Information Security: The protection of data against unauthorized access. Programs and data can be secured by issuing passwords and digital certificates to authorized users. However, passwords only validate that a correct number has been entered, not that it is the actual person. Digital certificates and biometric techniques (fingerprints, eyes, voice, etc.) provide a more secure method. After a user has been authenticated, sensitive data can be encrypted to prevent eavesdropping. The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms. (http://www.techweb.com/encyclopedia/defineterm.jhtml?term=informationsecurity)

Posted Readings

* NOTE * After some people had trouble accessing our original posts from home we have updated the readings to all articles that you can access without OSU library rights. We apologize for this inconvenience and thank those who brought it to our attention. - Jack of Spades


1) The Six Dumbest Ideas in Computer Security
http://www.ranum.com/security/computer_security/editorials/dumb/

2) Tracing the Development of DOS
http://www.acm.org/crossroads/xrds10-1/tracingDOS.html

3) Old and New Threats to Information Security
http://www.csc.com/cscworld/012007/fa/fa004.shtml