Introduction to Information Security

  • Izzat Alsmadi
  • Robert Burdwell
  • Ahmed Aleroud
  • Abdallah Wahbeh
  • Mahmood Al-Qudah
  • Ahmad Al-Omari


Nowadays, security is becoming number one priority for governments, organization, companies, and individuals. Security is all about protecting critical and valuable assets. Protecting valuable and critical assets, whether they are tangible or intangible, is a process that can be ranged from being unsophisticated to being very sophisticated. Security is a broad term that serves as an umbrella for many topics including but not limited to computer security, internet security, communication security, network security, application security, data security, and information security. In this chapter, and following the scope of the textbook, we will discuss about information security and provide an overview about general information security concepts, recent evolutions, and current challenges in the field of information security.


  1. Ben Othmane, L., Angin, P., Weffers, H., & Bhargava, B. (2014). Extending the agile development process to develop acceptably secure software. IEEE Transactions on Dependable and Secure Computing, 11(6), 497–509.CrossRefGoogle Scholar
  2. Cherdantseva, Y., & Hilton, J. (2013). A reference model of information assurance & security. Paper presented at the Availability, reliability and security (ares), 2013 eighth international conference on.Google Scholar
  3. Deghedi, G. A. (2014). Information sharing as a collaboration mechanism in supply chains. Paper presented at the Information and Knowledge Management.Google Scholar
  4. Dufel, M., Subramanium, V., & Chowdhury, M. (2014). Delivery of authentication information to a RESTful service using token validation scheme: Google Patents.Google Scholar
  5. EICAR (n. d.). EICAR test files, Retrieved from
  6. Elkhodr, M., Shahrestani, S., & Cheung, H. (2016). The internet of things: New interoperability, management and security challenges. arXiv preprint arXiv:1604.04824.CrossRefGoogle Scholar
  7. ITPRO. (2014). Russian cyber gang steal 1.2 billion sernames & passwords, Retrieved from
  8. Ivancic, W. D., Vaden, K. R., Jones, R. E., & Roberts, A. M. (2015). Operational concepts for a generic space exploration communication network architecture. NASA, online,
  9. Kuhn, D. R., Hu, V. C., Polk, W. T., & Chang, S. J. (2001). Introduction to public key technology and the federal PKI infrastructure. Retrieved from. NIST,
  10. Lee, J. (2014). An enhanced risk formula for software security vulnerabilities. ISACA Journal, 4.Google Scholar
  11. Matteucci, I. (2008). Synthesis of secure systems. PhD thesis, University of Siena.
  12. Mell, P., Bergeron, T., & Henning, D. (2005). Creating a patch and vulnerability management program. NIST Special Publication, 800, 40.Google Scholar
  13. Michael, N., Kelley, D., & Victoria, Y. P. (2017). An Introduction to Information Security (pp. 800–812). NIST online,
  14. NIST. (1994). Federal Information Processing Standard (FIPS) 191. National Institute of Standards and Technology (NIST).
  15. NIST. (2013). Security and privacy controls for federal information systems and organizations. National Institute of Standards and Technology (NIST).
  16. Russian cyber gang steal 1.2 billion usernames & passwords, Retrieved from
  17. Jaewon Lee, An Enhanced Risk Formula for Software Security Vulnerabilities. ISACA Journal Volume 4, 2014.Google Scholar
  18. Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. (1996). Role-based access control models. Computer, 29(2), 38–47.CrossRefGoogle Scholar
  19. Sengupta, A. (2011). Method for processing documents containing restricted information: Google Patents.Google Scholar
  20. Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215–225.CrossRefGoogle Scholar
  21. Stoneburner, G., Hayden, C., & Feringa, A. (2001). Engineering principles for information technology security (a baseline for achieving security). Retrieved from NIST,
  22. Vacca, J. R. (2012). Computer and information security handbook (2nd ed.). Cambridge, MA: Newnes\Morgan Kaufmann.Google Scholar
  23. Whitman, M., & Mattord, H. (2013). Management of information security (4 ed.). Nelson Education\Cengage Learning.Google Scholar
  24. WikiBooks. (2017). Information security in education - case studies. Retrieved from

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Izzat Alsmadi
    • 1
  • Robert Burdwell
    • 1
  • Ahmed Aleroud
    • 2
  • Abdallah Wahbeh
    • 3
  • Mahmood Al-Qudah
    • 4
  • Ahmad Al-Omari
    • 5
  1. 1.Texas A&M University San AntonioSan AntonioUSA
  2. 2.Department of Computer Information SystemsYarmouk UniversityIrbidJordan
  3. 3.Slippery Rock University of PennsylvaniaSlippery RockUSA
  4. 4.Yarmouk UniversityIrbidJordan
  5. 5.Schreiner UniversityKerrvilleUSA

Personalised recommendations