VELAMMAL INSTITUTE OF TECHNOLOGY DEPARTMENT OF INFORMATION TECHNOLOGY INFORMATION SECURITY - IT2042 UNIT-I INTRODUCTION History Computer security began immediately after the first mainframes were developed Groups developing code-breaking computations during World War II created the first modern computers Physical controls were needed to limit access to authorized personnel to sensitive military locations Only rudimentary controls were available to defend against physical theft, espionage, and sabotage Information Security is an old concept, but a new field of specialization. It involves protecting information, especially personal or sensitive information, from deliberate or accidental loss or misuse. The field is increasingly important in the University because, as our dependence on computers to store and transmit information accurately and securely grows, the vulnerabilities in our systems and our habits become increasingly obvious and open to exploitation. The 1960s Department of Defense‟s Advanced R esearch Project Agency (ARPA) began examining the feasibility of a redundant networked communications Larry Roberts developed the project from its inception The 1970s and 80s ARPANET grew in popularity as did its potential for misuse Fundamental problems with ARPANET security were identified – No safety procedures for dial-up connections to the ARPANET – User identification and authorization to the system were non-existent In the late 1970s the microprocessor expanded computing capabilities and security threats R-609 – The Start of the Study of Computer Security Information Security began with Rand Report R-609 The scope of computer security grew from physical security to include: – Safety of the data – Limiting unauthorized access to that data – Involvement of personnel from multiple levels of the organization
The 1990s Networks of computers became more common, so too did the need to interconnect the networks Resulted in the Internet, the first manifestation of a global network of networks In early Internet deployments, security was treated as a low priority The Present The Internet has brought millions of computer networks into communication with each other – many of them unsecured Ability to secure each now influenced by the security on every computer to which it is connected What Is Security?
“The quality or state of being secure -- to be free from danger” To be protected from adversaries A successful organization should have multiple layers of security in place: – Physical security – Personal security – Operations security – Communications security – Network security What Is Information Security? The protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information Tools, such as policy, awareness, training, education, and technology are necessary The C.I.A. triangle was the standard based on confidentiality, integrity, and availability The C.I.A. triangle has expanded into a list of critical characteristics of information
You've reached the end of your free preview.
Want to read all 43 pages?