Information+Security+II+-+Information+Security+Technologies

=Information Security II - Information Security Technologies= Tuesday, November 22, 2011 <>

**Topic overview:**
Having explored the core management questions surrounding information security on Sunday, we will now look at the underlying technologies available to secure an information system in greater detail. Specifically, by the end of today's class you should be able to:
 * Explain how cryptography techniques can be used to support all four of these goals
 * Identify and explain the primary types of information security attacks and risks
 * Understand some of the basic technologies and techniques used to address these threats.

**Preparation for class:** The only required reading prior to class today is the wikipedia article on Cryptography (@http://en.wikipedia.org/wiki/Cryptography).

Prior to class you should also review the TED Talk from Mikko Hypponen from the 2012 TED Global conference on computer viruses and the people and networks that creates (who, how, and why). It's a entertaining, interesting, and non-technical talk. >
 * @http://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net.html

In addition to Mikko Hypponen's talk there are two other TED Talks on information security that you will likely find very interesting and help you much better understand the topic. Neither of these talks are required, nor will you be tested on their content. They are, however, both worth the short time it will take to watch them.


 * The first talk is a detailed discussion of the Stuxnet virus that we discussed in the last class. Stuxnet is the military-grade cyber warfare virus that spread the world infecting Siemmens industrial control systems computers in an apparent cyber-attack on Iran's nuclear program (approximately 10 minutes).
 * @http://www.ted.com/talks/ralph_langner_cracking_stuxnet_a_21st_century_cyberweapon.html


 * The second talk is by Misha Glenny on global cyber-crime networks. He explains who these organizations are, how they work, their motivations, and organization. Going back to the idea from last class that to defend yourself against these types of information security attacks you need to understand the people engaging in them, this is an excellent first-step in doing so (approximately 20 minutes).
 * @http://www.ted.com/talks/lang/en/misha_glenny_hire_the_hackers.html

Finally, if you are interested in looking further into the topic of cryptography and encryption, I encourage you to look at the Wikipedia entries on Public Key Cryptography and the Symmetric Key Algorithm. Neither of these will be on the exam, nor are they required prior to class. They are simply interesting

Reference materials:
Slides:

**Pre-class exercise:** There is no pre-class exercise required for class today.