Data security has been always a thorny subject through each human’s age, and more technology has grown up, more the techniques to protect information has become complex, to contrast the continue and even more elaborate attacks created to deface it.
So after this introduction, the first question could be “What’s information security and why do we need it?”
In general, security is the “quality or state of being secure”, far from danger, but in other words is also protection from adversaries, from those who want to harm intentionally or not.
Information security , as defined by the standards published by the CNSS (Committee on National Security System), is the protection of information and its critical elements, including the systems and hardware that store, use and transmit that information.
The history of information security begins with the history of computer security, or rather to secure physical locations, hardware and software from outside threats.
Everything is related of course to the birth of computer machines ,where the word “computer” derives from the Latin “computare”, that means “make count”.
This instrument has born to simplify the counting of difficult and complex mathematical functions , as the invention of the first “calculator” with automatic amount carried in 1642 by Blaise Pascal has shown us.
This calculator was useful to demonstrate that calculations can be done not only with mind, but also with machines.
Further in the XX century, the Information science made its first appearance, as data elaboration and automatic information process, and with it the first computer.
The Second World War acted as springboard to the first computers and security of them, that have been created by both the parts (German side and Allies); it’s interesting that Germans were the first to build a computer that was able to generate encrypted codes ( electromechanical Lorenz SZ40/42 in-line cipher machine), to communicate and transfer secret war and strategies messages, that were incomprehensible by the Allies during the first part of the conflict.
On the other side Churchill designated the English mathematic Alan Turing , who was the inventor of the first machine and who was able to read information contained in a tape and to copy them in another one, to supervise the Communication Center Study.
Turing created a group of work formed by more or less 7000 people (mathematics, archeologists, cryptographers, gamblers, etc.) to decipher the German codes: only a telephone exchanger expert created the first electronic and digital calculator called Colossus (it used thermionic valves (vacuum tubes) to perform Boolean operations and calculations).
Without these computers, the Allies would have been deprived of the very valuable intelligence that was obtained from reading the vast quantity of encrypted high-level telegraphic messages between the German High Command (OKW) and their army commands throughout occupied Europe.
After that, in the postwar period , can we see the birth of a faster computer machine, even if they were always big, heavy and relative slow compared with what we use nowadays.
It is there that Larry Roberts, known as the founder of Internet, developed the project “ARPANET”, the prototype of the nowadays Internet (NFSNET).
It consisted at first in a networked communications system to support the military’s exchange of information, and it took the name from The Department of the Defense’s Advanced Research Project Agency (ARPA).
During the next ten years ARPANET became more and more potential and extended, since it finally met the first security problems, such as vulnerability of password structure and format, lack of safety procedures concerning the dial-up connection, and also the absence of a good identification and authorization to the system.
To contrast the continue attacks by hackers, in 1978, a famous study called “Protection Analysis: Final Report” was published .
What emerged was a labyrinth of networks boasting various degrees of security (or insecurity) attempting to access and share data with each other either openly or clandestinely. The weaknesses became easier to exploit as access to the Internet’s resources became easier.
One first lack of these network was the fact that the connection was based on de facto standards, and so there hasn’t been considered the security of information, that became a critical factor which we have todays, among millions of unsecured computer networks, continually in communication with each other.
This union create a “link of connection”, where computer’s stored information (hard disk and other stored data containers) is now contingent on the level of security of every other computer to which it is connected.
The definition of computer security is represented included 3 characteristics which is confidentiality, authentication and integrity (see the picture on the top). The confidentiality means that information or data is cannot be access by unauthorized peoples because the information is secrecy or privacy. While, the authentication means when the users who they request to be. Then, the integrity means that information is keep safe against unauthorized changes that aren’t detected to authorized users.
The interesting in Information Security has grown up in the last years proportionally as information systems and as their role in the collectivity . As a new way to protect data has been created, a new method to destroy or modify it has born.
Despite the global recession, increased safety and greater international engagement in terms of repression, crime has flourished in the last ten years, with a double-digit growth, year after year.
How did we get to this point, in a world where people protest through cyber warfare and millions of Internet users suffer from online scams, virus attacks or of any other kind?