The History of

Information Security
Samonte, Rachelle Ivana H.
BSIT-BA-3201
 The history of information security begins with
computer security.

 The need for computer security—that is, the need to

secure physical locations, hardware, and software from
threats— arose during World War II when the first
mainframes, developed to aid computations for
communication code breaking (see Figure 1-1), were put
to use. Multiple levels of security were implemented to
protect these mainframes and maintain the integrity of
their data.
Figure 1.1 The Enigma
 The growing need to maintain national security eventually
led to more complex and more technologically sophisticated
computer security safeguards.

 During these early years, information security was a

straightforward process composed predominantly of physical
security and simple document classification schemes.
 HistoryTimelin
e
During the Cold War, many more mainframes
were brought online to accomplish more
complex and sophisticated tasks. The
The 1960s Department of Defense’s Advanced Research
Project Agency (ARPA) began examining the
feasibility of a redundant, networked
During the next decade, ARPANET became communications system to support the
popular and more widely used, and the military’s exchange of information.
potential for its misuse grew. In December
of 1973, Robert M. “Bob” Metcalfe, who is
credited with the development of Ethernet, The 1970s and 80s
one of the most popular networking
protocols, identified fundamental problems
with ARPANET security. At the close of the twentieth century,
networks of computers became more
common, as did the need to connect
these networks to each other. This gave
rise to the Internet, the first global
The 1990s network of networks. The Internet was
made available to the general public in
Today, the Internet brings millions of the 1990s, having previously been the
unsecured computer networks into domain of government,academia,and
continuous communication with each dedicated industry professionals.
other. The security of each computer’s
stored information is now contingent on
the level of security of every other
computer to which it is connected. 2000 to Present
Figure 1 2 Development ARPANET
 The movement toward security that went beyond protecting physical
locations began with a single paper sponsored by the Department of
Defense, the Rand Report R-609, which attempted to define the
multiple controls and mechanisms necessary for the protection of a
multilevel computer system. The document was classified for almost
ten years and is now considered to be the paper that started the
study of computer security.

 The security—or lack thereof—of the systems sharing resources

inside the Department of Defense was brought to the attention of
researchers in the spring and summer of 1967. At that time, systems
were being acquired at a rapid rate and securing them was a
pressing concern for both the military and defense contractors
Table 1.1 Key Dates for Seminal
In June of 1967, the Advanced Research Projects Agency formed a
task force to study the process of securing classified
information systems. The Task Force was assembled in October of
1967 and met regularly to formulate recommendations, which
ultimately became the contents of the Rand Report R-609.

The Rand Report R-609 was the first widely recognized published
document to identify the role of management and policy issues
in computer security.
Wide utilization of networking components in information
systems in the military introduced security risks that could
not be mitigated by the routine practices then used to secure
these systems. This paper signaled a pivotal moment in computer
security history—when the scope of computer security expanded
significantly from the safety of physical locations and
hardware to include the following:
 Securing the data
 Limiting random and unauthorized access to that data
 Involving personnel from multiple levels of the organization
in matters pertaining to information security
 MULTICS
• Much of the early research on computer security centered on a system called
Multiplexed Information and Computing Service (MULTICS).noteworthy because it was
the first operating system to integrate security into its core functions. It was a
mainframe, time-sharing operating system developed in the mid1960s by a consortium
of General Electric (GE), Bell Labs, and the Massachusetts Institute of Technology
(MIT).

• At the close of the twentieth century, networks of computers became more common, as
did the need to connect these networks to each other. This gave rise to the
Internet, the first global network of networks. The Internet was made available to
the general public in the 1990s, having previously been the domain of government,
academia, and dedicated industry professionals. The Internet brought connectivity
to virtually all computers that could reach a phone line or an Internet-connected
local area network (LAN). After the Internet was commercialized, the technology
became pervasive, reaching almost every corner of the globe with an expanding array
of uses.
 What Is Security?

• Security is “the quality or state of

being secure—to be free from danger.”11
In other words, protection against
adversaries—from those who would do harm,
intentionally or otherwise—is the
objective.
 What is Information
Security?

According to Whitman during these early

years, information security was a
straightforward process composed pre-
dominantly of physical security and simple
document classification schemes.
 Information Security status
related against history
In the past the technology are not just very
evolved that’s why the potential of the hacker
was weak while today the data security is so
critical because the threats from hackers,
malware greater than it ever has been in the past
while technology are improving today and in the
future the hackers also improving their way to
attack the data that’s why today the information
security is most important
Thank You ;)