Information Security: An Introduction

In the age of the digital era, every device is connected to the internet. Data is now more available. Hence, the data needs to be protected from being misused.

Information security is a battle between attackers and defenders. The goal of the defenders would be to protect the computer system from the threats posed by the attacker. Let us discuss some defensive goals.

The most common defensive goal is Data confidentiality, protecting a secret (data) from people who shouldn’t know them. A field of mathematics and computer science revolves around this particular goal called cryptography.

Another goal would be data integrity, making sure that the data is not tampered with by any other intermediate person. For example, you ask your bank to transfer $10 to me and I modify $10 to $100 in the message before it reaches your bank. The bank should be able to detect that it wasn’t the original instruction.

When some service is provided by the system, availability also becomes a goal. Denial Of Service attacks (DoS attacks) are attacks where a system is overloaded or a flaw in the system is used to make the system malfunction and prevent legitimate users from accessing the service.

An attacker finds some vulnerability in the system to make the system behave and perform as per the goals of the attackers. In subsequent articles, you will explore more about information security and methods to prevent them.

References
1. Course | Unlocking Information Security I: From Cryptography to Buffer Overflows | edX. Section 1.1