Role of Time in Information Assurance
The society at large is on the verge of a new era. This new era is the information age which is marked with a major paradigm shift in the area of information assurance. Information assurance has three main attributes: confidentiality, integrity, and availability. All the three tenants of information assurance must be well guarded and maintained in order to bring a marked improvement of both the current and future information systems. Some of the steps necessary to ensure the best information assurance practices must be addressed by the use of appropriate legislation. The best techniques of ensuring acceptable information assurance standards will take long time to formulate and implement. Time will therefore play a very integral role in the perfection of information assurance techniques.
Numerous scholars in a variety of disciplines have been concerned with the special roles that time apparently plays in the field of information assurance and the evolution of cyber laws. The architects of various information technology system have to contend to the fact that the systems eventually get outdated and hence the need for frequent upgrades. In this paper, I am going to illustrate the role that time might play in the field of information assurance or in the process of civilizing the cyber world and its laws. My analysis of the subject matter will be based on the chronology of events and problems in the field of information technology whose solutions are a function of time. The issue of cyber law is very crucial to the very foundation of the internet itself. This is due to the fact that without proper the regulation of the information being presented on the internet, the flow and integrity of the online information would be jeopardized (Yatindra, 2007).
As society progressively relies on the convenience of digitally transmitted and stored data, the existing applications therefore increasingly require higher resources so that their availability is guaranteed. This is in order to ensure constant availability, integrity, and overall confidentiality of the data being exchanged. However, as the amount and severity of the various cyber attacks and vulnerabilities increase, the current information security technologies are continuously becoming limited in the satisfaction of the security requirement. The numbers of successful has increased suddenly. This has therefore necessitated the rapid development of better platforms that employ more efficient technologies in order to take care of the vulnerabilities and risks. The new measures that are introduced are meant must be able to adequately handle the security exceptions. The goal is to come up with a fool-proof information assurance system that is capable of not only preventing information from being easily disclosed, destroyed or even modified without due permission. This has necessitated the continuous study of the methods and techniques of attacks. The process of exposing the vulnerabilities in the system is done by professionals who by themselves are white hat hackers. They are normally referred to as the Red Teams. It takes a considerable amount of time for these tem members to identify the causes of various vulnerabilities that could be present in the IA systems. The fact that the process of identifying the source of problem until a viable solution or patch is found is a function of time proves that the process of civilizing the cyber world domain is largely governed by time. The natural evolution of the solution finding process is evidence of the role that time plays in information assurance.
An overview of the Information Assurance technologies
An overview of the information assurance technologies reveals a three generation period that comprises of various important but collaborative technologies. All the three technologies exhibit a natural process of evolution over time. The maturity that is observed in the field of Information assurance is a sure sign that time is a crucial element in the improvement of the information assurance techniques and efficiency.
AI technologies can be grouped into three distinct groups. The first group which is termed as the first generation of IA is designed in order to prevent intrusions. This is through the prevention of hack attacks from being successful. The technologies applied in this generation include Trusted Computing Base, cryptography, access control and multiple level accesses among others. The second generation of IA is designed in order to detect the various forms and incidences...
This generation makes use of various technologies in the process of achieving its aim of intrusion detection. The technologies that it employs are firewalls, controllers of boundaries and intrusion detection systems.
The third and final generation of IA technologies is designed to operate through various forms of attacks. The key concept here is survivability. Some of the attacks will definitely succeed. However the main objective of this third generation of IA is to allow the information services to proceed with service delivery in the actual presence of the continuing attacks. The major technologies that are employed here include a variety of real-time issue awareness and response methods, intrusion tolerance and real-time trade-off of performance.
The three generations of IA are crucial in the process of maintaining a proper Information Assurance strategy. It is worth noting that no one generation can replace another. The foundations of IA were laid down by the 1st and 2nd generation IA technologies. However, the foundations of IA were built on the principles derived from the 1st generation. The natural evolution of the IA generations shows that time is very crucial for the maturity of various technologies.
The internet has provided an unprecedented new level of convenience. This has been made possible through the rapid developments that have been necessitated through the use and application of the internet. Miller Steven (2003) asked very pertinent issues regarding the ethics that surround the use of the internet. Jack Murphy (2006) in his article "Information Assurance Technologies: 10 Years Past, Present and Future" argued that the reality is that the current efforts are concentrated at a pervasive infrastructure that is based on the public key infrastructure (PKI). The future cyber laws will therefore be designed to optimize information assurance across all levels of the society and corporate world. The suggested infrastructure must be sufficient in the process of reducing the incidences of online intrusions through the establishment of proper intrusion detection systems. (Murphy, 2006).The process of formulating the information assurance policies and frameworks should be able to positively reflect on an organization's bottom lines. The process of formulating and implementing an organization's policies should be able to bear the brunt of a thorough development coupled with a rigorous testing regime. This must be a carried out in a manner that does not sacrifice the larger market or even the cost merits.
The previous information security techniques had their basis fixed on predefined variables of security measures and information control that was framed around a particular framework. It is these controls that the information system technicians and designers used as their checklist in the process of coming up with better and more secure systems. The high number of checklist however presents even more problems as it tedious and confusing to come up with the perfect and universal system of performing the security audit. A large number of literatures focus on the risk analysis techniques that were formulated by Courtney (1977).His analysis proposed a very straight forward and yet quantitative approach to be adopted in the process of evaluating the various risks. His approach has its basis and determinants pegged on the two most crucial elements of information management. Yet again several other scholars postulated methods that better in the determination of the risks involved in the process of implementing a certain kind of information system. The advance in technology has also accelerated the rate at which the information risk management can be carried out. Such systems include Smith-Liam approach (Smith & Liam).
Time is sure to play a very crucial role on the process of civilizing the cyber space. This is best illustrated by an analyst who concluded that individuals tend never to react until they have burnt. This suggests that a major disaster is necessary for individuals and corporations to fully protect their interests in the cyber space. The concept of information assurance is a very crucial element of the cyber space as portrayed by the online newsletter Security and Information (SIA, 2005).The article further supports the hypothesis that time is a crucial elements in the process of ensuring future information assurances and a more civilized cyber-space. The future system should be able to used codes and active scripts in the process of mending the human-computer interface (SIA, 2005).The future information assurance system should be built on very smart platforms that support the two most important technologies that facilitate the cognitive decision making ability in the systems. The two technologies to be used are data Fusin and Fuzzy logic. The Data Fusion technology should be able to automatically bring in the reconciliation and combination of the data in question. This technology would facilitate the quick extraction of meaningful…
S. Department of Defense (DOD) uses over two million computers and more than ten thousand local area networks, most of which are linked to, and vulnerable to attack from, users of the larger Internet. (2008, p. 276) These increasing threats correspond to the growing reliance on information systems to manage the entire spectrum of modern commerce and energy resources, making the disruption of a single element in the integrated system a
The various e-businesses therefore depend upon various ISP's as well as the internet infrastructure in order to achieve an improved level of convenience as well as unparalleled availability. The merits associated with e-commerce has therefore resulted to rapid adoption of the concept with a heavy reliance on various encryption techniques such as SLL as well as username and password based authentication techniques that rely on authentication files contained within
Federal Plans NICE Plan Development and Research Challenge Future Plan This paper discusses what is referred to as the Federal Plan is for Cyber Security and Information Assurance (CSIA- R&D) Research and Development. Details of the federal government's plan will be discussed as well as what is expected and can be done about cyber security in the long-term. In this federal plan, the terms 'information assurance' and 'cyber security' refer to measures put in place to
Information Security The discussion below provides answers to questions raised with regard to a case at Greenwood Company A forensic plan of readiness comes with several advantages. If there arises a situation that forces a company to be engaged in litigation, and there is need for digital evidence, e-discovery is of central importance. The laws and rules that govern the e-discovery, such as the Federal Rules of Civil Procedure or the Practice
Assurance Program Why/How to create an Information Assurance Just as paramount as the availability and access to information is significant in every company or business outfit, certain concerns always come to the fore: the kind of information is to be made. How the information is going to be organized? How will it be possible to ensure that the information released represents the judgment of the management of the company and gives
IT Governance lays special emphasis on the system of information technology, along with the performance and risk management of the IT infrastructure in an organizational context. The primitive focus of IT Governance is the assurance of the fact that investment in the Information technology infrastructure is contributing to generate business value and at the same time lessen the potential risks pertaining to the Information Technology. This objective is attained by