The paper “ Information Security, Identity Theft and Identity Fraud, Components of an Effective Security Education” is a convincing variant of assignment on information technology. Information security refers to the means of ways of safeguarding information and information systems from being unauthorized or unlawful access, disclosure, use, modification, disruption, perusal, inspection, destruction, or recording. Information security qualities or attributes include confidentiality, authentication, availability, integrity, etc. Confidentiality: Confidentiality refers to the deliberate attempt to limit access, disclosure, or use of particular information to unauthorized users. In this case, the information is for exclusive use by the “ right people” and who in term limit or prevent the “ wrong people” From accessing the information.
This gives assurance that the information is shared among and within the authorized individuals or organizations. A breach of confidentiality may arise when such information or data is handled in a manner that may lead to the disclosure of information to unauthorized people either through word of mouth, copying emailing, or forming other data forms like printing. Integrity: This refers to trustworthiness, fidelity, and honesty of information resources. This also involves “ data integrity” concept_ where data or information have not been changed or altered inappropriately, whether deliberately or accidental malign activity.
Another critical concept of data integrity is “ source integrity” - i. e. that the data or information actually originated from an individual or entity you know and not an imposter, and that the right information was recorded or entered i. e. data validity. Availability: This refers to the assurance that the systems and means dependable for delivering, transmitting, processing, and processing information are reachable when required by those in need of particular information. This calls for the proper and efficient functioning of processing computing and storage systems used in both storing and processing of the information.
Availability can be hindered by; hardware failures, power outages, system upgrades. Non-Repudiation: This refers to the assurance that a particular sender is supplied with proof of delivery and that the respective recipient of the transaction is equally provided with a proof of the identity of the sender, therefore, making it impossible for any of them to deny having processed the information. Non- repudiation, therefore, offers protection against anyone falsely denying taking part in some form of action.
This gives the capability to ascertain whether a particular individual took some action, for instance, creating, approving, sending, or receiving some form of information. This helps in protecting individuals or entities against later litigation, or claims of not having authored a given document, or a sender not having sent a message, a recipient of not having obtained message. Authentication: This refers to the act of confirming the originality and truth of an attribute of an entity. This may involve confirmation of an individual, software program, tracking the origin of a piece, and guaranteeing that a particular product is what it’ s packaging and tagging claims designate.
Authentication in information science helps in curbing literary forgery and plagiarism. . Examples of security attributes; Confidentiality; Data is considered confidential when it is not accessed by unauthorized individuals. For instance, in a federal or state scenario, data, and information concerning confidentiality agreements must be treated with the utmost security controls. In a university scenario, confidential data is only accessed to those individuals affiliated to the institution. This may include official student academic grades, financial status and aid to the institution, social security numbers, and health information of the students and staff.
A medical practitioner is under oath expected to keep information about patients’ medical records confidential. Integrity: this refers to the timely access to the particular required data, or information. For instance, data and information stored in a disk are expected to be stable and not supposed to be altered randomly by problems and malfunctioning arising from inherent disk controllers. Non-Repudiation: Ideally this refers to the capability to deny a false rejection attempt of responsibility with indisputable evidence.
In the Public Key Infrastructure (PKI0 environment, digitized certificates can be efficiently generated and thus adopted as digital signatures. The resultant digital signature forms a non- repudiation token that offers evidence in both origin and delivery of a particular transaction. For instance the in postage mail service, one is given a receipt containing an identification number particular with the sent registered letter. If the intended recipient fails to receive that particular letter and goes ahead to claim that the letter was never sent, then the receipt of delivery containing the identification number can offer an irrefutable non- repudiation of submission. Availability: The availability of such data stored in a disk can be breached by a disk crash or malware attacks.
Any unexpected delay as a result of such eventuality, leading to a denial or delayed access may as well lead to a breach of availability. Authentication: This shows the veracity and genuineness of a claim of authorship or origin of data or information. For instance in electronic data or information, a digital signature could be used to verify claims of the originality of a digital document.
This can be verified using cryptography. This can equally be used to shows document integrity as well. Information assets protection
Moor, J.M.: 1995, “What is Computer Ethics?” in D.G. Johnson and H. Nissenbaum
(eds.), Computer Ethics & Social Values (Upper Saddle River, NJ)