A New Framework for Information Security to Avoid Information Anarchy

The purpose of information security that most infosec specialists identify is to preserve the three elements of confidentiality, integrity, and availability of information. The 1991 paper, Restating the Foundation of Information Security1, argues that this is a dangerously oversimplified definition of infosec. The preservation of these three elements does not include many kinds of information losses that infosec should prevent. My intent is to demonstrate in more rigorous fashion that the preservation of these elements must be expanded for infosec to be sufficiently comprehensive to protect information appropriately in all of its security aspects.