Loading...
 

Information Security

Information Security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.1

The CIA triad of information security was created to provide a baseline standard for evaluating and implementing information security regardless of the underlying system and/or organization. The three core goals have distinct requirements and processes within each other.2

  • Confidentiality: Ensures that data or an information system is accessed by only an authorized person. User Id’s and passwords, access control lists (ACL) and policy based security are some of the methods through which confidentiality is achieved
  • Integrity: Integrity assures that the data or information system can be trusted. Ensures that it is edited by only authorized persons and remains in its original state when at rest. Data encryption and hashing algorithms are key processes in providing integrity
  • Availability: Data and information systems are available when required. Hardware maintenance, software patching/upgrading and network optimization ensures availability

Resources

  • Information Security Links
  • The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security.3
  • Internet Protocol Suite is the conceptual model and set of communications protocols used on the Internet and similar computer networks. It is commonly known as TCP/IP because the original protocols in the suite are the Transmission Control Protocol (TCP) and the Internet Protocol (IP).4

Books

Book Clubs / Reading Lists

  • Recommended Reading - This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and other related topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient in the information security realm.

User Groups / Meetups

Essays

Related Topics

1 Information security. (2013, November 2). In Wikipedia, The Free Encyclopedia. Retrieved 21:39, November 2, 2013, from http://en.wikipedia.org/w/index.php?title=Information_security&oldid=579903090
3 Common Vulnerabilities and Exposures. (2017, October 24). In Wikipedia, The Free Encyclopedia. Retrieved 16:47, November 23, 2017, from https://en.wikipedia.org/w/index.php?title=Common_Vulnerabilities_and_Exposures&oldid=806836471
4 Internet protocol suite. (2017, September 29). In Wikipedia, The Free Encyclopedia. Retrieved 17:21, October 12, 2017, from https://en.wikipedia.org/w/index.php?title=Internet_protocol_suite&oldid=803018685
Last edited by MichaelAlber .
Page last modified on Monday October 1, 2018 03:27:49 UTC.