Information Security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.1
The CIA triad of information security was created to provide a baseline standard for evaluating and implementing information security regardless of the underlying system and/or organization. The three core goals have distinct requirements and processes within each other.2
- Confidentiality: Ensures that data or an information system is accessed by only an authorized person. User Id’s and passwords, access control lists (ACL) and policy based security are some of the methods through which confidentiality is achieved
- Integrity: Integrity assures that the data or information system can be trusted. Ensures that it is edited by only authorized persons and remains in its original state when at rest. Data encryption and hashing algorithms are key processes in providing integrity
- Availability: Data and information systems are available when required. Hardware maintenance, software patching/upgrading and network optimization ensures availability
Table of contents
- Information Security Links
- The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security.3
- Internet Protocol Suite is the conceptual model and set of communications protocols used on the Internet and similar computer networks. It is commonly known as TCP/IP because the original protocols in the suite are the Transmission Control Protocol (TCP) and the Internet Protocol (IP).4
- The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage also see The Cuckoo's Egg - Wikipedia and http://mario.elinos.org.mx/docencia/herseg/cuckoo_egg.pdf
- Hacking: The Art of Exploitation - Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.
- The Art of Intrusion - Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
- The Art of Deception: Controlling the Human Element of Security - The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit.
- Secrets and Lies: Digital Security in a Networked World - Bestselling author Bruce Schneier offers his expert guidance on achieving security on a network
- Recommended Reading - This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and other related topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient in the information security realm.
- Bay Area Linux Users Group - BALUG is the Bay Area Linux Users Group. We generally meet monthly in San Francisco (generally in the Chinatown area, near downtown).
- Silicon Valley Linux Users Group - The Silicon Valley Linux User Group (SVLUG) is the oldest and one of the largest Linux user groups in the world.
- Silicon Valley Security Meetup
- The San Francisco Security Meetup Group
- BayThreat is an annual security conference that takes place in the Silicon Valley area.
- BayThreat LinkedIn
- BaySec list
- San Francisco chapter of 2600: Hacker Quarterly magazine
- How To Become A Hacker by Eric Steven Raymond
- How To Ask Questions The Smart Way by Eric Steven Raymond
- The Cathedral and the Bazaar by Eric Steven Raymond, also see https://secure.wikimedia.org/wikipedia/en/wiki/The_Cathedral_and_the_Bazaar and http://www.amazon.com/Cathedral-Bazaar-Musings-Accidental-Revolutionary/dp/0596001088 and http://books.google.com/books/about/The_cathedral_and_the_bazaar.html?id=F6qgFtLwpJgC