In the first part, a general overview on Internet & Information System Security is given for elaborating the basic security concepts and covering aspects. In the Access Control & Authentication section, we discussed how to authenticate the user identification, prevent and control invalid access. The involved techniques include application of smart cards, biometric authentication and digital signature etc. The Encryption section compiled many common used standard algorithms, such as DES, AES, RSA, MD5, SHA, Quantum, DNA and so on. The main part of course is the Public Key Infrastructure (PKI). In addition, the voice encryption issue is touched also. In the Security Standards & Protocols section, there are many of useful security standards and protocols collected, like SET, SSL, PGP, Ipsec, DNSSec, S/MIME, L2TP, PPTP, XrML, SAML, IPSP, IPSRA, Msec, TLS etc. Security is not just a technical problem. Robust security needs going together with good Security Management which provides with a series of reliable security solutions, for example, security strategy planning, best security practices, guidance, checklists and management procedures etc. The Intrusion Detection/Prevention section introduced related techniques, methods, and experiences, including the Firewall technique. High reliable system should be survived even after an invalid attack. It will be an important issue discussed in the System Survivability section. In this column, we also discussed the Protection Of Digital Contents & Copyright issue, and the application of digital watermarking techniques. Also, one section referred the Privacy issue, and related legislation. To relieve the concerns of customers, the enterprise should consider to set up their own clear policy and rules for protecting customers' privacy. Similar to others, this column also provide with wide links to Related Security Resources in the world for helping more complete search.