Network security. instead of an introduction. The educational program of secondary general education of the municipal budgetary educational institution "Soviet secondary school
Moscow 2014
Open lesson on the topic:
"Information security of network work technology"
The purpose of the lesson: familiarization of students with the concept of information security.
Lesson objectives:
- Tutorials:
1. Introduce students to the concept of information security;
2. Consider the main directions of information security;
3. Familiarize yourself with various threats.
- Developing:
1. Determine the sequence of actions to ensure information security;
2. Improve communication skills.
- Educational:
1. To cultivate a caring attitude towards the computer, compliance with safety regulations;
2. To form the ability to overcome difficulties;
3. Contribute to the development of the ability to assess their capabilities.
Lesson type: lesson learning new material.
Lesson form: individual, group.
Equipment: laptop, projector.
During the classes:
1. Organizational moment: setting the goals of the lesson.
2. Checking homework.
Students submit written homework on the previous topic:
a) What is the search for Internet resources by URLs?
b) What is the search for information on the rubricator of the search engine?
c) What is the search for information by keywords?
d) Principles of formation of requests.
3. Learning new material.
Information security is the process of ensuring the confidentiality, integrity and availability of information.
There are the following main areas of information security:
1. Organizational measures;
2. Antivirus programs;
3. Protection against unwanted correspondence;
1. Organizational measures.
Any user can ensure the protection of information on their computer by following these steps.
1. Backup (saving) files on floppy disks, CDs, ZIP drives, streamers and other magnetic media;
2. Checking with anti-virus programs all floppy disks and CDs, as well as files received by e-mail or from the Internet, before using or launching them;
3. Use and regular updating of anti-virus programs and anti-virus databases.
2. Antivirus programs.
To detect, remove and protect against computer viruses, special programs have been developed that allow you to detect and destroy viruses. Such programs are called antivirus programs.
There are the following types of antivirus programs:
Programs-detectorsperform a search for a sequence of bytes characteristic of a particular virus (virus signature) in the RAM and in files and, if detected, issue a corresponding message. The disadvantage of such anti-virus programs is that they can only find viruses that are known to the developers of such programs.
Doctor Programsor phages, andvaccine programsnot only find virus-infected files, but also “treat” them, i.e. remove the body of the virus program from the file, returning the files to their original state. At the beginning of their work, phages look for viruses in RAM, destroying them, and only then proceed to "treat" files. Among phages, polyphages are distinguished, i.e. doctor programs designed to find and destroy a large number of viruses. The most famous polyphages are Aidstest, Scan, Norton AntiVirus and Doctor Web.
Program-auditorsare among the most reliable means of protection against viruses. Auditors remember the initial state of programs, directories and system areas of the disk when the computer is not infected with a virus, and then periodically or at the request of the user compare the current state with the original one. The detected changes are displayed on the video monitor screen. As a rule, states are compared immediately after the operating system is loaded. When comparing, the file length, cyclic control code (file checksum), date and time of modification, and other parameters are checked. Auditor programs have fairly advanced algorithms, detect stealth viruses, and can even distinguish between changes in the version of the program being checked and changes made by the virus. Among the programs-auditors is the Adinf program widely used in Russia by Dialog-Science.
Filter programsor "watchmen" are small resident programs designed to detect suspicious computer activity that is characteristic of viruses. For example:
- attempts to correct files with COM and EXE extensions;
- changing file attributes;
- direct write to disk at an absolute address;
When any program tries to perform the specified actions, the "watchman" sends a message to the user and offers to prohibit or allow the corresponding action. Filter programs are very useful, as they are able to detect a virus at the earliest stage of its existence before reproduction. However, they do not "heal" files and disks. The disadvantages of watchdog programs include their "intrusiveness", as well as possible conflicts with other software. An example of a filter program is the Vsafe program, which is part of the utilities of the MS DOS operating system.
Vaccines or immunizers are resident programs that prevent file infection. Vaccines are used if there are no doctor programs that "treat" this virus. Vaccination is possible only against known viruses. The vaccine modifies the program or disk in such a way that it does not affect their work, and the virus will perceive them as infected and therefore will not take root. Vaccine programs are currently of limited use.
Now let's turn directly to the "infectors".
Viruses can be classified according to the following criteria:
depending from habitatviruses can be divided into network , file, boot and file-boot.Network viruses spread over various computer networks. File viruses infect mainly in executable modules, i.e. to files with COM and EXE extensions. File viruses can also infect other types of files, but as a rule, they are written in such files, they never get control and, therefore, lose the ability to reproduce. Boot viruses infect the boot sector of a disk (Boot sector) or the sector containing the system disk boot program (Master Boot Record). File-boot viruses infect both files and boot sectors of disks.
According to the mode of infectionviruses are divided into resident and non-resident . When a resident virus infects (infects) a computer, it leaves its resident part in RAM, which then intercepts the operating system's access to infected objects (files, disk boot sectors, etc.) and infiltrates them. Resident viruses reside in memory and remain active until the computer is turned off or restarted. Non-resident viruses do not infect computer memory and are active for a limited time.
By degree of impactViruses can be divided into the following types: non-hazardous , which do not interfere with the operation of the computer, but reduce the amount of free RAM and disk memory, the actions of such viruses are manifested in any graphic or sound effects; dangerous viruses that can lead to various malfunctions of the computer; very dangerous , the impact of which can lead to the loss of programs, the destruction of data, the erasure of information in the system areas of the disk.
4. Physical education.
We all smile together
Let's wink a little at each other
Turn right, turn left (turn left-right)
And then nod in a circle (left-right tilts)
All ideas won
Our hands went up (raise their hands up and down)
The burden of worries is shaken off
And we will continue the path of science (shake hands)
5. Continued study of new material.
3. Protection against unwanted correspondence.
One of the most numerous groups of malicious programs are mail worms. The lion's share of mail worms is made up of so-called passive worms, the principle of which is to trick the user into running an infected file.
The scheme of deception is very simple: a letter infected with a worm should look like letters often found in regular mail: letters from friends with funny text or a picture; letters from the mail server that some of the messages could not be delivered; letters from the provider with information about changes in the composition of services; letters from security software vendors with information about new threats and ways to protect against them, and other similar letters.
The problem of protection against spam - unsolicited mail of an advertising nature - is formulated in almost the same way. And to solve this problem, there are special tools -anti-spam filters, which can also be used to protect against mail worms.
The most obvious application is when you receive the first infected email (in the absence of an antivirus, this can be determined by indirect signs), mark it as spam and in the future all other infected emails will be blocked by the filter.
Moreover, mail worms are known for having a large number of modifications that differ slightly from each other. Therefore, an anti-spam filter can also help in the fight against new modifications of known viruses from the very beginning of the epidemic. In this sense, the anti-spam filter is even more effective than the anti-virus, because in order for the anti-virus to detect a new modification, it is necessary to wait for the anti-virus databases to be updated.
4. Personal network filters.
In recent years, a large number of packet filters, the so-called firewalls, or firewalls (fire-wall), - firewalls, have appeared on the information security market. Firewalls are useful at the individual level as well. The average user is almost always interested in a cheap or free solution to their problems. Many firewalls are available for free. Some firewalls come with operating systems such as Windows XP and Vac OS. If you are using one of these operating systems, you already have a basic firewall installed.
A firewall is a software and/or hardware barrier between two networks that allows only authorized connections to be established. The firewall protects a local area network connected to the Internet or a separate personal computer from outside penetration and excludes the possibility of access to confidential information.
Popular free firewalls:
zone alarm;
Kerio Personal Firewall 2;
Agnitum's Outpost
Inexpensive firewalls with free or limited period of use:
Norton Personal Firewall;
Black ICE PC Protection
MCAfee Personal Firewall
Tiny Personal Firewall
This list can be a good starting point for choosing a personal firewall that will allow you to surf the Internet without the fear of being infected with computer viruses.
6. The result of the lesson.
What new did you learn at the lesson?
Was it interesting to work at the lesson?
What have you learned?
Did you achieve the goal you set at the beginning of the lesson?
7. Homework.
Fill out the "Information Security" card
Organizational arrangements | Types of antivirus programs | Types of viruses |
|
From habitat |
Topic 4. Computer networks and information security
Topic questions
1. Concept, architecture, classification and fundamentals of computer networks. Open Systems Interconnection Reference Model and Client-Server Architecture Model
2. The concept of "local area networks" (LAN), classification, purpose and characteristics of certain types of LAN
3. The concept of "corporate computer network", its purpose, structure and components
4. Purpose, structure and composition of the Internet. Internet administrative device. Internet addressing, protocols, services and technologies of the Internet. Organization of the user's work on the Internet
5. The concept of "security of computer information". Objects and elements of data protection in computer systems
6. Computer viruses and anti-virus software, their role in information protection. Methods and techniques for ensuring the protection of information from viruses
7. Cryptographic method of information protection
Question 1. The concept, architecture, classification and fundamentals of computer networks. Reference model of open systems interaction and client-server architecture model.
Computer network is a collection of computers and various other devices that provide interactive information exchange and sharing of network resources.
Network resources are computers, data, programs, network equipment, various external storage devices, printers, scanners, and other devices called network components. computers, included in the network are called nodes (clients or workers network stations).
Under network architecture understands components, methods up to from stupid, technology and topology of its construction.
Access Methods regulate the procedures for network nodes to obtain access to the data transmission medium.
Networks are distinguished by access methods:
with random access CSMA/CS (Carrier Sense Multiple Access with Collision Detection);
with marker rings- based on a marker tire and a marker ring.
There are two varieties of random access: CSMA/CS: Carrier Sense Multiple Access with Collision Detection and Priority Access.
Token access methods include two types of data transfer: token bus (IEEE 802.4 standard) and token ring (IEEE 802.5 standard). In this case, a marker is understood as a control sequence of bits transmitted by a computer over a network.
Under the topology of the computer network The network image is understood as a graph, the nodes of which correspond to the nodes of the network, and the links between them correspond to the edges.
There are four main topologies: tire(Bus), ring(Ring) star(Star) and mesh topology(Mesh). Other kinds of topologies represent different kinds of combinations of these types.
As modern construction and operation technologies computer networks use the following:
X.25 technology is one of the most common: due to the ability to work on unreliable data lines due to the use of protocols with established connection and error correction at the data link and network levels of the open OSI model;
Frame Relay technology (frame relay) is designed to transmit information with an uneven flow. Therefore, it is more often used when transferring digital data between individual local networks or segments of territorial or global networks. The technology does not allow the transmission of speech, video or other multimedia information;
ISDN technology (Integrated Services Digital Network), which allows simultaneous transmission of data, voice and multimedia information;
ATM (Asynchronous Transfer Mode): the technology expands the capabilities of ISDN networks for the transfer of multimedia data by increasing the transfer rate to 2.5 Gb / s;
VPN (virtual private network): technology allows you to set up a private network that functions as a tunnel through a large network, such as the Internet.
Computer networks are classified according to the following criteria: network size, departmental affiliation, access methods, construction topology, network subscriber switching methods, transmission medium types, service integration, type of computers used in the network, property rights.
Classification of networks by size is the most common. According to this criterion, local CS (LAN networks), territorially distributed(regional) CS (MAN-networks) and global CS (WAN networks).
By departmental affiliation distinguish between computer networks of industries, associations and organizations. Examples of such networks are the computer networks of RAO EU, the Surgutneftegaz association, the Savings Bank of Russia, etc.
By methods of access to the data transmission medium A distinction is made between CSMA/CS random access networks and token bus and token ring access.
By topology There are networks such as bus, ring, star, mesh, fully connected and mixed.
By ways subscriber switching networks allocate shared media networks and switched networks.
By type of data transmission medium Distinguish between wired, cable and wireless CS.
To wired CS include CS with wires without any insulating or shielding protection, located in the air.
Cable Communication lines include three types of cables: twisted pair cables, coaxial cable and fiber optic cable.
Wireless communication lines represent various radio channels of terrestrial and satellite communications.
Integrated Services NetworksISDN focused on the provision of services for the use of telefax, telex, video telex, organization of conference calls and multimedia transmission - information.
Depending on the type of computers used distinguish homogeneous networks that include only the same type of computers, and heterogeneous networks, the nodes of which can be computers of different types.
Depending on the property rights networks can be networks common use(public) or private(private).
During the functioning of a computer network, all its components actively interact with each other. To unify the processes of interaction, the International Organization for Standards has developed reference model for open systems interaction(OSI model).
The OSI model is recommended to be considered using the model schema and indicating the interaction of protocols and packages at various levels of the OSI model. Under exchange protocol(communications, data representations) understand the description of the formats of the transmitted data packets, as well as the system of rules and agreements that must be observed when organizing the interaction of data transfer between individual processes. In the OSI model, the means of interaction are divided into seven layers: application, presentation, session, transport, network, channel and physical.
Application layer is the highest level of the OSI model. It provides access programs to a computer network. Examples of application-level processes are the work of file transfer programs, mail services, network management.
Presentation Layer is designed to convert data from one form to another, for example, from the EBCDIC (Extended Binary Decimal Code for Information Interchange) code table to the ASCII (American Standard Code for Information Interchange) code table. At this level, processing of special and graphic characters, data compression and recovery, data encoding and decoding is carried out. At the session level control over the security of the transmitted information and communication support until the end of the transmission session. transport layer is the most important, as it serves as an intermediary between the upper layers focused on applications, and the lower layers that provide the preparation and transmission of data over the network. The transport layer is responsible for the speed, persistence, and assignment of unique numbers to packets. At the network level the network addresses of the recipient nodes are determined, the routes of the packets are established. At the link layer data frames are generated, transmitted and received. Physical layer is the lowest level of the OSI reference model. At this level, the frames received from the network layer are converted into sequences of electrical signals. At the receiving node, the electrical signals are converted back into frames.
The interaction of computers in a network is based on various models client-server architecture. Under network servers understand computers that provide certain resources. Depending on the type of resource, there are database servers, application servers, print servers etc. Network clients are computers that request resources in the process of solving specific problems.
Currently, there are four models of the "client-server" architecture that are used in practical work.
In the file server model, only data resides on the server. All data processing is carried out on the client's computer.
Model "access to remote data" requires placement on the data server and information resource manager. Requests to information resources are sent over the network to the resource manager, which processes them and returns the processing results to the client.
Model "complex server" involves the location on the server of application functions and data access functions due to the placement of data, a resource manager and an application component. The model achieves better network performance than "remote data access" by better centralizing application computing and further reducing network traffic.
Model "three-tier client-server architecture" used for a complex and large application component, which is hosted on a separate server, called the application server.
<< Возврат на ВОПРОСЫ ТЕМЫ >>
Topic: Problems of information security in
computer networks.
Introduction.
1. Problems of information security in computer systems.
2. Ensuring the protection of information in networks.
3. Security mechanisms:
3.1. Cryptography.
3.2. Electronic signature.
3.3. Authentication.
3.4. Network protection.
4. Requirements for modern means of information protection.
Conclusion.
Literature.
Introduction.
In computing, the concept of security is very broad. It implies both the reliability of the computer, and the safety of valuable data, and the protection of information from making changes to it by unauthorized persons, and the preservation of the secrecy of correspondence in electronic communications. Of course, in all civilized countries, the security of citizens is guarded by laws, but in the field of computer technology, law enforcement practice is not yet sufficiently developed, and the legislative process does not keep pace with the development of computer systems, and largely relies on self-defense measures.
There is always a problem of choosing between the necessary level of protection and the efficiency of networking. In some cases, users or consumers may perceive security measures as restricting access and effectiveness. However, tools such as cryptography can significantly increase the degree of protection without restricting user access to data.
1. Problems of information security in computer systems.
The widespread use of computer technologies in automated information processing and control systems has aggravated the problem of protecting information circulating in computer systems from unauthorized access. Information protection in computer systems has a number of specific features related to the fact that information is not rigidly associated with the media, it can be easily and quickly copied and transmitted over communication channels. A very large number of threats to information are known that can be implemented both by external intruders and by internal intruders.
A radical solution to the problems of protecting electronic information can only be obtained through the use of cryptographic methods that allow solving the most important problems of secure automated processing and transmission of data. At the same time, modern high-speed methods of cryptographic transformation make it possible to maintain the original performance of automated systems. Cryptographic data transformations are the most effective means of ensuring data confidentiality, integrity and authenticity. Only their use in conjunction with the necessary technical and organizational measures can provide protection against a wide range of potential threats.
Problems that arise with the security of information transmission when working in computer networks can be divided into three main types:
· interception of information - the integrity of information is preserved, but its confidentiality is violated;
· modification of information - the original message is changed or completely replaced by another and sent to the addressee;
· change of authorship of information. This problem can have serious consequences. For example, someone can send an email on your behalf (this type of deception is commonly called spoofing) or a Web server can pretend to be an electronic store, accept orders, credit card numbers, but not send any goods.
The needs of modern practical computer science have led to the emergence of non-traditional problems of protecting electronic information, one of which is the authentication of electronic information in conditions where the parties exchanging information do not trust each other. This problem is related to the creation of electronic digital signature systems. The theoretical basis for solving this problem was the discovery of two-key cryptography by American researchers Diffie and Hemiman in the mid-1970s, which was a brilliant achievement of the centuries-old evolutionary development of cryptography. The revolutionary ideas of two-key cryptography led to a sharp increase in the number of open research in the field of cryptography and showed new ways of developing cryptography, its new possibilities and the unique significance of its methods in modern conditions of mass application of electronic information technologies.
The technical basis for the transition to the information society is modern microelectronic technologies that provide continuous growth in the quality of computer technology and serve as the basis for maintaining the main trends in its development - miniaturization, reducing power consumption, increasing the amount of RAM (RAM) and the capacity of built-in and removable drives, increasing productivity and reliability, expanding the scope and scale of application. These trends in the development of computer technology have led to the fact that at the present stage, the protection of computer systems from unauthorized access is characterized by an increase in the role of software and cryptographic protection mechanisms compared to hardware ones.
The growing role of software and cryptographic tools is manifested in the fact that emerging new problems in the field of protecting computer systems from unauthorized access require the use of mechanisms and protocols with a relatively high computational complexity and can be effectively solved by using computer resources.
One of the important social and ethical problems generated by the ever-expanding use of cryptographic information protection methods is the contradiction between the desire of users to protect their information and the transmission of messages and the desire of special government services to be able to access information of some other organizations and individuals in order to suppress illegal activities. . In developed countries, there is a wide range of opinions about approaches to the issue of regulating the use of encryption algorithms. Proposals are made from a complete ban on the widespread use of cryptographic methods to complete freedom of their use. Some proposals relate to allowing only weaker algorithms to be used, or to requiring the registration of encryption keys. It is extremely difficult to find an optimal solution to this problem. How to evaluate the ratio of losses of law-abiding citizens and organizations from the illegal use of their information and the losses of the state from the inability to gain access to encrypted information of certain groups hiding their illegal activities? How can you be sure to prevent the illegal use of cryptographic algorithms by persons who violate other laws? In addition, there are always ways of hidden storage and transmission of information. These questions have yet to be addressed by sociologists, psychologists, lawyers and politicians.
The emergence of global information networks such as INTERNET is an important achievement of computer technology, however, a lot of computer crimes are associated with INTERNET.
The result of the experience of using the INTERNET network is the revealed weakness of traditional information protection mechanisms and the lag in the application of modern methods. Cryptography provides an opportunity to ensure the security of information on the INTERNET, and work is now underway to introduce the necessary cryptographic mechanisms into this network. Not a rejection of progress in informatization, but the use of modern cryptography achievements is the strategically correct decision. The possibility of widespread use of global information networks and cryptography is an achievement and a sign of a democratic society.
Possession of the basics of cryptography in the information society cannot objectively be the privilege of individual government services, but is an urgent need for the widest layers of scientific and technical workers who use computer data processing or develop information systems, security personnel and the management of organizations and enterprises. Only this can serve as a basis for the effective implementation and operation of information security tools.
One single organization cannot provide sufficiently complete and effective control over information flows within the entire state and ensure proper protection of the national information resource. However, individual government agencies can create conditions for the formation of a market for high-quality security tools, training a sufficient number of specialists and mastering the basics of cryptography and information protection by mass users.
In Russia and other CIS countries in the early 1990s, there was a clear tendency to outpace the expansion of the scale and scope of information technology over the development of data protection systems. This situation to a certain extent was and is typical for the developed capitalist countries. This is natural: first a practical problem must arise, and then solutions will be found. The beginning of perestroika in the situation of a strong lag of the CIS countries in the field of informatization in the late 1980s created fertile ground for a sharp overcoming of the existing gap.
The example of developed countries, the possibility of acquiring system software and computer equipment inspired domestic users. The inclusion of the mass consumer, interested in the operational processing of data and other advantages of modern information and computing systems, in solving the problem of computerization has led to a very high rate of development of this area in Russia and other CIS countries. However, the natural co-development of information processing automation tools and information security tools has been largely disrupted, which has become the cause of massive computer crimes. It's no secret that computer crimes are currently one of the most pressing problems.
Send your good work in the knowledge base is simple. Use the form below
Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.
Posted on http://www.allbest.ru
Gmain department of education andscienceAltai Territory
Regional state budgetary
professional educational institution
"TAL'ME TECHNOLOGICAL COLLEGE"
TEST
by discipline: Informatics
Student(s) 1 course
Bedarkov Igor Leonidovich
Teacher:
Rimsha Irina Fedorovna
Talmenka, 2016
1. The main stages of state policy in the information sphere
The development of the information society involves the solution of the primary tasks of free search, receipt, production and dissemination of information for each member of society, the development of the media, the formation of public information resources, the provision of accessible information services, the provision of conditions for the creation, development and operation of information systems, the formation of a single information space country and its integration into the global information space.
The relevance of the problem of legal regulation of public relations in the field of information security of sociotechnical systems and processes in them is due to the increasing role of information in all spheres and activities of the personality of society and the state under the influence of external and internal threats. The development of new information relations requiring the observance and protection of the rights and legitimate interests of subjects in the information sphere.
The active development of the information society based on the widespread use of new information technologies entails an increase in offenses in the field of information security, which predetermines the formation and development of an appropriate scientific, methodological and legal basis that provides an effective solution to these problems. The priority in this series is the development of relevant legislation and the improvement of the training and retraining of qualified specialists with systemic knowledge in the field of legal regulation of the processes of ensuring the information security of the individual, society, state and the information automated and telecommunication systems they use.
Recently, the flow of information, both external and internal, has increased dramatically. In connection with the constant need to improve management efficiency, the need for better information processing is growing. All this taken together makes us look for new ways and methods of organizing the reception, processing and transmission of information flows. information security network technology
The globalization of world space has led to the transformation of space as such: along with geographical space, in particular, electronic space is being formed. The traditional confrontation between states is carried out today both in the physical space and in the new virtual or cyberspace. The information activity of states is dictated by internal interests: the interests of financial and industrial groups, their need for raw materials, in markets for products that cannot be satisfied within the limits of one state.
So, speaking about state policy in the information sphere, it should be said that this is a specific type of social management through the exercise of their powers by all state authorities or executive authorities to regulate relations arising from information and in connection with its circulation in social systems.
Today, the state still occupies a dominant position in relation to the individual and society, while the interests of the individual are not yet at the center of state interests, and society has not left the state of "nationalization". To create conditions for the full and successful self-realization of the individual and the formation of civil society, it is necessary to change the position of the individual and society in relation to the state, which, first of all, should be directed by state regulation, and first of all rule-making. The state should help the formation of civil society, but not replace it; transfer certain functions of ensuring the interests of the individual to public institutions as they are created; determine the degree of their participation in ensuring the protection of the interests of the individual and society under their control; to help create instruments of influence on power in society. It is obvious that the continuation of the previous practice of rule-making and law enforcement without a unified state policy in the information sphere blocks the implementation of the constitutional rights of citizens, makes it difficult to build a state of law and an information society in Russia. As follows from the Information Security Doctrine of the Russian Federation, today there is no clear state policy in the field of the formation of the Russian information space, the development of the mass media system, the organization of international information exchange and the integration of the Russian information space into the world information space, which creates conditions for the displacement of Russian news agencies, mass media information from the internal information market and deformation of the structure of international information exchange. There is insufficient government support for the activities of Russian news agencies to promote their products to the foreign information market. The situation with ensuring the safety of information constituting a state secret is deteriorating. Serious damage has been inflicted on the personnel potential of scientific and production teams operating in the field of creating informatization, telecommunications and communications, as a result of the mass departure of the most qualified specialists from these teams. The backlog of domestic information technologies forces federal government bodies, government bodies of the constituent entities of the Russian Federation and local governments, when creating information systems, to follow the path of purchasing imported equipment and attracting foreign firms, which increases the likelihood of unauthorized access to processed information and increases Russia's dependence from foreign manufacturers of computer and telecommunications equipment, as well as software. In connection with the intensive introduction of foreign information technologies into the spheres of activity of the individual, society and the state, as well as with the widespread use of open information and telecommunication systems, the integration of domestic information systems and international information systems, the threat of using "information weapons" against the information infrastructure of Russia has increased. Work on an adequate comprehensive response to these threats is being carried out with insufficient coordination and weak budget financing.
The information security doctrine of the Russian Federation, taking into account the current state of affairs, defines the following tasks as urgent for solving:
* development and creation of mechanisms for the formation and implementation of the state information policy of Russia;
* development of methods for increasing the effectiveness of state participation in the formation of the information policy of state television and radio broadcasting organizations, other state media;
* development of the main directions of state policy in the field of information security of the Russian Federation, as well as activities and mechanisms related to the implementation of this policy;
* development and improvement of the information security system of the Russian Federation, which implements a unified state policy in this area, including the improvement of forms, methods and tools for identifying, assessing and predicting threats to the information security of the Russian Federation, as well as a system to counter these threats;
* development, adoption and implementation of federal programs that provide for the formation of public archives of information resources of federal state authorities and state authorities of the constituent entities of the Russian Federation, ensuring information security of the Russian Federation;
* harmonization of domestic standards in the field of informatization and information security of automated control systems, information and telecommunication systems for general and special purposes;
* development of criteria and methods for evaluating the effectiveness of systems and means of ensuring information security of the Russian Federation, as well as certification of these systems and means;
* improvement of the regulatory legal framework for ensuring the information security of the Russian Federation, including mechanisms for exercising the rights of citizens to receive information and access to it, forms and methods for implementing legal norms relating to the interaction of the state with the media;
* establishing the responsibility of officials of federal state authorities, state authorities of the constituent entities of the Russian Federation, local governments, legal entities and citizens for compliance with information security requirements; coordination of the activities of federal government bodies, government bodies of the subjects of the Russian Federation, enterprises, institutions and organizations, regardless of the form of ownership in the field of ensuring information security of the Russian Federation;
* development of scientific and practical foundations for ensuring the information security of the Russian Federation, taking into account the current geopolitical situation, the conditions for the political and socio-economic development of Russia and the reality of threats to use "information weapons";
* ensuring the technological independence of the Russian Federation in the most important areas of informatization, telecommunications and communications, which determine its security, and primarily in the field of creating specialized computers for weapons and military equipment; the creation of secure information technologies for systems used in the process of implementing the vital functions of society and the state, the creation of a special-purpose information and telecommunication system in the interests of federal state authorities and state authorities of the constituent entities of the Russian Federation;
* development of modern methods and means of protecting information, ensuring the security of information technologies, and, above all, those used in command and control systems for troops and weapons, environmentally hazardous and economically important industries;
* development and improvement of the state system of information protection and the system of protection of state secrets;
* creation and development of a modern protected technological basis for government in peacetime, in emergency situations and in wartime;
* expanding interaction with international and foreign bodies and organizations in solving scientific, technical and legal issues of ensuring the security of information transmitted using international telecommunication systems and communication systems;
* development of the infrastructure of the unified information space of Russia; providing conditions for Russia's active participation in the creation and use of global information networks and systems;
* comprehensive counteraction to the threats of information warfare, the suppression of computer crime;
* improving the legal culture and computer literacy of citizens;
* creation of a unified system of personnel training in the field of information security and information technology.
The process of social management in the information sphere consists of a doctrinal part, scientific understanding of the content of the problems of this sphere of relations, its expression in a research form and various forms of forecasts, doctrines, concepts. On this basis, the policy of the state is developed in this area. Its concrete expression is the relevant documents of state authorities, programs for the implementation of this policy.
An example of the implementation of state policy functions in the field of organizing information activities abroad can be such documents as the Clinton-Gore Report, distributed since 1993 on the National Information Infrastructure, the ideas of which in subsequent years were embodied in a number of programs and laws. The White Paper of the European Commission "The Growth of Competition, Employment, Goals and Paths in the 21st Century" belongs to the same category of political documents, on the basis of which the Report "Europe and the World Information Society. A Recommendation to the Council of Europe" was created, presented in Brussels on May 26, 1994. It is this document that introduced the term "information community" into circulation. In the same row are the documents of the Japanese Cabinet of Ministers on the development of an information technology strategy in the conditions of the information revolution, adopted in the middle of 2000. Organizationally, they are supported by the establishment of the Information Technology Strategy Headquarters.
On the basis of such conceptual documents, the state policy is developed in certain areas of the informatization strategy or the development of the information society, as well as specific action programs. For example, the main plan for the implementation of the Japanese strategy provides for such areas as the activation of electronic commerce, the computerization of the public sector, the development of information literacy, the creation of an infrastructure for working networks, and other areas. This document is accompanied by an explanation of the key positions of the Action Plan, as well as the development of a plan for protecting information systems from hackers and other cyber threats. Note that even earlier, given the country's lag behind the United States and Europe in the creation and use of Internet networks based on the protocol (IP), Japan developed the program "Japan's Initiatives towards the USA, China and Russia". This program mobilized the attention and efforts of private and municipal structures for the large-scale creation and use of the global network. It would not be superfluous to mention the directions of this program, the value of which lies in focusing on the international community and the world level of information technology development. The express information of the Institute of the Far East of the Russian Academy of Sciences noted the following directions of Japan's policy in this direction: the creation of Internet Protocol (IP) networks as part of the information structure of the new era; construction of communal networks of districts as a step in the transition to the information society; using advances in business and fundamental means to promote the information revolution; introduction of information technologies in open networks; security in the construction of open networks; solving the problems of 2000; arrangements for the training of network specialists; creation of the necessary social infrastructure; creation of cable network terminals in all schools, and Internet terminals in all classes; reorganization of the Japanese legal system to meet the requirements of the information age; development of electronic commerce, taking into account the American strategy of the global information infrastructure; development of approaches to management issues on the Internet; removing the competitive barrier and providing users with world-class service at low cost; using the principle of competition to ensure access to a qualified information infrastructure for all residents of Japan; reforming telecommunications fees to create supersphere values; development of global standards of interaction in the internationalization of telecommunications. The Russian Federation has accumulated a well-known experience in the development of state policy in the field of information sphere development. The algorithm for the formation of state policy can be represented as follows:
1) Scientific research and understanding of the patterns of development of public relations in the information sphere and problem statement;
2) Definition of doctrinal and conceptual guidelines and their regulatory consolidation (such documents include the National Security Concept of the Russian Federation (1997, 2000) and the Doctrine of Information Security of the Russian Federation (2000), the Concept for the formation and development of a single information space of Russia and the corresponding state Information Resources" (1995), approved by Decrees of the President of the Russian Federation, the Okinawa Charter of the Global Information Society (2000);
3) Concretization of tasks for state authorities in determining the main directions of domestic and foreign policy (in the annual Messages of the President of the Russian Federation to the Federal Assembly since 1994);
4) Development and adoption of concepts for the development of legislation in the information sphere and its individual areas (the State Duma Committee on Information Policy and the Permanent Chamber for State Information Policy of the Political Advisory Council under the President of the Russian Federation approved the Concept of State Information Policy (1998), and the State Duma Committee on security - the Concept for the development of legislation in the field of information security of the Russian Federation (1998), taking into account which the Security Council of the Russian Federation prepared the Concept for improving the legal support of information security of the Russian Federation (2001), the Ministry of Communications and Informatization of the Russian Federation prepared a draft Concept for the development of legislation of the Russian Federation in the field of information and informatization);
5) Development and adoption of laws as a legal basis for regulating relations in the information sphere (in the 1990s, a large array of legislation in the field of regulating information relations was formed in the Russian Federation - more than 120 laws of the federal level and more than 100 laws of the constituent entities of the Russian Federation. The Constitution of the Russian Federation, all 18 codes of the Russian Federation, to a greater or lesser extent, relate to the implementation of information rights and freedoms, the formation and involvement of information resources in the economic circulation and the system of state and municipal government.
6) Preparation and adoption of subordinate regulatory legal acts (regulation of the activities of state bodies and specialized organizations in the field of information activities, the design of certain areas of state policy is carried out through acts of the President of the Russian Federation, the Government of the Russian Federation, regulatory legal acts of ministries and departments whose competence includes information problems For example, in 1993-1999 more than ten special acts on the problem of legal informatization in the Russian Federation were issued, as a result of which many issues of organizing legal information and its distribution through the specialized systems Consultant Plus, Codex, "Garant", "System", etc. Such an example on the issues of streamlining legal information is Decree of the President of the Russian Federation No. of legal acts of the subjects of the Russian Federation - the federal register of normative legal acts of the subjects of the Russian Federation, the maintenance of which is entrusted to the Ministry of Justice of the Russian Federation);
7) preparation and implementation of federal targeted programs that specify the participation of public authorities in the formation and implementation of state policy
in accordance with their competence (an example here is the program "Electronic Russia" (2001).
Information policy in a narrower sense, taking into account state policy, can also be determined at the level of the sectoral management system, intersectoral management, and regional management. One can, for example, talk about information policy in the field of education, entrepreneurship, nature conservation, and ecology in general. Relevant departments can issue documents that mobilize attention to solving issues of information support in their area of responsibility, the use of information resources of their profile.
The local field of information policy also arises at the level of an individual organization. For example, the development of an attitude regarding a trade secret, the use of an information resource for one's internal development, or for the inclusion of one's resource in market processes directly.
Improving the legal mechanisms for regulating public relations arising in the information sphere is a priority direction of state policy in this area.
In accordance with the Information Security Doctrine of the Russian Federation, this implies:
* assessment of the effectiveness of the application of existing legislative and other regulatory legal acts in the information sphere and the development of a program for their improvement;
* creation of organizational and legal mechanisms for ensuring information security;
* determination of the legal status of all subjects of relations in the information sphere, including users of information and telecommunication systems, and the establishment of their responsibility for compliance with the legislation of the Russian Federation in this area;
* creation of a system for collecting and analyzing data on the sources of threats to the information security of the Russian Federation, as well as on the consequences of their implementation;
* development of regulatory legal acts that determine the organization of the investigation and the procedure for litigation on the facts of illegal actions in the information sphere, as well as the procedure for eliminating the consequences of these illegal actions;
* development of offenses taking into account the specifics of criminal, civil, administrative, disciplinary responsibility and the inclusion of relevant legal norms in the criminal, civil, administrative and labor codes, in the legislation of the Russian Federation on public service; improvement of the personnel training system used in the field of information security of the Russian Federation and other areas of the information sphere.
2. The concept of the network and its capabilities. Classification of network technologies by specialization, method of organization, method of communication, composition of technical sky funds, coverage of the territory
A local computer network is a collection of computers connected by communication lines, providing network users with the potential to share the resources of all computers. On the other hand, simply put, a computer network is a collection of computers and various devices that provide information exchange between computers on the network without using any intermediate media.
The main purpose of computer networks is the sharing of resources and the implementation of interactive communication both within one company and outside it. Resources are data, applications, and peripherals such as an external drive, printer, mouse, modem, or joystick.
Computers included in the network perform the following functions:
Organization of access to the network
Communication management
Provision of computing resources and services to network users.
Currently, local area computing (LAN) is very widespread. This is due to several reasons:
* networking computers allows you to save money by reducing the cost of maintaining computers (it is enough to have a certain disk space on the file server (main computer of the network) with software products installed on it, used by several workstations);
* local area networks allow you to use your mailbox to send messages to other computers, which allows you to transfer documents from one computer to another in the shortest possible time;
* local networks, in the presence of special software (software), are used to organize the sharing of files (for example, accountants on several machines can process the postings of the same ledger).
Among other things, in some areas of activity it is simply impossible to do without a LAN. These areas include: banking, warehouse operations of large companies, electronic archives of libraries, etc. In these areas, each individual workstation, in principle, cannot store all information (mainly due to its too large volume).
global computer network
The Internet is a global computer network covering the entire world.
The Internet, once exclusively for research and academic groups whose interests ranged from access to supercomputers, is becoming increasingly popular in the business world.
Companies are enticed by speed, cheap global connectivity, ease of collaboration, affordable software, and the unique database of the Internet. They see the global network as an addition to their own local networks.
According to the method of organizing networks, they are divided into real and artificial.
Artificial networks(pseudo-networks) allow you to link computers together through serial or parallel ports and do not need additional devices. Sometimes communication in such a network is called null-modem communication (no modem is used). The connection itself is called null-modem. Artificial networks are used when it is necessary to transfer information from one computer to another. MS-DOS and windows are equipped with special programs for implementing a null-modem connection.
Real networks allow you to link computers using special switching devices and a physical data transmission medium.
By territorial prevalence, networks can be local, global, regional and city.
Local area network (LAN) -Local Area Networks (LAN)- this is a group (communication system) of a relatively small number of computers, united by a shared data transmission medium, located on a limited size small area within one or more closely located buildings (usually within a radius of no more than 1-2 km) in order to share resources all computers
A network that connects computers that are geographically distant over long distances from each other. It differs from a local network in more extended communications (satellite, cable, etc.). The global network unites local networks.
City network (MAN - Metropolitan Area NetWork)- a network that serves the information needs of a large city.
Regional- located in the city or region.
Also, recently, experts have singled out such a type of network as a banking one, which is a special case of a corporate network of a large company. It is obvious that the specifics of banking activities impose strict requirements on information security systems in the bank's computer networks. An equally important role in building a corporate network is played by the need to ensure trouble-free and uninterrupted operation, since even a short-term failure in its operation can lead to huge losses.
By affiliation, departmental and state networks are distinguished.
Departmental belong to the same organization and are located on its territory.
State networks- networks used in state structures.
According to the speed of information transfer, computer networks are divided into low-, medium- and high-speed.
low speed(up to 10 Mbps),
medium speed(up to 100 Mbps),
high speed(over 100 Mbps);
Depending on the purpose and technical solutions, networks can have different configurations (or, as they say, architecture or topology).
IN annular topology information is transmitted over a closed channel. Each subscriber is directly connected to two nearest neighbors, although in principle it is able to communicate with any subscriber in the network.
IN star-shaped(radial) in the center there is a central control computer that communicates sequentially with subscribers and connects them with each other.
IN tire configuration, computers are connected to a common channel (bus) through which they can exchange messages.
IN treelike- there is a "master" computer, to which computers of the next level are subordinate, etc.
In addition, configurations without a distinct nature of the connections are possible; the limit is a fully meshed configuration, where every computer on the network is directly connected to every other computer.
From the point of view of organizing the interaction of computers, networks are divided into peer-to-peer (Peer-to-Peer Network) and with a dedicated server (Dedicated Server Network).
All computers in a peer-to-peer network are equal. Any network user can access data stored on any computer.
Peer-to-peer networks can be organized using operating systems such as LANtastic, windows "3.11, Novell Netware Lite. These programs work with both DOS and Windows. Peer-to-peer networks can also be organized based on all modern 32-bit operating systems - Windows 9x\ME\2k, Windows NT workstation version, OS/2) and some others.
Advantages of peer-to-peer networks:
1) The most easy to install and operate.
2) DOS and Windows operating systems have all the necessary functions to build a peer-to-peer network.
The disadvantage of peer-to-peer networks is that it is difficult to solve information security issues. Therefore, this method of organizing a network is used for networks with a small number of computers and where the issue of data protection is not a matter of principle.
In a hierarchical network, when the network is set up, one or more computers are pre-allocated to manage network communication and resource allocation. Such a computer is called a server.
Any computer that has access to server services is called a network client or workstation.
A server in hierarchical networks is a persistent store of shared resources. The server itself can only be a client of a server at a higher level in the hierarchy. Therefore, hierarchical networks are sometimes referred to as dedicated server networks.
Servers are usually high-performance computers, possibly with several processors working in parallel, with high-capacity hard drives, with a high-speed network card (100 Mbps or more).
The hierarchical network model is the most preferable, as it allows creating the most stable network structure and more rationally allocating resources.
Also, the advantage of a hierarchical network is a higher level of data protection.
The disadvantages of a hierarchical network, compared to peer-to-peer networks, include:
1) the need for an additional OS for the server.
2) higher complexity of network installation and upgrade.
3) The need to allocate a separate computer as a server.
Local networks (LAN computers) unite a relatively small number of computers (usually from 10 to 100, although occasionally there are much larger ones) within the same room (training computer class), building or institution (for example, a university). The traditional name - local area network (LAN) - is rather a tribute to those times when networks were mainly used and solving computational problems; Today, in 99% of cases, we are talking exclusively about the exchange of information in the form of texts, graphic and video images, and numerical arrays. The usefulness of drugs is explained by the fact that from 60% to 90% of the information necessary for an institution circulates inside it, without needing to go outside.
The creation of automated enterprise management systems (ACS) had a great influence on the development of drugs. ACS includes several automated workstations (AWP), measuring complexes, control points. Another important field of activity in which drugs have proved their effectiveness is the creation of classes of educational computer technology (KUVT).
Due to the relatively short lengths of communication lines (as a rule, no more than 300 meters), information can be transmitted via LAN in digital form at a high transmission rate. At long distances, this method of transmission is unacceptable due to the inevitable attenuation of high-frequency signals, in these cases it is necessary to resort to additional technical (digital-to-analog conversions) and software (error correction protocols, etc.) solutions.
A characteristic feature of the LAN is the presence of a high-speed communication channel connecting all subscribers for transmitting information in digital form.
There are wired and wireless channels. Each of them is characterized by certain values of parameters that are essential from the point of view of LAN organization:
Data transfer rates;
Maximum line length;
Noise immunity;
mechanical strength;
Convenience and ease of installation;
Costs.
If, for example, two protocols break data into packets and add information (about packet sequencing, timing, and for error checking) differently, then a computer running one of these protocols will not be able to successfully communicate with a computer running the other protocol. .
Until the mid-1980s, most LANs were isolated. They served individual companies and rarely combined into large systems. However, when local networks reached a high level of development and the volume of information transmitted by them increased, they became components of large networks. Data transmitted from one local network to another along one of the possible routes is called routed. Protocols that support the transfer of data between networks over multiple routes are called routed protocols.
Among the many protocols, the following are the most common:
· IPX/SPX and NWLmk;
The OSI protocol suite.
Global Area Network (WAN or WAN - World Area NetWork)- a network that connects computers that are geographically distant at long distances from each other. It differs from a local network in more extended communications (satellite, cable, etc.). The global network unites local networks.
WAN (World Area Network)) is a global network covering large geographic regions, including both local networks and other telecommunication networks and devices. An example of a WAN is a packet-switched network (Frame relay), through which various computer networks can "talk" to each other.
Today, as the geographic boundaries of networks are expanding to connect users from different cities and states, LANs are turning into a global area network [WAN] and the number of computers on the network can already vary from ten to several thousand.
Internet- a global computer network covering the whole world. Today, the Internet has about 15 million subscribers in more than 150 countries around the world. The size of the network increases by 7-10% monthly. The Internet forms, as it were, the core that provides communication between various information networks belonging to various institutions around the world, one with another.
If earlier the network was used exclusively as a medium for transferring files and e-mail messages, today more complex problems of distributed access to resources are being solved. About three years ago, shells were created that support the functions of network search and access to distributed information resources, electronic archives.
The Internet, once exclusively for research and academic groups whose interests ranged from access to supercomputers, is becoming increasingly popular in the business world.
Currently, the Internet uses almost all known communication lines from low-speed telephone lines to high-speed digital satellite channels.
In fact, the Internet consists of many local and global networks belonging to various companies and enterprises, interconnected by various communication lines. The Internet can be thought of as a mosaic of small networks of various sizes that actively interact with each other, sending files, messages, and so on.
A computer network is an association of several computers for the joint solution of information, computing, educational and other problems.
The main purpose of computer networks is the sharing of resources and the implementation of interactive communication both within one company and outside it.
Hosted on Allbest.ru
...Similar Documents
Essence and main purpose of the Information Security Doctrine of the Russian Federation (RF). Types and sources of threats to information security of the Russian Federation. The main provisions of the state policy of ensuring information security in Russia.
article, added 09/24/2010
State policy in the field of formation of information resources. Selection of a complex of information security tasks. The system of designed software and hardware to ensure information security and protection of enterprise information.
term paper, added 04/23/2015
Information Security. Information security threat. Classification of computer viruses. boot viruses. File viruses. network viruses. Macro viruses. Resident viruses. Methods for ensuring information security.
abstract, added 04/06/2007
The concept, meaning and directions of information security. A systematic approach to organizing information security, protecting information from unauthorized access. Means of information protection. Methods and systems of information security.
abstract, added 11/15/2011
The concept of information and informatization. The modern concept of security and characteristics of information security tools. Features of ensuring information security in educational institutions, depending on their type.
thesis, added 01/26/2013
The relevance of information security issues. Software and hardware of LLC "Mineral" network. Building a model of corporate security and protection against unauthorized access. Technical solutions for the protection of the information system.
thesis, added 01/19/2015
The essence of the concept of "information security". Security model categories: privacy; integrity; availability. Information security and the Internet. Methods for ensuring information security. The main tasks of anti-virus technologies.
test, added 06/11/2010
Analysis of the infrastructure of LLC shop "Style". Creation of an information security system for the accounting department of an enterprise based on its pre-project survey. Development of a concept, information security policy and the choice of solutions to ensure it.
term paper, added 09/17/2010
The concept, goals and objectives of information security. Threats to information security and ways to implement them. Management of access to information and information systems. Protecting networks and information while working on the Internet. The concept of electronic signature.
test, added 12/15/2015
Information security risk analysis. Evaluation of existing and planned means of protection. A set of organizational measures to ensure information security and protection of enterprise information. A control example of the project implementation and its description.
- The Curonian Bay of the Baltic Sea: description, water temperature and the underwater world
- Ecological groups of birds by type of food Ecological birds examples
- A fairy tale in reality - the animal world of the Red Sea: a sketch about underwater inhabitants Dangerous fish of the Red Sea hurghada
- Parnassius (Parnassius)