I use the term ''information assurance'' here because those of us working in the field have learned that the issues are really larger than simply computer security. Information assurance covers issues of building safe and reliable information systems that are able to weather untoward events no matter what the cause—whether natural disaster or caused by a malicious individual. Whether critical data in a financial institution or defense agency is affected by a hardware failure, a power outage, a computer virus or a hacker doesn't matter in at least one sense: unless the system is resistant to the damage and built for assured operation, the data is gone. We seek to protect those data and systems from a wide range of threats.
I would also like to clarify a point that is not always obvious: information security is not cryptography. Cryptography is simply one component branch of information security, in the same way that carpentry and plumbing are components in building a house. Information assurance also involves issues of physical security, malicious software, privacy, authentication technologies, software engineering, database security, network security, computer forensics, intrusion detection, and a number of other fields.
From House Testimony. Spaf was one of four witnesses to testify before the House Science committee on infosec on October 10, 2001. See page 62 of
Oliver W. Holmes, "The Path of the Law"
The logical method and form flatter that longing
for certainty and repose which is in every human mind.
But certainty generally is illusion, and repose is
not the destiny of man. Behind the logical form lies
a judgment as to the relative worth ... often an
inarticulate and unconscious judgment, it is true,
and yet the very root and nerve of the whole proceeding.
William Butler Yeats, "A Prayer for Old Age"
God guard me from those thoughts men think
In the mind alone;
He that sings a lasting song
Thinks in a marrow-bone;
From all that makes a wise old man
That can be praised of all;
O what am I that I should not seem
For the song's sake a fool?
I pray -- for word is out
And prayer comes round again --
That I may seem, though I die old,
A foolish, passionate man.