Articles Master of Science in Information Security and Assurance


The Evolution of Information Assurance

A padlock on a keyboard

With homomorphic encryption, file binders and secure multi-party computation, the complexity of the modern information assurance (IA) techniques can potentially overwhelm even the most educated IA professional. And given that techniques are constantly changing and building off one another, it could be of benefit to understand some of their early components. By scaling back to the key developments in this dynamic industry — including computer mainframes, data structures, the Domain Name System, Internet viruses and data encryption — IA professionals can expand their perspective of information assurance to better understand where the industry may be heading.

Computer Mainframes

The development of computer mainframes was an important phase in the evolution of information assurance. Traditionally, a mainframe was a large, powerful computer system used mainly for commercial purposes. These machines were purchased as an informational assurance asset by large companies because of their reliability and their capacity for housing and processing massive amounts of data. IBM is credited with building the 700 series, which was the first mainframe computer that had widespread commercial success, so much so that other companies like RCA and UNIVAC soon followed. Today, the basic concept behind the term mainframe still applies, in that they are high-powered systems with remarkable storing and processing capabilities, yet they have evolved to include external mainframe service applications.

Data Storage and Domains

As more modern cyber attacks target data storage infrastructures and domains, IA professionals may wish to look further into the history of these components to further their understanding. The foundation of digital data structures owes much to the system of Boolean algebra introduced by George Boole in 1847. Boolean operations, which utilize true and false values, were one of the earliest methods for storing digital data. Other mathematicians like Heinz Rushauser also played a significant role in developing mathematical concepts of basic data structure, namely arrays. Coupled with the linguistic concepts of people like Noam Chomsky and others after him who adopted his approach, these mathematical concepts provided the basis for the methods of storing and processing digital data in computer science.

The developments in data structures and storage helped foster the development of the Domain Name System (DNS), which is an automated process for assigning numerical addresses and host names to computers within a network. The DNS has its own complex history with origins in the ARPANET, a system of connected computer networks between several universities and other entities that officially began in the late 1960s and early 1970s. The ARPNET and the development of the DNS would lay the foundation for the first phases of the Internet.

Internet Viruses

Internet viruses can be traced back to the famous Morris Worm. Created by Robert Morris in 1988, the Morris Worm cost companies anywhere from $200 to over $53,000 in damages due to the time and resources spent to remove it. Morris argued that his intent with the virus was to expose vulnerabilities in the security of various systems, yet he ended up being convicted under the Computer Fraud and Abuse Act. In the following decade, other viruses were developed that exploited holes in Internet security. In today’s cyber world, companies stand to lose millions in damages due to the threat of cyber attacks, some of which occur via viruses. So to better understand the origins of viruses, information assurance professionals could benefit from taking a deeper look at the Morris Worm and other early developed viruses, particularly their conception and early forms of transmission.

Data Encryption

In 1971, IBM developed a 128-bit cipher that became known as LUCIFER. Soon after, the U.S. National Bureau of Standards, upon determining the need for a system of encryption to secure government data, partnered with IBM to adopt a revised version of the LUCIFER cipher. This updated version resulted in a 64-bit cipher called the Data Encryption Standard (DES). Officially adopted by the National Security Agency (NSA) in 1977, the DES would be considered the accepted government standard for encryption until 1990. At this time, the DES cipher was replaced by the Advanced Encryption Standard (AES), which is still the accepted system of data encryption today.

The information assurance industry is vastly more complex than it was at its origins, and its systems and digital information continue to grow exponentially. Mobile technology has brought unprecedented advances to Internet technology and has also developed an even greater web of cyber threats and vulnerabilities. Understanding the history and progression of these changes in information technology is critical for information assurance experts, as they continue to compete with the myriad threats of data loss that continue to evolve. With the number of cyber threats growing, IA professionals should look to gain ground in the field by working to strengthen information security solutions.

Learn More
As the nation’s oldest private military college, Norwich University has been a leader in innovative education since 1819. Through its online programs, Norwich delivers relevant and applicable curricula that allow its students to make a positive impact on their places of work and their communities.

At Norwich University, we extend a tradition of values-based education, where structured, disciplined, and rigorous studies create a challenging and rewarding experience. Online programs, such as the Master of Science in Information Security & Assurance, have made our comprehensive curriculum available to more students than ever before.

Norwich University has been designated as a Center for Academic Excellence in Cyber Defense Education by the National Security Agency and Department of Homeland Security. Through the program, you can choose from the five unique concentrations that are designed to provide an in-depth examination of policies, procedures, and overall structure of an information assurance program.


March 2017