Composite technologies. Composite technologies and restoration of industrial pumps. Composites technology – section of materials technology

25.11.2019

Reviews of the book The True, Mad, Guilty Moriarty l The True, Mad, Guilty

Life at Full Power - Jim Lauer, Tony Schwartz

Famous pirates of the Caribbean, next to whom the movie Jack Sparrow is just a boy

Send your good work in the knowledge base is simple. Use the form below

Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.

Posted on http://www.allbest.ru/

Introduction

1. Information security measures

2. Hardware information security

2.1 Objectives of information security hardware

2.2 Types of information security hardware

3. Information security software

3.1 Information archiving tools

3.2 Antivirus programs

3.3 Cryptographic means

3.4 User identification and authentication

3.5 Protection of information in the CS from unauthorized access

3.6 Other information security software

Conclusion

List of sources used

Vveating

As the means, methods and forms of automation of information processing processes develop and become more complex, the vulnerability of information security increases.

The main factors contributing to this vulnerability are:

· A sharp increase in the volume of information accumulated, stored and processed using computers and other automation tools;

· Concentration of information for various purposes and various accessories in unified databases;

· A sharp expansion of the circle of users who have direct access to the resources of the computer system and the data located in it;

· Complication of operating modes technical means computing systems: widespread introduction of multi-program mode, as well as time-sharing and real-time modes;

· Automation of machine-to-machine information exchange, including over long distances.

Under these conditions, two types of vulnerability arise: on the one hand, the possibility of destruction or distortion of information (i.e., violation of its physical integrity), and on the other, the possibility of unauthorized use of information (i.e., the danger of leakage of restricted information).

The main potential channels for information leakage are:

· Direct theft of media and documents;

· Memorizing or copying information;

· Unauthorized connection to equipment and communication lines or illegal use of “legitimate” (i.e. registered) system equipment (most often user terminals).

1. Information security tools

Information security means are a set of engineering, technical, electrical, electronic, optical and other devices and devices, devices and technical systems, as well as other material elements used to solve various problems of information protection, including preventing leaks and ensuring the security of protected information.

In general, the means of ensuring information security in terms of preventing intentional actions, depending on the method of implementation, can be divided into groups:

· Hardware(technical means. These are devices of various types (mechanical, electromechanical, electronic, etc.), which use hardware to solve information security problems. They either prevent physical penetration, or, if penetration does occur, access to information, including through its masking. The first part of the problem is solved by locks, bars on windows, watchmen, security alarms, etc. The second part is solved by noise generators, surge protectors, scanning radios and many other devices that “block” potential channels of information leakage or allow them to be detected. The advantages of technical means are associated with their reliability, independence from subjective factors, and high resistance to modification. Weak sides- insufficient flexibility, relatively large volume and weight, high price.

· Software tools include programs for user identification, access control, information encryption, removal of residual (working) information such as temporary files, test control of the security system, etc. The advantages of software tools are versatility, flexibility, reliability, ease of installation, ability to modify and develop. Disadvantages - limited functionality of the network, use of part of the resources of the file server and workstations, high sensitivity to accidental or intentional changes, possible dependence on the types of computers (their hardware).

· Mixed hardware and software implement the same functions as hardware and software separately, and have intermediate properties.

· Organizational funds consist of organizational and technical (preparing premises with computers, laying cable system taking into account the requirements for restricting access to it, etc.) and organizational and legal (national legislation and work rules established by the management of a particular enterprise). The advantages of organizational tools are that they allow you to solve many different problems, are easy to implement, quickly respond to unwanted actions on the network, have unlimited possibilities modifications and developments. Disadvantages - high dependence on subjective factors, including general organization work in a specific department.

Software tools are distinguished according to the degree of distribution and availability; other tools are used in cases where it is necessary to provide an additional level of information protection.

2. Hardware information security

Hardware protection includes various electronic, electronic-mechanical, and electro-optical devices. To date, a significant number of hardware devices for various purposes have been developed, but the most widespread are the following:

· special registers for storing security details: passwords, identification codes, classifications or security levels;

· devices for measuring individual characteristics of a person (voice, fingerprints) for the purpose of his identification;

· circuits for interrupting the transmission of information in the communication line for the purpose of periodically checking the data output address.

· devices for encrypting information (cryptographic methods).

For perimeter protection information system are created:

· security and fire alarm systems;

· digital video surveillance systems;

· access control and management systems.

Protection of information from leakage through technical communication channels is ensured by the following means and measures:

· using shielded cables and laying wires and cables in shielded structures;

· installation of high-frequency filters on communication lines;

· construction of shielded rooms (“capsules”);

· use of shielded equipment;

· installation of active noise systems;

· creation of controlled zones.

2.1 Taskshardwareinformation protectionrations

The use of hardware information security allows you to solve the following problems:

· Conducting special studies of technical means for the presence of possible channels of information leakage;

· identification of information leakage channels at different objects and premises;

· localization of information leakage channels;

· search and detection of industrial espionage means;

· countering unauthorized access (unauthorized access) to sources of confidential information and other actions.

According to their purpose, hardware is classified into detection means, search and detailed measurement means, active and passive countermeasures. At the same time, according to the capabilities of information security tools, there can be general values designed for use by non-professionals in order to obtain general assessments, and professional complexes that allow for a thorough search, detection and measurement of all the characteristics of industrial espionage tools.

Search equipment can be divided into equipment for searching for means of retrieving information and investigating channels for its leakage.

The first type of equipment is aimed at searching for and localizing illegal access control tools already introduced by attackers. The second type of equipment is intended to detect information leakage channels. The decisive factors for this type of system are the efficiency of the research and the reliability of the results obtained.

Professional search equipment is usually very expensive and requires highly qualified specialists working with it. In this regard, organizations that constantly conduct relevant surveys can afford it. So if you need to conduct a full examination, there is a direct route to them.

Of course, this does not mean that you should stop using search tools yourself. But the available search tools are quite simple and allow preventive actions in the interval between serious exploratory surveys.

2.2 Types of information security hardware

Dedicated storage network SAN(Storage Area Network) provides data with guaranteed bandwidth, eliminates the occurrence of a single point of system failure, and allows for virtually unlimited scaling both on the server side and on the other side. information resources. To implement storage networks, along with the popular Fiber Channel technology, iSCSI devices have recently been increasingly used.

Disk storage are distinguished by the highest speed of data access due to the distribution of read/write requests among several disk drives. The use of redundant components and algorithms in RAID arrays prevents system shutdown due to failure of any element - this increases availability. Availability, one of the indicators of information quality, determines the proportion of time during which information is ready for use, and is expressed as a percentage: for example, 99.999% (“five nines”) means that during the year the information system is not allowed to be down for any reason. more than 5 minutes. A successful combination of large capacity, high speed and currently affordable solutions using storage devices Serial ATA And SATA 2.

Tape drives(streamers, autoloaders and libraries) are still considered the most cost-effective and popular backup solution. They were originally created for data storage, provide virtually unlimited capacity (due to the addition of cartridges), provide high reliability, have a low storage cost, allow you to organize rotation of any complexity and depth, data archiving, and evacuation of media to a protected location outside the main office. Since its inception, magnetic tapes have gone through five generations of development, have proven their advantage in practice and are rightfully a fundamental element of backup practice.

In addition to the technologies discussed, we should also mention the provision of physical data protection (delimitation and control of access to premises, video surveillance, security and fire alarm), organization of uninterrupted power supply to equipment.

Let's look at hardware examples.

1) eToken- Electronic key eToken - a personal means of authorization, authentication and secure data storage, which hardware supports working with digital certificates and electronic digital signatures (EDS). eToken is available in the form factors of a USB key, smart card or key fob. The eToken NG-OTP model has a built-in one-time password generator. The eToken NG-FLASH model has a built-in flash memory module with a capacity of up to 4 GB. The eToken PASS model contains only a one-time password generator. The eToken PRO (Java) model implements in hardware the generation of digital signature keys and the formation of digital signatures. Additionally, eTokens can have built-in contactless radio tags (RFID tags), which allows the eToken to also be used for access to premises.

eToken models should be used to authenticate users and store key information in automated systems that process confidential information up to security class 1G inclusive. They are recommended carriers of key information for certified CIPF (CryptoPro CSP, Crypto-COM, Domain-K, Verba-OW, etc.)

2) Combo USB key eToken NG-FLASH - one of the solutions in the field of information security from Aladdin. It combines the functionality of a smart card with the ability to store large amounts of user data in a built-in module. It combines the functionality of a smart card with the ability to store large user data in a built-in flash memory module. eToken NG-FLASH also provides the ability to boot a computer's operating system and launch user applications from flash memory.

Possible modifications:

By volume of the built-in flash memory module: 512 MB; 1, 2 and 4 GB;

Certified version (FSTEC of Russia);

By the presence of a built-in radio tag;

By body color.

3. Information security software

Software tools are objective forms of representing a set of data and commands intended for the operation of computers and computer devices in order to obtain a certain result, as well as materials prepared and recorded on a physical medium obtained during their development, and the audiovisual displays generated by them

Data protection tools that operate as part of software are called software. Among them, the following can be highlighted and considered in more detail:

· data archiving tools;

· antivirus programs;

· cryptographic means;

· means of identification and authentication of users;

· access control tools;

· logging and auditing.

Examples of combinations of the above measures include:

· database protection;

· protection of operating systems;

· protection of information when working in computer networks.

3 .1 Information archiving tools

Sometimes backup copies of information have to be performed when there is a general limitation of data hosting resources, for example, owners personal computers. In these cases, software archiving is used. Archiving is the merging of several files and even directories into a single file - an archive, while simultaneously reducing the total volume of source files by eliminating redundancy, but without loss of information, i.e. with the ability to accurately restore source files. Most archiving tools are based on the use of compression algorithms proposed in the 80s. Abraham Lempel and Jacob Ziv. The most well-known and popular archive formats are:

· ZIP, ARJ for DOS and Windows operating systems;

· TAR for the Unix operating system;

· cross-platform JAR format (Java ARchive);

· RAR (the popularity of this format is growing all the time, as programs have been developed that allow it to be used in the DOS, Windows and Unix operating systems).

The user only needs to choose for himself suitable program, ensuring work with the selected format, by assessing its characteristics - speed, compression ratio, compatibility with big amount formats, interface convenience, choice of operating system, etc. The list of such programs is very large - PKZIP, PKUNZIP, ARJ, RAR, WinZip, WinArj, ZipMagic, WinRar and many others. Most of these programs do not need to be purchased specifically, since they are offered as shareware or freeware. It is also very important to establish a regular schedule for performing such data archiving work or to perform it after a major data update.

3 .2 Antivirus programs

E These are programs designed to protect information from viruses. Inexperienced users usually believe that a computer virus is a specially written small program that can “attribute” itself to other programs (i.e., “infect” them), and also perform various unwanted actions on the computer. Specialists in computer virology determine that a mandatory (necessary) property of a computer virus is the ability to create its own duplicates (not necessarily identical to the original) and introduce them into computer networks and/or files, system areas of the computer and other executable objects. At the same time, duplicates retain the ability to further spread. It should be noted that this condition is not sufficient, i.e. final. That's why precise definition There is no virus yet, and it is unlikely to appear in the foreseeable future. Consequently, there is no precisely defined law by which “good” files can be distinguished from “viruses”. Moreover, sometimes even for a specific file it is quite difficult to determine whether it is a virus or not.

Computer viruses pose a particular problem. This separate class programs aimed at disrupting system operation and damaging data. Among viruses, there are a number of varieties. Some of them are constantly in the computer's memory, some produce destructive actions with one-time "blows".

There is also a whole class of programs that look quite decent on the outside, but actually spoil the system. Such programs are called "Trojan horses". One of the main properties of computer viruses is the ability to “reproduce” - i.e. self-distribution within a computer and computer network.

Since various office application software have been able to work with programs specially written for them (for example, for Microsoft Office you can write applications in Visual Basic), a new type of malware has appeared - MacroViruses. Viruses of this type are distributed along with ordinary document files, and are contained within them as ordinary routines.

Taking into account the powerful development of communication tools and the sharply increased volumes of data exchange, the problem of virus protection becomes very urgent. Practically, with every document received, for example, by e-mail, a macro virus can be received, and every running program can (theoretically) infect the computer and make the system inoperable.

Therefore, among security systems the most important direction is the fight against viruses. There are a number of tools specifically designed to solve this problem. Some of them run in scanning mode and scan the contents of the computer's hard drives and RAM for viruses. Some must be constantly running and located in the computer's memory. At the same time, they try to monitor all ongoing tasks.

In the Kazakh software market, the most popular package is the AVP package, developed by the Kaspersky Anti-Virus Systems Laboratory. This is a universal product that has versions for a wide variety of operating systems. There are also the following types: Acronis AntiVirus, AhnLab Internet Security, AOL Virus Protection, ArcaVir, Ashampoo AntiMalware, Avast!, Avira AntiVir, A-square anti-malware, BitDefender, CA Antivirus, Clam Antivirus, Command Anti-Malware, Comodo Antivirus, Dr.Web, eScan Antivirus, F-Secure Anti -Virus, G-DATA Antivirus, Graugon Antivirus, IKARUS virus.utilities, Kaspersky Anti-Virus, McAfee VirusScan, Microsoft Security Essentials, Moon Secure AV, Multicore antivirus, NOD32, Norman Virus Control, Norton AntiVirus, Outpost Antivirus, Panda, etc. .

Methods for detecting and removing computer viruses.

Methods to counteract computer viruses can be divided into several groups:

· prevention of viral infection and reduction of expected damage from such infection;

· methods of using anti-virus programs, including neutralization and removal of known viruses;

Methods for detecting and removing an unknown virus:

· Prevention of computer infection;

· Restoration of affected objects;

· Antivirus programs.

Preventing computer infection.

One of the main methods of combating viruses is, as in medicine, timely prevention. Computer prevention involves following a small number of rules, which can significantly reduce the likelihood of getting a virus and losing any data.

In order to determine the basic rules of computer hygiene, it is necessary to find out the main ways a virus penetrates a computer and computer networks.

The main source of viruses today is the global Internet. The largest number of virus infections occurs when exchanging letters in Word formats. The user of an editor infected with a macro virus, without knowing it, sends infected letters to recipients, who in turn send new infected letters, etc. Conclusions - you should avoid contact with suspicious sources of information and use only legitimate (licensed) software products.

Restoring affected objects

In most cases of virus infection, the procedure for restoring infected files and disks comes down to running a suitable antivirus that can neutralize the system. If the virus is unknown to any antivirus, then it is enough to send the infected file to antivirus manufacturers and after some time (usually several days or weeks) receive a cure - “update” against the virus. If time does not wait, then you will have to neutralize the virus yourself. For most users, it is necessary to have backups of their information.

The main breeding ground for the mass spread of a virus in a computer is:

· weak security of the operating system (OS);

· availability of varied and fairly complete documentation on the OS and hardware used by virus authors;

· widespread distribution of this OS and this hardware.

3 .3 Cryptographic means

cryptographic archiving antivirus computer

Mechanisms for encrypting data to ensure information security of society is cryptographic protection of information through cryptographic encryption.

Cryptographic methods of information protection are used for processing, storing and transmitting information on media and over communication networks. Cryptographic protection of information when transmitting data over long distances is the only reliable method of encryption.

Cryptography is a science that studies and describes the information security model of data. Cryptography provides solutions to many network information security problems: authentication, confidentiality, integrity and control of interacting participants.

The term “Encryption” means converting data into a form that is unreadable for humans and software systems without an encryption-decryption key. Cryptographic methods of information security provide means of information security, so it is part of the concept of information security.

Cryptographic information protection (confidentiality)

The goals of information security ultimately come down to ensuring the confidentiality of information and protecting information in computer systems ah in the process of transmitting information over the network between system users.

Privacy protection, based on cryptographic information security, encrypts data using a family of reversible transformations, each of which is described by a parameter called a “key” and an order that determines the order in which each transformation is applied.

The most important component of the cryptographic method of information protection is the key, which is responsible for selecting the transformation and the order of its execution. A key is a certain sequence of characters that configures the encryption and decryption algorithm of a cryptographic information protection system. Each such transformation is uniquely determined by a key that defines a cryptographic algorithm that ensures information protection and information security of the information system.

The same cryptographic information protection algorithm can operate in different modes, each of which has certain advantages and disadvantages that affect the reliability of information security.

Fundamentals of Information Security Cryptography (Data Integrity)

Information protection in local networks and information protection technologies, along with confidentiality, must also ensure the integrity of information storage. That is, information protection in local networks must transfer data in such a way that the data remains unchanged during transmission and storage.

In order for information security to ensure the integrity of data storage and transmission, it is necessary to develop tools that detect any distortions in the source data, for which redundancy is added to the source information.

Information security with cryptography addresses the issue of integrity by adding some kind of checksum or verification combination to calculate the integrity of the data. Thus, again the information security model is cryptographic - key dependent. According to information security assessments based on cryptography, the dependence of the ability to read data on the secret key is the most reliable tool and is even used in state information security systems.

As a rule, an audit of an enterprise’s information security, for example, the information security of banks, focuses on Special attention on the probability of successfully imposing distorted information, and cryptographic information protection makes it possible to reduce this probability to a negligibly small level. Such an information security service calls this probability a measure of the limit strength of the cipher, or the ability of encrypted data to withstand an attack by a cracker.

3 .4 User Identification and Authentication

Before gaining access to the resources of a computer system, the user must go through a process of presentation to the computer system, which includes two stages:

* identification - the user tells the system, upon its request, his name (identifier);

* authentication - the user confirms identification by entering into the system unique information about himself that is not known to other users (for example, a password).

To carry out user identification and authentication procedures, the following is required:

* presence of an appropriate authentication subject (module);

* the presence of an authenticating object that stores unique information for user authentication.

There are two forms of representing objects that authenticate the user:

* external authenticating object that does not belong to the system;

* an internal object belonging to the system into which information is transferred from an external object.

External objects can be technically implemented on various storage media - magnetic disks, plastic cards ah, etc. Naturally, the external and internal forms of representation of the authenticating object must be semantically identical.

3 .5 Protection of information in the CS from unauthorized access

To carry out unauthorized access, the attacker does not use any hardware or software that is not part of the CS. He performs unauthorized access using:

* knowledge about the CS and the ability to work with it;

* information about the information security system;

* failures, failures of hardware and software;

* errors, negligence of service personnel and users.

To protect information from unauthorized access, a system for restricting access to information is being created. It is possible to gain unauthorized access to information in the presence of an access control system only in the event of failures and failures of the computer system, as well as using weak spots in a comprehensive information security system. To exploit weaknesses in a security system, an attacker must be aware of them.

One of the ways to obtain information about the shortcomings of the protection system is to study the protection mechanisms. An attacker can test the security system by directly contacting it. In this case, there is a high probability that the security system will detect attempts to test it. As a result, the security service may take additional measures protection.

A different approach is much more attractive to an attacker. First, a copy of the security system software or technical security device is obtained, and then they are examined in laboratory conditions. In addition, creating unaccounted copies on removable storage media is one of the most common and convenient ways theft of information. This method allows for unauthorized replication of programs. It is much more difficult to secretly obtain a technical means of protection for research than a software one, and such a threat is blocked by means and methods that ensure the integrity of the technical structure of the CS. To block unauthorized research and copying of CS information, a set of means and protection measures is used, which are combined into a system of protection against research and copying of information. Thus, the system for restricting access to information and the system for protecting information can be considered as subsystems of the system for protecting against unauthorized access to information.

3 .6 Other programsMany information security tools

Firewalls(also called firewalls or firewalls - from German Brandmauer, English firewall - “fire wall”). Special intermediate servers are created between the local and global networks, which inspect and filter all network/transport level traffic passing through them. This allows you to dramatically reduce the threat of unauthorized access from outside to corporate networks, but does not eliminate this danger completely. A more secure version of the method is the masquerading method, when everything coming from local network traffic is sent on behalf of the firewall server, making the local network virtually invisible.

Firewalls

Proxy servers(proxy - power of attorney, trusted person). All network/transport layer traffic between the local and global networks is completely prohibited - there is no routing as such, and calls from the local network to the global network occur through special intermediary servers. Obviously, in this case, calls from the global network to the local one become impossible in principle. This method does not provide sufficient protection against attacks over high levels-- for example, at the application level (viruses, Java and JavaScript code).

VPN(virtual private network) allows you to transmit secret information through networks where it is possible for unauthorized people to eavesdrop on traffic. Technologies used: PPTP, PPPoE, IPSec.

Conclusion

The main conclusions about the methods of using the means, methods and measures of protection discussed above boil down to the following:

1. The greatest effect is achieved when all the means, methods and measures used are combined into a single, holistic mechanism for protecting information.

2. The protection mechanism should be designed in parallel with the creation of data processing systems, starting from the moment the general design of the system is developed.

3. The functioning of the protection mechanism must be planned and ensured along with the planning and provision of basic automated information processing processes.

4. It is necessary to constantly monitor the functioning of the protection mechanism.

WITHlist of sources used

1. “Software and hardware for ensuring information security of computer networks”, V.V. Platonov, 2006

2. “Artificial intelligence. Book 3. Software and hardware”, V.N. Zakharova, V.F. Khoroshevskaya.

3. www.wikipedia.ru

5. www.intuit.ru

Posted on Allbest.ru

Protection methods

Existing methods and information security tools computer systems (CS) can be divided into four main groups:

methods and means of organizational and legal protection of information;
methods and means of engineering and technical protection of information;
cryptographic methods and means of information security;
software and hardware methods and means of information security.

Methods and means of organizational and legal protection of information

Methods and means of organizational information protection include organizational, technical and organizational and legal measures carried out in the process of creating and operating a computer system to ensure information protection. These activities should be carried out during the construction or renovation of premises in which the compressor station will be located; system design, installation and adjustment of its hardware and software; testing and checking the performance of the CS.

At this level of information protection, international treaties, state regulations, state standards and local regulations of a specific organization.

Methods and means of engineering protection

Engineering and technical means of information security mean physical objects, mechanical, electrical and electronic devices, structural elements of buildings, fire extinguishing means and other means that provide:

protection of the territory and premises of the compressor station from intruders;
protection of CS hardware and storage media from theft;
preventing the possibility of remote (from outside the protected area) video surveillance (eavesdropping) of the work of personnel and the functioning of technical means of the CS;
preventing the possibility of interception of PEMIN (side electromagnetic radiation and interference) caused by operating technical means of the CS and data transmission lines;
organizing access to the premises of the compressor station for employees;
control over the work schedule of the CS personnel;
control over the movement of CS employees in various production areas;
fire protection of compressor station premises;
minimizing material damage from information loss resulting from natural Disasters and man-made accidents.

The most important integral part Engineering and technical means of information security are technical means of security that form the first line of protection of the CS and are a necessary but insufficient condition for maintaining the confidentiality and integrity of information in the CS.

Cryptographic protection methods and encryption

Encryption is the primary means of ensuring confidentiality. So, in the case of ensuring the confidentiality of data on the local computer, encryption of this data is used, and in the case of network interaction, encrypted data transmission channels are used.

The science of protecting information using encryption is called cryptography(cryptography in translation means mysterious writing or secret writing).

Cryptography is used:

to protect the confidentiality of information transmitted over open communication channels;
to authenticate (confirm the authenticity) of the transmitted information;
to protect confidential information when stored on open media;
to ensure the integrity of information (protecting information from unauthorized changes) when transmitted over open communication channels or stored on open media;
to ensure the indisputability of information transmitted over the network (preventing possible denial of the fact of sending a message);
to protect software and other information resources from unauthorized use and copying.

Software and hardware-software methods and means of ensuring information security

Hardware information security includes electronic and electronic-mechanical devices that are included in the technical means of the computer system and perform (independently or in conjunction with software) some functions of ensuring information security. The criterion for classifying a device as a hardware rather than an engineering means of protection is its mandatory inclusion in the composition of the technical means of the CS.

To the main hardware information protection include:

devices for entering user identifying information (magnetic and plastic cards, fingerprints, etc.);
devices for encrypting information;
devices to prevent unauthorized activation of workstations and servers ( electronic locks and blockers).

Examples of auxiliary information security hardware:

devices for destroying information on magnetic media;
alarm devices about attempts of unauthorized actions by CS users, etc.

Information security software means special programs included in the CS software exclusively to perform protective functions. To the main software information protection include:

programs for identification and authentication of CS users;
programs for restricting user access to CS resources;
information encryption programs;
programs for protecting information resources (system and application software, databases, computer training tools, etc.) from unauthorized modification, use and copying.

Note that identification, in relation to ensuring the information security of a computer system, is understood as the unambiguous recognition of the unique name of the subject of the computer system. Authentication means confirming that the name presented corresponds to a given subject (confirming the identity of the subject).

Examples supporting software information protection:

programs for destroying residual information (in blocks of RAM, temporary files, etc.);
audit programs (keeping logs) of events related to the safety of the CS to ensure the possibility of recovery and proof of the fact of the occurrence of these events;
programs for simulating work with a violator (distracting him to obtain supposedly confidential information);
test control programs for CS security, etc.

Results

Since potential security threats information is very diverse, the goals of information protection can be achieved only by creating a comprehensive information protection system, which is understood as a set of methods and means united for a single purpose and ensuring the necessary efficiency of information protection in the CS.

Information security means are a set of engineering, electrical, electronic, optical and other devices and devices, instruments and technical systems, as well as other material elements used to solve various problems of information protection, including preventing leaks and ensuring the security of the protected information.

In general, the means of ensuring information security in terms of preventing intentional actions, depending on the method of implementation, can be divided into groups:

Technical (hardware) means. These are devices of various types (mechanical, electromechanical, electronic, etc.), which use hardware to solve information security problems. They prevent access to information, including by masking it. Hardware includes: noise generators, surge protectors, scanning radios and many other devices that “block” potential channels of information leakage or allow them to be detected. The advantages of technical means are associated with their reliability, independence from subjective factors, and high resistance to modification. Weaknesses - insufficient flexibility, relatively large volume and weight, high cost;

Software tools include programs for user identification, access control, information encryption, removal of residual (working) information such as temporary files, test control of the security system, etc. The advantages of software tools are versatility, flexibility, reliability, ease of installation, ability to modify and develop. Disadvantages - limited functionality of the network, use of part of the resources of the file server and workstations, high sensitivity to accidental or intentional changes, possible dependence on the types of computers (their hardware);

Mixed hardware and software implement the same functions as hardware and software separately, and have intermediate properties;

Organizational means consist of organizational and technical (preparing premises with computers, laying a cable system, taking into account the requirements for limiting access to it, etc.) and organizational and legal (national legislation and work rules established by the management of a particular enterprise). The advantages of organizational tools are that they allow you to solve many different problems, are easy to implement, quickly respond to unwanted actions on the network, and have unlimited possibilities for modification and development. Disadvantages - high dependence on subjective factors, including the general organization of work in a particular department.

Classification of information security means.

1. Means of protection against unauthorized access (NSD):

1.2. Mandatory access control;

1.3. Selective access control;

1.4. Password-based access control;

1.5. Journaling.

2. Systems for analysis and modeling of information flows (CASE systems).

3. Network monitoring systems:

3.1.Intrusion detection and prevention systems (IDS/IPS);

3.2. Confidential information leak prevention systems (DLP systems).

4. Protocol analyzers.

5. Antivirus products.

6. Firewalls.

7. Cryptographic means:

7.1. Encryption;

7.2. Digital signature.

8. Backup systems.

9. Systems uninterruptible power supply:

10.Authentication systems:

10.1. Password;

10.2. Access key;

10.3. Certificate.

10.4. Biometrics.

11. Means to prevent break-ins and theft of equipment.

12. Access control equipment to premises.

13. Tools for analyzing security systems: Monitoring software product.

16) Typical corporate network from a security point of view.

Currently, corporate computer networks play an important role in the activities of many organizations. E-commerce is increasingly turning from an abstract concept into reality. Most corporate networks are connected to the global Internet. If previously the Internet united a small number of people who trusted each other, now the number of its users is steadily growing and already amounts to hundreds of millions. In this regard, the threat of external interference in the normal functioning of corporate networks and unauthorized access to their resources by intruders - the so-called "hackers" - is becoming increasingly serious.

The functioning of the worldwide Internet is based on IP network standards. Each device on such a network is uniquely identified by its unique IP address. However, when interacting in an IP network, you cannot be absolutely sure of the authenticity of the node (the subscriber with whom information is exchanged) that has a specific IP address, because programming tools allow you to manipulate the addresses of the sender and recipient of network packets, and this fact alone is part of the problem of ensuring the security of modern network information technologies.

It is convenient to consider issues of ensuring the security of corporate networks by highlighting several levels of information infrastructure, namely:

Staff level

Application layer

DBMS level

OS level

Network level

The network level includes the network protocols used (TCP/IP, NetBEUI, IPX/SPX), each of which has its own characteristics, vulnerabilities and possible attacks associated with them.

The operating system (OS) level includes operating systems installed on corporate network nodes (Windows, UNIX, etc.).

The level of database management systems (DBMS) should also be highlighted, because it is usually an integral part of any corporate network.

At the fourth level there are all kinds of applications used on the corporate network. This could be Web server software, various office applications, browsers, etc.

And finally, at the top level of the information infrastructure there are users and service personnel automated system, which has its own security vulnerabilities.

Example scenario of the offender's actions

It is safe to say that there is no established technology for penetrating the internal corporate network. Much is determined by a specific set of circumstances, the intuition of the attacker and other factors. However, several general stages of an attack on a corporate network can be distinguished:

Collection of information

Trying to gain access to the least secure host (possibly with minimal privileges)

An attempt to escalate privileges and/or use a node as a platform for exploring other network nodes

Hardware information security is a set of tools for protecting the security of information and information systems, which are implemented at the hardware level. These components are indispensable in the concept of security of information systems, but hardware developers prefer to leave the issue of security to programmers.

Information security tools: history of the model's creation

The problem of protection has become the object of consideration by a large number of global firms. The issue did not leave Intel, which developed the 432 system, without interest. But the circumstances that arose led this project to failure, so the 432 system did not gain popularity. There is an opinion that this reason became the basis for the fact that other companies did not try to implement this project.

It was the creation of the Elbrus-1 computing base that resolved the hardware issue. The Elbrus-1 computing project was created by a group of Soviet developers. They introduced the fundamental idea of type control, which is used at all levels of information systems. The development has become popularly used at the hardware level. The Elbrus-1 computing base was implemented systematically. Many believe that it was this approach that ensured the success of Soviet developers.

On video - interesting materials about information security systems:

Generalized model of an information security system

The creators of Elbrus-1 introduced their own model of information system protection into the development. She looked like this.

The information system itself can be represented as a kind of information space that is capable of servicing and processing the device.

The computing system is of a modular type, that is, the process is divided into several blocks (modules), which are located throughout the entire space of the information system. The design of the development method is very complex, but it can be presented in a general way: a device that is under program processing is capable of making requests to the information space, reading and editing it.

In order to have a clear idea of what we're talking about, the following definitions must be made:

A node is a separate location of information of arbitrary volume with a link attached to it, which is indicated from the processing device;
Address is a path that stores information and has access to it for editing. The purpose of the system is to provide control over the links used, which are under the control of operations. There must be a prohibition on the use of other types of data. The purpose of the system also provides for the condition that the address supports restriction of modifications in operations with arguments of other types;
Program context – a set of data that is available for calculations in block mode (modular mode);
Basic concepts and functionality in hardware information security models.

First, you should create a node of arbitrary size that will store the data. After a node of arbitrary volume appears, the new node should be similar to the following description:

The node must be empty;
The node must allow access to only one processing device through the specified link.

Removing a node:

An interrupt should occur when attempting to access a remote host.
Replacement of context or editing of a procedure performed by a processing device.

The resulting context has the following composition:

The context contains global variables that were passed by reference from the previous context;
Part of the parameters that were transferred by copying;
Data from the local network that appears in the created module.

Basic rules according to which context switching methods should be implemented:

Authentication of the added context (for example, a unique address that allows you to jump between contexts);
The context transition itself (execution of existing code after a context transition is impossible, accordingly, with security rights);
Processes for generating a link or other scheme for authentication and context transition.

These operations can be carried out in several ways (even without unique links), but the principles of implementation must be mandatory:

The entry point to a context is determined directly within a given context;
Such information is open to visibility to other contexts;
The source code and the context itself switch synchronously;
Information security tools: studying the model.

The base is characterized by the following features:

Hardware protection is based on the following fundamental concepts:
- A module is the only component of the information security model that has access to the node if it is its creator (the node can be accessible to other components of the model if the module involves voluntary transfer of information);
- The collection of data from the information that is open to the module is always under the control of the context;
The current protection is built on fairly strict principles, but it does not interfere with the work and capabilities of the programmer. Some modules can work simultaneously if they do not overlap or interfere with each other. Such modules are capable of transmitting information among themselves. To transfer data, each module must contain a switching address to another context.
The developed concept is universal, as it facilitates work in the system. Strict control over types contributes to high-quality error correction. For example, any attempt to change the address implies an instantaneous hardware interrupt at the site of the error. Consequently, the error is easy to find and can be quickly corrected.
Modularity in programming is guaranteed. An incorrectly constructed program does not interfere with the work of others. An unusable module can only produce errors found in the results.
To work in the system, the programmer does not need to make any additional efforts. In addition, when compiling a program that is based on such a model, it is no longer necessary to provide access rights and methods for transferring them.

Hardware protection: studying the Elbrus architecture

In the concept of the Elbrus model, an important implementation is that for each word in memory there is a corresponding tag, which serves for a qualitative distinction between types.

Working with the address occurs as follows. The address contains detailed description some area to which it refers, and also has a certain set of access rights. In other words, it is a descriptor. It stores all the information about the address and the amount of data.

The descriptor has the following formats:

Object handle;
Array handle.

The object handle is indispensable in the work of OOP (Object Oriented Programming). The descriptor has access modifiers that are private, public, and protected. According to the standard, there will always be a public area, it is available for visibility and use by all components of the source code. The private data area is visible if the registry being audited has given permission to do so.

When accessing a specific memory cell, a check is made to determine whether the address is correct.

Basic operations when working with an address:

Indexing (determining the address of an array component);
CAST operation process for object handles (modulation to the main class);
Compacting (the process of eliminating an address that contained a path to remote memory).

Information security tools: methods of working with contexts

A modular context is structured from data stored in RAM (random access memory, or random access memory) and issued as an address to a register of a specific process.

Transitioning between contexts is the process of calling or returning a procedure. When the process of the original context module starts, it is saved, and when a new one is started, it is created. On exit from the procedure, the context is deleted.

What is the secure stack process?

The Elbrus model uses a special stack mechanism, which serves to improve performance when allocating memory for local data. This implementation separates three main categories of stack data, which are classified by functionality and access modification in relation to the user.

Formats, data from the local representation, as well as intermediate process values that are placed in the stack procedure;
Formats and local processes stored in the stack, which serves as user memory;
Connecting information that has a description of a past (running) process in the procedure stack.

The procedure stack is designed to work with data that is stored in operational registers. It is typical for each procedure to work in its own window. Such windows may overlap with previously set parameters. The user is only able to query data in the window being used, which is located in the operational registry.

The user stack is used to work with data that can be moved into memory according to the user's needs.

The stack that connects information is designed to hold information about the previous procedure (called earlier) and applicable when returning. When the safe programming condition is met, the user is limited in access to changing information. Therefore, there is a special stack that can be manipulated by the hardware and the operating system itself. The connecting information stack is built on the same principle as the procedure stack.

There is virtual memory in the stack, and it tends to change its purpose, which is why the problem of data security arises. This question has 2 aspects:

Memory reassignment (allocation of memory for freed space): here most often there are addresses that are no longer available to the module;
Frozen pointers (old user addresses).

The first aspect of the problem is corrected by automatically clearing reassigned memory. Finding concept the right way in the second case, it is as follows: pointers to the current frame can be stored only in the frame being used, or sent as a parameter to the called process (that is, a transfer occurs to the upper stack). Therefore, pointers cannot be written to the global data area, passed as a return value, and also cannot be written to the depth of the stack itself.

The video describes modern information security tools:

Composite technologies. Composite technologies and restoration of industrial pumps. Composites technology – section of materials technology

Read also

Send your good work in the knowledge base is simple. Use the form below

2.2 Types of information security hardware

Similar documents

Top Privacy Threats

Protection methods

Methods and means of organizational and legal protection of information

Methods and means of engineering protection

Cryptographic protection methods and encryption

Software and hardware-software methods and means of ensuring information security

Results

Information security tools: history of the model's creation

Generalized model of an information security system

Hardware protection: studying the Elbrus architecture

Information security tools: methods of working with contexts

What is the secure stack process?