Topic: Information security. Lecture on computer science "information security" Information security briefly

Topic: Information security. Lecture on computer science
Topic: Information security. Lecture on computer science "information security" Information security briefly
22.12.2020

MINISTRY OF EDUCATION AND SCIENCE OF THE REPUBLIC OF KAZAKHSTAN
MULTIDISCIPLINARY HUMANITARIAN AND TECHNICAL COLLEGE

Essay
on the topic "Information Protection"

Is done by a student
groups 3IS-2s:
Checked:

Karaganda 2014
Plan
Introduction…………………………………………………………………………………...2
Chapter I Problems of protecting information by a person and society…………………….5
1.1 Viruses characteristic classification……………………………………………….5
1.2 Unauthorized access………………………………………………………….8
1.3 Problems of information security on the Internet……………………………………………9
Chapter II Comparative analysis and characteristics of information security methods ... 12
2.1 Protection against viruses…………………………………………………………………...12
Summary table of some antivirus programs………………………………..16
2.2 Protection of information on the Internet………………………………………………..17
2.3 Protection against unauthorized access……………………………………….19
2.4 Legal protection of information…………………………………………………...21
Conclusion………………………………………………………………………………….24
List of used literature……………………………………………………...25

Introduction
Human society, in the course of its development, has gone through the stages of mastering matter, then energy and, finally, information. In primitive-communal, slave-owning and feudal societies, the activity of society as a whole and of each person individually was directed, first of all. To master the substance.
At the dawn of civilization, people learned how to make simple tools for labor and hunting; in antiquity, the first mechanisms and means of transportation appeared. In the Middle Ages, the first complex tools and mechanisms were invented.
The mastery of energy was in this period at the initial stage, the Sun, water, fire, wind and human muscular strength were used as energy sources.
From the very beginning of human history, there was a need to transmit and store information.
Since about the 17th century, in the process of the formation of machine production, the problem of mastering energy has come to the fore. First, methods of mastering the energy of wind and water were improved, and then mankind mastered thermal energy.
At the end of the 19th century, the mastery of electrical energy began, an electric generator and an electric motor were invented. And finally, in the middle of the 20th century, mankind mastered atomic energy; in 1954, the first nuclear power plant was put into operation in the USSR.
The mastery of energy made it possible to move on to mass machine production of consumer goods. An industrial society was created. During this period, there were also significant changes in the methods of storing and transmitting information.
In the information society, the main resource is information. It is on the basis of having information about a wide variety of processes and phenomena that any activity can be effectively and optimally built.
It is important not only to produce a large number of products, but to produce the right products at a certain time. With certain costs and so on. Therefore, in the information society, not only the quality of consumption increases, but also the quality of production; a person who uses information technology Better conditions labor, labor becomes creative, intellectual, and so on.
At present, the developed countries of the world (USA, Japan, Western European countries) have actually already entered the information society. Others, including Russia, are on the near approaches to it.
As criteria for development information society you can choose three: the availability of computers, the level of development of computer networks and the number of people employed in the information sphere, as well as using information and communication technologies in their daily activities.
Information today is expensive and must be protected. Mass application personal computers, unfortunately, turned out to be associated with the emergence of self-reproducing virus programs that prevent the normal operation of the computer, destroy the file structure of disks and damage the information stored in the computer.
Information is owned and used by all people without exception. Each person decides for himself what information he needs to receive, what information should not be available to others, etc. It is easy for a person to store the information that is in his head, but what if the information is entered in the “brain of the machine”, to which many people have access.
To prevent the loss of information, various mechanisms for its protection are developed, which are used at all stages of working with it. It is also necessary to protect devices from damage and external influences on which secret and important information, and communication channels.
Damage can be caused by a breakdown of equipment or a communication channel, forgery or disclosure of classified information. External impacts arise from both natural disasters and equipment failures or theft.
Use to store information various ways protection:
security of buildings where classified information is stored;
control of access to classified information;
access control;
duplication of communication channels and connection backup devices;
cryptographic transformations of information;
And from what, and from whom should it be protected? And how to do it right?
The fact that these questions arise indicates that the topic is currently relevant.
The purpose of this work is to identify sources of information threats and determine ways to protect against them.
Tasks:
identify the main sources of information threat;
describe methods of protection;
consider the legal side information security;

Chapter II Comparative analysis and characteristics of information security methods.
2.1 Virus protection.
METHODS OF PROTECTION AGAINST COMPUTER VIRUSES
Whatever the virus, the user needs to know the basic methods of protection against computer viruses.
To protect against viruses, you can use:
* general means of protecting information, which are also useful as insurance against damage to disks, incorrectly working programs or erroneous user actions;
* preventive measures to reduce the likelihood of virus infection;
* special programs for protection against viruses.
General information security tools are useful for more than just protecting against viruses. There are two main types of these funds:
* copying information - creating copies of files and system areas of the disk;
* access control means prevents unauthorized use of information, in particular, protection against changes to programs and data by viruses, malfunctioning programs and erroneous actions user.
General information security tools are very important for protecting against viruses, yet they are not enough. It is also necessary to use specialized programs to protect against viruses. These programs can be divided into several types: detectors, doctors (phages), auditors, doctor-inspectors, filters and vaccines (immunizers).
- DETECTORS allow you to detect files infected by one of several known viruses. These programs check to see if the files on the drive specified by the user contain a combination of bytes specific to a given virus. When it is found in any file, a corresponding message is displayed on the screen.
Many detectors have modes for curing or destroying infected files.
It should be emphasized that detection programs can only detect viruses that are "known" to it. Scan program
McAfeeAssociates and Aidstest can only detect a few thousand viruses, but there are more than 80 thousand of them! Some detection programs, such as NortonAntiVirus or AVSP, can tune in to new types of viruses, they only need to specify the byte combinations inherent in these viruses. However, it is impossible to develop such a program that could detect any previously unknown virus.
Thus, from the fact that the program is not recognized by detectors as infected, it does not follow that it is healthy - some new virus or a slightly modified version of an old virus, unknown to the detection programs.
Many detector programs (including Aidstest) cannot detect infection with "invisible" viruses if such a virus is active in the computer's memory. The fact is that they use DOS functions to read the disk, they are intercepted by a virus that says that everything is fine. It is true that Aidstest and other programs can detect a virus by examining the RAM, but this does not help against some "cunning" viruses. So a reliable diagnosis can only be made by detector programs when booting DOS from a write-protected floppy disk, and a copy of the detector program must also be run from this floppy disk.
Some detectors, say ADinf "Dialogue-Science", are able to catch "invisible" viruses, even when they are active. To do this, they read the disk without using DOS calls. This method does not work on all drives.
Most detector programs have a "doctor" function, i.e. try to return infected files or disk areas to their the initial state. Those files that could not be restored, as a rule, are made inoperable or deleted.
Most doctor programs are able to "cure" only from a certain fixed set of viruses, so they quickly become obsolete. But some programs can learn not only how to detect, but also how to treat new viruses.
These programs include AVSP
"Dialogue-MGU".
AUDITOR PROGRAMS have two stages of work. First, they remember information about the state of programs and system areas of disks (the boot sector and the sector with the partition table hard drive). It is assumed that at this moment programs and system areas of the disks are not infected. After that, using the auditor program, you can at any time compare the state of programs and system areas of disks with the original. The identified discrepancies are reported to the user.
In order to check the status of programs and disks every time the operating system is loaded, you must include the command to launch the auditor program in batch file AUTOEXEC.BAT. This allows you to detect a computer virus infection when it has not yet had time to do much harm. Moreover, the same auditor program will be able to find damaged by the virus files.
Many audit programs are quite "intelligent" - they can distinguish between changes in files caused, for example, by switching to a new version of the program, from changes made by a virus, and do not raise a false alarm. The fact is that viruses usually change files in a very specific way and make the same changes in different program files. It is clear that in a normal situation such changes almost never occur, so the auditor program, having fixed the fact of such changes, can confidently report that they are caused by a virus.
It should be noted that many audit programs are not able to detect infection by "invisible" viruses if such a virus is active in the computer's memory. But some revision programs, such as ADinf fi "Dialogue-Science", can still do this without using DOS calls to read the disk (although they do not work on all drives). Alas, all this is useless against some "cunning" viruses.
To check if a file has changed, some audit programs check the length of the file. But this check is not enough - some viruses do not change the length of infected files. A more reliable check is to read the entire file and calculate its checksum. It is almost impossible to change a file so that its checksum remains the same.
Recently, very useful hybrids of auditors and doctors have appeared, i.e. DOCTOR-REVISORS - programs that not only detect changes in files and system areas of disks, but can also automatically return them to their original state in case of changes. Such programs can be much more versatile than doctor programs, since they use pre-stored information about the state of files and disk areas during treatment. This allows them to heal
files even from those viruses that were not created at the time the program was written.
But they can not treat all viruses, but only those that use
"standard", known at the time of writing the program, file infection mechanisms.
There are also PROGRAM-FILTERS that are located resident in the computer's RAM and intercept those calls to the operating system that are used by viruses to multiply and cause harm, and report on
them the user. The user can enable or disable the corresponding operation.
Some filter programs do not "catch" suspicious actions, but check the programs called for execution for viruses. This causes the computer to slow down.
However, the advantages of using filter programs are very significant - they allow you to detect many viruses at a very early stage, when the virus has not yet had time to multiply and spoil something. In this way, losses from the virus can be minimized.
VACCINE PROGRAMS, or IMMUNIZERS, modify programs and disks in such a way that it does not affect the operation of programs, but the virus against which vaccination is made considers these programs or disks already infected. These programs are extremely inefficient.
Summary table of some anti-virus programs.

The name of the antivirus program General characteristics Positive qualities Disadvantages
AIDSTEST One of the most famous anti-virus programs that combines the functions of a detector and Dr. D.N. Lozinsky. When launched, Aidstest checks its RAM for viruses known to it and renders them harmless.
Can create a report on the work After the end of the neutralization of the virus, be sure to restart the computer. Cases of false alarms are possible, for example, when an antivirus is compressed by a packer. The program does not have a graphical interface, and its modes of operation are set using keys.

DOCTOR WEB
The "healing web" Dr.Web, like Aidstest, belongs to the class of doctor detectors, but unlike the latter, it has a so-called "heuristic analyzer" - an algorithm that allows you to detect unknown viruses. The user can tell the program to test both the entire disk and individual subdirectories or groups of files, or refuse to check disks and test only RAM.
Just like AidstestDoctorWeb can create a report on the work When scanning the memory, there is no one hundred percent guarantee that the Healing Web will find all the viruses that are there. Testing a hard drive with Dr.Web takes much longer
time than Aidstest.
AVSP
(Anti-Virus Software Protection)
This program combines a detector, a doctor, an auditor, and even has some functions of a resident filter. Antivirus can treat both known and unknown viruses. In addition, AVSP can treat self-modifying and Stealth viruses (stealth). The contextual hint system is very convenient, which gives explanations for each menu item. During a comprehensive scan, AVSP also displays the names of files that have changed, as well as the so-called change map. Along with viruses, the program disables some other resident programs. Stops on files that have a strange creation time.
Microsoft AntiVirus
This antivirus can work in detector-doctor and auditor modes. MSAV has a friendly MS-Windows style interface. Well-implemented contextual
power: there is a hint for almost any menu item, for any situation. Universally implemented access to menu items: for this you can use the cursor keys, key keys. In the main menu, you can change the drive (Selectnewdrive), choose between scanning without removing viruses (Detect) and with their removal (Detect&Clean).
A serious inconvenience when using the program is that it saves tables with data about files not in one file, but scatters them across all directories.
Advanced Diskinfo-scope ADinf belongs to the class of auditor programs. The antivirus has a high speed of work, it is able to successfully resist viruses that are in memory. It allows you to control the disk by reading it by sector through the BIOS and without using DOS system interrupts that a virus can intercept. To disinfect infected files, the ADinfCureModule module is used, which is not included in the ADinf package and is supplied separately.

2.3 Protection of information on the Internet.
Now hardly anyone needs to prove that when you connect to the Internet you put at risk the security of your local network and the confidentiality of the information contained in it. According to the CERT CoordinationCenter, in 1995 there were 2421 hacking incidents local networks and servers. According to a survey conducted by the Computer Security Institute (CSI) among the 500 largest organizations, companies and universities since 1991, the number of illegal intrusions has increased by 48.9%, and the losses caused by these attacks are estimated at 66 million US dollars.
To prevent unauthorized access to their computers, all corporate and departmental networks, as well as enterprises using intranet technology, put filters (fire-wall) between internal network and the Internet, which actually means leaving the single address space. Even greater security will come from moving away from TCP/IP and accessing the Internet through gateways.
This transition can be carried out simultaneously with the process of building a worldwide public information network, based on the use of network computers, which, with the help of network card and cable modem provide high-speed access to a local Web server via a cable television network.
To address these and other issues in the transition to a new architecture
The Internet needs to provide the following:
First, eliminate physical connection between the future Internet and corporate and departmental networks, keeping between them only an information connection through the WorldWideWeb system.
Secondly, to replace routers with switches, eliminating the processing in the IP protocol nodes and replacing it with the Ethernet frame translation mode, in which the switching process is reduced to a simple MAC address comparison operation.
Thirdly, to move to a new single address space based on physical addresses of access to the transmission medium (MAC-level), tied to the geographical location of the network, and allowing within 48-bit to create addresses for more than 64 trillion independent nodes.
One of the most common defense mechanisms against Internet bandits - “hackers” is the use of firewalls- firewalls.
It is worth noting that due to the lack of professionalism of administrators and the shortcomings of some types of firewalls, about 30% of hacks are committed after the installation of protective systems.
It should not be thought that all of the above are “overseas curiosities”. Russia is confidently catching up with other countries in terms of the number of server and local network hacks and the damage they cause
Despite the apparent legal chaos in the area under consideration, any activity for the development, sale and use of information security tools is regulated by a variety of legislative and normative documents, and all systems used are subject to mandatory certification by the State Technical Commission under the President of Russia.

2.3 Protection against unauthorized access.
It is known that information security algorithms (primarily encryption) can be implemented both in software and in hardware. Let's take a look at hardware encoders: why they are considered more reliable and provide better protection.
What is a hardware encoder.
The hardware encoder in appearance and in fact represents co6oy ordinary computer hardware, most often it is an expansion card inserted into the ISA or PCI slot system board PK. There are other options, for example, in the form of a USB key with cryptographic functions, but here we will consider the classic option - an encoder for the PCI bus.
Using an entire board only for encryption functions is an unaffordable luxury, so manufacturers of hardware encryptors usually try to saturate them with various additional features, among which:
1. Random number generation. It is necessary first of all to get cryptographic keys. In addition, many protection algorithms use them for other purposes, for example, the algorithm electronic signature GOCT P 34.10 - 2001. Each time a signature is computed, it needs a new random number.
2. Computer login control. When turning on the PC, the device requires the user to enter personal information(for example, insert a floppy disk with keys). Operation will be allowed only after the device recognizes the presented keys and considers them "its own". Otherwise, you will have to disassemble system unit and remove the encoder from there to boot (however, as you know, information on a PC can also be encrypted).
3. Control of the integrity of operating system files. This will prevent an attacker from changing any data in your absence. The encoder stores a list of all important files with checksums (or hash values) pre-calculated for each, and if the reference sum does not match at the next boot, although 6s of one of them, the computer will be locked.
A board with all the above features is called a cryptographic data protection device - UKZD.
An encryptor that controls the entrance to the PC and checks the integrity of the operating system is also called an "electronic lock". It is clear that the latter cannot do without software - a utility is needed with the help of which keys are generated for users and their list is maintained for recognition of “friend / foe”. In addition, an application is required to select important files and calculate their checksums. These programs are usually available only to the security administrator, who must first configure all UKDD for users, and in case of problems, understand their causes.
In general, having installed UKZD on your computer, you will be pleasantly surprised already at the next boot: the device will appear a few seconds after turning on the Power button, at least announcing itself and asking for the keys. The encoder always takes control when loading the IIK, after which it is not so easy to get it back. UKZD will allow the download to continue only after all of its checks. By the way, if for some reason IIK does not give control to the encoder, the encoder, after waiting a bit, will still block it. And it will also add work to the security administrator.
The structure of encoders
Let us now consider what the UKZD should consist of in order to perform these complex functions:
1. Control unit - the main module of the encoder, which "manages" the work of all the others. It is usually implemented on the basis of a micro-controller, now there are a lot of them and you can choose the right one. Main characteristics: speed and enough internal resources, as well as external ports to connect all the necessary modules.
2. PC system bus controller. Through it, the main data exchange between UKZD and a computer is carried out.
3. Non-volatile storage device (memory) - must be sufficiently capacious (several megabytes) and allow a large number of recording tracks. This is where the microcontroller software is located, which is executed when the device is initialized (that is, when the encoder takes control when the computer boots).
4. Log memory. It is also a non-volatile memory. It's really just another flash chip. To avoid potential collisions, program and log memory should not be combined.
5. A cipher processor is a specialized microcircuit or a programmable logic microcircuit. Actually, it encrypts the data.
6. Random number generator. Usually it is a device that gives a statistically random and unpredictable signal - white noise. It could be, for example, a noise diode
7. Block for entering key information. Provides secure receipt of keys from key carrier, through it, identification information about the user is also entered, which is necessary to resolve the issue of "friend or foe".
8. Block of switches. In addition to the basic functions listed above, UKZD can, at the behest of the security administrator, restrict the ability to work with external devices: disk drives, CD-ROMs, etc.

2.4 Legal protection of information
Legal protection of computer programs and databases was introduced in full for the first time in Russian Federation Law of the Russian Federation "On the legal protection of programs for electronic computers and databases", which entered into force in 1992.
The legal protection granted by this law extends to all types of computer programs (including operating systems and software complexes) that can be expressed in any language and in any form, including source text in a programming language and machine code. However, legal protection does not extend to the ideas and principles underlying the computer program. Including on the ideas and principles of organizing the interface and algorithm.
For the recognition and exercise of copyright in computer programs, its registration with any organization is not required. Copyright for computer programs arises automatically when they are created.
For notification with their rights, the developer of the program can. From the first release of the program, use the copyright notice, which consists of three elements:
letters C in a circle or parentheses ©;
title (name) of the right holder;
year of the program's first release.
For example, the copyright sign for the Word text editor looks like this:
© 1993-1997 Microsoft Corporation.
The author of the program has the exclusive right to reproduce and distribute the program by any means, as well as to modify the program.
An organization or a user who legally owns a copy of the program (who has bought a license to use it) has the right, without obtaining additional permission from the developer, to carry out any actions related to the operation of the program, including its recording and storage in the computer memory. Recording and storage in the computer memory is allowed in relation to one computer or one user in the network, unless otherwise provided by the contract with the developer.
You must know and comply with existing laws that prohibit illegal copying and use of licensed software. In relation to organizations or users that infringe copyright, the developer may seek damages and compensation from the infringer in an amount determined at the discretion of the court from 5,000 times to 50,000 times the minimum monthly wage.

Electronic signature.
In 2002, the Law of the Russian Federation "On Electronic Digital Signature" was adopted, which became the legislative basis for electronic document management in Russia. According to this law, electronic digital signature V electronic document is recognized as legally equivalent to a signature in a paper document.
When registering a digital signature in specialized centers, the correspondent receives two keys: secret and public. The secret key is stored on a floppy disk or smart card and should be available to all potential recipients of the documents and is usually distributed by e-mail.
The process of electronic signing of a document consists in processing using secret key message text. Next, the encrypted message is sent by e-mail to the subscriber. The subscriber uses the public key to authenticate the message and the electronic signature.
With the help of a block of special laws, the information security of the state, society and the individual is regulated. Among these laws:
Law "On the Mass Media" dated December 27, 1991 N 2124-I;
Law "On Federal Bodies of Government Communications and Information" dated February 19, 1992 N 4524-1;
Law "On the legal protection of programs for electronic computers and databases" dated September 23, 1992 No. 3523-1;
Law "On the legal protection of topologies of integrated circuits" dated September 23, 1992 N 3526-I;
Law "On State Secrets" of July 21, 1993 N 5485-1;
Law "On the mandatory copy of documents" of December 29, 1994 N 77-FZ;
Law "On Information, Informatization and Information Protection" dated February 20, 1995 N 24-FZ;
Law "On Foreign Intelligence" dated 10.01.96 N 5-FZ;
Law "On Participation in International Information Exchange" dated June 5, 1996 N 85-FZ;
Law "On the State automated system Russian Federation "Elections" N 20-FZ of January 10, 2003
Conclusion
Summing up, it should be mentioned that there are many cases when firms (not only foreign ones) wage real “spy wars” among themselves, recruiting employees of a competitor in order to gain access to information constituting a trade secret through them. The regulation of issues related to trade secrets has not yet received sufficient development in Russia. Existing legislation still does not provide regulation corresponding to modern realities individual issues including trade secrets. At the same time, one must be aware that the damage caused by the disclosure of trade secrets is often very significant (if they can be estimated at all). The presence of rules on liability, including criminal liability, can serve as a warning to employees against violations in this area, so it is advisable to inform all employees in detail about the consequences of violations. I would like to hope that the system of information protection being created in the country and the formation of a set of measures for its implementation will not lead to irreversible consequences on the path of information and intellectual integration with the whole world that is emerging in Russia.

Bibliography
1. Informatics: Textbook / ed. Prof. N.V. Makarova. - M.: Basic course. Theory. 2004
2. Bezrukov N.N. Computer viruses. - M.: Nauka, 1991.
3. Mostovoy D.Yu. Modern technologies for fighting viruses // PC World. - No. 8. - 1993.
4. Kent P. PC and society / Per. from English V.L. Grigoriev. - M.: Computer, UNITI, 1996. - 267 p.
5. Levin V.K. Information protection in information-computing systems and networks // Programming. - 1994. - N5. - C. 5-16.
6. On information, informatization and information protection: Federal Law // Rossiyskaya Gazeta. - 1995. - February 22. - C. 4.

Introduction. 3
1. Structure of complex information protection. 4
1.1. Physical protection. 5
1.2. Electromagnetic protection. 6
1.3. Cryptographic protection. 6
1.4. Human factor. 6
1.5. Active protection. 7
1.6. Other measures.. 8
2. The content of the element of software and mathematical protection of information. 9
2.1. Basic protection mechanisms computer systems.. 9
2.2. Protection by means of the operating system.. 10
2.3. Protect information by setting a BIOS password. 10
2.4. Operating system boot blocking.. 11
2.5. Data encryption. eleven
Conclusion. 12
List of used literature.. 13

Introduction
The entry of mankind into the 21st century is marked by rapid development information technologies in all spheres of public life. Information is increasingly becoming a strategic resource of the state, a productive force and an expensive commodity. This cannot but cause the desire of states, organizations and individual citizens to gain advantages by mastering information that is inaccessible to opponents, as well as by causing damage information resources adversary (competitor) and protection of their information resources.
The confrontation of states in the field of information technology (IT), the desire of criminal structures to illegally use information resources, the need to ensure the rights of citizens in information sphere, the presence of a set random threats cause an urgent need to ensure the protection of information in computer systems (CS), which are the material basis of informatization of society.
The problem of ensuring information security at all levels can be successfully solved only if an integrated information security system (CSIS) is created and operates, covering the entire life cycle computer systems from development to disposal and the entire technological chain of collecting, storing, processing and issuing information.
1. Structure of complex information protection
A systematic approach to information security issues requires, first of all, to identify tasks. For this to be possible, the following questions must be answered:
u What exactly needs to be protected?
u What do you need to protect your system from?
u Who is required to protect the system?
The first question belongs to the information processes, the normal course of which the specialists intend to ensure.
The next of the proposed questions to some extent affects the existing deviations in relation to the correct flow of the processes of information interactions.
The last question is directly related to those objects on which various manipulations are performed in order to deviate the process from the optimum.
The answer to the first of the proposed questions is the best layout of any information process. A detailed answer to the next question must necessarily contain a criterion for the "commonness" of the process, as well as a list of possible deviations from it, which are called threats in cryptography - namely, situations that could be made absolutely impossible. A subject that interferes with the normal flow of the process of information interaction is called an "intruder, raider" in cryptography. By the way, which can also be a legitimate participant in the information exchange who wants to achieve various advantages for himself.
As for the full answer to the last question, it is the so-called intruder model in cryptography. An attacker is by no means a specific person, but a certain personified sum of desired goals and available opportunities, for which the Pauli principle, related to elementary particle physics, is fully valid: both subjects, which have the same goals and opportunities to achieve them, are considered in cryptography as the same person, that is, the attacker.
Having received answers to all the questions listed above, we obtain the formulation of the problem of complex protection of information and the information process.
There are several types of information security. To build the right protection logic, you need to have a clear understanding of each of them.
1.1. Physical security full access and to the information itself. And in this case, only cryptography can interfere, although not always. For example, if an intruder nevertheless obtained some physical access to a computer that stores secret data in encrypted form, theoretically and practically, he can fully consider his task completed (in any of the existing options). It installs on this computer special program, whose tasks are to intercept information in the process of its encryption or decryption.
First, you should take care of the physical safety of the computer equipment used and the corresponding media. All the most difficult lies in the implementation of physical protection by communication lines. If the wires used pass outside the protected facility, then the data transmitted over them should be considered with full probability as known to the enemy.
1.2. Electromagnetic protection It is known that all electronic devices emit electromagnetic oscillations and waves and perceive them from the outside. With the help of such fields, it is also possible to remotely retrieve information from computers, and the necessary action on them. Electromagnetic oscillations and waves can be protected by a screen of any conductive material. Metal cases, as well as metal meshes, together with a foil wrapper, are good protection against electromagnetic waves.
It should be borne in mind that shielding any room is a rather expensive process. During the solution of such an issue, the factor of economic rationality of protection becomes the main one, as discussed above.
1.3. Cryptographic protection The purpose of a cryptographic system is to encrypt a meaningful source text (in other words, plaintext), where the result is an absolutely meaningless ciphertext at first glance - a cryptogram. The recipient to whom the received cryptogram is intended must be able to decrypt this ciphertext, thus restoring the original corresponding plaintext. It should be noted that in this case the adversary (also referred to as a cryptanalyst) must be unable to crack the plaintext.
1.4. The human factor It is known that a person is the least reliable link in the information security chain. Of all the well-known successful attempts to commit crimes in the field of computer information, most were made with the help of accomplices from the institution itself, which was attacked.
The question arises: how then can one protect oneself from threats from the employees of the aiming institution? The answer to it, if possible, lies in a completely different area. One thing that can be accurately commented on is to try to minimize this factor in information security systems.
1.5. Active protection This type of protection is the most effective when the source of the information threat is most precisely clear. If so, then active measures are being taken to the side against attempts to gain access to stored information. They may be as follows:
u detection and decommissioning of devices due to covert removal of information used;
u searching for and detaining persons fixing such devices or performing other illegal manipulations in order to gain access to information;
u searching for probabilistic channels of leakage or illegal access to information and sending false information through the appropriate channels;
u mounting deceptive information streams in order to mask real streams, as well as dissipate the attacker's forces to decrypt them;
u showing the enemy possible methods of available protection (false ones are not excluded) in order to give the latter the opinion that it is impossible to overcome the protection;
u covert intelligence acts to obtain information about how an attacker has access to protected information, as well as appropriate countermeasures.
1.6. Other measures It goes without saying that in a set of protection measures various information the use of the necessary appropriate equipment, which is usually located in specially designated (as a rule, specially built) premises, is also taken into account.
2. The content of the element of program-mathematical protection of information 2.1. The main mechanisms for protecting computer systems To protect computer systems from unlawful interference in the course of their operation and unauthorized access (UAS) to information, the following basic protection methods (protective mechanisms) are used:
u identification (naming and identification), authentication (authentication) of system users;
u differentiation of user access to system resources and authorization (assignment of authority) to users;
u registration and prompt notification of events occurring in the system (audit);
u cryptographic closure of data stored and transmitted over communication channels;
u control of the integrity and authenticity (authenticity and authorship) of data;
u detection and neutralization of computer viruses;
u erasure of residual information on media;
u identification of vulnerabilities (weak points) of the system;
u isolation (perimeter protection) of computer networks (traffic filtering, hiding the internal structure and addressing, countering attacks on internal resources, etc.);
u attack detection and rapid response;
u backup;
u disguise.
The listed protection mechanisms can be used in specific technical means and protection systems in various combinations and variations. The greatest effect is achieved with their systemic use in combination with other types of protection measures.
2.2. Protection by means of the MS-DOS operating system, as the most common operating system, does not provide any protection methods. It is the most open operating system, and many different hardware and software have been developed on its basis. software tools, in particular - virtual encoded or encrypted disks, boot blockers, etc. However, the available disassembly tools, debuggers, as well as a large number of qualified programmers nullify all program methods.
DR-DOS, as one of the varieties of MS-DOS, although it supports file locking, but loading from a floppy disk or other storage device makes it useless to use the built-in protection systems.
Windows 95/98 are based on MS-DOS and share all of its shortcomings. The Windows 95/98 password system does not stand up to scrutiny, and even installation additional modules system policy does not solve this problem.
Windows NT and Novell, although they solve the problem of protection, but ... here the simplest example- stole, or confiscated in the prescribed manner, a computer. The disk was installed second - and all your administration, on which thousands (if not millions) of man-hours have been spent, is no longer a hindrance to anyone.
2.3. Protecting information by setting a BIOS password The maximum that is needed to lock it is to open the computer, install a jumper and remove it (at most - two minutes). There are two (known to me) exceptions - systems with clocks based on DALLAS chips and portable computers.
Here the existing problem is by no means so simply solved as it seems at first glance. In this case, removing the drive and installing it in another computer helps (again, two minutes).
2.4. Blocking the boot of the operating system Many companies follow this path. At this method again, disadvantages surface if the computer or drive can be accessed. Known boards intercept the boot interrupt, but the tuner of modern computers allows you to block this possibility, the removal of this board or drive negates the apparent power of this tool.
2.5. Data Encryption This is one of the most powerful methods. I will begin its consideration with the definition according to GOST-19781: Encryption is the process of converting open data into encrypted using a cipher or encrypted data into open using a cipher - a set of reversible transformations of a set of possible open data into a set of possible encrypted data, carried out according to certain rules using keys (a specific secret state of some parameters of the cryptographic data transformation algorithm, which ensures the choice of one transformation).
The stability of modern encryption systems is quite high, and we will consider it sufficient. However, the developer, seller, and installer must be licensed. But this is not enough! EVEN THE USER is required to have a license. In Russia, the use of only one algorithm is allowed and it is fundamentally impossible to obtain, and, therefore, use, imported developments!

Conclusion
Now it's time to sum up.
There are many cases when firms (not only foreign ones!!!) wage real "spy wars" among themselves, recruiting employees of a competitor in order to gain access through them to information that is nothing less than a whole commercial secret.
The regulation of issues related to trade secrets has not yet received sufficient development in Russia. Adopted back in 1971, the Labor Code, despite numerous changes, is hopelessly outdated and does not provide for the regulation of many issues that correspond to modern realities, including trade secrets. The presence of rules on liability, including criminal liability, can serve as a warning to employees against violations in this area, therefore, I believe that it would be advisable to inform all employees in detail about the consequences of violations. At the same time, one must be aware that the damage caused by the disclosure of trade secrets is often very significant (if they can be estimated at all). Most likely, it will not be possible to compensate for losses by demanding their compensation from the guilty employee, partly due to the imperfect procedure for applying property foreclosures on individuals, and partly simply because the individual does not have the appropriate funds. I would like to hope that the system of information protection being created in the country and the formation of a set of measures for its implementation will not lead to irreversible consequences on the way of the emerging in Russia information and intellectual association with the whole world.
List of used literature:
1. Zavgorodniy V.I. Complex protection of information in computer systems: account. allowance. – M.: Logos; PBOYUL N.A. Egorov, 2007. - 488 p.
2. Khalyapin D.B. Data protection. - Bayard M, 2004.- 431 s: ill.
3. Bernik V., Matveev S., Kharin Yu. Mathematical and computer bases of cryptology. – M.: Logos; PBOYUL N.A. Egorov, 2007. - 315 p.
4. Source Internet networks: www.college.ru

Protection against unauthorized access to information. For

passwords are used to protect against unauthorized access to data stored on the computer. The computer allows access to its resources only to those users who are registered and entered correct password. Each specific user may be allowed access only to certain information resources. In this case, all unauthorized access attempts can be logged.

Password protection is used when the operating system boots (when the system boots, the user must enter his password). Password login can be set to BIOS program Setup, the computer will not start loading the operating system unless the correct password is entered. It is not easy to overcome such protection, moreover, there will be serious data access problems if the user forgets this password.

Every disk, folder and file on the local computer can be protected from unauthorized access. Certain access rights can be set for them (full, read only, by password), and the rights can be different for different users.

Currently, biometric identification systems are increasingly used to protect against unauthorized access to information. The characteristics used in these systems are inalienable qualities of a person's personality and therefore cannot be lost and forged. Biometric information security systems include fingerprint identification systems, speech recognition systems, and iris identification systems.

Fingerprint identification. Optical fingerprint scanners are installed on laptops, mice, keyboards, flash drives, and are also used as separate external devices and terminals (for example, in airports and banks).

If the fingerprint pattern does not match the pattern of the user admitted to the information, then access to the information is impossible.

Identification by characteristics of speech. Identification of a person by voice is one of the traditional methods of recognition, interest in this method is also associated with implementation forecasts voice interfaces to operating systems. You can easily recognize the interlocutor on the phone without seeing him. You can also determine the psychological state of the emotional coloring of the voice. Voice identification is contactless and there are systems for restricting access to information based on frequency analysis of speech.

Rice. 6.49.

Each person has an individual frequency response each sound (phoneme).

In the novel by A.I. Solzhenitsyn "In the First Circle" describes the voice identification of a person back in the 40s. last century.

Rice. 6.50.

Face identification. Face recognition technology is often used to identify a person. They are unobtrusive, since recognition of a person occurs at a distance, without delays and distraction, and does not limit the user's freedom. From the face of a person, you can find out his history, likes and dislikes, illnesses, emotional state, feelings and intentions towards others. All this is of particular interest for automatic face recognition (for example, to identify potential criminals).

Identification features take into account the shape of the face, its color, as well as the color of the hair. Important features include also the coordinates of facial points in places corresponding to a change in contrast (eyebrows, eyes, nose, ears, mouth and oval).

At present, the issuance of new international passports begins, in the microcircuit of which is stored digital photography passport holder.

Iris identification. The iris of the eye is a unique biometric characteristic for each person. It is formed in the first year and a half of life and remains practically unchanged throughout life.

Rice. 6.51.

Identification by the palm of the hand. Almost everything about a particular person can be read in the palm of his hand. In biometrics, for identification purposes, the simple geometry of the hand is used - the size and shape, as well as some information signs on the back of the hand (images on the folds between the phalanges of the fingers, patterns of the location of blood vessels).

Fingerprint identification scanners are installed at some airports, banks and nuclear power plants.

Rice. 6.52.

Physical protection of data on disks. To ensure greater read (write) speed and reliability of data storage on hard drives, RAID arrays (Redundant Arrays of Independent Disks) are used. Some hard drives are connected to the RAID controller, which treats them as a single logical storage medium.

There are two ways to implement a RAID array: hardware and software. A hardware disk array consists of several hard disk drives managed by a dedicated RAID controller board. Software RAID is implemented using special driver. The program array organizes disk partitions, which can occupy both the entire disk and its part. Software RAIDs tend to be less reliable than hardware RAIDs, but provide faster data processing speeds.

There are several types of RAID arrays, the so-called levels. OS Multiple levels of RAID arrays are supported.

RAID 0. To create an array of this level, you will need at least two disks of the same size. Recording is carried out according to the principle of interleaving: data is divided into portions of the same size (A1, A2, AZ, etc.) and distributed in turn across all disks included in the array (Fig. 6.53). Since writing is done to all disks, if one of them fails, all data stored on the array will be lost, but writing and reading on different disks occurs in parallel and, accordingly, faster.

Rice. 6.53.

RAID 1. Arrays of this level are built on the principle of mirroring, in which all portions of data (Al, A2, AZ, etc.) recorded on one disk are duplicated on another (Fig. 6.54). To create such an array, two or more disks of the same size are required. Redundancy provides fault tolerance of the array: in case of failure of one of the disks, the data on the other remains intact. The payoff for reliability is the actual halving of disk space. The read and write speed remains at the level of a conventional hard drive.

Data protection - this is the use of various means and methods, the use of measures and the implementation of measures in order to ensure the system of reliability of transmitted, stored and processed information.

The problem of information security in electronic data processing systems arose almost simultaneously with their creation. It was caused by specific facts of malicious actions with information.

If in the first decades of active use of PCs, the main danger was posed by hackers who connected to computers mainly through telephone network, then in the last decade, the violation of the reliability of information has been progressing through programs, computer viruses, and the global Internet.

There are enough methods of unauthorized access to information, including: viewing; copying and substitution of data; input of false programs and messages as a result of connection to communication channels; reading the remnants of information on its media; signal reception electromagnetic radiation and wave character; use of special programs.

1. Means of identification and differentiation of access to information

One of the most intensively developed areas for ensuring information security is the identification and authentication of documents based on electronic digital signature.

2. Cryptographic method of information protection

The most effective means of improving security is cryptographic transformation.

3. Computer viruses

Destruction of the file structure;

Turn on the drive indicator light when it is not being accessed.

The main ways in which viruses infect computers are usually removable drives(floppies and CD-ROMs) and computer networks. Infection of the computer's hard disk can occur if the computer is booted from a floppy disk containing a virus.

According to the type of habitat viruses have, they are classified into boot, file, system, network and file-boot (multifunctional).


Boot viruses are embedded in the boot sector of the disk or in the sector that contains the boot program of the system disk.

File viruses are placed mainly in executable files with the extension .COM and .EXE.

System viruses embedded in system modules and peripheral device drivers, file allocation tables and partition tables.

Network viruses are in computer networks, and file-boot - infect disk boot sectors and files application programs.

Viruses are divided into resident and non-resident viruses along the way of infecting the habitat.

Resident viruses when infecting a computer, they leave their resident part in the OS, which, after infection, intercepts the OS's calls to other objects of infection, infiltrates them and performs its destructive actions, which can lead to shutdown or reboot of the computer. Non-resident viruses do not infect the computer's operating system and are active for a limited time.

The peculiarity of the construction of viruses affects their manifestation and functioning.

logic bomb is a program that is embedded in a large software package. It is harmless until a certain event occurs, after which its logical mechanism is implemented.

mutant programs, self-reproducing, create copies that are clearly different from the original.

invisible viruses, or stealth viruses, intercept OS calls to affected files and disk sectors and substitute uninfected objects in their place. When accessing files, these viruses use rather original algorithms that allow them to "deceive" resident anti-virus monitors.

Macroviruses use the macro language features that are built into office programs data processing (text editors, spreadsheets).

By the degree of impact on the resources of computer systems and networks, or by destructive capabilities, harmless, non-dangerous, dangerous and destructive viruses are distinguished.

Harmless viruses do not have a pathological effect on the operation of the computer. Non-dangerous viruses do not destroy files, but reduce free disk space, display graphic effects. Dangerous viruses often cause significant disruption to the computer. Destructive viruses may lead to the erasure of information, complete or partial disruption of the application programs. It is important to keep in mind that any file capable of loading and executing program code is a potential place for a virus to be placed.

4. Antivirus programs

The wide distribution of computer viruses has led to the development of anti-virus programs that allow you to detect and destroy viruses, "cure" the affected resources.

The basis of most anti-virus programs is the principle of searching for virus signatures. Virus signature name some unique characteristic of a virus program that indicates the presence of a virus in a computer system.

According to the way they work, anti-virus programs can be divided into filters, auditors, doctors, detectors, vaccines, etc.

Filter programs - these are the “watchmen” who are constantly in the OP. They are resident and intercept all requests to the OS to perform suspicious actions, i.e. operations that use viruses to reproduce and damage information and software resources in the computer, including reformatting the hard drive. Among them are attempts to change file attributes, correct executable COM or EXE files, write to disk boot sectors.

The constant presence of “watchdog” programs in the OP significantly reduces its volume, which is the main disadvantage of these programs. In addition, filter programs are not able to "treat" files or disks. This function is performed by other antivirus programs, such as AVP, Norton Antivirus for Windows, Thunder Byte Professional, McAfee Virus Scan.

Auditor programs are a reliable means of protection against viruses. They remember the initial state of programs, directories and system areas of the disk, provided that the computer has not yet been infected with a virus. Subsequently, the program periodically compares the current state with the original. If inconsistencies are found (by file length, modification date, file cycle control code), a message about this appears on the computer screen. Among the auditor programs, one can single out the Adinf program and its addition in the form of the Adinf cure Module.

Doctor Program is able not only to detect, but also to "cure" infected programs or disks. In doing so, it destroys the infected programs of the virus body. Programs of this type can be divided into phages and polyphages. Phages - These are programs that are used to find viruses of a certain type. Polyphages designed to detect and destroy a wide variety of viruses. In our country, polyphages such as MS Antivirus, Aidstest, Doctor Web are most commonly used. They are continuously updated to deal with emerging new viruses.

Programs-detectors are capable of detecting files infected by one or more viruses known to software developers.

vaccine programs, or immunizers, belong to the class of resident programs. They modify programs and disks in a way that does not affect their operation. However, the virus that is being vaccinated against considers them already infected and does not infect them. At the moment, many anti-virus programs have been developed that have received wide recognition and are constantly updated with new tools to combat viruses.

5. Data security in an interactive environment

Interactive environments are vulnerable in terms of data security. An example of interactive media is any of the systems with communication capabilities, such as email, computer networks, the Internet.

In order to protect information from hooligan elements, unskilled users and criminals, the Internet system uses a system of rights, or access control.

Assignment: abstract, answer the questions of student Tsv., p. 176, question. 3, 4 and 5.

Writing a report is an independent scientific work of a student, which involves its subsequent defense. In order to speak well in front of an audience, it is necessary, first, to have a good understanding of the topic, study several sources of literature, have an idea of ​​\u200b\u200bwhat scientists have on this subject, and have their own point of view.


Usually, the defense of the report takes the form of a discussion. First, the teacher or supervisor announces the student and the topic of his work, then the presentation begins, which contains the results of the study with recommendations, and at the end the speaker answers the questions of interest to the audience.

A good report, with excellent content, must be well presented. You need to get your audience interested in your presentation. In order for the report to be perceived positively, it is necessary:

  1. Establish rapport with the listener. This is a very important stage, so it must be treated very carefully. Among the audience, you should choose the person to whom the performance will be carried out. In fact, you can periodically switch your eyes to several members of the commission, but then you can get distracted and lose the thread of reasoning.
  2. Find an individual approach to speech pronunciation. First, it is important that the information be heard by everyone, both those in the front rows and those at the back of the audience. The speech should sound simple and clear, accessible to each participant.
  3. Try to get rid of shyness and stiffness so that the performance goes smoothly. Of course, it is very difficult to overcome fear, but it is necessary for oneself to understand that nothing terrible will happen, rather, on the contrary, many people will be able to listen to an interesting work, assess the complexity of the study and, possibly, become interested in this topic and continue their own analysis. Therefore, when speaking, you should count on the interest of the audience, and for this you do not need to think that the report is read at the Last Judgment and one wrong step can lead to collapse.
  4. Diversify your performance. Do not speak monotonously, this can divert the attention of the commission to extraneous matters. Loud, clear speech, with different coloring of the timbre will be appropriate.
  5. Communicate with the audience during your speech. You can diversify your speech with expressions such as: "I can answer your question clearly", "You ask what consequences this will lead to."

If a regular report is read in free form, then speaking at a conference requires a completely different approach. Here it is already necessary to prove your point of view or to challenge someone else's opinion. Therefore, the jokes in the speech are definitely not appropriate. About ten minutes are allotted for the presentation and during this time it is necessary to have time to present the results of your work.

Usually, the presentation is divided into three parts. The first contains a summary of the introduction, that is, the relevance of the topic of the work, research methods are indicated. However, it is also important here to capture the attention of the listeners from the very beginning. The second part is interesting for the scientific research of the speaker, his personal contribution. You can use graphics, drawings, tables, any visual material when speaking. The third part shows the results obtained and possible recommendations.

After the presentation, it is also necessary to answer questions from the audience.