Abstract
Nowadays, security is becoming number one priority for governments, organization, companies, and individuals. Security is all about protecting critical and valuable assets. Protecting valuable and critical assets, whether they are tangible or intangible, is a process that can be ranged from being unsophisticated to being very sophisticated. Security is a broad term that serves as an umbrella for many topics including but not limited to computer security, internet security, communication security, network security, application security, data security, and information security. In this chapter, and following the scope of the textbook, we will discuss about information security and provide an overview about general information security concepts, recent evolutions, and current challenges in the field of information security.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ben Othmane, L., Angin, P., Weffers, H., & Bhargava, B. (2014). Extending the agile development process to develop acceptably secure software. IEEE Transactions on Dependable and Secure Computing, 11(6), 497–509.
Cherdantseva, Y., & Hilton, J. (2013). A reference model of information assurance & security. Paper presented at the Availability, reliability and security (ares), 2013 eighth international conference on.
Deghedi, G. A. (2014). Information sharing as a collaboration mechanism in supply chains. Paper presented at the Information and Knowledge Management.
Dufel, M., Subramanium, V., & Chowdhury, M. (2014). Delivery of authentication information to a RESTful service using token validation scheme: Google Patents.
EICAR (n. d.). EICAR test files, Retrieved from http://www.eicar.org/85-0-Download.html
Elkhodr, M., Shahrestani, S., & Cheung, H. (2016). The internet of things: New interoperability, management and security challenges. arXiv preprint arXiv:1604.04824.
ITPRO. (2014). Russian cyber gang steal 1.2 billion sernames & passwords, Retrieved from http://www.itpro.co.uk/security/22838/russian-cyber-gang-steal-12-billion-usernames-passwords
Ivancic, W. D., Vaden, K. R., Jones, R. E., & Roberts, A. M. (2015). Operational concepts for a generic space exploration communication network architecture. NASA, online, https://ntrs.nasa.gov/archive/nasa/casi.ntrs.nasa.gov/20160013860.pdf
Kuhn, D. R., Hu, V. C., Polk, W. T., & Chang, S. J. (2001). Introduction to public key technology and the federal PKI infrastructure. Retrieved from. NIST, https://csrc.nist.gov/publications/detail/sp/800-32/final
Lee, J. (2014). An enhanced risk formula for software security vulnerabilities. ISACA Journal, 4.
Matteucci, I. (2008). Synthesis of secure systems. PhD thesis, University of Siena. https://www.semanticscholar.org
Mell, P., Bergeron, T., & Henning, D. (2005). Creating a patch and vulnerability management program. NIST Special Publication, 800, 40.
Michael, N., Kelley, D., & Victoria, Y. P. (2017). An Introduction to Information Security (pp. 800–812). NIST online, http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-12r1.pdf
NIST. (1994). Federal Information Processing Standard (FIPS) 191. National Institute of Standards and Technology (NIST). https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf
NIST. (2013). Security and privacy controls for federal information systems and organizations. National Institute of Standards and Technology (NIST). https://csrc.nist.gov/csrc/media/publications/sp/800-53/rev-4/archive/2013-04-30/documents/sp800-53-rev4-ipd.pdf
Russian cyber gang steal 1.2 billion usernames & passwords, Retrieved from http://www.itpro.co.uk/security/22838/russian-cyber-gang-steal-12-billion-usernames-passwords
Jaewon Lee, An Enhanced Risk Formula for Software Security Vulnerabilities. ISACA Journal Volume 4, 2014.
Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. (1996). Role-based access control models. Computer, 29(2), 38–47.
Sengupta, A. (2011). Method for processing documents containing restricted information: Google Patents.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215–225.
Stoneburner, G., Hayden, C., & Feringa, A. (2001). Engineering principles for information technology security (a baseline for achieving security). Retrieved from NIST, https://csrc.nist.gov/publications/detail/sp/800-32/final
Vacca, J. R. (2012). Computer and information security handbook (2nd ed.). Cambridge, MA: Newnes\Morgan Kaufmann.
Whitman, M., & Mattord, H. (2013). Management of information security (4 ed.). Nelson Education\Cengage Learning.
WikiBooks. (2017). Information security in education - case studies. Retrieved from https://en.wikibooks.org/w/index.php?title=Information_Security_in_Education/Case_Studies&stable=1
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
Alsmadi, I., Burdwell, R., Aleroud, A., Wahbeh, A., Al-Qudah, M., Al-Omari, A. (2018). Introduction to Information Security. In: Practical Information Security. Springer, Cham. https://doi.org/10.1007/978-3-319-72119-4_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-72119-4_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72118-7
Online ISBN: 978-3-319-72119-4
eBook Packages: EngineeringEngineering (R0)