Scribd Logo
Upload

Welcome to Scribd!

  • Intro InformationAssurance Security Part2 - REFERENCES

    Uploaded by

    Kenneth Draper
    4 views8 pages

    Original Title

    Intro InformationAssurance Security Part2_REFERENCES

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views8 pages

    Intro InformationAssurance Security Part2 - REFERENCES

    Uploaded by

    Kenneth Draper

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    IT/CS-313N

    INTRODUCTION TO
    INFORMATION ASSURANCE
    Lesson 1
    AND SECURITY
    An Overview on
    IAS

    Albert A. Elveña, Jr., MSIT


    Instructor
    WHAT TO EXPECT/OBJECTIVES?

     Understand the points to


    focus on the network
    security
     Terminologies usually used
     Assessment of a company‘s
    risks in terms of information
    security
    QUICK
    QUESTION
     Do you (have such assurance)?
    How can you know?

     What security-relevant things do


    you want to happen or not happen
    when you use such a website?
    THOUGHT EXPERIMENT
    You might want:
    • Privacy of your data
    • Protection against Phishing
    • Integrity of your data
    • Authentication, Verification, Validation of your data.
    • Authorization
    • Confidentiality
    • Non-Repudiation
    • Availability
    • Others? What else?

     Which of these do you think fall under Information Assurance?


    ISO STANDARD
    According to ISO/IEC Standard 9126-1 (Software Engineering -
    Product Quality), the following are all aspects of a system quality:

    • Functionality
    • Usability
    • Reliability
    • Performance
    • Security

    Which of these do you think


    apply to IA?
    INFORMATION ASSURANCE
    Information in computer in terms may tend to be:
     USEFUL
     GATHERED
     THE RESULT OF PROCESSING DATA

    Assurance on the other hand means a positive


    declaration intended to give confidence or a
    promise.
    INFORMATION ASSURANCE

    Information Assurance (IA) is the study of


    how to protect your information assets from
    destruction, degradation, manipulation and
    exploitation. But also, how to recover should
    any of those happen.

    Notice that it is both proactive and reactive.


    ASPECT OF INFORMATION THAT NEEDS
    PROTECTION
    Availability: timely, reliable access to data and information services for authorized users;

    Integrity: protection against unauthorized modification or destruction of information;

    Confidentiality: assurance that information is not disclosed to unauthorized persons;

    Authentication: security measures to establish the validity of a transmission, message, or


    originator.

    Non-repudiation: assurance that the sender is provided with proof of a data delivery and
    recipient is provided with proof of the sender's identity, so that neither can later deny having
    processed the data.

    You might also like