This site is showing visitors that sometimes it's just matter of using Google and Wiki to know answers for some questions ;)
At Google use query: "wiki ..." where ... is your question
Security is the condition of being protected against danger, loss, and criminals. In the general sense, security is a concept similar to safety. The nuance between the two is an added emphasis on being protected from dangers that originate from outside. Individuals or actions that encroach upon the condition of protection are responsible for the breach of security.
The word "security" in general usage is synonymous with "safety," but as a technical term "security" means that something not only is secure but that it has been secured. In telecommunications, the term security has the following meanings:[1]
A condition that results from the establishment and maintenance of protective measures that ensure a state of inviolability from hostile acts or influences.
With respect to classified matter, the condition that prevents unauthorized persons from having access to official information that is safeguarded in the interests of national security.
Measures taken by a military unit, an activity or installation to protect itself against all acts designed to, or which may, impair its effectiveness.
Security has to be compared and contrasted with other related concepts: Safety, continuity, reliability. The key difference between security and reliability is that security must take into account the actions of active malicious agents attempting to cause destruction.
Read more on WIKI
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.[1] The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms.
Read more on WIKI
One use of the term computer security refers to technology to implement a secure operating system. Much of this technology is based on science developed in the 1980s and used to produce what may be some of the most impenetrable operating systems ever. Though still valid, the technology is in limited use today, primarily because it imposes some changes to system management and also because it is not widely understood. Such ultra-strong secure operating systems are based on operating system kernel technology that can guarantee that certain security policies are absolutely enforced in an operating environment. An example of such a Computer security policy is the Bell-LaPadula model. The strategy is based on a coupling of special microprocessor hardware features, often involving the memory management unit, to a special correctly implemented operating system kernel. This forms the foundation for a secure operating system which, if certain critical parts are designed and implemented correctly, can ensure the absolute impossibility of penetration by hostile elements. This capability is enabled because the configuration not only imposes a security policy, but in theory completely protects itself from corruption. Ordinary operating systems, on the other hand, lack the features that assure this maximal level of security. The design methodology to produce such secure systems is precise, deterministic and logical.
Systems designed with such methodology represent the state of the art of computer security although products using such security are not widely known. In sharp contrast to most kinds of software, they meet specifications with verifiable certainty comparable to specifications for size, weight and power. Secure operating systems designed this way are used primarily to protect national security information, military secrets, and the data of international financial institutions. These are very powerful security tools and very few secure operating systems have been certified at the highest level (Orange Book A-1) to operate over the range of "Top Secret" to "unclassified" (including Honeywell SCOMP, USAF SACDIN, NSA Blacker and Boeing MLS LAN.) The assurance of security depends not only on the soundness of the design strategy, but also on the assurance of correctness of the implementation, and therefore there are degrees of security strength defined for COMPUSEC. The Common Criteria quantifies security strength of products in terms of two components, security functionality and assurance level (such as EAL levels), and these are specified in a Protection Profile for requirements and a Security Target for product descriptions. None of these ultra-high assurance secure general purpose operating systems have been produced for decades or certified under the Common Criteria.
In USA parlance, the term High Assurance usually suggests the system has the right security functions that are implemented robustly enough to protect DoD and DoE classified information. Medium assurance suggests it can protect less valuable information, such as income tax information. Secure operating systems designed to meet medium robustness levels of security functionality and assurance have seen wider use within both government and commercial markets. Medium robust systems may provide the same the security functions as high assurance secure operating systems but do so at a lower assurance level (such as Common Criteria levels EAL4 or EAL5). Lower levels mean we can be less certain that the security functions are implemented flawlessly, and therefore less dependable. These systems are found in use on web servers, guards, database servers, and management hosts and are used not only to protect the data stored on these systems but also to provide a high level of protection for network connections and routing services.
Governments, military, financial institutions, hospitals, and private businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Should confidential information about a businesses customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business. Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement. For the individual, information security has a significant effect on privacy, which is viewed very differently in different cultures.
The field of information security has grown and evolved significantly in recent years. As a career choice there are many ways of gaining entry into the field. It offers many areas for specialization including Information Systems Auditing, Business Continuity Planning and Digital Forensics Science, to name a few.
This article presents a general overview of information security and its core concepts.
Read more on WIKI
In a security context, a hacker is someone involved in computer security/insecurity, specializing in the discovery of exploits in systems (for exploitation or prevention), or in obtaining or preventing unauthorized access to systems through skills, tactics and detailed knowledge. In the most common general form of this usage, "hacker" refers to a black-hat hacker (a malicious or criminal hacker). There are also ethical hackers (more commonly referred to as white hats), and those more ethically ambiguous (grey hats). To disambiguate the term hacker, often cracker is used instead, referring either to computer security hacker culture as a whole to demarcate it from the academic hacker culture (such as by Eric S. Raymond[1]) or specifically to make a distinction within the computer security context between black-hat hackers and the more ethically positive hackers (commonly known as the white-hat hackers). The context of computer security hacking forms a subculture which is often referred to as the network hacker subculture or simply the computer underground. According to its adherents, cultural values center around the idea of creative and extraordinary computer usage. Proponents claim to be motivated by artistic and political ends, but are often unconcerned about the use of criminal means to achieve them. Sometimes hackers can be dangerous.
Read more on WIKI
Well-known:
* IBM:
International Business Machines Corporation, abbreviated IBM and nicknamed "Big Blue", is a multinational computer technology and consulting corporation headquartered in Armonk, New York, USA. The company is one of the few information technology companies with a continuous history dating back to the 19th century. IBM manufactures and sells computer hardware and software, and offers infrastructure services, hosting services, and consulting services in areas ranging from mainframe computers to nanotechnology.[2]
IBM has been known through most of its recent history as the world's largest computer company; with over 388,000 employees worldwide, IBM is the largest information technology employer in the world. Despite falling behind Hewlett-Packard in total revenue since 2006, it remains the most profitable. IBM holds more patents than any other U.S. based technology company.[3] It has engineers and consultants in over 170 countries and IBM Research has eight laboratories worldwide.[4] IBM employees have earned three Nobel Prizes, four Turing Awards, five National Medals of Technology, and five National Medals of Science.[5] As a chip maker, IBM has been among the Worldwide Top 20 Semiconductor Sales Leaders in past years, and in 2007 IBM ranked second in the list of largest software companies in the world.[6]
Read more on WIKI
Visit IBM homepage
* Microsoft
Microsoft Corporation is an American multinational computer technology corporation, which rose to dominate the home computer operating system market with MS-DOS in the mid-1980s, followed by the Windows line of operating systems.
Throughout its history the company has been the target of criticism for various reasons, including monopoly status and anti-competitive business practices including refusal to deal and tying. The U.S. Justice Department and the European Commission, among others, have ruled against Microsoft for various antitrust violations.[8][9]
It develops, manufactures, licenses, and supports a wide range of software products for computing devices.[10][7] Microsoft's best-selling products are the Microsoft Windows operating system and the Microsoft Office suite of productivity software.
Read more on WIKI
Visit MICROSOFT homepage
If you're looking for nice blogs related to security, hacking etc:
* Google Online Security Blog
The latest news and insights from Google
on security and safety on the Internet.
Google Online Security Blog
* Security.ITHub.com - Internet Security
There you can find security buyer's guide:
Anti-Spam
Anti-Spyware
Anti-Virus software
Application security
Biometric access controls
Data recovery
Digital forensics
Digital rights management
Encryption
Facial recognition software
Firewalls
Intrusion Detection
IT management tools
Network Security
Patch Management
Phishing
Public Key Infrastructure
Spam filtering
VPN
Wireless security
Security.ITHub.com - Internet Security
Other sites:
* Opereal - user-friendly technology
Dedicated authorization systems are equipped with smashing encryptions and perfectly secured databases, but the weakness has name "end-user".
Simple mistake of user can damage created idea. We are solving problems of modern IT security with different way. We would like to introduce solutions where IT is connected with psychology.
Engineers builds more complicated authorizations with more and more complicated passphrases. As we know, end-user pays the price of feeling more secured. We want provide more user-friendly solutions. Our solutions are created with two different sciences - IT and psychology. Main feature in our solutions is pointing out users attention to relevant areas. It makes them quite powerful and user-friendly, which improves security. BiteNetwork - antiphishing tool, IncredibleLogin - new idea, which replace standard login forms, UnPhishable - login page, which can not be easily phished.
Opereal - user-friendly technology
* FIRST
FIRST is a premier organization and recognized global leader in incident response. Membership in FIRST enables incident response teams to more effectively respond to security incidents by providing access to best practices, tools, and trusted communication with member teams.
Visit FIRST homepage