Mechanical means of information security. Typical software and hardware for information security

State enterprises, private organizations and certain categories of citizens possess information that is valuable not only for them, but also for attackers, competitors or foreign intelligence officers. It does not matter in what form the information is stored and through what channels it is transmitted, because engineering and technical protection of information must function at all stages. This is not only a set of measures that will impede the extraction of valuable data, but also a separate field of science.

Technical protection is effective with a thorough study of the building in which the data is stored, the composition of the personnel, possible channels of information leakage, modern methods and means of protection and theft. The manager of the enterprise should clearly determine the scale of the problem and the amount of necessary costs. Physical facilities, equipment, employee training and the creation of a special body will entail costs (about 15% of the enterprise’s profit). is the right of every subject and owner to fight against methods of unauthorized data leakage, uncontrolled dissemination of information and interference in the organization’s information processes.

The concept of a complete system

Every individual or individual can protect valuable information and organize the work of the control structure. entity depending on the nature and level of information protection and in accordance with the laws of the Russian Federation. The development of an engineering and technical system and measures is carried out after studying the issue and determining the necessary measures for the safety of information. To do this, valuable data must be protected from all possible channels of leakage, unauthorized access and careless (unintentional) actions of the organization’s personnel.

Data can not only be stolen, but distorted by adding false information, copied and displayed in one’s own name, and, even worse, access to it can be blocked. Fraudsters can steal, destroy or damage any storage medium. But this is not the only source of danger; the same consequences can occur as a result of erroneous unintentional user actions or during a natural disaster. Therefore, engineering technical system actions and measures should be aimed at protecting not only information, but also the information carrier, as well as the entire information process working with classified data.

Main tasks of the system

By creating an engineering and technical system, the enterprise puts into effect a set of organizational measures and a number of technical measures that will protect valuable information. There are 3 main tasks that the system works on:

  1. Secure the building and premises from entry by unauthorized persons for the purpose of theft, damage or alteration of information;
  2. Prevent damage or complete destruction of information media from the consequences of natural disasters and from exposure to water when extinguishing a fire;
  3. Deny attackers access to all technical channels through which data leakage may occur.

Engineering and technical protection must meet modern requirements:

  • Consistency and readiness for any threats;
  • Creation of zones with different security levels;
  • Always be one move ahead of the scammers, keep abreast of technological innovations;
  • The level of information protection must be commensurate with the importance and value of the information;
  • Inability for outsiders to gain access to secret data;
  • Do not use one type of protection, combine different measures and put into action a complex of protective equipment;
  • Protect the most important information first.

The entire territory of the enterprise must be divided into zones, entry into which is subject to special admission. The closer the zone is to secret information, the higher the level of control and the narrower the number of people who can go there. This can be achieved by installing posts or checkpoints. Such measures are taken to ensure that a possible outsider has obstacles in the way of his movement in the form of control zones and boundaries, where the theft could be detected and the fraudster detained.

Webinar on information protection:

How does a leak occur?

Recently, private offices have been renting premises located in residential buildings, where the neighboring premises are apartments of ordinary citizens. The walls of multi-storey buildings are very thin, and everything said in the next apartment can be heard by 98%. There are many such technical leakage channels, each of them is associated with a physical, chemical or biological field or other intelligence means. Information can be captured during the process of transmission, discussion, creation or processing. A leakage channel is not only the direct path of data movement, but also the technical channels that accompany the operation of other objects.

The age of new technologies makes it possible for fraudsters to use data from reflected signals, from listening radio devices, magnetic and electromagnetic fields of a secret object. Unauthorized persons use grounding and the electrical power network to remove the informative signal passing through them. Even something as simple as unshielded wires, transformers, speakers, connectors, or open circuits can leak signals that will be picked up by electromagnetic fields.

If subjects use one of the technical channels for transmitting information and process it, they will be able not only to seize secret data, but also to distort or block it. Data and information signals are distributed through the air, information and power lines. Therefore, connecting to them in a contact or non-contact way will not be difficult. To do this, attackers use radio devices that transmit information over distances (devices that suppress sound signals recording equipment).

The goal of fraudsters may be not only to copy or destroy data, but also to interfere with the operation of enterprise devices. And this leads to the fact that some engineering and technical protection systems will not work at full capacity or of poor quality. As a result, numerous failures occur in the operation of certain processes, and in extreme cases, emergency situations occur.

Ways and means to secure data

Engineering and technical protection of enterprise information begins with limiting access of unauthorized persons to the territory by creating controlled zones: the perimeter of the building and the surrounding area, all buildings of the enterprise, separate offices and premises. The head of the company must create a special security service. The engineering and technical team will conduct constant monitoring and security of all areas.

The next stage of information protection will be the purchase and installation of technical means that work with confidential data (telephony, multi-level communication systems, loudspeaker, dispatch communications, sound recording and sound reproducing equipment). Protect the company from the effects of listening technical means, find weak points in all controlled areas where an attacker can reach informative acoustic, electrical or magnetic signals. Reveal everything possible systems, to which unauthorized access can be made (unclassified phone line, fire or sound alarms, security alarm systems, surveillance equipment and others). If possible, eliminate identified weaknesses or reduce their number.

Identify and delimit premises into groups of importance and secrecy (halls, meeting rooms, offices). Based on all the collected data, the commission conducting the company survey draws up a protocol, based on the facts of which an act is drawn up and approved by the head of the company. After the inspection, a plan of the entire building, its premises, and control zones must be drawn up. In offices and other high-security premises, TZI is produced (a non-cryptographic method of protecting technical channels from information leakage).

How to securely delete information on storage media:

Hardware and software

– a technique that prevents attackers from copying, disclosing or unauthorized access to information. The equipment is divided into groups:

  • Search for leak channels;
  • Detection tools;
  • Active opposition;
  • Passive opposition.

There is another subsystem of ITZ (engineering and technical protection) - software tools that protect data at the program level ( antivirus programs, protection of communication channels from unauthorized copying or access). This is the introduction of programs that carefully identify the user, limit access to protected information, and in every possible way control the way other programs interact with protected information. Not allowed to be used at work computer systems programs without a license or certificate, since they may hide malware, which collects and transmits secret information.

On this moment The most secure ways to encrypt data are cryptographic means. This high level reliability and protection of information from unprofessional fraudsters. To implement such tools, information will be protected by a public key cryptosystem, electronic signature or symmetric cryptosystems. The only point in their use will be the convenience of the user, who must choose the cryptography method that is most comfortable for him.

The engineering and technical system, after putting into operation the entire complex of technical means and measures, must be constantly monitored for the correct execution of all points of the planned technical specification plan. Over time, the system will require improvement and modernization, so the information security service must respond to new technical protection means in a timely manner and implement them efficiently.

The requirements for information security when designing information systems indicate the characteristics that characterize the information security means used. They are defined by various acts of regulators in the field of security information security, in particular - FSTEC and the FSB of Russia. What security classes there are, types and types of protective equipment, as well as where to find out more about this, are reflected in the article.

Introduction

Today, issues of ensuring information security are the subject of close attention, since technologies being implemented everywhere without ensuring information security become a source of new serious problems.

The Russian FSB reports on the seriousness of the situation: the amount of damage caused by attackers over several years around the world ranged from $300 billion to $1 trillion. According to information provided by the Prosecutor General of the Russian Federation, in the first half of 2017 alone, the number of crimes in the field of high technology in Russia increased sixfold, the total amount of damage exceeded $18 million. An increase in targeted attacks in the industrial sector in 2017 was noted throughout the world . In particular, in Russia the increase in the number of attacks compared to 2016 was 22%.

Information technologies began to be used as weapons for military-political, terrorist purposes, to interfere in the internal affairs of sovereign states, as well as to commit other crimes. The Russian Federation stands for the creation of an international information security system.

On the territory of the Russian Federation, information holders and information system operators are required to block attempts of unauthorized access to information, as well as monitor the state of security of the IT infrastructure on permanent basis. At the same time, information protection is ensured by taking various measures, including technical ones.

Information security tools, or information protection systems, ensure the protection of information in information systems, which are essentially a collection of information stored in databases, information technologies ensuring its processing, and technical means.

Modern information systems are characterized by the use of various hardware and software platforms, the territorial distribution of components, as well as interaction with open networks data transmission.

How to protect information in such conditions? The corresponding requirements are presented by authorized bodies, in particular, FSTEC and the FSB of Russia. Within the framework of the article, we will try to reflect the main approaches to the classification of information security systems, taking into account the requirements of these regulators. Other ways of describing the classification of information security, reflected in the regulatory documents of Russian departments, as well as foreign organizations and agencies, are beyond the scope of this article and are not considered further.

The article may be useful to novice specialists in the field of information security as a source of structured information on methods of classifying information security based on the requirements of the FSTEC of Russia (to a greater extent) and, briefly, the FSB of Russia.

The structure that determines the procedure and coordinates the provision of information security using non-cryptographic methods is the FSTEC of Russia (formerly the State Technical Commission under the President of the Russian Federation, State Technical Commission).

If the reader has ever seen the State Register of Certified Information Security Tools, which is formed by the FSTEC of Russia, then he certainly paid attention to the presence in the descriptive part of the purpose of the information protection system such phrases as “RD SVT class”, “level of absence of non-compliance with non-compliance data”, etc. (Figure 1) .

Figure 1. Fragment of the register of certified information protection devices

Classification of cryptographic information security tools

The FSB of Russia has defined classes of cryptographic information protection systems: KS1, KS2, KS3, KV and KA.

The main features of KS1 class IPS include their ability to withstand attacks carried out from outside the controlled area. This implies that the creation of attack methods, their preparation and implementation is carried out without the participation of specialists in the field of development and analysis of cryptographic information security. It is assumed that information about the system in which the specified information security systems are used can be obtained from open sources.

If a cryptographic information security system can withstand attacks blocked by means of class KS1, as well as those carried out within the controlled area, then such information security corresponds to class KS2. It is assumed, for example, that during the preparation of an attack, information about physical measures to protect information systems, ensuring a controlled area, etc. could become available.

If it is possible to resist attacks if there is physical access to computer equipment with installed cryptographic security information, such equipment is said to comply with the KS3 class.

If cryptographic information security resists attacks, the creation of which involved specialists in the field of development and analysis of these tools, including research centers, and it was possible to conduct laboratory studies of security means, then we are talking about compliance with the HF class.

If specialists in the field of using NDV system software were involved in the development of attack methods, the corresponding design documentation was available and there was access to any hardware components of cryptographic information security systems, then protection against such attacks can be provided by means of the KA class.

Classification of electronic signature protection means

Facilities electronic signature depending on the ability to withstand attacks, it is customary to compare them with the following classes: KS1, KS2, KS3, KV1, KV2 and KA1. This classification is similar to that discussed above in relation to cryptographic information security.

conclusions

The article examined some methods of classifying information security in Russia, the basis of which is the regulatory framework of regulators in the field of information protection. The considered classification options are not exhaustive. Nevertheless, we hope that the presented summary information will allow a novice specialist in the field of information security to quickly navigate.

forgery According to the USA Today newspaper, back in 1992, as a result of similar illegal actions using personal computers American organizations suffered a total loss of $882 million. It can be assumed that the actual damage was much greater, since many organizations understandably hide such incidents; There is no doubt that these days the damage from such actions has increased many times over.

In most cases, the culprits turned out to be full-time employees of organizations who were well familiar with the work regime and protective measures. This once again confirms the danger of internal threats.

Previously we distinguished between static and dynamic integrity. For the purpose of violation static integrity an attacker (usually a full-time employee) can:

  • enter incorrect data;
  • To change the data.

Sometimes the content data changes, sometimes the service information changes. Headings email may be counterfeited; the letter as a whole can be falsified by a person those who know the password sender (we have given relevant examples). Note that the latter is possible even when integrity is controlled by cryptographic means. There is an interaction between different aspects of information security: if confidentiality is compromised, integrity may suffer.

A threat to integrity is not only the falsification or modification of data, but also the refusal of completed actions. If there is no means to ensure "non-repudiation", computer data cannot be considered as evidence.

Potentially vulnerable to disruption integrity Not only data, but also programs. Threats dynamic integrity are a violation transaction atomicity, reordering, theft, duplication of data or the introduction of additional messages ( network packets and so on.). This activity in a network environment is called active listening.

Top Privacy Threats

Confidential information can be divided into subject and service information. Service information (for example, user passwords) does not relate to a specific subject area, in information system it plays a technical role, but its disclosure is especially dangerous, since it is fraught with unauthorized access to all information, including subject information.

Even if information is stored on a computer or intended for computer use, threats to its confidentiality may be non-computer and non-technical in nature.

Many people have to act as users of not one, but a number of systems (information services). If reusable passwords or other confidential information are used to access such systems, then most likely this data will be stored not only in the head, but also in a notebook or on pieces of paper that the user often leaves on the desktop or loses. And the point here is not the lack of organization of people, but the initial unsuitability of the password scheme. It is impossible to remember many different passwords; recommendations for their regular (if possible, frequent) change only aggravate the situation, forcing the use of simple alternation schemes or even trying to reduce the matter to two or three easily remembered (and equally easy to guess) passwords.

The described class of vulnerabilities can be called placing confidential data in an environment where it is not provided (and often cannot be provided) with the necessary protection. In addition to the passwords stored in notebooks users, this class includes the transmission of confidential data in clear text (in a conversation, in a letter, over a network), which makes it possible to intercept it. Various can be used to attack technical means(eavesdropping or eavesdropping on conversations, passive network listening etc.), but the idea is the same - to access data at the moment when it is least protected.

The threat of data interception should be taken into account not only during the initial configuration of the IS, but also, very importantly, during all changes. Exhibitions to which many organizations send equipment from production network with all the data stored on them. Passwords remain the same when remote access they continue to be transmitted in the clear.

Another example of change: storing data on backup media. To protect data on primary media, advanced access control systems are used; copies often just lie in cabinets, and many people can access them.

Data interception is a serious threat, and if privacy is truly critical and data is transmitted over many channels, protecting it can be very difficult and costly. The technical means of interception are well developed, accessible, easy to use, and anyone can install them, for example, on a cable network, so this threat exists not only for external, but also for internal communications.

Hardware theft is a threat not only to backup media, but also to computers, especially laptops. Laptops are often left unattended at work or in the car, and sometimes they are simply lost.

A dangerous non-technical threat to confidentiality are methods of moral and psychological influence, such as masquerade- performing actions under the guise of a person with authority to access data.

Unpleasant threats that are difficult to defend against include: abuse of power. On many types of systems, the privileged user (for example System Administrator) is able to read any (unencrypted) file, gain access to any user’s mail, etc. Another example is causing damage during service maintenance. Typically, the service engineer receives unrestricted access to the equipment and has the ability to bypass software protection mechanisms.

Protection methods

Existing methods and information security tools computer systems (CS) can be divided into four main groups:

  • methods and means of organizational and legal protection of information;
  • methods and means of engineering and technical protection of information;
  • cryptographic methods and means of information security;
  • software and hardware methods and means of information security.

Methods and means of organizational and legal protection of information

Methods and means of organizational information protection include organizational, technical and organizational and legal measures carried out in the process of creating and operating a computer system to ensure information protection. These activities should be carried out during the construction or renovation of premises in which the compressor station will be located; system design, installation and adjustment of its technical and software; testing and checking the performance of the CS.

At this level of information protection, international treaties, state regulations, state standards and local regulations of a specific organization are considered.

Methods and means of engineering protection

Engineering and technical means of information security mean physical objects, mechanical, electrical and electronic devices, structural elements of buildings, fire extinguishing means and other means that ensure:

  • protection of the territory and premises of the compressor station from intruders;
  • protection of CS hardware and storage media from theft;
  • preventing the possibility of remote (from outside the protected area) video surveillance (eavesdropping) of the work of personnel and the functioning of technical means of the CS;
  • preventing the possibility of interception of PEMIN (side electromagnetic radiation and interference) caused by operating technical means of the CS and data transmission lines;
  • organizing access to the premises of the compressor station for employees;
  • control over the work schedule of the CS personnel;
  • control over the movement of CS employees in various production areas;
  • fire protection of compressor station premises;
  • minimizing material damage from information loss resulting from natural disasters and man-made accidents.

The most important integral part Engineering and technical means of information security are technical means of security that form the first line of protection of the CS and are a necessary but insufficient condition for maintaining the confidentiality and integrity of information in the CS.

Cryptographic protection methods and encryption

Encryption is the primary means of ensuring confidentiality. So, in case of ensuring data confidentiality on local computer they use encryption of this data, and in the case of network interaction, encrypted data transmission channels.

The science of protecting information using encryption is called cryptography(cryptography in translation means mysterious writing or secret writing).

Cryptography is used:

  • to protect the confidentiality of information transmitted over open communication channels;
  • to authenticate (confirm the authenticity) of the transmitted information;
  • to protect confidential information when stored on open media;
  • to ensure the integrity of information (protecting information from unauthorized changes) when transmitted over open communication channels or stored on open media;
  • to ensure the indisputability of information transmitted over the network (preventing possible denial of the fact of sending a message);
  • to protect software and other information resources from unauthorized use and copying.

Software and hardware-software methods and means of ensuring information security

Hardware information security includes electronic and electronic-mechanical devices that are included in the technical means of the computer system and perform (independently or in conjunction with software) some functions of ensuring information security. The criterion for classifying a device as a hardware rather than an engineering means of protection is its mandatory inclusion in the composition of the technical means of the CS.

To the main hardware information protection include:

  • devices for entering user identifying information (magnetic and plastic cards, fingerprints, etc.);
  • devices for encrypting information;
  • devices to prevent unauthorized activation of workstations and servers (electronic locks and interlocks).

Examples of auxiliary information security hardware:

  • devices for destroying information on magnetic media;
  • alarm devices about attempts of unauthorized actions by CS users, etc.

Information security software means special programs included in the CS software exclusively to perform protective functions. To the main software information protection include:

  • programs for identification and authentication of CS users;
  • programs for restricting user access to CS resources;
  • information encryption programs;
  • programs for protecting information resources (system and application software, databases, computer training tools, etc.) from unauthorized modification, use and copying.

Note that identification, in relation to ensuring the information security of a computer system, is understood as the unambiguous recognition of the unique name of the subject of the computer system. Authentication means confirming that the name presented corresponds to a given subject (confirming the identity of the subject).

Examples supporting software information protection:

  • programs for destroying residual information (in blocks random access memory, temporary files, etc.);
  • audit programs (keeping logs) of events related to the safety of the CS to ensure the possibility of recovery and proof of the fact of the occurrence of these events;
  • programs for simulating work with a violator (distracting him to obtain supposedly confidential information);
  • test control programs for CS security, etc.

Results

Since potential security threats information is very diverse, the goals of information protection can be achieved only by creating a comprehensive information protection system, which is understood as a set of methods and means united for a single purpose and ensuring the necessary efficiency of information protection in the CS.

Information are any data located in the memory of a computer system, any message sent over a network, and any file stored on any medium. Information is any result of the work of the human mind: an idea, technology, program, various data (medical, statistical, financial), regardless of the form of their presentation. Everything that is not a physical object and can be used by a person is described in one word - information.

Information:

    Free access information

    Restricted information

    1. Confidential information

      Secret information

Confidential(confidential, private) – official, professional, industrial, commercial or other information, the legal regime of which is established by its owner on the basis of laws on commercial, industrial secrets and other legislative acts. The owner of the information can independently establish its status as confidential (for example, personal secret). Requires unconditional protection.

Official secret- information related to the production, managerial, financial or other economic activities of the organization, the disclosure (transfer, leak, theft) of which may harm its interests and are not state secrets. This information includes:

    information containing information used by employees of the organization to work for official purposes;

    data obtained as a result of processing official information using technical means (office equipment);

    documents (media) generated as a result of the creative activity of the organization’s employees, including information of any origin, type and purpose necessary for the normal functioning of the organization.

Secret information– information containing in accordance with the State Law. Secret information constituting such. Requires the most high degree protection

State secret– information protected by the state in the field of its military, defense, foreign policy, economic, intelligence, etc. activities, the spread of which could harm the security of the state. The dissemination of GOS SECRETS is regulated by the state and controlled by intelligence services.

Types of restricted information

AND informational b security (IS) is the protection of information and its supporting infrastructure from accidental or intentional impacts of a natural or artificial nature that can cause unacceptable damage to owners and users of information.

INFORMATION PROTECTION is a set of measures aimed at preventing the leakage of protected information, as well as unauthorized and unintentional impacts on this information.

NSD - Unauthorized Access-unauthorizedaccessOne of the most common and varied types of computer system security violations. It consists of an intruder gaining access to a resource (object) in violation of the access control rules established in accordance with the security policy. For NSD, any error in the security system is used, and it can be carried out either using standard software and VT tools, or specially developed hardware and/or software.

IS must provide:

    data integrity– integrity means the relevance and consistency of information, its protection from destruction and unauthorized changes.

2. confidentiality of information is protection against unauthorized access to restricted information, including protection against illegal theft, alteration or destruction. (EXAMPLE with commercial and personal information, official, state secrets)

3. availability for authorized access– this is an opportunity to obtain the required information in a reasonable time.

Main areas of information protection activities

Principles of building information protection systems (information security)

    Systematicity

    Complexity

    Continuity of protection

    Reasonable sufficiency

    Flexibility of control and application

    Openness of algorithms and protection mechanisms

    Ease of use of protective methods and means

In addition, any information security tools and mechanisms used should not disrupt the user’s normal work with the automated information system - sharply reduce productivity, increase the complexity of work, etc. The information security system should be focused on tactical anticipation of possible threats, and also have recovery mechanisms normal operation CS in case of realization of threats.

Principles of information protection from unauthorized access

Closing channels for unauthorized receipt of information should begin with controlling user access to information resources. This task is solved on the basis of a number of principles:

    Reasonable access principle consists in the mandatory fulfillment of the following condition: the user must have a sufficient form of access to obtain information of the required level of confidentiality in order to perform the specified production functions. Users can be active programs and processes, as well as storage media.

    Principle of differentiation- to prevent a violation of information security, which, for example, can occur when recording classified information on unclassified media and in unclassified files, when transmitting it to programs and processes not intended for processing classified information, as well as when transmitting classified information through unsecured channels and communication lines, it is necessary to carry out appropriate delimitation of information flows and access rights to this information

    The principle of purity of resources is to clean up resources containing confidential information, when they are deleted or released by the user before these resources are redistributed to other users.

    The principle of personal responsibility- each IP user must bear personal responsibility for his activities in the system, including any operations with classified information and possible violations of its protection - accidental or intentional actions that lead or may lead to unauthorized access or, conversely, make such information inaccessible to legitimate users

    Principle of Security Integrity implies that information security tools in information systems must accurately perform their functions in accordance with the listed principles and be isolated from users. For the purpose of their maintenance, protective equipment must include a special secure interface for control, alarm and recording equipment.

2. Methods and means of information protection

Information security methods

    let – a method of physically blocking an attacker’s path to protected information

    access control – a method for determining and allocating system resources to authorized users

    encryption - a method of protecting information in communication channels by cryptographicly closing it. This protection method is widely used for both processing and storing information. When transmitting information over long-distance communication channels, this method is the only reliable one.

    regulation – a method of information protection that creates special conditions for automated processing, storage and transmission of protected information, under which the possibility of unauthorized access to it would be minimized.

    compulsion - a method of information protection in which users and system personnel are forced to comply with the rules for processing, transfer and use of protected information under the threat of material, administrative or criminal liability.

    motivation - a method of information protection that encourages the user and system personnel not to violate established standards (high salary)

Facilities

    technical are implemented in the form of electrical, electromechanical and electronic devices. The entire set of technical means is divided into hardware And physical.

Under hardware It is commonly understood as embedded electronic devices. Some of the most well-known hardware include parity information control circuits, memory field protection circuits by key, etc.

Physical the funds are sold in the form of autonomous devices and systems. For example, locks on the doors of equipment rooms, bars on windows, security alarms, CCTV cameras.

Physical protection:

    ensure the security of premises where network servers are located;

    restricting physical access to servers, hubs, switches for unauthorized persons, network cables and other equipment;

    provide protection against power failures.

    software represent software, specifically designed to perform information security functions.

Standard secure software:

    Security tools that use passwords identification and limiting user access according to assigned rights - access control and delimitation of powers (identification + authentication + authorization)

Identification allows an entity (user, process acting on behalf of a specific user, or other hardware and software component) to identify itself (report its name). Through authentication the second party makes sure that the subject is really who he claims to be. As a synonym for the word " authentication"The phrase "authentication" is sometimes used.

    Registration And analysis events occurring in the system - ensures the receipt and analysis of information about the state of system resources using special control tools, as well as registration of actions recognized as potentially dangerous to the security of the system. Analysis of the collected information allows us to identify the means and a priori information used by the offender when influencing the system and determine how far the violation has gone, suggest a method for its investigation and ways to correct the situation;

    Integrity control system resources is designed for timely detection of their modification. This allows you to ensure the correct functioning of the system and the integrity of the processed information.

    Cryptographic closing information

    Protection against external intrusions - firewalls

    Defence from computer viruses - antivirus packages, anti-spam filters

    Facilities Reserve copy and data recovery

    hardware and software means of protection are based on the use of various electronic devices And special programs, which are part of the information security system and perform such (independently or in combination with other means) security functions as: identification and authentication of users, differentiation of access to resources, event registration, cryptographic closure of information, ensuring fault tolerance of components and the system as a whole, etc. .d.

    Organizational protection means are organizational, technical and organizational-legal measures carried out in the process of creating and operating special software and hardware devices to ensure information protection. Organizational measures cover all structural elements at all stages life cycle protected system (creation of a protected perimeter, construction of premises, design of the system as a whole, installation and adjustment of equipment, testing and operation), as well as personnel policy and personnel selection.

    moral and ethical means of protection are implemented in the form of norms that have developed traditionally or are being developed as the spread of VT and communications in a given country or society. These norms, as a rule, are not mandatory, like legislative measures, but failure to comply with them leads to a loss of authority and prestige of the organization.

    legislative remedies are determined by the laws of the country. They regulate rules of use, processing and transmission of restricted access information and sanctions for violation of these rules are established.

According to its functional purpose Information security methods and means can be divided into the following types:

Methods and means warnings- are intended to create conditions under which the possibility of the emergence and implementation of destabilizing factors (threats) is excluded or minimized;

Methods and means detection- designed to detect emerging threats or the possibility of their emergence and collect additional information;

Methods and means neutralization- designed to eliminate emerging threats;

Methods and means recovery- are intended to restore normal operation of the protected system (sometimes the protection system itself).

Methods and means of protection computer information represent a set of various measures, hardware and software, moral, ethical and legal standards that are aimed at countering the threats of attackers and minimizing possible damage to system owners and information users.

Let's consider the following types of traditional measures to counteract information leakage from a computer.

Technical methods and means of information security

These include:

  • protection against unauthorized access to a computer system;
  • redundancy of all important computer subsystems;
  • organization of networks with the subsequent ability to redistribute resources if there is a malfunction of individual network links;
  • installation of detection equipment;
  • installation of water detection equipment;
  • adoption of a set of measures to protect against theft, sabotage, sabotage, and explosions;
  • installation reserve system power supply;
  • equipping the premises with locks;
  • installation of alarm systems, etc.

Organizational methods and means of information security

These include:

  • server security;
  • carefully organized personnel selection;
  • exclusion of such cases when all particularly important work is performed by one person;
  • developing a plan for how to restore the server’s functionality in a situation where it fails;
  • universal means of protection from any user (even from senior management).

Methods and techniques for protecting information: authentication and identification

Identification is the assignment of a unique image or name to a subject or object. And authentication is a check of whether the subject/object is who it is trying to pretend to be. The ultimate goal of both measures is the access of the subject/object to information that is in restricted use or the denial of such access. The authenticity of an object can be carried out by a program, a hardware device, or a person. Objects/subjects of authentication and identification can be: technical means (workstations, monitors, subscriber stations), people (operators, users), information on the monitor, magnetic media, etc.

Methods and means of protecting information: using passwords

A password is a set of characters (letters, numbers, etc.) that is designed to identify an object/subject. When the question arises about which password to choose and set, the question always arises about its size, the method of applying resistance to selection by an attacker. It is logical that the longer the password, the higher the level of security it will provide to the system, since it will take much more effort to guess it/pick up a combination.

But even if it should be periodically changed to a new one, in order to reduce the risk of its interception in the event of direct theft of the media, either by making a copy from the media, or by forcibly forcing the user to say the “magic” word.