Content area

Full Text

Abstract: Information assurance (IA) is the practice of protecting and defending information systems by ensuring their availability, confidentiality, integrity, authentication, and nonrepudiation. As a discipline, IA grew from the practice of information security. It plays a crucial role in a networked infrastructure of e-commerce, e-business, and e-Government. For this reason, IA is a serious worldwide concern of organizations, industry, governments, and academia. This paper provides a brief introduction on information assurance, the benefits it brings, and the challenges in the implementation of the concept.

Keywords: Information assurance, information goods, information services, information security, computer security.

Introduction

Due to security concerns, organizations worldwide need to continuously seek safety and protection of information assets such as patient information, key components of the technical information system, and critical personnel. Consumer fraud on the Internet is mounting, resulting in financial losses and distrust in e-commerce websites. Information assurance (IA) has been proposed to counter this trend. It is the process of protecting information from theft, destruction, or manipulation. IA is increasing in importance as threats (e.g., virus, rumor) abound in the highly connected and distributed information sharing environment.

The term "information assurance" was first used by the U.S. government. Information assurance is an interdisciplinary field which requires expertise in computer science, systems engineering, law, risk management, information security, forensic science, and criminology. It plays a crucial role in the information infrastructure that supports commerce, banking, telecommunications, health care, and national security.

Information assurance is more inclusive than information security in that it involves not only protection and detection but includes survivability and dependability of the information system that has been subject to successful attack.

Pillars of Information Assurance

Information assurance includes protection of the integrity, availability, authenticity, non-repudiation and confidentiality of...

Show less