Information Security: History, Terminology and Field of Action

Information Security: History, Terminology and Field of Action

Information Security: History, Terminology and Field of Action

Since around the eighties of the last century, humanity has been involved and immersed in a series of changes in all areas of public life. All because of the progressive, growing and mass development of the «Tecnologías de Información y Comunicación (TIC)». The «TIC» They have originated effects that have even changed our way of seeing, appreciating or evaluating our past or present, and even resizing the way in which we envision our future as a species.

Changes or effects, which have even changed our language used, due to the creation, use and popularity of an immense variety of new words, concepts and ideas, until recently unknown or thought. And with this publication we hope to delve into these aspects and learn a little about the current issue of «Seguridad de la Información» as an essential aspect of the current «TIC» about today's human society, that is, the «Sociedad de la Información» of the 21st century.

Information Security: Introduction

Before going fully into the subject, it is good to point out that the related concept of the «Seguridad de la Información» with that of the «Seguridad Informática», since while The first refers to the protection and safeguarding of the comprehensive information of a «Sujeto» (Person, Company, Institution, Agency, Society, Government), the second only focuses on safeguarding the data within a computer system as such.

Hence, when it comes to «Seguridad de la Información» a «Sujeto», It is important that vital information for it is protected and protected under the best security measures and good computer practices. Since, precisely the essence of the «Seguridad de la Información» is to keep all the important data of that «Sujeto» to defend.

In such a way that we can summarize the «Seguridad de la Información» as the area of ​​knowledge that consists of preservation of the confidentiality, integrity and availability of the Information associated with a «Sujeto», as well as the systems involved in its treatment, within an organization. Besides, the «Seguridad de la Información» builds its entire foundation on the following principles:

  • Confidentiality: It should be avoided that the information is not available or is not disclosed to unauthorized individuals, entities or processes.
  • Integrity: Care must be taken to maintain the accuracy and completeness of the information and its processing methods.
  • Availability: Access and use of information and its treatment systems must be guaranteed by individuals, entities or authorized processes when required.

Contents

History

From the preceding paragraphs, it can be easily deduced that the «Seguridad de la Información» not necessarily born with the modern and current «Era Informática», since it has to do with information in a generic way, which has always been associated with the term of «Humanidad, Sociedad y Civilización», while on the contrary, the «Seguridad Informática» other.

Information Security: History

Therefore, we can list specific examples of protecting «Información» throughout history, which is often associated with the legendary art or science of «Criptografía». Examples such as:

Milestones before Christ (BC)

  • 1500: Mesopotamian tablet, containing an encrypted formula to produce a ceramic glaze.
  • 500-600: Hebrew book of Jeremiah, with a simple encryption by reversing the alphabet.
  • 487: Greek staff SCYTALE, which uses a rolled leather ribbon on which it is written.
  • 50-60: Julius Caesar, Roman Emperor who used a simple substitution system in his alphabet.

Milestones after Christ (AD)

  • 855: First known text of cryptography, in Arabia (Middle East).
  • 1412: Encyclopedia (14 volumes) where cryptography, and substitution and transposition techniques are explained.
  • 1500: Start of cryptography in diplomatic life, in Italy.
  • 1518: First crypto book called "Polygraphia libri sex", written by Trithemius in German.
  • 1585: Book "Tractie de chiffre", by the French Blaise de Vigenere, which contains the well-known Vigenere Cipher.
  • 1795: First cylindrical cipher device, by Thomas Jefferson, known as “Jefferson's Wheel”.
  • 1854: 5 × 5 Matrix Cipher as Key, from Charles Wheatstone, later known as Playfair Cipher.
  • 1833: Book "La Cryptographie militaire", by Auguste Kerckhoff, containing Kerckhoff's principle.
  • 1917: Development of the single-use random tape, the only secure cryptographic system of the time.
  • 1923: Use of the “Enigma” rotor machine, designed by the German Arthur Scherbius.
  • 1929: Book "Cryptography in an Algebraic Alphabet", by Lester Hill, which contains Hill's Cipher.
  • 1973: The use of the "Bell-LaPadula Model", which formalizes the rules for access to classified information,
  • 1973-76: Dissemination and use of public key encryption algorithms or cryptographic keys.
  • 1977: Creation of the "DES Algorithm" (Data Encryption Standard), by IBM in 1975.
  • 1979: Development of the "RSA Algorithm", by Ronald Rivest, Adi Shamir and Leonard Adleman.

Information Security: Concepts

Concepts and Related Terminology

Concepts and terminology related to «Seguridad de la Información» They are many, since as we said before, it has more to do with ourselves than with the «Información» contained in digital or computerized devices or systems, an aspect that actually encompasses the «Seguridad Informática». So we will mention only a few important ones in a very summarized way.

Traffic analysis

It includes the recording of the time and duration of a «comunicación», and other data associated with it to determine in detail the communication flows, the identity of the communicating parties and what can be established about their locations.

Anonymity

Property or characteristic associated with a «Sujeto» which expresses that it cannot be identified within a set of other entities (subjects), which is usually called «Conjunto anónimo». A set that is usually made up of all the possible subjects that may cause (or be related to) an action.

Cyberspace

Non-physical (virtual) environment created by computer equipment joined to interoperate on a network. At a global level, it can be said that the «Ciberespacio» It is an interactive space (digital and electronic) implemented within computers and computer networks around the world, that is, on the Internet. He «Ciberespacio» It should not be confused with the Internet, since the first refers to objects and identities that exist within the second, which is a functional physical and logical infrastructure.

Cybernetics

Science that deals with control and communication systems in people and machines, studying and taking advantage of all their common aspects and mechanisms. Its origin is established around 1945 and is currently closely linked to the «Biónica» and «Robótica». This usually includes the study and management from calculating machines (super-computers and computers) to all kinds of mechanisms or processes of self-control and communication created or created by man that usually imitate life and its processes.

Confidentiality

Property or characteristic that prevents the disclosure of certain information to unauthorized subjects or systems. In order to do so, try to ensure access to the «Información» only to those subjects who have the proper authorization.

Cryptography

Discipline that deals with the art of writing in an agreed language through the use of codes or figures, that is, it teaches how to design «Cifrarios» (expression synonymous with secret code or secret writing) and «criptoanalizar» (inverse operation that deals with interpreting through analysis the «Cifrarios» built by cryptographers).

Critical Infrastructure

Those that provide «servicios esenciales», whose operation is essential and does not allow alternative solutionsTherefore, its disturbance or destruction would have a serious impact on essential services.

Other important concepts

  • Danger: An unfortunate human precondition that, as such, is located at the cognitive, perceptual or pre-perceptual level, with attributions of anticipation or possibility of being avoided with respect to its possible realization.
  • Privacy: Individual expectation of control that each person has regarding the information about himself and the way in which this information is known or used by third parties.
  • Proof: Element, means or action whose purpose is to demonstrate that what is stated corresponds to reality.
  • Risk: Condition or situation that corresponds to a possible potential action of loss or damage on an exposed subject or system, as a result of the "convolution" of the threat and vulnerability.
  • Transgression: Breach of laws, norms or customs.
  • Will: Human capacity to freely decide what is desired and what is not.

Information Security: Field of Action

Action field

The field of action of the «Seguridad de la Información» is closely linked to other computer science disciplines, such as «Seguridad Informática» and «Ciberseguridad».

Quoting Catherine A. Theohary:

“For some government actors, Cybersecurity means Information Security or securing the information that resides in the Cyber-infrastructure, such as telecommunications networks or the processes that these networks allow. And for some, Cybersecurity means protecting the information infrastructure from a physical or electronic attack ”.

La «Criminalística» and «Informática Forense» are also disciplines related to the scope of action of the «Seguridad de la Información». Above all, the latter, since it consists of the preservation, identification, extraction, documentation and interpretation of computer data.

There are possibly other disciplines involved besides you, so The ideal is to expand the reading on these disciplines using as references current news related to the «Seguridad de la Información» and «Seguridad Informática» in other sources of information (websites) such as: incibe, Welivesecurity (ESET) y Kaspersky.

More related information

For more information visit the following related entries:

Cybersecurity, Free Software and GNU / Linux: The Perfect Triad
Related article:
Cybersecurity, Free Software and GNU / Linux: The Perfect Triad
Computer Privacy: Crucial Element of Information Security
Related article:
Computer Privacy and Free Software: Improving our security
IT Security Tips for Everyone Anytime
Related article:
Computer Security Tips for Everyone Anytime, Anywhere
Free Software as an effective State Public Policy
Related article:
Free Software as an effective State Public Policy
Free and proprietary technologies from the perspective of Information Security
Related article:
Free and proprietary technologies from the perspective of Information Security

Information Security: Conclusion

Conclusion

We hope that this publication, about «Seguridad de la Información» be very useful for all people, both for those outside the subject directly and for those related to the subject. That it be a small but valuable source of information, especially at the level of concepts and terms that are usually in permanent use in academic, professional and social environments related to «La Informática y la Computación».

Anyway, let it be useful to be able to consolidate a theoretical base that allows anyone to face on the right foot, the beginning of knowledge in such a valuable area of ​​current knowledge.


Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.