Presentation "Ways to protect information". Information security. Information protection methods Information protection programs presentation

Information security refers to a complex of organizational, technical and technological approaches to protect information from unauthorized access, destruction, modification, opening and access locks. Information security provides a guarantee that the following goals are achieved: confidentiality of information (the power of information resources, including information, is associated with this, which does not become accessible and will not be disclosed to unimportant people); integrity of information and related processes (constancy of information during transmission and saving); availability of information when needed (the power of information resources, including information, which means their ability to be seized and used in a variety of ways); the scope of all processes with information.

Information security is based on three pillars: confidentiality, integrity, and availability. The points of emphasis in the process of protecting information from the information system are: hardware, software, communication (communications). The procedures (mechanisms) themselves are divided into physical protection, personnel protection, and organizational protection. Security link Hardware security Software security C C K K D D D

A threat to the security of a computer system is a potential possibility (to be sure), as it could result in an unexpected impact on the system itself, as well as on the information stored in it. Threat analysis conducted by the National Computer Security Association in 1998. The US has the following statistics:

Types of information threats Information threats Technological Physical People Force majeure situations Individual possession and internal systems of life safety Program (logical) Local firefighter Types of firewall Organ Izatsionalny Influx on the staff Physical action on the staff Psychological infusion on the staff

Security policy is a complex of approaches and active actions from the management and upgrading of security systems and technologies, including information security. Legislative level Administrative level Procedural level Software and technical level

Organizational guard Organization of the security regime. organization of work with the security guards (selection and placement of personnel, including awareness of the security guards, their training, introduction to the rules of work with confidential information, familiarization with the visits of the police distances for violating the rules for the protection of information and other) organization of work with documents and documented information (division, recovery, form, formatting, rotation, saving and saving of documents and storage of confidential information) organization of various technical methods for collecting, processing, accumulating and preserving confidential information information; organizing work to analyze internal and external threats to confidential information and developing approaches to ensure its protection; organization of work by systematically monitoring the work of personnel with confidential information, storage procedures, saving and saving documents and technical equipment.

Technical methods for protecting information To protect the perimeter of the information system, the following are created: security and fire alarm systems; digital video security systems; control and access control systems (ACS). The protection of information from the flow of technical communication channels is ensured by the following methods and approaches: through the use of shielded cables and the laying of wires and cables at shielded structures; installation of high-frequency filters on connecting lines; per unit of shielded containers (capsules); vikoristannya shielded possession; installation of active noise reduction systems; building of control zones.

Hardware features for information security Special registries for storing security details: passwords, codes to identify, stamps or secrecy levels; Build a world of individual characteristics of a person (voice, voice) with the method of identification; Schemes for interrupting transmission of the line are connected with the method of periodically checking the data output address. Devices for encrypting information (cryptographic methods). Systems of uninterrupted life: Dzherela of uninterrupted life; Reservation navantazhenya; Voltage generators

Software protection measures against unauthorized access (UNA): Authorization features; authorization Mandatory access control; Viborche keruvannya access; role-based access control; Journaling (that's what Audit is called). Systems for analysis and modeling of information flows (CASE systems). Monitoring systems: Intruder detection and prevention systems (IDS/IPS). Systems for securing the flow of confidential information (DLP systems). Protocol analyzers. Anti-virus features.

Software assistance Firewalls. Cryptographic features: Encryption; Digital signature. Backup systems. Authentication systems: Password; Access key (physical or electronic); Certificate; Biometrics. Tools for analyzing security systems: Monitoring software product.

TYPES OF ANTI-VIRUS PROGRAMS Detectors can detect files infected with one of several common viruses. Some program detectors also perform a heuristic analysis of files and system areas of disks, which often (and not always) allows the detection of new viruses not known to the program detector. Filters are resident programs that inform the user about all attempts by any program to write to the disk, and thus format it, as well as about other suspected activities. Program doctors and phages are how to detect files infected with viruses, and “rejoice” them, then. delete the body of the program virus from the file, rotating the files in the output page. Auditors will remember information about the status of files and system areas of disks, and after subsequent launches, update their output status. Whenever any inconsistencies are identified, the correspondent is informed about this. Watchdogs and filters are installed resident in the computer's RAM and check files and USB drives that are launched for viruses. Vaccine programs or immunizers modify programs and disks in such a way that they do not become infected with robotic programs, or the virus that causes vaccination affects both programs and disks that are already infected.

Few anti-virus programs However, even with conventional anti-virus technologies, it is not possible to provide complete protection against viruses. The antivirus program takes up part of the system's computing resources, including the central processor and hard drive. This may be especially true on weaker computers. Anti-virus programs can detect a threat where there is none (unnecessarily required). Anti-virus programs attract updates from the Internet, thereby wasting a lot of traffic. Various methods of encrypting and packaging malicious programs can expose viruses to anti-virus software that are not detected. To detect these “camouflaged” viruses, a sophisticated unpacking mechanism is required that can decrypt files before they are verified. However, many anti-virus programs have limited ability to detect encrypted viruses.

1) After the outbreak of file viruses, they cause damage to files. Create a twin file from the original. Viruses that are infected are released from the infected sector of the disk. The operating system is concerned with the bugs and malfunctions of the Macro virus to “port” Word, Excel documents and other application programs of the Windows operating system. Merezhevy viruses are spread through the Internet through electronic lists or after the introduction of dubious sites.

3) Behind the robotic algorithm is the Residency of the Virus, which allows the power to operate steadily while the computer is disabled. Self-encryption and polymorphic viruses Polymorphic viruses change their code or the body of programs, which is important to detect. Stealth algorithm Invisible viruses “lurk” in the RAM and the anti-virus program cannot detect them. Non-standard methods Fundamentally new methods of injecting a virus onto a computer.

4) Due to their destructive potential, many people do not harm their computers or computers, but rather take up space on their hard drive. It is safe to inflict moral harm on the student. There are visual, graphic and sound effects. It is not safe to obtain information from files. “Port” files, destroy them untreated, etc. It is very dangerous to interrupt the process of installing the OS, after which you will need to reinstall it; or “puzzle” the hard drive, which needs to be formatted

Unusual programs A Trojan horse is a program that contains a function that is unusable and is activated when you need to use your mind. Cause such programs to disguise themselves as useful utilities. Types of destructive processes: Lack of information. (The specific choice of objects and methods of reduction lies only with the imagination of the author of such programs and the capabilities of the OS. This function is suitable for Trojan horses and bookmarks). The transfer of information has been overcrowded. (Passwords that are typed on the keyboard). Change of programs has been carried out on purpose. Viruses are called viruses that spread globally, affecting the goals of the system, or other programs. This is the most dangerous type of virus, and some of the attack targets are information systems on a national scale. With the advent of the global Internet, this type of security disruption poses the greatest threat, because... At any time, there may be data from computers connected to this border. The main function of viruses of this type is the evil of the attacked system. polannya zakhistu with the method of destroying security and integrity.

Identification is called self-identification of the system; authentication - by establishing the identity of the individual to the identifier named by her; authorization of these particular capabilities in relation to the corresponding rights or verification of the presence of rights when trying to log in to any action

Presentation on the topic: Current methods and methods of protecting information

1 from 22

Presentation on the topic: Current methods and methods of protecting information

Slide no. 1

Slide description:

Slide no. 2

Slide description:

Slide no. 3

Slide description:

Information security provides a guarantee that the following goals are achieved: confidentiality of information (the power of information resources, including information, is associated with this, which does not become accessible and will not be disclosed to unimportant people); integrity of information and related processes (constancy of information during transmission and saving); availability of information when needed (the power of information resources, including information, which means their ability to be seized and used in a variety of ways); the scope of all processes with information.

Slide no. 4

Slide description:

Slide no. 5

Slide description:

A threat to the security of a computer system is a potential possibility (to be sure), as it could result in an unexpected impact on the system itself, as well as on the information stored in it. An analysis of threats conducted by the National Computer Security Association in the United States revealed the following statistics:

Slide no. 6

Slide description:

Slide no. 7

Slide description:

Slide no. 8

Slide description:

organization of the security regime. organization of work with the security guards (selection and placement of personnel, including awareness of the security guards, their training, introduction to the rules of work with confidential information, familiarization with the visits of the police distances for violating the rules for the protection of information and other) organization of work with documents and documented information (division, recovery, form, formatting, rotation, saving and storage of documents and storage of confidential information) organization of various technical methods for collecting, processing, accumulating and preserving confidential information information; organizing work to analyze internal and external threats to confidential information and developing approaches to ensure its protection; organization of work by systematically monitoring the work of personnel with confidential information, storage procedures, saving and saving documents and technical equipment.

Slide no. 9

Slide description:

Slide no. 10

Slide description:

Slide no. 11

Slide description:

Program protection features Protection against unauthorized access (UNA): Authorization features; Mandatne keruvannya access; Viborche keruvannya access; role-based access control; Journaling (that's what Audit is called). Systems for analysis and modeling of information flows (CASE systems). Monitoring systems: Intruder detection and prevention systems (IDS/IPS). Systems for securing the flow of confidential information (DLP systems). Protocol analyzers. Anti-virus features.

Slide no. 12

Slide description:

Slide no. 13

Slide description:

Detectors can detect files infected with one of several common viruses. Some program detectors also perform a heuristic analysis of files and system areas of disks, which often (and not always) allows the detection of new viruses not known to the program detector. Filters are resident programs that inform the user about all attempts by any program to write to the disk, and thus format it, as well as about other suspected activities. Program doctors and phages are how to detect files infected with viruses, and “rejoice” them, then. remove the body of the program virus from the file, rotating the files to the output page. Auditors will remember information about the status of files and system areas of disks, and after subsequent launches, update their output status. Whenever any inconsistencies are identified, the correspondent is informed about this. Watchdogs and filters are installed resident in the computer's RAM and check files and USB drives that are launched for viruses. Vaccine programs or immunizers modify programs and disks in such a way that they do not become infected with robotic programs, or the virus that causes vaccination affects both programs and disks that are already infected.

Slide no. 14

Slide description:

Slide no. 19

Slide description:

3) Behind the robotic algorithm is the Residency of the Virus, which allows the power to operate steadily as long as the computer is turned on. Self-encryption and polymorphic viruses Polymorphic viruses change their code or the body of programs, which is important to detect. Stealth algorithm Invisible viruses “lurk” in the RAM and the anti-virus program cannot detect them. Non-standard methods Fundamentally new methods of injecting a virus onto a computer.

Slide description:

A Trojan horse is a program that contains a function that ruins, which is activated when the mind becomes active. Cause such programs to disguise themselves as useful utilities. Types of destructive processes: Lack of information. (The specific choice of objects and methods of reduction lies only with the imagination of the author of such programs and the capabilities of the OS. This function is suitable for Trojan horses and bookmarks). The transfer of information has been overcrowded. (Passwords that are typed on the keyboard). Change of programs has been carried out on purpose. Viruses are called viruses that spread globally, affecting the goals of the system, or other programs. This is the most dangerous type of virus, and some of the attack targets are information systems on a national scale. With the advent of the global Internet, this type of security disruption poses the greatest threat, because... At any time, there may be data from computers connected to this border. The main function of viruses of this type is the evil of the attacked system. polannya zakhistu with the method of destroying security and integrity.

Slide no. 22

Slide description:

Identification - not calling yourself special in the system; authentication - by establishing the identity of the individual to the identifier named by her; authorization - giving a particular opportunity to match the appropriate rights or checking the presence of rights when trying to log in to any action

The official policy of the government in Galusia regarding information security is expressed in Doctrine of information security of the Russian Federation(Order of the President dated September 9, 2000 No. Pr-1895). This determines the totality of official views on the goals, objectives, principles and basic principles of ensuring information security of the Russian Federation and its basis:

To formulate government policy in the sphere of information security of the Russian Federation
Preparation of proposals for the thorough development of legal, methodological, scientific, technical and organizational information security of the Russian Federation
Development of target information security programs in the Russian Federation

Information security This is the state of protection of subjects of the Russian Federation in the information sphere, which reflects the totality of balanced interests of an individual, a kingdom and a state.

On the equal level of the deceased individual the implementation of the constitutional rights of people and citizens to access information, access to information in the interests of activities not protected by law, physical, spiritual and intellectual development is being carried out, as well as to protect information that will ensure personal safety.

On the level of marriage We are talking about safeguarding the interests of the special interests of this sphere, the appreciation of democracy, the creation of the rule of law, the achievement and promotion of the future of spiritually renewed Russia.

Under the threat of carelessness This is understood to be an action or possibility that could lead to destruction, tampering or unauthorized use of computer resources, including stored, transmitted and collected information, as well as software and hardware.

Threat type:

abnormal (or unbearable)
navmisni

Main features of computer data protection:

hardware store computer manager;
zakhist line connection;
database manager;
protection of the computer's subsystem.

Zakhistu system - a set of features and technical techniques that ensure the protection of computer components, minimize the risk that your resources and users may receive.

Establish various safety mechanisms:

encryption ;
digital (electronic) signature ;
access control;
ensuring the integrity of data;
secure authentication;
traffic substitution;
keruvannya routing;
arbitration (or review).

Vikhid

Encryption (Cryptographic security) is used to implement the privacy service and is used in various services.

Encryption can be done :

symmetrical– is located on the same locale of the same secret key for encryption and decryption.
asymmetrical- characterized by the fact that with encryption, one key is secretly accessible, and decryption is another, - secret. In this case, knowledge of the secretly accessible key does not allow one to determine the secret key.

To implement the encryption mechanism, it is necessary to organize a special key generation service and its distribution between network subscribers.

Mechanisms digital signature Vykoristovuyutsya for the implementation of authentication services and protection of types. These mechanisms are based on asymmetric encryption algorithms and include two procedures:

Formation of signature by the director
It is recognized (verified) by us.

Persha procedure Ensures that the data block is encrypted with an additional cryptographic checksum, and in both cases the secret key of the director is recovered.

Another procedure It is installed on the vikoristan of the secretly accessible key, knowing which is sufficient to recognize the directory.

Mechanisms access control You can re-verify the network objects (customer programs) for access to your resources.

When accessing a resource through a connected control, it is indicated at both the point of initialization of the exchange and at the end point, social and intermediate points.

The basis for the implementation of these mechanisms is a matrix of access rights and various implementation options. Mandate lists include security labels that are assigned to objects that give the right to a specific resource.

The second type contains lists of access rights based on the authentication of the object and further verification of its rights in special tables (access control databases) that are created for each resource.

Mechanisms integrity protection stagnation both to certain blocks of data and to information flows.

Integrity is ensured by mutually interconnected encryption and decryption procedures by the sender and the holder of further cryptographic control sums.

However, to implement the protection of replacing the block as a whole, it is necessary to control the integrity of the data flow, which can be implemented, for example, by means of encryption using different keys that change in the future. no blocks. It is possible to use more simple methods such as numbering blocks or supplementing them with a so-called stamp (mark).

Mechanisms authentication provide one-way and mutual authentication.

In practice, these mechanisms involve encryption, digital signature and arbitration.

Traffic substitutions , In other words, a mechanism for filling in the text, which is used by Vykorist to implement the service of secrecy of the data flow.

They are based on the generation of fictitious blocks by the network objects, their encrypted and organization of transmission by the network channels.

They themselves neutralize the possibility of removing information about the borders by additionally monitoring the current characteristics of the flows that circulate around the border.

Jerel vipadkov's threats , What happens over time is the computer's operation, it can be problems with the software, failure to operate the hardware, incorrect actions of the accountants, operators or system administrators, etc.

Umisni threats re-investigate song goals related to the assignment of billing to customers (subscribers) of the network.

See the threats coming your way:

Active
Passive

Active invasion disrupt the normal functioning of the computer, make unauthorized changes to information flows, to information that is saved and processed. These threats are implemented for additional purposes directly on their hardware, software and information resources.

Before active invasions are expected:

destruction or radio-electronic strangulation of the line connection,
displaying the entire system connected to the network, or the operating system,
creation of information in databases of the correspondent or system data structures, etc.

The information that is stored in the computer’s memory may be selectively modified, degraded, or may be supplied with inaccurate data.

Active intruders are easy to detect, but it is important to escape.

During the hour of passive intrusion, the attacker is less careful about the passage and processing of information without getting involved in information flows.

This is an invasion, or direct unauthorized use, of a computer's information resources, without allowing it to function properly. Passive threat This is, for example, the removal of information that is transmitted by communication channels to their wiretapping channels.

In this case, the programmer performs an analysis of the notification flow (traffic), recording the identifiers, destination points, notification date, frequency and hour of exchange.

ZAHIST INFORMATION

Information protection

- This is a complex of approaches aimed at ensuring information security.

Why is there a need to protect information?

The problem of information loss due to unauthorized access has become especially acute with the expansion of local and, especially, global computer networks.

Most often, the problem is dealt with through the elementary atonements of the prosperous people, who occasionally piss or see important things in life.

What is the best way to protect information?

The information that circulates among control systems and communications is responsible for large-scale accidents, military conflicts, disorganization of the activities of scientific centers and laboratories, the collapse of banks and commercial banks organization. Therefore, information needs to be protected from tampering, waste, circulation, and illegal use.

Kind of zakhistu

Methodi zakhistu

In case of malfunctions

Types of occasional waste or maintenance of information stored on the computer

Asks for confirmation of commands to change files (for example, when replacing a file);

Types of computer viruses

Establishment of special attributes of documents and programs (only reading, accessing);

Archiving and backup of files
Preventive measures to reduce the risk of infection;

Type of unauthorized access to information (corruption, change, distribution)

Possibility of skipping the wrong action or updating a deleted file;

Antivirus software wiki.

Encryption;

Dividing the access of clients to PC resources.

Password;

"electronic locks";

Administrative and law enforcement approaches.

Automatic file backup

When the automatic backup program is used, the command to save the file is automatically duplicated and The file is saved on two autonomous media for example, on two hard drives. Do not leave one of them until information is lost.

File backup is widely used, for example, at the bank certificate.

Types of computer malware

Unauthorized access to information,
Introduction of logic bombs,
The development and proliferation of viruses,
The malignancy of a child is evil,
Detail of computer information
Stolen computer information.

Come in and avoid the computer evildoers

Technical
Organizational
Legal

The protection of information in computers can be viewed as a complex of approaches that includes organizational, technical, legal, program, operational, insurance, and moral and ethical aspects.

Technical entries

Protection against unauthorized access to the system

Backup of especially important computer subsystems

Organization of accounting measures

Installation of anti-burn equipment

Equipped with locks and alarms.

Organizational visits

protection of the obstetric center,
careful selection of personnel,
the clarity of the plan for updating the effectiveness (after going out of order),
universality of protection features for all clients.

Come in right

Development of standards that establish liability for computer crimes;
Copyright protection of programmers;
Improvement of criminal and civil legislation.

“Legislation in the sphere of information”

10 basic laws, in which:

the main terms and concepts are defined,
nutrition is regulated with increased information,
copyright protection,
Main and non-Main days.

Article 273 of the Code of the Russian Federation

Transfers criminal intelligence to the creation of programs for EOM whose modifications lead to unauthorized depletion.
Protects the rights of the ruler.
The results of the program have a criminal profile.
To earn money, the very fact of creating the program is sufficient.

Legal protection of information is regulated by the laws of the Russian Federation

The legal protection granted by this law extends to all types of EOM programs that may be expressed in any form, including the output text of my programming and machine code. However, legal protection does not extend to the idea and principles that underlie programs for EOM, including the idea and principles of organizing the interface and algorithm.

To inform about your rights, the software developer can, starting from the first release of the software, use the copyright notice, which consists of 3 elements:

letter C at koli or round arms ©; name(s) of the legal authority; Rock of the first issue of programs in the world.
letter C at koli or round arms ©;
name(s) of the legal authority;
Rock of the first issue of programs in the world.

An organization or a supplier that legally owns a copy of the program (having purchased a license for it) has the right, without revoking the additional permission of the developer, to carry out any activities related to the functions of the program. grams, including a record and saved in the EOM memory . Recording and saving in the EOM memory is only allowed for one EOM or one customer at a time, unless otherwise provided by the contract with the retailer.

It is necessary to know and comply with the existing laws that protect against illegal copying and misuse of licensed software. If organizations or traders who violate copyrights, the retailer can recover the damages and pay the violator compensation at the discretion of the court in the amount of 5000-fold to 50,000-fold the same amount of the minimum monthly payment.

Electronic digital signature

In 2002, the Law of the Russian Federation “On Electronic Digital Signature” was adopted, which became the legislative basis for electronic document management in Russia. Under this law, an electronic digital signature in an electronic document is recognized as a legally equivalent signature on a paper document.

At the hour of registering an electronic digital signature at specialized centers, the correspondent selects two keys: secret and secret. The secret key is stored on a floppy disk or smart card and must be shared with the correspondent. The secret key may be used for all potential supporting documents and is subject to electronic mail.

The process of electronically signing a document requires the use of a secret key to the text of the notification. The encrypted notification is then sent by email to the subscriber. To authenticate the notification and electronic signature, the subscriber uses the secret key.

The computer system of the PPO of the American continent once voiced Milkov's nuclear alarm, instilling the armored forces into combat readiness. And the reason was a malfunctioning chip of 46 cents - a small, coin-sized silicon element.

Apply for the hour of work with information

1983 was the year of fate again in the late-afternoon part of the USA. The reason was the computer, which entered incorrect data about the weather, as a result of which it gave a dangerous signal to the locks that were blocking the Colorado River.

Apply for the hour of work with information

In 1971, the New York Railway had 352 carriages. Zlochynets quickly provided information to the payment center, which carried out the work of the railway station, and changed the addresses of the assigned cars. The zbitkas accumulated over a million dollars.

The work of the employees and service personnel is incorrect

80-90% of the threats to information security of great companies resemble the “internal enemy” - small hackers who can, for example, steal a file with a virus.

Technical problems with equipment

Avoidance of damaged cable system robots

Protection against electrical power

Avoiding disk system failure

Unauthorized call access

« Hacker" - this English word, which means an individual who derives satisfaction from the development of details of the functioning of computer systems and the expansion of the capabilities of these systems (under the control of most business owners, as will there is no need to know the minimum required).

professionals involved in information security

hackers (

crackery

Basically a hacker's job The goal is to ensure that, following the defense, we identify weak spots in the security system and inform the police and investigators about them in a way that eliminates the identified inconsistencies and improves the level of defense.

Krakeri There is a “hacking” of the system by denying unauthorized access to information resources and systems that are closed to them.

Krakeri

vandals

penetration into the system through the method of complete poverty

fryers

popularity that can be achieved by penetrating the system

burglars

the evil of the system using the method of seizing profit through theft and alteration of information

Protecting information on the Internet

If your computer is connected to the Internet, any user who is also connected to the Internet can deny access to the information resources of your computer. Since the server can connect to the Internet and simultaneously serve as a local network server (Intranet server), unauthorized penetration of the Internet into the local network is possible.

The mechanisms of penetration from the Internet to a local computer and local network can be different:

Web pages that are imported into the browser can contain active ActiveX controls or Java applets that can prevent destructive actions on the local computer;
The actions of the Web servers place text cookies on the local computer, which can be used to remove confidential information from the user of the local computer;
With the help of special utilities, you can deny access to disks and files of the local computer and others.

In order to avoid this, install a software or hardware barrier between the Internet and the Intranet for assistance firewall(Firewall – border screen). The firewall monitors the transfer of data between networks, monitors current communications, detects suspected activity and thereby prevents unauthorized access from the Internet to the local network.

Firewall

Firewall) - this is a software and/or hardware barrier between two layers that allows you to install a non-authorized connection.

The firewall protects local Internet connections or other personal computers from infiltrating calls and prevents access to confidential information.

Protecting programs from illegal copying and abuse

Computer piracy, illegally reproducing software, costing other programmers, ruining the development of software is an economically unprofitable business. In addition, computer pirates often sell corrupt programs, programs with bugs, or demo versions to buyers.

In order for the computer's security software to function, it must be installed. The software is being expanded by software companies in the form of distribution kits on CD-ROM. The distribution kit contains its own serial number, which prevents illegal copying and installation of programs.

To prevent illegal copying of programs and data stored on CD-ROM, a special protection can be used. The CD-ROM may contain an encoding program key, which is required during copying and without which the program cannot be installed.

Protection from illegal malicious programs can be implemented with the help of a hardware key, which is connected to the parallel port of the computer. The stolen program explodes to the parallel port and asks for the secret code; If the hardware key to the computer is not accepted, then the program that is being stolen indicates a security breach and claims its identity.

Berne Convention for the Protection of Literary and Artistic Works, 1886.
Worldwide Convention on Copyright Law, 1952.

Constitution of the Russian Federation Art. 44.
Civil Code of the Russian Federation.
Law on copyright and proprietary rights, 1993.
Law of the Russian Federation “On the legal protection of programs for EOM and databases” 1992.

Latin letter C in the middle ©,
I own Volodar's copyright,
Date of first publication.

Copyright,
The right to own
Right to publicity
The right to protect your reputation.

If the program has been created in order to establish service obligations or for the duties of the robot seller, then it is the responsibility of the robot seller, since the agreement between him and the author does not provide otherwise.

Vytyag from the Criminal Code of the Russian Federation

Chapter 28. Evils in the field of computer information

Article 272. Illegal access to computer information.

1. Unlawful access to computer information protected by law, such as information on a computer device, in an electronic computing machine (EOM), such that the act caused the reduction, blocking, modification of a copy yuvannya information, destruction of EOM robots, - punishable

a fine ranging from two hundred to five hundred minimum payment amounts
or the amount of wages or other income owed for a period of two to five months,
or by correct robots in the term from six months to one day,
or liberation of the term to two fates.

2. The same act committed by a group behind the front line or an organized group or a special one in the vicinity of their official position, and such that has access to the EOM, the EOM system or their measures, is punishable by a fine of the amount thousand to three hundred thousand rubles either in the amount of wages or other income owed for a period of one to two years, or by compulsory labor for lines ranging from one hundred and eighty to two hundred and forty years, or by lawful robots for lines of up to two years, or by arrest for lines of three x to six months, or the release of freedom by the term until five.

Article 273. Creation, development and distribution of free programs for EOM

Creation of programs for EOM or making changes to existing programs, which obviously lead to unauthorized reduction, blocking, modification or copying of information, destruction of EOM robots, as well as corruption or proliferation of such programs or computer devices with such programs are punishable

reduction of liberty on lines up to three times with a fine ranging from two hundred to five hundred minimum amounts of payment
and the amount of wages and other income owed for a period of two to five months. The same actions that caused serious consequences are punishable by reduction of liberty for lines ranging from three to seven fates.

Article 274. Violation of the rules of operation of the EOM, the EOM system and its controls

1. Violation of the rules for the use of EOM by a person, which allows access to EOM, which has caused deterioration, blocking or modification of EOM information, which is protected by law, since this act has been seriously harmed, is punishable

liberation of the right to engage in song plantings or to engage in singing activities for lines up to five rocks,
or obligatory robots for lines ranging from one hundred and eighty to two hundred and forty years,
or by delineating the will with the term up to two fates.

2. The very act that caused the carelessness of a heavy inheritance is punishable by the reduction of liberty for up to four years.

Behind the tapping of fingers,
For the characteristics of the movie,
According to the geometry of the valleys of the hands,
Convicting the images,
Along the rainbow side of the eye.

PROTECTION OF INFORMATION

It was announced in 1988 by the Association of Computer Ownership with the aim of once again reminding all business owners about the need to maintain the protection of their computers and the information they save hang on them.

That year, computers were first attacked by Morris's "worm", as a result of which 6 thousand nodes of the Internet - ARPANET networks - were infected. This attack caused a loss of 96 million US dollars. The author of this virus might not be known, according to Robert Morris, a graduate student at Cornell University, who was afraid to know his powerful father. Morris, having given up 3 years of mental prison imprisonment and 400 years of enormous labor. In addition, he paid a fine of 10,500 dollars. Since the first mass epidemic occurred in 1988, which affected computers, the Fahivists began to seriously think about a comprehensive approach to the security of information resources.

What is the best way to choose password storages?

Do not use a password that is a word in the dictionary.
If it is possible, then divisional signs can be distinguished.
You can freeze characters from lower and upper case, as well as numbers from 0 to 9.

The optimal number of numbers (letters) for creating a password is 8 – 10.
Check out the remaining symbols from the list of numbers, signs or alphabet.
Beware of the programs of the overkill.

“If you don’t show the data throughout your life, you will be blocked”

“If you want to protect yourself from phishing, follow these instructions and enter your username and password”

Phishing is a type of Internet plunder, which is aimed at stealing the identification data of clients.

How can you secure copyright for a software product?
Why does computer piracy cause harm to prosperity?
What are the software and hardware features for protecting information?

Slide 1

Vikonala: what will begin gr.23 Gubanova E. I. Verified: Turusinova I. P. m. Yoshkar-Ola, 2015

Slide 2

Place Unauthorized access Methods for protecting information Biometric security systems Methods for protecting unwanted programs Backing up and updating data Hacker utilities and protecting them Recoveries

Slide 3

Unauthorized access Unauthorized access is an action that violates the rules of access or the rules of separation, access to programs and data that exclude subscribers who have not passed registration and do not have the right to familiarize themselves with these resources. To prevent unauthorized access, access control is in place.

Slide 4

Protection against victorious passwords To protect against unauthorized access to programs and data stored on the computer, passwords are vicorized. The computer allows access to its resources only to users who have registered and entered the correct password. Each individual may be allowed access to limited information resources. In this case, it is possible to register all attempts of unauthorized access.

Slide 5

Protection from passwords with passwords Protection from passwords with passwords is disabled if the operating system is locked. Login for a password can be set in the BIOS Setup program, the computer is not yet locked with the operating system, if no rules have been entered. old password. It’s not easy to fix such a zahist. The following types of unauthorized access can be stolen: disks, folders, files of the local computer. Access rights can be set for them: new access, the ability to make changes, only read records, etc.

Slide 6

Information protection is an activity aimed at preventing the flow of information, unauthorized and unauthorized inputs into information.

Slide 7

Slide 8

Information protection features Information protection features are the totality of engineering, technical, electronic, and other devices and fixtures that are used to achieve various tasks from protection information, including forward flow and security of the information that is being protected. Information security features are divided into: Technical (hardware) features Software features Organizational features

Slide 9

Technical (hardware) features Depending on the type of device, the hardware is responsible for the protection of information. The stench is beyond physical penetration, access to information, looking for additional masking. The first part of the work includes locks, bars on windows, security alarms, etc. The other is noise generators, edge filters, radio receivers that scan, and other devices that “block” potential channels for the flow of information or allow them to be revealed.

Slide 10

Software features Software features include programs for customer identification, access control, information encryption, removal of excess information such as time files, test control of security systems and others.

Slide 11

Organiza-Zasobybi Organiza Zasobi stern the organized-tech (pidogotovka Primeshchin with compoles, the layout of the cable systems of the vimyuns of the Vimog Eleased by the access to the other)

Slide 12

Biometric security systems To protect against unauthorized access to information, use biometric identification systems. The characteristics that are determined in these systems are the invisible characteristics of human characteristics and therefore cannot be eliminated or subdivided. Biometric systems are protected from identification systems: behind fingertips; for the characteristics of the movie; along the rainbow side of the eye; exposing the images; according to the geometry of the palm of the hand.

Slide 13

Finger identification Optical finger scanners are installed on laptops, mice, keyboards, flash drives, and are also used in other external devices. Liv (for example, at airports and banks). If the thumbnail is not compatible with the user's permission to access the information, access to the information is impossible.

Slide 14

Identification behind promotional characteristics Identification of the person behind the voice is one of the traditional recognition methods, which is of interest in connection with forecasts of the stagnation of voice interfaces in operating systems. Voice identification is contactless and there is a system for sharing access to information on the platform of frequency analysis of the language.

Slide 15

Identification of the iris of the eye To identify the iris of the eye, special scanners are installed and connected to a computer. The iris membrane of the eye has a unique biometric characteristic for human skin. The eye image is visible from the face image and a special barcode mask is superimposed on it. The result is a matrix that is individual to each person's skin.

Slide 16

Identification of facial image To identify an individual, facial recognition technologies are often used. Recognition of people is determined by the wind. Identification marks determine the shape of the face, its color, as well as the color of the hair. Important signs can also be given by the coordinates of facial points in places that indicate changes in contrast (eyebrows, eyes, nose, ear, mouth and oval). At this hour, the issuance of new foreign passports begins, the microcircuit of which stores a digital photograph of the owner.

Slide 17

Identification by the palm of the hand Biometrics with the identification method captures the simple geometry of the hand - the size and shape, as well as various information signs on the back of the hand (images on the bends between the phalanges of the fingers iv, vizerunki roztashuvannya blood vessels). Arm identification scanners are installed in many airports, banks and nuclear power plants.

Slide 18

Other methods of identification of visual gabitoscopy (three-dimensional imaging) - Nvisage - development of Cambridge Neurodynamics company EyeDentify's ICAM 2001 - the dying power of the eye network - eSign - program MA for identifying a digital signature identification by structure and mutually -one Facial Recognition"

Slide 19

Digital (electronic) signature eSign is a program for identifying a signature, like a special digital pen and an electronic notepad for registering a signature. During the registration process, eSign remembers both the image signature and the dynamics of the pen. eSign analyzes low parameters that include hidden signs in the handwriting of a particular individual.

Slide 20

An evil program is an evil program, a program created by evil intentions and evil intentions. To protect against harmful programs, use antivirus software. The reason for the penetration of viruses into computers protected by an antivirus could be: the antivirus was corrupted by a hacker; antivirus fundamentals were too old; weak adjustments to the protection system were established; The virus uses an infection technology against which the antivirus has no protection; If the virus was installed on the computer earlier, then an antivirus was installed, and the anti-virus function will be disabled; This is a new virus, for which anti-virus databases have not yet been released Methods for protecting against unwanted programs

Slide 21

Anti-virus programs Current anti-virus programs provide comprehensive protection of programs and data on the computer from all types of unprofitable programs and methods of their penetration onto the computer: Internet, local networks, email, personal data. and carrying information. The principle of operation of anti-virus programs is based on the reversion of files, corrupted sectors of disks and RAM, and searches for old and new useless programs in them.

Slide 22

Anti-virus programs The anti-virus monitor starts automatically when the operating system starts. Our main goal is to ensure maximum protection from unwanted programs while minimizing the upgrading of your computer. The anti-virus scanner is launched behind the selected layout or at some point in time. The anti-virus scanner searches for bad programs in the RAM, as well as on the hard drives of the computer.

Slide 23

Backup and update of data Backup is the process of creating a copy of data on the device, intended for updating data in the original or new place in the event of their deterioration or destruction. Data updating is a procedure for obtaining information from the device in times when it cannot be read in the original way.

Slide 24

Hacker utilities and protection from them. Merge attacks on remote servers are implemented using special programs that send numerical attacks on them. This will cause the server to freeze, since the resources of the attacked server are insufficient to process all requests that are received. Some hacker utilities implement fatal attacks. Such utilities exploit attacks in operating systems and applications and send specially designed messages on computers that are being attacked. As a result, a special-looking device calls out a critical signal to the addition that is being attacked, and the system starts to work. Protection from attacks by hackers, worms and Trojan programs Protection of computer networks and other computers from unauthorized access can be done behind the help of an additional border screen. The border screen allows you to: block hacker DoS attacks, prevent border packets from previous servers from entering the computer, prevent penetration of border worms that are being protected, intercept Trojan programs, and protect confidential information. format about koristuvach and computer.

Slide 28

Types of methods for the destruction of information In the form of malicious attacks, vandalism (computer viruses) Illegal methods for the destruction of information; preventive visits; use of anti-virus programs In case of unauthorized (illegal) access to information (victory, change, distribution) Encryption; password; "electronic locks"; totality of administrative and law enforcement approaches Type of protection Method of protection

Slide 29

I would like to know that the information security system and the formation of a complex of approaches for its implementation, which is being created, will not lead to irrevocable inheritance on the path of information-intel originated in Russia current communication with all the light. Summary Information today is expensive and needs to be protected. The widespread shutdown of personal computers, unfortunately, appears to be associated with emerging programs that create themselves, viruses that override normal computer operations, destroy the file structure of disks and produce corrupted information, which saved on your computer.

Categories
- Android
- Windows 7
- Termini
- OnRoad
- Antivirus
- Smartphone
- Browser
- Windows 10
- Merezha
- I'm a darling!

Popular