Information processing, storage and transmission systems must be protected from damage and the data must be protected. Three criteria are applied for this: the availability, integrity and confidentiality of information. In addition, personal data must be protected.