In general, computer security has four goals:

• Privacy
• Secrecy
• Authenticity
• Integrity

Privacy is considered the information to be used only for the intended purpose, not beyond that. Let's look at a simple example. In the financial industry, there is a term called PII (Personally Identifiable Information). It can be used on its own or with its supplementary information to identify the individual in context. As per the US privacy law and information security, it is mandatory to protect this type of data.

Secrecy is scoped to access only by authorized users, not anyone else. It is pretty simple to explain. In an enterprise application, there might be an administration section to maintain the user base of the system. This section is not supposed to be accessed by anyone in the system. Only some restricted users (such as the administrator) must have the accessibility to this section.

Authenticity is defined as the ability to verify the received request only from the restricted users, not everyone. Let's take an example of private banking by end customers. A bank might maintain the accounts of some n users. The banking application can only be logged into by the registered n customers, not by other people. This is termed authenticity.

Integrity is nothing but maintenance to ensure the accuracy and consistency of the information in an enterprise application. At the same time, the information must be protected from unauthorized access. With system characteristics, it is more integrated into the information reliability factor.