Information Assurance

1.1 INTRODUCTION Recent advances in computer networks and information technology (IT) and the advent and growth of the Internet have created unprecedented levels of opportunities for the connectivity and interaction of information systems at a global level. This has provided significant new possibilities for advancing knowledge and societal interactions across the spectrum of human endeavors , including fundamental scientific research, education, engineering design and manufacturing, environmental systems, health care, business, entertainment , and government operations. As a result, our society has already become intrinsically dependent on IT. In fact, networked information systems have been recognized as one of the basic critical infrastructures of society [1]. A consequence of the increasing dependence on networked information systems has been the significantly heightened concerns regarding their security and dependability. In particular, the interconnections, interactions, and dependencies among networked information systems and other critical infrastructure systems (e.g., electric power grids) can dramatically magnify the consequence of damages resulting from even simple security violations and/or faults. Hence, there is an urgent need to ensure that we have in place a solid foundation to help us justify the trust that we place on these information technologies and infrastructures. Research and development activities focused on ensuring that a networked information system (a) functions correctly in various operational environments,