Introduction to Information security

Cards (21)

  • Computer security - began immediately after the first
    mainframes were developed
  • Groups developing code-breaking computations
    during World War II created the first modern
    computers
  • Physical controls - were needed to limit access to
    authorized personnel to sensitive military locations
  • Only rudimentary controls were available to defend
    against physical theft, espionage, and sabotage
  • An Enigma machine is a
    famous encryption
    machine used by the
    Germans during WWII to
    transmit coded
    messages.
  • 1960s -
    Department of Defense’s Advanced
    Research Project Agency (ARPA) began
    examining the feasibility of a redundant
    networked communications
  • Larry Roberts developed the project (ARPA)
    from its inception
  • The 1970s and 80s
    ARPANET grew in popularity as did its potential for
    misuse
  • In the late 1970s the microprocessor expanded
    computing capabilities and security threats
  • The 1990s
    Networks of computers became more
    common, so too did the need to
    interconnect the networks
  • Resulted in the Internet, the first
    manifestation of a global network of
    networks
  • In early Internet deployments, security
    was treated as a low priority
  • The Present
    The Internet has brought millions of
    computer networks into
    communication with each other –
    many of them unsecured
  • Security - The quality or state of being secure--to be free
    from danger.
  • A successful organization should have multiple
    layers of security in place:
    • Physical security
    • Personal security
    • Operations security
    • Communications security
    • Network security
  • Information Security - The protection of information and its critical
    elements, including the systems and hardware
    that use, store, and transmit that information
  • The C.I.A. triangle was the standard based on
    confidentiality, integrity, and availability
  • Information Security - is a model designed to guide policies for
    information security within an organization.
  • Confidentiality - refers to protecting data from disclosure to those who are not authorized to see it.
  • Availability - refers to ensuring timely and reliable access to data and resources when they are needed.
  • Integrity - refers to safeguarding the accuracy and trustworthiness of data.