A set of criteria that a system, network, or service must meet to ensure that it is secure from potential threats. Security requirements may pertain to the protection of data confidentiality, integrity, and availability, as well as user authentication, access controls, system resilience, and compliance with relevant regulations. They provide a clear understanding of what is needed to protect information assets and serve as a basis for the design, implementation, and evaluation of security controls.