Ensuring the security of computer networks. Network technologies and information security
concept information security when working on a computer network. Organizational measures of information security. Protection of information with the help of anti-virus programs. Protection against unwanted mail. Personal network filters. The concept and purpose of the firewall (firewall). Reliability of information from Internet resources.
Students should know:
basic information security measures when working in a computer network;
basic anti-virus programs and technology for working with them;
the main measures applied in anti-spam technology;
the appointment of a firewall for information protection;
basic rules for ensuring the reliability of the information obtained as a result of the search.
Students should be able to:
perform basic organizational information security measures on your own computer;
produce automatic update antivirus programs;
SECTION 4. INFORMATION TECHNOLOGYPRESENTATION OF INFORMATION IN THE FORM OF PRESENTATIONS IN THE ENVIRONMENTPOWERPOINT
Topic 4.1. Features of the presentation preparation software environmentPowerPoint 2003
Features and scope of the PowerPoint application. Typical presentation objects. Tool groups in the PowerPoint environment.
PowerPoint 2003 interface features compared to previous versions: Quick Help; task areas. Possibilities of technology for working with graphic objects. Characteristics of the "Photo Album" mode. Automatic text selection mode. Preview. Safety precautions for working in the PowerPoint 2003 environment.
Students should know:
the purpose and functionality of PowerPoint 2003;
PowerPoint 2003 objects and tools;
4.2. Information technology for creating a presentation using the AutoContent Wizard on the topic "Safety in the computer class"
Filling the presentation with information on the topic: search for materials on the Internet; filling slides with text; Slides with drawings and photographs.
Creating presentation controls: setting up an interactive table of contents using hyperlinks; providing a return to the table of contents; adding hyperlinks to Word documents; adding control buttons to all slides.
Making a rapid test: creating questions and answers; setting the reaction to the selected answers in the form of hyperlinks; return to the slide with questions; control button reprogramming.
Adding animation effects: selection of animation effects; animation setting.
Students should know:
the main objects of the presentation;
purpose and types of presentation templates;
basic presentation controls;
technology for working with each object of the presentation.
Students should be able to:
create and design slides;
change slide settings
select and adjust the animation of a text and graphic object;
embed audio and video clips into presentations;
create presentation controls: interactive table of contents, control buttons, hyperlinks.
4.3. Information technology for creating a presentation on the social topic "Computer and schoolchildren's health"
Workshop. Creation of the educational complex "Computer and schoolchildren's health"
Description of the purpose of the presentation "Computer and schoolchildren's health" as a component of the project. Using Internet resources to select the necessary information for the presentation. Presentation technology. The technology for creating your own presentation background is creating and inserting a picture.
Students should know:
the purpose and main content of the SanPiN regulatory documents for working on computers;
work technology in PowerPoint application 2003.
Students should be able to:
independently select the necessary information for the chosen topic of the presentation, using the Internet resources;
create your own presentation for any topic.
SECTION 5. INFORMATION TECHNOLOGY
DATA PROCESSING IN A SPEECH PROCESSOR ENVIRONMENTEXCEL
5.1. Statistical data processing and charting
Workshop. Statistical study of data arrays on the example of solving the problem of processing the results of entrance exams. Statement and description of the problem.
Technology for processing statistical data (data array) on the chosen topic: determining the composition of applicants by length of service; determination of the average score; determination of the regional composition of applicants; determination of the composition of applicants by type of entrance examinations.
Analysis of the results of statistical data processing: determination of the number of applicants in the areas of study; study of the age of applicants; study of the popularity of various areas of education among boys and girls; formation of lists of applicants enrolled in the university in the selected areas of study.
Students should know:
purpose and rules for the formation of logical and simple statistical functions;
presentation of the results of statistical processing in the form of different types of diagrams;
how to properly structure information for statistical data processing and analysis.
Students should be able to:
apply the technology of formation of logical and simplest statistical functions;
use the technology of presenting information in the form of diagrams;
to analyze the results of processing data arrays.
5.2. Technology of data accumulation and processing
Workshop. Mastering the technology of data accumulation on the example of creating a test shell on the topic "Can you become a successful businessman?". Statement of the problem of developing an information system for a test survey.
Test shell development technology: design of the test area; design of the response area; creating and setting up response forms.
Technology for processing test results: addressing the testee; formation of a block of conclusions using logical formulas.
Students should know:
technology for creating interactive shells;
rules for the formation of logical formulas.
Students should be able to:
create test shells;
use forms to enter data into a table;
work with several pages of a book;
develop and use logical formulas;
enter, collect and process data.
5.3. Automated data processing using questionnaires
Workshop. Mastering the technology of automated processing of questionnaires on the example of conducting a survey as part of a competition for the position of the host of a music program. Formulation of the problem.
User interface development technology: design of the applicant's questionnaire template; creation of assessment forms entered into the questionnaire by jury members; setting up assessment forms.
Technology for organizing data accumulation and processing: creation of macros; creation of control buttons; summing up the results of the competition and building diagrams.
Students should know:
technology for automated data processing using questionnaires;
the concept of a macro and the technology of its creation and use.
Students should be able to:
create templates for data registration in the form of a questionnaire;
customize data entry forms;
create macros;
organize the accumulation of data;
process accumulated data and present information in the form of diagrams.
SECTION 6. INFORMATION TECHNOLOGY FOR PROJECT DEVELOPMENT
6.1. Understanding the main stages of project development
The concept of the project. Project examples. Classification of projects: by area of use; by duration; in complexity and scale.
The main stages of project development: project concept; planning; control and analysis. Characteristics of the main stages.
The concept of the project structure as a kind of information model. The purpose of developing information models. The concept of structural decomposition. Iterative process of creating project structures.
Students should know:
the concept of the project;
classification of projects;
main stages of project development;
concept of structural decomposition of the project.
Students should be able to:
give examples of various projects and classify them;
explain the essence of the main stages of project development;
highlight the main goal of the project.
6.2. Basic information models of the project
Information model of the project in the form of a tree of goals. General view of the target tree structure. Target decomposition. Building a goal tree using the example of a school renovation project.
Information model of the project in the form of a product structure. General view of the structure. Building a product structure on the example of a school renovation project.
Information model of the project in the form of a work breakdown structure (WBS). General view of the structure. Building a work breakdown structure using the example of a school renovation project.
Information model of the project in the form of a matrix of responsibility. General view of the structure.
Other types of project information models.
Students should know:
types of project information models;
rules for constructing the goal tree structure;
rules for building the structure of products;
rules for building a work breakdown structure;
rules for constructing a responsibility matrix.
Students should be able to:
develop a tree of project goals;
develop the project product structure;
develop a structure for breaking down the work of the project;
develop a matrix of responsibility for the work of the project;
6.3. Development of information models of the social project "Life without a cigarette"
The concept of project intent. Clarification and specification of the concept of a social project aimed at combating schoolchildren smoking, in the form of questions and answers. Analysis of the social problem associated with schoolchildren smoking. Drawing up a preliminary work plan for the project.
Building a tree of project goals, where the general goal is to combat early smoking among schoolchildren. Building the structure of the information product of this project. Construction of the structure of the project work breakdown. Building a matrix of responsibility.
Students should know:
Students should be able to:
analyze the environment for which the project will be developed;
develop project information models: goal tree, product structure, work breakdown structure, responsibility matrix.
6.4. Information technology for creating a social project "Life without a cigarette"
Workshop. Preparation of essays on the topic "On the dangers of smoking", from the standpoint of the main subject areas: history, chemistry, biology, economics, literature, social science, sociology, psychology.
Preparation of materials about the problems of smokers, with which he refers to doctors.
Studying the causes of smoking using a questionnaire. Creating a questionnaire in Excel. Conducting a survey. Processing of statistical data.
Study of the age of smoking schoolchildren using a questionnaire. Creating a questionnaire in Excel. Conducting a survey. Processing of statistical data.
Presentation of the results of the project: holding school-wide events, a youth forum on the Internet, holding anti-nicotine campaigns.
Students should be able to:
to carry out an advanced search for information resources on the Internet;
to prepare material on the dangers of smoking from different points of view, using the possibilities of the Internet;
develop the necessary forms of questionnaires for the survey;
process the statistical data displayed in the questionnaires;
present the results of the project in different forms.
SECTION 7. BASICS OF PROGRAMMING IN THE ENVIRONMENTVISUALBASIC
7.1. Basic concepts and tools of the VisualBasic environment (VB)
A generalized view of the information model of an object. Concept of event and method.
Introduction to the development environment of the VisualBasic project. Environment interface. Purpose of the main tabs. Window technology. Program code editor window. Project Explorer window. Object properties window. Interpreter window.
Students should know:
what is an object and how it is characterized in the VisualBasic environment;
what are events and methods;
What is the process of creating an application in VB..
Students should be able to:
change the composition of the project development environment;
use various ways window controls.
7.2. Technology of working with form and graphic methods
The concept and purpose of the form. Technology for setting and editing form properties. Using events and form methods to display text.
Purpose of graphic methods. Syntax of the graphical methods Line and Circle. Technology for performing the task of displaying the simplest graphic objects by double-clicking on the form. Mastering fragments of the program for drawing typical figures.
Students should know:
purpose of the form;
purpose of graphical methods and their syntax.
Students should be able to:
change the properties of the form in the properties window in various ways;
programmatically change form properties;
apply the Line graphical method;
apply the Circle graphical method;
write programs for handling various events: Click, DblClick, KeyPress;
calculate and program the position of graphics on the form.
7.3. Assignment operator and input
The concept of a variable and its value in the program. The syntax of the assignment operator. The syntax of the data entry statement. The program for drawing a circle and displaying the calculated parameters. Rectangle drawing program.
Students should be able to:
use variables in programs;
use the assignment operator;
enter data using the InputBox function.
7.4. Control elements: label, text box, button
The concept of control elements. Label assignment (Label). Creating a user interface using labels. Influencing tags and programming responses.
The purpose of the control element is a text box. Technique for writing a program for a dialog box.
The purpose of the control element is a button. Technology of writing a program with a control button.
Technology for working with date and time functions. Variable scopes. Technology of work with global variables.
Students should know:
purpose and types of control variables;
scope of the variable.
Students should be able to:
create and use labels to display textual information;
program different responses when a label is clicked;
create text boxes and change their properties;
enter data into text boxes in various ways;
create and use buttons;
work with global variables.
7.5. Procedures and functions
Purpose of the auxiliary algorithm. The concept of procedure. procedure syntax. An example of a procedure.
Technique for writing a procedure without parameters. Technique for writing a procedure with parameters. Program for drawing rhombuses with different diagonals.
Standard features. Function syntax. An example of a function design. Technology for creating and using a function.
Using procedures and functions with parameters on the example of creating a program for calculating the median of a triangle.
Students should know:
concept, purpose and syntax of the procedure;
assigning and using procedure parameters;
concept, purpose and syntax of a function;
Students should be able to:
create procedures with and without parameters;
call procedures from the main program;
set actual parameters of various kinds when calling a procedure.
use standard functions in programs;
create your own functions in the program and access them from the program.
Grade 11 (34 hours) Part 1. INFORMATIONAL PICTURE OF THE WORLD
SECTION 1. BASICS OF SOCIAL INFORMATION
1.1. From industrial society to information society
The role and characteristics of information revolutions. Brief description of generations of computers and connection with the information revolution. Characteristics of an industrial society. Characteristics of the information society. The concept of informatization. Informatization as a process of transforming an industrial society into an information one.
The concept of information culture: informological and cultural approaches. Manifestation of human information culture. The main factors in the development of information culture.
Students should know:
the concept of the information revolution and its impact on the development of civilization;
a brief description of each information revolution;
characteristic features of an industrial society;
characteristic features of the information society;
the essence of the process of informatization of society.
definition of information culture;
factors of information culture development.
Students should be able to:
give examples reflecting the process of informatization of society;
compare the levels of development of countries from the standpoint of informatization.
1.2. Informational resources
Main types of resources. The concept of an information resource. Information resource as the main strategic resource of the country. How does the correct use of information resources affect the development of society.
Concepts of an information product, service, information service. The main types of information services in the library sector. The role of databases in the provision of information services. The concept of the information potential of society.
Students should know:
the role and importance of information resources in the development of the country;
the concept of information service and product;
types of information products;
types of information services.
Students should be able to:
give examples of information resources;
make a classification of information products for different areas activities;
make a classification of information services for different fields of activity.
1.3. Ethical and legal norms of human information activity
Ownership of an information product: rights of disposal, rights of ownership, rights of use. The role of the state in legal regulation. Law of the Russian Federation "On Information, Informatization and Protection of Information" as a legal basis for guaranteeing the rights of citizens to information. Problems facing legislative bodies in terms of legal support of human information activity.
The concept of ethics. Ethical standards for information activities. Forms of implementation of ethical standards.
1.4. Information Security
The concept of information security. The concept of the information environment. The main goals of information security. Objects that need to ensure information security.
The concept of information threats. Sources of information threats. The main types of information threats and their characteristics.
Information security for various users of computer systems. Information protection methods: access restriction, information encryption, hardware access control, security policy, protection against information theft, protection against computer viruses, physical protection, protection against random threats, etc.
Safety computer networks enforced through policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or shutdown of the network and the resources available to it. It includes data access authorization, which is controlled by the network administrator. Users choose or assign an ID and password or other authentication information that allows them to access data and programs within their authority.
Network security encompasses the many computer networks, both public and private, that are used in day-to-day operations by conducting transactions and communications between businesses, government agencies, and individuals. Networks can be private (eg, within a company) or otherwise (which may be open to the public).
Computer network security is associated with organizations, businesses and other types of institutions. This secures the network and also performs protective and supervisory operations. The most common and in a simple way protection of a network resource is to assign it a unique name and an appropriate password.
Security Management
Security management for networks can be different for different situations. A home or small office may only require basic security, while large enterprises may require highly reliable service and advanced software and hardware to prevent hacking and the spread of unwanted attacks.
Types of Attacks and Network Vulnerabilities
A vulnerability is a weakness in design, implementation, operation, or internal controls. Most of the discovered vulnerabilities are documented in the Common Vulnerabilitiesand Exposures (CVE) database.
Networks can be attacked from various sources. They can be of two categories: "Passive", when a network intruder intercepts data passing through the network, and "Active", in which the attacker initiates commands to disrupt the normal operation of the network or to monitor in order to gain access to data.
To protect a computer system, it is important to understand the types of attacks that can be carried out against it. These threats can be divided into the following categories.
"Backdoor"
A backdoor in a computer system, cryptosystem, or algorithm is any secret method of bypassing conventional means of authentication or security. They can exist for a number of reasons, including original design or poor configuration. They can be added by a developer to allow some kind of legitimate access, or by an attacker for other reasons. Regardless of their motives for existence, they create vulnerability.
Denial of Service Attacks
Denial of service (DoS) attacks are designed to make a computer or network resource unavailable to its intended users. The perpetrators of such an attack can block access to the network for individual victims, for example, by deliberately entering the wrong password many times in a row to cause an account lockout, or by overloading the capabilities of a machine or network and blocking all users at the same time. While a network attack from a single IP address can be blocked by adding a new firewall rule, many forms of distributed denial of service (DDoS) attacks are possible, where signals originate from a large number of addresses. In this case, the defense is much more difficult. Such attacks can originate from bot-controlled computers, but a variety of other methods are possible, including reflection and amplification attacks, where entire systems involuntarily transmit such a signal.
Direct access attacks
An unauthorized user gaining physical access to a computer is likely to be able to directly copy data from it. These attackers can also compromise security by making changes to the operating system, installing software worms, keyloggers, hidden listening devices, or using wireless mice. Even if the system is protected by standard security measures, they can be bypassed by booting another OS or tool from a CD or other bootable media. designed to prevent just such attacks.
Network security concept: main points
Information security in computer networks begins with authentication associated with the introduction of a username and password. This kind of it is one-factor. With two-factor authentication, an additional parameter is additionally used (a security token or “key”, an ATM card or a mobile phone), with three-factor authentication, a unique user element (fingerprint or retinal scan) is also used.
After authentication, the firewall applies the access policy. This computer network security service is effective in preventing unauthorized access, but this component may not check for potentially harmful content such as computer worms or Trojan horses transmitted over the network. Antivirus software or an intrusion prevention system (IPS) helps detect and block such malware.
An intrusion detection system based on data scanning can also monitor the network for further analysis on high level. New systems that combine unlimited machine learning with full network traffic analysis can detect active network intruders in the form of malicious insiders or targeted external pests that have compromised a user's computer or account.
In addition, communications between two hosts can be encrypted for greater privacy.
Computer protection
In computer network security, countermeasures are used - actions, devices, procedures or techniques that reduce a threat, vulnerability or attack, eliminate or prevent it, minimize the harm caused or detect and report its presence.
Secure coding
This is one of the main security measures of computer networks. In software development, secure coding aims to prevent the accidental introduction of vulnerabilities. It is also possible to create software designed from the ground up for security. Such systems are "safe by design". Apart from this, formal verification aims to prove the correctness of the algorithms underlying the system. This is especially important for cryptographic protocols.
This measure means that the software is developed from scratch to ensure the security of information in computer networks. In this case, it is considered the main feature.
Some of the methods of this approach include:
- The principle of least privilege, in which each part of the system has only certain powers necessary for its functioning. Thus, even if an attacker gains access to this part, he will receive limited authority over the entire system.
- Code reviews and unit tests are approaches to making modules more secure when formal proofs of correctness are not possible.
- Defense in depth, where the design is such that several subsystems must be breached in order to compromise the integrity of the system and the information it stores. This is a deeper security technique for computer networks.
Security architecture
The Open Security Architecture organization defines IT security architecture as "design artifacts that describe the location of security controls (security countermeasures) and their relationship to the overall information technology architecture." These controls serve to maintain system quality attributes such as confidentiality, integrity, availability, liability, and assurance.
Others define it as a unified design for computer network security and information system security that takes into account the needs and potential risks associated with a particular scenario or environment, and determines when and where to apply certain tools.
Its key attributes are:
- relationships of different components and how they depend on each other.
- determination of control measures based on risk assessment, best practices, financial and legal issues.
- standardization of controls.
Ensuring the security of a computer network
A computer's "safe" state is an ideal achieved by using three processes: preventing a threat, detecting it, and responding to it. These processes are based on various policies and system components, which include the following:
- User account access controls and cryptography that can protect system files and data.
- Firewalls, which are by far the most common prevention systems in terms of computer network security. This is because they are able (if properly configured) to protect access to internal network services and block certain types of attacks through packet filtering. Firewalls can be either hardware or software.
- Intrusion detection systems (IDS), which are designed to detect network attacks during their implementation, as well as to provide assistance after an attack, while audit trails and directories perform a similar function for individual systems.
The "answer" is necessarily determined by the assessed security requirements separate system and can range from a simple security upgrade to notification to the appropriate authorities, a counterattack, etc. In some special cases, it is best to destroy a compromised or corrupted system, as it may happen that not all vulnerable resources are found.
What is a firewall?
Today, the security of a computer network includes mostly "preventive" measures, such as firewalls or an exit procedure.
A firewall can be defined as a way to filter network data between a host or network and another network such as the Internet. It can be implemented as software running on a machine and plugged into the network stack (or, in the case of UNIX-like systems, built into the OS kernel) to provide real-time filtering and blocking. Another implementation is the so-called "physical firewall", which consists of separate network traffic filtering. Such tools are common among computers that are constantly connected to the Internet, and are actively used to ensure the information security of computer networks.
Some organizations are turning to large data platforms (such as Apache Hadoop) for data availability and machine learning to detect advanced persistent threats.
However, relatively few organizations maintain computer systems with effective detection systems, and they have even fewer organized response mechanisms. This creates problems of ensuring the technological security of a computer network. The main obstacle to the effective eradication of cybercrime can be called excessive reliance on firewalls and other automated systems detection. However, it is fundamental data collection using packet capture devices that stops attacks.
Vulnerability management
Vulnerability management is the cycle of identifying, fixing or mitigating vulnerabilities, especially in software and firmware. This process is an integral part of securing computer systems and networks.
Vulnerabilities can be detected using a scanner that analyzes a computer system looking for known “weak spots” such as open ports, insecure software configuration, and exposure to malware.
In addition to vulnerability scanning, many organizations contract security outsourcers to perform regular penetration tests on their systems. In some sectors this is a contractual requirement.
Reducing vulnerabilities
While formal verification of the correctness of computer systems is possible, it is not yet common. Officially tested OSes include seL4 and SYSGO PikeOS, but they make up a very small percentage of the market.
Modern computer networks that ensure the security of information on the network actively use two-factor authentication and cryptographic codes. This significantly reduces the risks for the following reasons.
Breaking cryptography is almost impossible today. Its implementation requires some non-cryptographic input (illegally obtained key, plaintext or other additional cryptanalytic information).
It is a method of mitigating unauthorized access to a system or sensitive information. Two elements are required to log into a secure system:
- "what you know" - password or PIN;
- "what you have" - a card, key, mobile phone or other equipment.
This improves the security of computer networks, since an unauthorized user needs both elements at the same time to gain access. The tighter you follow security measures, the less hacks can happen.
You can reduce the chances of attackers by keeping systems up to date with security patches and updates, using special scanners. The effect of data loss and corruption can be reduced by careful backup and storage.
Equipment protection mechanisms
Hardware can also be a source of threat. For example, hacking can be done using microchip vulnerabilities maliciously introduced during the manufacturing process. Hardware or auxiliary security of work in computer networks also offers certain methods of protection.
The use of devices and methods such as passkeys, TPMs, intrusion detection systems, drive locks, disabling USB ports, and mobile-enabled access may be considered more secure due to the need for physical access to stored data. Each of them is described in more detail below.
Keys
USB keys are commonly used in the software licensing process to unlock software features, but they can also be seen as a way to prevent unauthorized access to a computer or other device. The key creates a secure encrypted tunnel between it and the software application. The principle is that the encryption scheme used (for example, AdvancedEncryptionStandard (AES)), provides a higher degree of information security in computer networks, since it is more difficult to crack and replicate the key than just copy your own software to another machine and use it.
Another use for such keys is to use them to access web content such as cloud software or virtual private networks (VPNs). In addition, the USB key can be configured to lock or unlock the computer.
Protected Devices
Trusted Platform Secure Devices (TPMs) integrate cryptographic capabilities into access devices using microprocessors or so-called computers on a chip. TPMs used in conjunction with software on the server side, offer an original way to detect and authenticate hardware devices, as well as prevent unauthorized access to the network and data.
Computer intrusion detection is carried out by means of a push-button switch, which is triggered when the machine case is opened. The firmware or BIOS is programmed to notify the user when the device is next turned on.
blocking
The security of computer networks and the security of information systems can also be achieved by blocking disks. These are, in fact, software tools for encrypting hard drives, making them inaccessible to unauthorized users. Some specialized tools are designed specifically for encrypting external drives.
Disabling USB ports is another common security setting to prevent unauthorized and malicious access to a protected computer. Infected USB keys connected to the network from a device inside a firewall are considered the most common threat to a computer network.
Cellular enabled mobile devices are becoming more and more popular due to the ubiquity of cell phones. Built-in capabilities such as Bluetooth, the latest low frequency communication (LE), near field communication (NFC) led to the search for tools aimed at eliminating vulnerabilities. Today it is actively used as a biometric verification (fingerprint reading thumb) and QR code reader software designed for mobile devices. All this offers new, secure ways to connect mobile phones to access control systems. This provides computer security and can also be used to control access to protected data.
Capabilities and Access Control Lists
Features of information security in computer networks are based on the separation of privileges and the degree of access. Two such models that are widely used are access control lists (ACLs) and capability-based security.
Using ACLs to restrict programs from running has proven to be unsafe in many situations. For example, the host computer can be tricked into allowing access to a restricted file indirectly. It was also shown that the promise of an ACL to grant access to an object to only one user can never be guaranteed in practice. Thus, there are practical flaws in all ACL-based systems today, but developers are actively trying to fix them.
Capability-based security is mainly applied in research operating systems ah, while commercial OSes still use ACLs. However, the features can only be implemented at the language level, resulting in a specific programming style that is essentially a refinement of the standard object-oriented design.
Topic: Problems of information security in
computer networks.
Introduction.
1. Problems of information security in computer systems.
2. Ensuring the protection of information in networks.
3. Security mechanisms:
3.1. Cryptography.
3.2. Electronic signature.
3.3. Authentication.
3.4. Network protection.
4. Requirements for modern means of information protection.
Conclusion.
Literature.
Introduction.
In computing, the concept of security is very broad. It implies both the reliability of the computer, and the safety of valuable data, and the protection of information from making changes to it by unauthorized persons, and the preservation of the secrecy of correspondence in electronic communications. Of course, in all civilized countries, laws are guarding the security of citizens, but in the sphere computer science law enforcement practice is still underdeveloped, and the legislative process does not keep pace with the development of computer systems, largely relies on self-defense measures.
There is always a problem of choosing between the necessary level of protection and the efficiency of networking. In some cases, users or consumers may perceive security measures as restricting access and effectiveness. However, tools such as cryptography can significantly increase the degree of protection without restricting user access to data.
1. Problems of information security in computer systems.
The widespread use of computer technologies in automated information processing and control systems has aggravated the problem of protecting information circulating in computer systems from unauthorized access. Information protection in computer systems has a number of specific features related to the fact that information is not rigidly associated with the media, it can be easily and quickly copied and transmitted over communication channels. A very large number of threats to information are known that can be implemented both by external intruders and by internal intruders.
A radical solution to the problems of protecting electronic information can only be obtained through the use of cryptographic methods that allow solving the most important problems of secure automated processing and transmission of data. At the same time, modern high-speed methods of cryptographic transformation make it possible to maintain the original performance of automated systems. Cryptographic data transformations are the most effective tool ensuring data confidentiality, integrity and authenticity. Only their use in conjunction with the necessary technical and organizational measures can provide protection against a wide range of potential threats.
Problems that arise with the security of information transmission when working in computer networks can be divided into three main types:
· interception of information - the integrity of information is preserved, but its confidentiality is violated;
· modification of information - the original message is changed or completely replaced by another and sent to the addressee;
· change of authorship of information. This problem can have serious consequences. For example, someone can send an email on your behalf (this type of deception is commonly called spoofing) or a Web server can pretend to be an electronic store, accept orders, credit card numbers, but not send any goods.
The needs of modern practical computer science have led to the emergence of non-traditional problems of protecting electronic information, one of which is the authentication of electronic information in conditions where the parties exchanging information do not trust each other. This problem is related to the creation of electronic digital signature systems. The theoretical basis for solving this problem was the discovery of two-key cryptography by American researchers Diffie and Hemiman in the mid-1970s, which was a brilliant achievement of the centuries-old evolutionary development of cryptography. The revolutionary ideas of two-key cryptography led to a sharp increase in the number of open research in the field of cryptography and showed new ways of developing cryptography, its new possibilities and the unique value of its methods in modern conditions mass application of electronic information technologies.
The technical basis for the transition to the information society is modern microelectronic technologies that provide continuous growth in the quality of computer technology and serve as the basis for maintaining the main trends in its development - miniaturization, reducing power consumption, increasing the amount of RAM (RAM) and the capacity of built-in and removable drives, increasing productivity and reliability, expanding the scope and scale of application. These trends in the development of computer technology have led to the fact that on present stage protection of computer systems from unauthorized access is characterized by an increasing role of software and cryptographic protection mechanisms compared to hardware ones.
The growing role of software and cryptographic tools is manifested in the fact that emerging new problems in the field of protecting computer systems from unauthorized access require the use of mechanisms and protocols with a relatively high computational complexity and can be effectively solved by using computer resources.
One of the important social and ethical problems generated by the ever-expanding use of cryptographic information protection methods is the contradiction between the desire of users to protect their information and the transmission of messages and the desire of special government services to be able to access information of some other organizations and individuals in order to suppress illegal activities. . In developed countries, there is a wide range of opinions about approaches to the issue of regulating the use of encryption algorithms. Proposals are made from a complete ban on the widespread use of cryptographic methods to complete freedom of their use. Some proposals relate to allowing only weaker algorithms to be used, or to requiring the registration of encryption keys. It is extremely difficult to find an optimal solution to this problem. How to evaluate the ratio of losses of law-abiding citizens and organizations from the illegal use of their information and the losses of the state from the inability to gain access to encrypted information of certain groups hiding their illegal activities? How can you be sure to prevent the illegal use of cryptographic algorithms by persons who violate other laws? In addition, there are always ways of hidden storage and transmission of information. These questions have yet to be addressed by sociologists, psychologists, lawyers and politicians.
The emergence of global information networks such as INTERNET is an important achievement of computer technology, however, a lot of computer crimes are associated with INTERNET.
The result of application experience INTERNET networks is the revealed weakness of traditional information protection mechanisms and the lag in the application modern methods. Cryptography provides an opportunity to ensure the security of information on the INTERNET, and now work is underway to introduce the necessary cryptographic mechanisms into this network. Not a rejection of progress in informatization, but the use of modern cryptography achievements is the strategically correct decision. The possibility of widespread use of global information networks and cryptography is an achievement and a sign of a democratic society.
Possession of the basics of cryptography in the information society cannot objectively be the privilege of individual government services, but is an urgent need for the widest layers of scientific and technical workers who use computer data processing or develop information systems, security personnel and the management of organizations and enterprises. Only this can serve as a basis for the effective implementation and operation of information security tools.
One single organization cannot provide sufficiently complete and effective control over information flows within the entire state and ensure proper protection of the national information resource. However, individual government agencies can create conditions for the formation of a market for high-quality security tools, training a sufficient number of specialists and mastering the basics of cryptography and information protection by mass users.
In Russia and other CIS countries in the early 1990s, there was a clear tendency to outpace the expansion of the scale and scope of information technology over the development of data protection systems. This situation to a certain extent was and is typical for the developed capitalist countries. This is natural: first a practical problem must arise, and then solutions will be found. The beginning of perestroika in the situation of a strong lag of the CIS countries in the field of informatization in the late 1980s created fertile ground for a sharp overcoming of the existing gap.
The example of developed countries, the possibility of acquiring system software and computer equipment inspired domestic users. The inclusion of the mass consumer, interested in the operational processing of data and other advantages of modern information and computing systems, in solving the problem of computerization has led to a very high rate of development of this area in Russia and other CIS countries. However, the natural co-development of information processing automation tools and information security tools has been largely disrupted, which has become the cause of massive computer crimes. It's no secret that computer crimes are currently one of the most pressing problems.
General information about security in computer networks
The main feature of any network system is that its components are distributed in space, and the connection between them is physically carried out using network connections (coaxial cable, twisted pair, optical fiber) and programmatically using the message mechanism. In this case, all control messages and data sent between objects of a distributed computing system are transmitted over network connections in the form of exchange packets.
Network systems are characterized by the fact that, along with local threats carried out within the same computer system, a specific type of threat is applicable to them, due to the distribution of resources and information in space. These are the so-called network or remote threats. They are characterized, firstly, by the fact that an attacker can be thousands of kilometers from the attacked object, and, secondly, by the fact that not a specific computer, but information transmitted over network connections can be attacked. With the development of local and global networks, it is remote attacks that become the leaders both in the number of attempts and in the success of their use, and, accordingly, ensuring the security of computer networks from the standpoint of countering remote attacks is of paramount importance. The specificity of distributed computing systems lies in the fact that if in local area networks threats of disclosure and integrity are the most frequent, then in network systems the threat of denial of service comes first.
Remote Threat - potentially possible information destructive impact on a distributed computing network, carried out programmatically via communication channels. This definition covers both features of network systems - the distribution of computers and the distribution of information. Therefore, when considering the issues of I&B of computer networks, two subspecies of remote threats are considered - these are remote threats to the infrastructure and protocols of the network and remote threats to telecommunication services. The former exploit vulnerabilities in network protocols and network infrastructure, while the latter exploit vulnerabilities in telecommunications services.
The objectives of network security may vary depending on the situation, but are usually associated with the provision of the following components of information security:
- data integrity;
- data privacy;
- data availability.
Data Integrity - one of the main goals of IS networks - assumes that the data has not been changed, replaced or destroyed in the process of their transmission over communication lines, between nodes of a computer network. The integrity of the data must guarantee their safety both in the case of malicious acts and accidents. Ensuring data integrity is usually one of the most difficult tasks in network security.
Data Privacy is the second main goal of network security. During information exchange in computer networks, a large amount of information is classified as confidential, for example, personal information of users, accounts (names and passwords), credit card information, etc.
Data Availability- the third goal of data security in computer networks. The functions of computer networks are shared access to network hardware and software and shared access to data. Violation of IB is just connected with the impossibility of implementing these functions.
Printers, servers, workstations, user data, etc. must be available on the local network.
In global computer networks, information resources and various services should be available, for example, a mail server, a domain name server, web-cepBep, etc.
When considering issues related to information security in modern computer networks, the following factors should be taken into account:
- global connectivity;
- heterogeneity of corporate information systems;
- spread of client/server technology.
When applied to communication systems, global connectivity means
that we are talking about protecting networks that use external services based on TCP / IP protocols and provide similar services outside. It is very likely that external services are located in other countries, so the protections in this case are required to follow internationally recognized standards. National borders, laws, standards should not interfere with the protection of data flows between clients and servers.
The fact of global connectivity also implies the lower efficiency of physical protection measures, the general complication of problems associated with protection against unauthorized access, the need to involve new software and hardware tools, for example, firewalls, to solve them.
The heterogeneity of hardware and software platforms requires the manufacturers of protective equipment to comply with a certain technological discipline. Not only purely protective characteristics are important, but also the possibility of embedding these systems into modern corporate information structures. If, for example, a product designed for cryptographic protection is capable of operating exclusively on the Wintel platform (Windows + Intel), then its practical applicability raises serious doubts.
Corporate information systems turn out to be heterogeneous in another important respect - in different parts of these systems data of varying degrees of importance and secrecy are stored and processed.
The use of "client/server" technology from the position of I&B has the following features:
- each service has its own interpretation of the main aspects of I&B (availability, integrity, confidentiality);
- each service has its own interpretation of the concepts of subject and object;
- each service has specific threats;
- each service needs to be administered in its own way;
- security tools in each service need to be built in a special way.
Features of computer networks, and primarily global ones, predetermine the need to use specific methods and means of protection, for example:
- - protection of connections to external networks;
- - protection of corporate data streams transmitted over open networks;
- - protection of data flows between clients and servers;
- - ensuring the security of a distributed software environment;
- - protection of the most important services (first of all - a web service);
- - Authentication in open networks.
The implementation of such protection methods will be discussed below.
Recently, the insecurity of computer networks from global attacks has become more and more clear. Successful global network attacks are by far the most destructive phenomenon that can occur on today's networks.
Moscow 2014
Open lesson on the topic:
"Information security of network work technology"
The purpose of the lesson: familiarization of students with the concept of information security.
Lesson objectives:
- Tutorials:
1. Introduce students to the concept of information security;
2. Consider the main directions of information security;
3. Familiarize yourself with various threats.
- Developing:
1. Determine the sequence of actions to ensure information security;
2. Improve communication skills.
- Educational:
1. To cultivate a caring attitude towards the computer, compliance with safety regulations;
2. To form the ability to overcome difficulties;
3. Contribute to the development of the ability to assess their capabilities.
Lesson type: lesson learning new material.
Lesson form: individual, group.
Equipment: laptop, projector.
During the classes:
1. Organizational moment: setting the goals of the lesson.
2. Checking homework.
Students submit written homework on the previous topic:
a) What is the search for Internet resources by URLs?
b) What is the search for information on the rubricator of the search engine?
c) What is the search for information by keywords?
d) Principles of formation of requests.
3. Learning new material.
Information security is the process of ensuring the confidentiality, integrity and availability of information.
There are the following main areas of information security:
1. Organizational measures;
2. Antivirus programs;
3. Protection against unwanted correspondence;
1. Organizational measures.
Any user can ensure the protection of information on their computer by following these steps.
1. Backup (saving) files on floppy disks, CDs, ZIP drives, streamers and other magnetic media;
2. Scan all floppy disks and CDs, as well as files received via e-mail or from the Internet, before using or running them;
3. Use and regular updating of anti-virus programs and anti-virus databases.
2. Antivirus programs.
To detect, remove and protect against computer viruses, special programs have been developed that allow you to detect and destroy viruses. Such programs are called antivirus programs.
There are the following types of antivirus programs:
Programs-detectorsperform a search for a sequence of bytes characteristic of a particular virus (virus signature) in the RAM and in files and, if detected, issue a corresponding message. The disadvantage of such anti-virus programs is that they can only find viruses that are known to the developers of such programs.
Doctor Programsor phages, andvaccine programsnot only find virus-infected files, but also “treat” them, i.e. remove the body of the virus program from the file, returning the files to their original state. At the beginning of their work, phages look for viruses in RAM, destroying them, and only then proceed to "treat" files. Among phages, polyphages are distinguished, i.e. doctor programs designed to find and destroy a large number of viruses. The most famous polyphages are Aidstest, Scan, Norton AntiVirus and Doctor Web.
Program-auditorsare among the most reliable means of protection against viruses. Auditors remember the initial state of programs, directories and system areas of the disk when the computer is not infected with a virus, and then periodically or at the request of the user compare the current state with the original one. The detected changes are displayed on the video monitor screen. As a rule, states are compared immediately after the operating system is loaded. When comparing, the file length, cyclic control code (file checksum), date and time of modification, and other parameters are checked. Auditor programs have fairly advanced algorithms, detect stealth viruses, and can even distinguish between changes in the version of the program being checked and changes made by the virus. Among the programs-auditors is the Adinf program widely used in Russia by Dialog-Science.
Filter programsor "watchmen" are small resident programs designed to detect suspicious computer activity that is characteristic of viruses. For example:
- attempts to correct files with COM and EXE extensions;
- changing file attributes;
- direct write to disk at an absolute address;
When any program tries to perform the specified actions, the "watchman" sends a message to the user and offers to prohibit or allow the corresponding action. Filter programs are very useful, as they are able to detect a virus at the earliest stage of its existence before reproduction. However, they do not "heal" files and disks. The disadvantages of watchdog programs include their "intrusiveness", as well as possible conflicts with other software. An example of a filter program is the Vsafe program, which is part of the utilities of the MS DOS operating system.
Vaccines or immunizers are resident programs that prevent file infection. Vaccines are used if there are no doctor programs that "treat" this virus. Vaccination is possible only against known viruses. The vaccine modifies the program or disk in such a way that it does not affect their work, and the virus will perceive them as infected and therefore will not take root. Vaccine programs are currently of limited use.
Now let's turn directly to the "infectors".
Viruses can be classified according to the following criteria:
depending from habitatviruses can be divided into network , file, boot and file-boot.Network viruses spread over various computer networks. File viruses infect mainly in executable modules, i.e. to files with COM and EXE extensions. File viruses can also infect other types of files, but as a rule, they are written in such files, they never get control and, therefore, lose the ability to reproduce. Boot viruses infect the boot sector of a disk (Boot sector) or the sector containing the system disk boot program (Master Boot Record). File-boot viruses infect both files and boot sectors of disks.
According to the mode of infectionviruses are divided into resident and non-resident . When a resident virus infects (infects) a computer, it leaves its resident part in RAM, which then intercepts the operating system's access to infected objects (files, disk boot sectors, etc.) and infiltrates them. Resident viruses reside in memory and remain active until the computer is turned off or restarted. Non-resident viruses do not infect computer memory and are active for a limited time.
By degree of impactViruses can be divided into the following types: non-hazardous , which do not interfere with the operation of the computer, but reduce the amount of free RAM and disk memory, the actions of such viruses are manifested in any graphic or sound effects; dangerous viruses that can lead to various malfunctions of the computer; very dangerous , the impact of which can lead to the loss of programs, the destruction of data, the erasure of information in the system areas of the disk.
4. Physical education.
We all smile together
Let's wink a little at each other
Turn right, turn left (turn left-right)
And then nod in a circle (left-right tilts)
All ideas won
Our hands went up (raise their hands up and down)
The burden of worries is shaken off
And we will continue the path of science (shake hands)
5. Continued study of new material.
3. Protection against unwanted correspondence.
One of the most numerous groups of malicious programs are mail worms. The lion's share of mail worms are so-called passive worms, the principle of which is to trick the user into running an infected file.
The scheme of deception is very simple: a letter infected with a worm should look like letters often found in ordinary mail: letters from friends with funny text or a picture; letters from the mail server that some of the messages could not be delivered; letters from the provider with information about changes in the composition of services; letters from security software vendors with information about new threats and ways to protect against them, and other similar letters.
The problem of protection against spam - unsolicited mail of an advertising nature - is formulated in almost the same way. And to solve this problem, there are special tools -anti-spam filters, which can also be used to protect against mail worms.
The most obvious use is when you receive the first infected email (in the absence of an antivirus, this can be determined by indirect signs), mark it as spam and in the future all other infected emails will be blocked by the filter.
Moreover, mail worms are known for having a large number of modifications that differ slightly from each other. Therefore, an anti-spam filter can also help in the fight against new modifications of known viruses from the very beginning of the epidemic. In this sense, the anti-spam filter is even more effective than the anti-virus, because in order for the anti-virus to detect a new modification, it is necessary to wait for the anti-virus databases to be updated.
4. Personal network filters.
In recent years, a large number of packet filters, the so-called firewalls, or firewalls (fire-wall), - firewalls, have appeared on the information security market. Firewalls are useful at the individual level as well. The average user is almost always interested in a cheap or free solution to their problems. Many firewalls are available for free. Some firewalls come with operating systems such as Windows XP and Vac OS. If you are using one of these operating systems, you already have a basic firewall installed.
A firewall is a software and/or hardware barrier between two networks that allows only authorized connections to be established. The firewall protects your Internet connection. local network or a separate personal computer from outside penetration and eliminates the possibility of access to confidential information.
Popular free firewalls:
zone alarm;
Kerio Personal Firewall 2;
Agnitum's Outpost
Inexpensive firewalls with free or limited period of use:
Norton Personal Firewall;
Black ICE PC Protection
MCAfee Personal Firewall
Tiny Personal Firewall
This list can be a good starting point for choosing a personal firewall that will allow you to surf the Internet without the fear of being infected with computer viruses.
6. The result of the lesson.
What new did you learn at the lesson?
Was it interesting to work at the lesson?
What have you learned?
Did you achieve the goal you set at the beginning of the lesson?
7. Homework.
Fill out the "Information Security" card
Organizational arrangements | Types of antivirus programs | Types of viruses |
|
From habitat |