Beginners Guides to Information Security This section covers the basics of information security with introductions to encryption, PKI (public key infrastructure), information security in business, passwords and email encryption. Links to SSL spoofing demos are provided so you can see how easy it is for someone to spoof a web page or an entire web site.
For papers in PDF format click on the icon.
- A Managers Guide to Information Security
This guide was written by The Open Group. It covers why security matters to your business, security from a business perspective - what security you need, what to expect from security solutions, internal implementation and outsourcing (PDF format).
- Managing Internet Security - Good Practise Guide
This guide published by The Victoria Auditor-General's Office serves as a practical resource for for chief information officers, business managers, information technology staff and audit committees, to help assess and improve their agency`s Internet security practices. It sets out the main issues that need to be considered when assessing the effectiveness of security over an internet system providing a starting point for a planned and structured approach.
- An Introduction to Encryption
Make any enquiry about computer security, and you will almost immediately fall over the terms cryptography and encryption (and also decryption), but what exactly is meant by this?
- An Introduction to PKI
Basic introduction to key terms and concepts used in a PKI including encryption, digital signatures, certificates, keys and Authorities, features and services used by the PKI and the techniques involved in public key cryptography.
- What is PGP?
This paper covers what is PGP, how to use PGP and how PGP works including the use of PGP encryption and digital signatures in sending and receiving data securely.
- Passwords vs PKI
Simple chart that compares passwords and PKI for encryption of information.
- What makes a good Password?
This paper tells you what makes a good password and how to select one.
- Email Encryption Guide
32-page, step-by-step tutorial that will have you up and running with industrial strength encryption in a single read-through (available for purchase).
- Open Standards - why they are essential
Before choosing a security solution it is wise to consider what you are actually buying into. This paper explains the cost of proprietary solutions and the benefits of Open Standards.
- Security of the Internet
Published by CERT and covering topics such as basic security concepts, security policies, network security incidents, Internet vulnerabilities, improving security, security technology and tools, and the future of Internet security.
SSL AND WEB SPOOFING
" We believe that there can be no secure electronic commerce on the Web until the Web Spoofing vulnerability has been addressed" .   Read more in this Web Spoofing article by Princeton University.
Web Spoofing Demo
So you think this padlock icon means your credit card details are safe during e commerce transactions?   Then see the Dartmouth EDU spoofed site demo.