Lecture №8. Cybersafety.
Purpose:Have an idea aboute-business ande-government.
Plan:
1.Security risks of information and their classification. Industry of cybersafety. Cybersafety and control of the Internet.
2.Malicious applications. Measures and means of information protection.
3.Standards and specifications in information security field. The acts of the Republic of Kazakhstan governing legal relations in the sphere of information security.
4.Digital signature. Encoding.
1.Security risks of information and their classification. Industry of cybersafety. Cybersafety and control of the Internet.
One of the main aspects of the problem of security automated system (AS) is the identification, analysis and classification of possible threats to specific speakers. A list of the most significant threats, assess their likelihood and model of the attacker are basic information for an optimal protection.
Information Security Risk - a set of conditions and factors that create a potential or actual violation of the existing danger of information security. AS security threats - it is an opportunity to influence the implementation of the information processed in the AS, which leads to a breach of confidentiality, integrity or availability of information, as well as the opportunity to influence the AC components, leading to their loss, destruction or failure of the operation.
threats to the security of information source - a subject that is a direct cause of a threat of safety information
The main sources of security breaches are in AS:
• accidents and disasters (fire, earthquake, hurricane, flood, etc.);
• faults and failures of hardware;
• design and development component error AC (software and data processing technology, hardware, etc.);
• Operating error;
• deliberate actions of violators.
There are many criteria for classifying threats. Consider the most common ones.
1. The nature of the origin: natural and artificial
Natural threats - a threat caused by exposure to the AS and its objective elements of natural physical processes or natural phenomena, independent of man. In turn, artificial threat - a threat to the AS, caused by human activities.
2. The degree of motivation: unintentional (accidental) and intentional. The first related to the different kinds of errors - in the design of the AS, in the software, human error when working with the AS and etc. The second group is related to the self-serving, and other ideological goals of people, in this case, the intruders. The reason may be to obtain material gain, revenge, moral beliefs, and so forth.
3. The position in relation to controlled areas: internal and external threats. As an example, external threats can be to intercept data transmitted over the network or through a leak PEMIN. The internal threats include theft of media with confidential information, damage to equipment, the use of various types of bookmarks.
4. The degree of impact on AS: passive and active. Passive threats - threats that do not violate the composition and the normal operation of the AS. Example - copying of confidential information leakage through technical channels of leakage, eavesdropping, etc. Active threat, respectively, disrupts the normal functioning of the AS, its structure or composition.
5. The mean infringed property information - confidentiality, availability, integrity.
6. The type of system, which is aimed threat: a system based on a stand-alone workstation and system having a connection to the PSTN.
7. The method of realization: unauthorized access (including random) to protected information, a special effect on the information, technical information leakage through leak paths.
2.Malicious applications. Measures and means of information protection.
Malicious program (in the jargon of the anti-virus services, "malware", English malware, malicious software -. «Malicious software") - any software designed to gain unauthorized access to computing resources most computer or information stored on the computer, with the purpose of unauthorized owner use computer resources or damage (damage) owner information, and / or the owner of a computer and / or the owner of the computer network by copying, distortion, deletion or substitution of information.
Types of viruses and malware | Description |
joke Program | joke Program - it is a virus-like program that usually changes the appearance of elements on a computer screen. |
"Trojan horse" | Trojan horse - is a executable program that does not replicate itself, and being introduced into the system for the performance of potentially dangerous actions, such as opening ports for hackers to access. This program often uses ports "Trojan horses" to gain access to the system. An example of a Trojan horse program can serve as asserting that it saves your computer from viruses when it actually introduces them into the system. |
Virus | Virus - a program that can reproduce itself. For this purpose, the virus has been attached to any program. As a result, it will be automatically executed during starting of the program. Boot virus: A type of virus that infects partition or disk boot sector The malicious Java code: platform-independent virus code written in the Java language, or embedded in a Java application. A macro virus: a kind of virus, written as a macro for a specific application and often embedded in the document Viruses VBScript, JavaScript or HTML: viruses that are on Web pages and downloaded through a browser Worm: self-contained program (or set of programs) that can spread copies of itself or segments to other computers, often through email |
The test virus | Test virus - it is an inactive file, which is detected by the antivirus program. Test viruses (such as the EICAR test script) are used to verify the correct operation of the anti-virus. |
Packer | Packer - is compressed and / or encrypted executable for Windows or Linux, you are often a "Trojan horse". Compress executable packer difficult to determine the antivirus software. |
Probable virus / malware | This category of viruses and malware are suspicious files with some signs of a virus or malware. For details about probable virus or malware, see the following page of the online encyclopedia viruses Trend Micro.: http://www.trendmicro.com/vinfo/emea/virusencyclo/default.asp |
Other | The category "Other" get viruses and malware that are not related to any of the types listed above. |
Table 9- Types of viruses
Measures and means of information protection.
Information security is a confrontation of information security specialists and hackers. The attacker - a subject who illegally trying to obtain, modify or destroy data of legitimate users.
Data protection is slaboformalizuemymi task, that is, has no formal methods of solution, and is characterized as follows:
• a large number of factors influencing the construction of effective protection;
• lack of accurate baseline data input;
• lack of mathematical methods for optimal results at the aggregate source data.
Confidentiality, integrity and availability are the three most important properties of the information in the framework of its safety:
• confidentiality of information - the state of the information in which access to it is carried out only entities that have a right to it;
• integrity of the information - the state of the information for which there is no any change in any change is only intentionally subjects have a right to it;
• the availability of information - the state of the information in which entities with access rights can sell them freely
Among these types of protection are the basic legal, organizational and technical protection of information.
Legal protection - protection of information by legal methods, including the development of legislative and regulatory documents (acts) that regulate subjects regarding the protection of information, the use of these documents (acts), as well as supervision and control over their execution
For legal protection measures include the RК laws, decrees and other legal acts. At the legislative level, there is regulation of the rules for handling the information are determined participants of information relations, their rights and duties as well as liability in the event of breaches of the law. In some way measures of the group may include prophylactic. Their main function is to prevent potential intruders, because in most cases it is the fear of punishment stops from committing crimes. The advantages of legal protections is their versatility in terms of application to all illegal methods of information extraction. Moreover, in some cases, they are only applicable, such as in the protection of copyright in case of illegal replication.
For moral and ethical measures include standards of conduct established in the society. In some cases, they can be made in writing, such as charter or code of honor of the organization. Compliance with ethical standards is not mandatory, and is more of a preventive nature.
Organizational security measures - organizational measures designed to regulate the functioning of information systems, staff performance, users interact with the system. Among the basic organizational information protection measures can be identified as follows:
• Formation of a security policy;
• The regulation of access to premises;
• Regulation of access of employees to use resources information system and others.
• Determination of liability in the event of non-compliance with information security requirements.
Organizational measures alone can not solve the security problem. They should work in conjunction with physical and technical means of information protection in the definition of the actions of people.
Physical protection is a set of tools that prevent physical penetration of a potential intruder in the monitored area. They may be mechanical, electro-mechanical or electronic devices of various types. Most often, it is with the construction of the physical protection of security begins in the organization, including the information.
The last and most extensive in its composition echelon protection system is the technical protection of information. It is this type of protection is dedicated to this course.
Technical protection of information - data protection is to ensure nekriptograficheskimi methods of safety information (data) to be protection in accordance with applicable law, the application of technical, software and software and hardware. It is important to note that technical protection - is not only a protection against leakage of information through technical channels of leakage, but also protection against unauthorized access from the mathematical effects, malware, etc. The objects of technical protection of information can be:
• information of the object;
• Information system;
• resources information system;
• Information Technology;
• software;
• communication network.
We proceed to the review of the standards and specifications of two different types:
3.Standards and specifications in information security field. The acts of the Republic of Kazakhstan governing legal relations in the sphere of information security.
LAW OF THE REPUBLIC OF KAZAKHSTAN
On National Security of the Republic of Kazakhstan
(With amendments and additions as 26.07.2016 )
Article 4. Types of National Security
5) information security - the state of protection of information space of the Republic of Kazakhstan, as well as the rights and interests of man and citizen, society and the state in the information sphere of the real and potential threats, which provides a sustainable development of the country's independence and information.
4.Digital signature. Encoding.
1. What is a digital signature?
Digital signature - is the resulting cryptographic (encryption) transformation of information using a private key signature props electronic document designed to protect the document from forgery, as well as from unauthorized changes. In fact, the electronic signature - a full, having the same legal effect as handwritten signature analogue, bonded stamp.
2. Why use digital signature?
The purpose of digital signature is authentication information, ie protection of transmitted information, the participants of information exchange for guarantees of their authenticity. EDS system requires that every user has a private key that is used to generate the signature, and the corresponding public key for checking signatures and distributed to a certain circle of users in the system of information exchange.
From a practical point of view of electronic signature is used in electronic document management systems, and for participation in electronic auctions.
Дата добавления: 2017-05-18; просмотров: 7145;