information security



Information Security for Beginners

This section covers the basics of information security with introductions to encryption, PKI (public key infrastructure), information security in business, passwords and email encryption.

Links to SSL spoofing demos are provided so you can see how easy it is for someone to spoof a web page or an entire web site.

For papers in PDF format click on the it security icon 
      



information security  A Managers Guide to Information Security
This guide was written by The Open Group.  It covers why security matters to your business, security from a business perspective - what security you need, what to expect from security solutions, internal implementation and outsourcing (PDF format).

PKI public key infrastructure  An Introduction to PKI   pki
Basic introduction to key terms and concepts  used in a PKI including encryption, digital signatures, certificates, keys and Authorities, features and services used by the PKI and the techniques involved in public key cryptography.

PKI public key infrastructure  Passwords vs PKI
Simple chart that compares passwords and PKI for encryption of information.

encryption  An Introduction to Encryption   encryption
Make any enquiry about computer security, and you will almost immediately fall over the terms cryptography and encryption (and also decryption), but what exactly is meant by this ?

encryption  Open Standards - why they are essential   encryption
Before choosing a security solution it is wise to consider what you are actually buying into. This paper explains the cost of proprietary solutions and the benefits of Open Standards

password encryption  What makes a good Password ?   password
This paper tells you what makes a good password and how to select one.

email encryption  The Hackers Nightmare
Seven complimentary chapters from The Hacker's Nightmare. The Hackers Nightmare consists of 40 chapters written for the beginner and covers spam, encryption, password management, pop-ups, firewalls, phishing, spoofing, secure data erasure, cookies, viruses, vulnerabilities (operating system, software, networks, etc.).  This books tells you everything you need to know to defend your computer from attacks and ensure your personal information is not stolen. It provides tips and tricks and information on free and commercial software to keep you protected.

email encryption  Email Encryption Guide
32-page, step-by-step tutorial that will have you up and running with industrial strength encryption in a single read-through (available for purchase).

internet security  Security of the Internet
Published by CERT and covering topics such as basic security concepts, security policies, network security incidents, Internet vulnerabilities, improving security, security technology and tools, and the future of Internet security.

information security  Managing Internet Security - Good Practise Guide
This guide published by The Victoria Auditor-General's Office serves as a practical resource for for chief information officers, business managers, information technology staff and audit committees, to help assess and improve their agency’s internet security practices. It sets out the main issues that need to be considered when assessing the effectiveness of security over an internet system providing a starting point for a planned and structured approach.  (PDF format)



SSL SPOOFING DEMO

ssl encryption So you think this padlock icon means your credit card details are safe during e commerce transactions?

Dartmouth EDU spoofed site demo

"We believe that there can be no secure electronic commerce on the Web until the Web Spoofing vulnerability has been addressed" - Princeton University