This definition implies that you have to know the information and the value of that information in order to develop protective measures. You also need to know to which individuals need unique identities and how much information may be divulged to the outside world. A rough classification of protective measures in computer security is as follows: