Content deleted Content added
m Reverted 1 edit by 2404:C0:4760:0:0:0:3544:E331 (talk) to last revision by Bender the Bot |
Citation bot (talk | contribs) Added bibcode. Removed URL that duplicated identifier. Removed parameters. | Use this bot. Report bugs. | Suggested by Headbomb | Linked from Wikipedia:WikiProject_Academic_Journals/Journals_cited_by_Wikipedia/Sandbox | #UCB_webform_linked 495/1032 |
||
| (11 intermediate revisions by 5 users not shown) | |||
Line 225:
* Mobile-enabled access devices are growing in popularity due to the ubiquitous nature of cell phones.<ref>{{Cite web |date=2024-02-23 |title=Access Control Statistics: Trends & Insights |url=https://entrycare.com/access-control-statistics/ |access-date=2024-04-26 |language=en-US}}</ref> Built-in capabilities such as [[Bluetooth]], the newer [[Bluetooth low energy]] (LE), [[near-field communication]] (NFC) on non-iOS devices and [[biometrics|biometric]] validation such as thumbprint readers, as well as [[QR code]] reader software designed for mobile devices, offer new, secure ways for mobile phones to connect to access control systems. These control systems provide computer security and can also be used for controlling access to secure buildings.<ref>{{cite web |date=4 November 2013 |title=Forget IDs, use your phone as credentials |url=http://video.foxbusiness.com/v/2804966490001/forget-ids-use-your-phone-as-credentials/?playlist_id=937116503001#sp=show-clips |url-status=live |archive-url=https://web.archive.org/web/20140320215829/http://video.foxbusiness.com/v/2804966490001/forget-ids-use-your-phone-as-credentials/?playlist_id=937116503001#sp=show-clips |archive-date=20 March 2014 |access-date=20 March 2014 |publisher=[[Fox Business Network]]}}</ref>
* [[IOMMU]]s allow for hardware-based [[Sandbox (computer security)|sandboxing]] of components in mobile and desktop computers by utilizing [[direct memory access]] protections.<ref>{{cite web |title=Direct memory access protections for Mac computers |url=https://support.apple.com/guide/security/direct-memory-access-protections-seca4960c2b5/1/web/1 |access-date=16 November 2022 |website=Apple}}</ref><ref>{{cite web |title=Using IOMMU for DMA Protection in UEFI Firmware |url=https://www.intel.com/content/dam/develop/external/us/en/documents/intel-whitepaper-using-iommu-for-dma-protection-in-uefi-820238.pdf |url-status=live |archive-url=https://web.archive.org/web/20211209062425/https://www.intel.com/content/dam/develop/external/us/en/documents/intel-whitepaper-using-iommu-for-dma-protection-in-uefi-820238.pdf |archive-date=2021-12-09 |access-date=16 November 2022 |publisher=Intel Corporation}}</ref>
* [[Physical unclonable function|Physical Unclonable Functions]] (PUFs) can be used as a digital fingerprint or a unique identifier to integrated circuits and hardware, providing users the ability to secure the hardware supply chains going into their systems.<ref>{{Cite journal |last1=Babaei |first1=Armin |last2=Schiele |first2=Gregor |last3=Zohner |first3=Michael |date=2022-07-26 |title=Reconfigurable Security Architecture (RESA) Based on PUF for FPGA-Based IoT Devices |journal=Sensors |language=en |volume=22 |issue=15 |page=5577 |bibcode=2022Senso..22.5577B |doi=10.3390/s22155577 |issn=1424-8220 |pmc=9331300 |pmid=35898079 |doi-access=free}}</ref><ref>{{Cite journal |last1=Hassija |first1=Vikas |last2=Chamola |first2=Vinay |last3=Gupta |first3=Vatsal |last4=Jain |first4=Sarthak |last5=Guizani |first5=Nadra |date=2021-04-15 |title=A Survey on Supply Chain Security: Application Areas, Security Threats, and Solution Architectures
===Secure operating systems===
Line 640:
Since the [[Internet]]'s arrival and with the digital transformation initiated in recent years, the notion of cybersecurity has become a familiar subject in both our professional and personal lives. Cybersecurity and cyber threats have been consistently present for the last 60 years of technological change. In the 1970s and 1980s, computer security was mainly limited to [[wikt:academia|academia]] until the conception of the Internet, where, with increased connectivity, computer viruses and network intrusions began to take off. After the spread of viruses in the 1990s, the 2000s marked the institutionalization of organized attacks such as [[distributed denial of service]].<ref>{{Cite web |title=A Brief History of the Cybersecurity Profession |url=https://www.isaca.org/resources/news-and-trends/industry-news/2022/a-brief-history-of-the-cybersecurity-profession |access-date=2023-10-13 |website=ISACA}}</ref> This led to the formalization of cybersecurity as a professional discipline.<ref>{{Cite web |title=One step ahead in computing security |url=https://www.rit.edu/news/one-step-ahead-computing-security |access-date=2023-10-13 |website=RIT |language=en}}</ref>
The [[Security and Privacy in Computer Systems|April 1967 session]] organized by [[Willis Ware]] at the [[Spring Joint Computer Conference]], and the later publication of the [[Ware Report]], were foundational moments in the history of the field of computer security.<ref name="MAHC.2016.48">{{Cite journal |last1=Misa |first1=Thomas J. |year=2016 |title=Computer Security Discourse at RAND, SDC, and NSA (1958-1970) |url=https://dl.acm.org/doi/10.1109/MAHC.2016.48 |journal=IEEE Annals of the History of Computing |volume=38 |issue=4 |pages=12–25 |doi=10.1109/MAHC.2016.48 |bibcode=2016IAHC...38d..12M |s2cid=17609542|url-access=subscription }}</ref> Ware's work straddled the intersection of material, cultural, political, and social concerns.<ref name="MAHC.2016.48" />
A 1977 [[NIST]] publication<ref>{{cite web |first1=A. J.|last1=Neumann|first2=N.|last2=Statland|first3=R. D.|last3=Webb |date=1977 |title=Post-processing audit tools and techniques |url=https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nbsspecialpublication500-19.pdf |url-status=live |archive-url=https://web.archive.org/web/20161010044638/http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nbsspecialpublication500-19.pdf |archive-date=2016-10-10 |access-date=2020-06-19 |website=nist.gov |publisher=US Department of Commerce, National Bureau of Standards |pages=11–3–11–4 |language=en-US}}</ref> introduced the ''CIA triad'' of confidentiality, integrity, and availability as a clear and simple way to describe key security goals.<ref>{{cite web |last1=Irwin |first1=Luke |date=5 April 2018 |title=How NIST can protect the CIA triad, including the often overlooked 'I' – integrity |url=https://blog.itgovernanceusa.com/blog/how-nist-can-protect-the-cia-triad-including-the-often-overlooked-i-integrity |access-date=16 January 2021 |website=www.itgovernanceusa.com}}</ref> While still relevant, many more elaborate frameworks have since been proposed.<ref>{{cite web |last=Perrin |first=Chad |date=30 June 2008 |title=The CIA Triad |url=http://www.techrepublic.com/blog/security/the-cia-triad/488 |access-date=31 May 2012 |website=techrepublic.com}}</ref><ref>{{cite report |url=http://csrc.nist.gov/publications/nistpubs/800-27A/SP800-27-RevA.pdf |title=Engineering Principles for Information Technology Security |last1=Stoneburner |first1=G. |last2=Hayden |first2=C. |publisher=csrc.nist.gov |doi=10.6028/NIST.SP.800-27rA |last3=Feringa |first3=A. |archive-url=https://web.archive.org/web/20041012074937/http://csrc.nist.gov/publications/nistpubs/800-27A/SP800-27-RevA.pdf |archive-date=2004-10-12 |url-status=live |year=2004}} ''Note: this document has been superseded by later versions.''</ref>
However, in the 1970s and 1980s, there were no grave computer threats because computers and the internet were still developing, and security threats were easily identifiable. More often, threats came from malicious insiders who gained unauthorized access to sensitive documents and files. Although malware and network breaches existed during the early years, they did not use them for financial gain. By the second half of the 1970s, established computer firms like [[IBM]] started offering commercial access control systems and computer security software products.<ref>{{Cite journal |last=Yost |first=Jeffrey R. |date=April 2015 |title=The Origin and Early History of the Computer Security Software Products Industry
One of the earliest examples of an attack on a computer network was the [[computer worm]] [[Creeper and Reaper|Creeper]] written by Bob Thomas at [[BBN Technologies|BBN]], which propagated through the [[ARPANET]] in 1971.<ref>{{Cite web |date=2023-04-19 |title=A Brief History of Computer Viruses & What the Future Holds |url=https://www.kaspersky.com/resource-center/threats/a-brief-history-of-computer-viruses-and-what-the-future-holds |access-date=2024-06-12 |website=www.kaspersky.com |language=en}}</ref> The program was purely experimental in nature and carried no malicious payload. A later program, [[Creeper and Reaper|Reaper]], was created by [[Ray Tomlinson]] in 1972 and used to destroy Creeper.{{citation needed|date=April 2020}}
| |||