ICT Security Auditing

ICT Security Auditing

Arturo Ribagorda (Carlos III University of Madrid, Spain) and Jose M. Sierra (Carlos III University of Madrid, Spain)
Copyright: © 2000 |Pages: 29
DOI: 10.4018/978-1-878289-75-9.ch003
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

There is no doubt about the essential role that information plays in current society. Furthermore, it looks certain that this role will be more important in the next century. Consequently, it is not an exaggeration to nominate this society as the Information Society, just as other eras that were called Agricultural or Industrial. Therefore, informatics, or more general, information and communications technologies (from now on, ICT) have a predominant place in our technological societies. On the other hand, it is obvious that protection controls are already required to make information and its technologies reliable and trusted. Otherwise, it is obvious that this need of security will be higher in the near future. Migration from accepted systems and procedures (commercial, administrative, technical, etc.) to new ones (electronic commerce, digital cash, tele-working, electronic mail, etc.) will not be accepted by the people without an improvement of security. However, microcomputers and networks—without which is impossible to conceive modern companies—represent a risk for information management. In this way, threats and attacks included in science fiction movies are feasible today for organizations and people only using a PC and a simple telephone line. Then actual threats are employees, hackers, virus creators, competitor companies, etc., all of those can produce substantial losses for the information systems. Curiously, the same technologies that increase the productivity can also provoke losses due to the lack of security. All this justifies a rise in attention to the information security and motivates the growing interest in security audit. This one has become the only method to guarantee the accurate working of the security controls and, hence, to assure the reliability and trust on the information and the ICT that process it. As we said above, there are many risks associated with network use, so this field is one of the most interesting from a security view. Therefore, after a brief look at security, we will focus on the network security and its auditing.

Complete Chapter List

Search this Book:
Reset