What is included under FR-4 - Data Confidentiality?

Data confidentiality refers to the protection of information from unauthorized access and disclosure. Under the framework of FR-4, which focuses on data confidentiality, the concept of information persistence is particularly relevant. Information persistence relates to how data is stored and maintained securely over time, ensuring that sensitive information remains confidential and is only accessible by authorized parties. This aspect is crucial because it addresses the need to protect both data at rest and data in transit from unauthorized interception or access.

In contrast, the other options do not directly pertain to the specific focus of data confidentiality. Account management is primarily concerned with the governance of user access to systems rather than the safeguarding of data itself. Emergency power pertains to maintaining system availability during power failures and does not relate to data confidentiality. Session integrity focuses on ensuring that a session is secure and can’t be tampered with, rather than on the confidentiality of the data within that session. Hence, information persistence is the most aligned with the concept of data confidentiality.