confidential information.
To achieve confidentiality, the system must have appropriate security controls in place, such as access controls, encryption, and authentication mechanisms. These controls should be designed to prevent unauthorized access to data, both in transit and at rest, and to ensure that only authorized users can view or modify sensitive information.
In addition, the system should be designed to detect and respond to security breaches or incidents that could compromise confidentiality. This may involve implementing intrusion detection and prevention systems, monitoring access logs, and conducting regular security audits and assessments.
Overall, confidentiality is a key non-functional requirement that must be carefully considered and addressed in any system that handles sensitive or confidential information. By implementing appropriate security controls and monitoring mechanisms, organizations can ensure that their data remains secure and protected from unauthorized access or disclosure.
Example: In a healthcare system, patient medical records must be kept confidential and only accessible to authorized personnel.
LOST view: Digital Solution Non-Functional Requirements Catalogue view
Identifier: http://data.europa.eu/dr8/egovera/ConfidentialityRequirement
EIRA traceability: eira:DigitalSolutionNonFunctionalRequirementRequirement
ABB name: egovera:ConfidentialityRequirement
EIRA concept: eira:ArchitectureBuildingBlock
Last modification: 2023-05-16
dct:identifier: http://data.europa.eu/dr8/egovera/ConfidentialityRequirement
dct:title: Confidentiality Non-Functional Requirement
|
|
| dct:modified | 2024-01-28 |
| dct:identifier | http://data.europa.eu/dr8/ConfidentialityRequirement |
| dct:title | Confidentiality Non-Functional Requirement |
| skos:example | In a healthcare system, patient medical records must be kept confidential and only accessible to authorized personnel. |
| skos:definition | Confidentiality is a non-functional requirement that ensures that sensitive information is protected from unauthorized access, disclosure, or modification. It is essential for maintaining the privacy and security of data, especially in industries such as healthcare, finance, and government. Confidentiality can be achieved through various measures, such as encryption, access controls, and secure communication channels. It is crucial to ensure that confidential information is only accessible to authorized personnel and is not compromised in any way. |
| eira:concept | eira:ArchitectureBuildingBlock |
| eira:definitionSource | TOGAF |
| eira:definitionSourceReference | https://pubs.opengroup.org/architecture/togaf9-doc/arch/chap03.html |
| skos:note | According to the TOGAF specification, confidentiality is a non-functional requirement that refers to the protection of sensitive information from unauthorized access, disclosure, or modification. This requirement is critical for ensuring the privacy and security of data, particularly in systems that handle sensitive or confidential information.
To achieve confidentiality, the system must have appropriate security controls in place, such as access controls, encryption, and authentication mechanisms. These controls should be designed to prevent unauthorized access to data, both in transit and at rest, and to ensure that only authorized users can view or modify sensitive information.
In addition, the system should be designed to detect and respond to security breaches or incidents that could compromise confidentiality. This may involve implementing intrusion detection and prevention systems, monitoring access logs, and conducting regular security audits and assessments.
Overall, confidentiality is a key non-functional requirement that must be carefully considered and addressed in any system that handles sensitive or confidential information. By implementing appropriate security controls and monitoring mechanisms, organizations can ensure that their data remains secure and protected from unauthorized access or disclosure. |
| eira:PURI | http://data.europa.eu/dr8/ConfidentialityRequirement |
| dct:type | eira:ConfidentialityRequirement |
| eira:view | Digital Solution Non-Functional Requirements Catalogue view |
| eira:eifLayer | N/A |
| skos:broader | http://data.europa.eu/dr8/DigitalSolutionNonFunctionalRequirementRequirement |