The requirements of information security have undergone three major changes in the last decades. The first major change was the introduction of the computer. The need for protecting files and information became evident. Collection of tools and procedures designed to protect data and to control access to computing resources has the generic name computer security. The second major change was the introduction of distributed systems, networks, and facilities for data communication. Network security measures are needed
to protect data during transmission and storage
to control access to networks and network nodes.
The third change is the current, rapid development of wireless networks and mobile communications. Wireless security is therefore of high priority today. Network security implies restrictions such as
network traffic filtering with firewall technology
defense against distribution of malicious programs like viruses
prevention, detection and management of intrusion
prevention of unwanted data communication like email spamming.
Cryptography is needed for
integrity of information content
in data processing, in data communication, and in the storing of data (Stallings, 2002). Reliable authentication means that network resource users and communication partners can be unambiguously identified. Integrity of information content requires reliable methods to check that transmitted and stored information remains unchanged. Confidentiality means that the originator of information can determine who has (have) the right to read the information content. Non-repudiation means that the authenticated information exchange can afterwards be unambiguously proved to have happened. Nonrepudiation is achieved by attaching to information records cryptographic digital signatures, which can be verified at any future moment of time. The importance of cryptography and the number of application areas are steadily growing.
Network security requires active administration. Security policies, standards and administrative procedures must be worked out, implemented and followed up.
Network security skills are thus needed by practically any user of a computer connected to a network. Presently there is a growing demand for network security professionals for
security administration of data and IT infrastructures
development of network security technology and methodology
delivery of support and training to network user in security related issues.
A virtual, survey oriented Network Security course, available to students of all polytechnics in a country, encourages individual polytechnics to concentrate their educational resources on highly needed, specialized, and also custom designed network security education.
The Finnish Virtual Polytechnic
The Finnish educational system in a nutshell is illustrated in Figure 1. Compulsory basic education at comprehensive schools is given to all children between the ages of 7 and 16. Education is voluntary after completing the comprehensive school. Students may go to upper secondary school providing three years of general education, or to vocational education lasting from two to five years. Both of these give a general qualification for polytechnic and university studies ("The Finnish educational system," 2002), see Figure 1.
The action plan of the Ministry of Education in Finland for years 2000--2004 includes Virtual School, Virtual Polytechnic and Virtual University. Briefly the strategy and goals for the Finnish
[FIGURE 1 OMITTED]
Virtual Polytechnic are: (The Virtual Polytechnic of Finland, 2002):
The Finnish Virtual Polytechnic is common for all Finnish Polytechnics …