home › Firmware › Physical means of information security presentation. Information security presentation on the topic of information protection. Information security methods

Physical means of information security presentation. Information security presentation on the topic of information protection. Information security methods

Presentation on the topic: Information Security. Information security methods

1 of 21

Presentation on the topic:

Slide no. 1

Slide description:

Slide no. 2

Slide description:

Information security is a set of organizational, technical and technological measures to protect information from unauthorized access, destruction, modification, disclosure and delays in access. Information security provides a guarantee that the following goals are achieved: confidentiality of information (property information resources, including information related to the fact that they will not become accessible and will not be disclosed to unauthorized persons); integrity of information and related processes (constancy of information during its transmission or storage); availability of information when it is needed (property information resources, including information that determines the possibility of their receipt and use at the request of authorized persons); accounting of all processes related to information.

Slide no. 3

Slide description:

Ensuring information security consists of three components: Confidentiality, Integrity, and Availability. The points of application of the information security process to the information system are: hardware, software, communication (communications). The protection procedures (mechanisms) themselves are divided into protection physical level,personnel protection organizational level.

Slide no. 4

Slide description:

Security threat computer system is a potential incident (whether intentional or not) that could have an undesirable impact on the system itself, as well as the information stored in it. A threat analysis conducted by the National Computer Security Association in 1998 in the United States revealed the following statistics:

Slide no. 5

Slide description:

Types of information threats Information threatsTechnologicalPhysicalHumanForce majeureFailure of equipment and internal life support systemsSoftware (logical)Local intruderRemote intruderOrganizationalImpact on personnelPhysical impact on personnelPsychological impact on personnelActions of personnelEspionageUnintentional actions

Slide no. 6

Slide description:

Security policy is a set of measures and active actions to manage and improve security systems and technologies, including information security. Legislative level Administrative level Procedural level Software and technical level

Slide no. 7

Slide description:

Organizational defense organization of regime and security. organization of work with employees (selection and placement of personnel, including familiarization with employees, their study, training in the rules of working with confidential information, familiarization with penalties for violating information security rules, etc.) organization of work with documents and documented information (development, use, accounting, execution, return, storage and destruction of documents and media of confidential information); organizing the use of technical means of collecting, processing, accumulating and storing confidential information; organizing work to analyze internal and external threats to confidential information and developing measures to ensure its protection; organizing work on carrying out systematic monitoring of the work of personnel with confidential information, the procedure for recording, storing and destroying documents and technical media.

Slide no. 8

Slide description:

Technical means information protection For perimeter protection information system are being created: security and fire alarm;digital video surveillance systems;access control and management systems (ACS).Protection of information from leakage technical channels communication is provided by the following means and measures: the use of shielded cables and the laying of wires and cables in shielded structures; the installation of high-frequency filters on communication lines; the construction of shielded rooms (“capsules”); the use of shielded equipment; installation active systems noise reduction; creation of controlled zones.

Slide no. 9

Slide description:

Hardware information security Special registers for storing security details: passwords, identification codes, stamps or security levels; Devices for measuring individual characteristics of a person (voice, fingerprints) for the purpose of his identification; Circuits for interrupting the transmission of information in a communication line for the purpose of periodically checking the data output address .Device for encrypting information (cryptographic methods).Systems uninterruptible power supply: Uninterruptible power supplies; Load backup; Voltage generators.

Slide no. 10

Slide description:

Information security software Tools for protecting against unauthorized access (AP): Authorization tools; Mandatory access control; Selective access control; Role-based access control; Journaling (also called Audit). Information flow analysis and modeling systems (CASE systems). Network monitoring systems: Intrusion detection and prevention systems (IDS/IPS). Confidential information leak prevention systems (DLP systems). Protocol analyzers. Anti-virus tools.

Slide no. 11

Slide description:

Information security software Firewalls. Cryptographic tools: Encryption; Digital signature. Systems Reserve copy.Authentication systems: Password; Access key (physical or electronic); Certificate; Biometrics. Tools for analyzing security systems: Monitoring software product.

Slide no. 12

Slide description:

TYPES OF ANTI-VIRUS PROGRAMS Detectors allow you to detect files infected with one of several known viruses. Some detector programs also perform heuristic analysis of files and system areas of disks, which often (but by no means always) allows them to detect new viruses unknown to the detector program. Filters are resident programs that notify the user of all attempts by any program to write to a disk, much less format it, as well as other suspicious actions. Doctor programs or phages not only find files infected with viruses, but also “treat” them, i.e. remove the body of the virus program from the file, returning the files to the initial state. Auditors remember information about the state of files and system areas of disks, and during subsequent starts, they compare their state to the original one. If any discrepancies are detected, the user is notified. Watchmen or filters are resident in random access memory computer and check startup files and inserted USB drives for viruses. Vaccine programs or immunizers modify programs and disks in such a way that this does not affect the operation of the programs, but the virus against which the vaccination is performed considers these programs or disks to be already infected.

Slide no. 13

Slide description:

Disadvantages of antivirus programs None of the existing antivirus technologies can provide full protection from viruses. The antivirus program takes away part of the system’s computing resources, loading CPU And HDD. This can be especially noticeable on weak computers. Antivirus programs can see a threat where there is none (false positives). Antivirus programs download updates from the Internet, thereby wasting traffic. Various encryption and packaging methods malware make even known viruses undetectable by antivirus software. Detecting these "disguised" viruses requires a powerful decompression engine that can decrypt files before scanning them. However, in many antivirus programs This feature is missing and, as a result, it is often impossible to detect encrypted viruses.

Slide description:

Slide no. 18

Slide description:

3) According to the operating algorithm, Residence Viruses with this property operate continuously while the computer is turned on. Self-encryption and polymorphism Polymorphic viruses change their code or the body of the program, making them difficult to detect. Stealth algorithm Stealth viruses “hide” in RAM and an antivirus program cannot detect them. Non-standard techniques Fundamentally new methods of influencing a computer with a virus.

Slide description:

Malicious programs A Trojan horse is a program that contains some destructive function that is activated when a certain trigger condition occurs. Usually such programs are disguised as some useful utilities. Types of destructive actions: Destruction of information. (The specific choice of objects and methods of destruction depends only on the imagination of the author of such a program and the capabilities of the OS. This function is common to Trojan horses and bookmarks). Interception and transmission of information. (passwords typed on the keyboard). Purposeful modification of a program. Worms are viruses that spread across global networks, affecting entire systems, and not individual programs. This is the most dangerous type of virus, since in this case information systems of a national scale become the objects of attack. With the advent of the global Internet, this type of security breach poses the greatest threat, because... any of the computers connected to this network can be exposed to it at any time. The main function of viruses of this type– hacking of the attacked system, i.e. overcoming protection to compromise security and integrity.

Slide no. 21

Slide description:

identification is calling oneself a person to the system; authentication is the establishment of a person's correspondence to the identifier he named; authorization - providing this person with opportunities in accordance with the rights assigned to him or checking the availability of rights when trying to perform any action

SECURITY Security of an information system is a property that consists in the ability of the system to provide it normal functioning, that is, to ensure the integrity and secrecy of information. To ensure the integrity and confidentiality of information, it is necessary to protect information from accidental destruction or unauthorized access to it.

THREATS There are many possible directions for information leakage and ways of unauthorized access to it in systems and networks: interception of information; modification of information (the original message or document is changed or replaced by another and sent to the addressee); substitution of information authorship (someone may send a letter or document on your behalf); exploitation of deficiencies in operating systems and application software; copying storage media and files bypassing security measures; illegal connection to equipment and communication lines; masquerading as a registered user and appropriating his powers; introduction of new users; implementation computer viruses and so on.

PROTECTION The means of protecting IP information from the actions of subjects include: means of protecting information from unauthorized access; information protection in computer networks; cryptographic information protection; electronic digital signature; protecting information from computer viruses.

UNAUTHORIZED ACCESS Gaining access to information system resources involves performing three procedures: identification, authentication and authorization. Identification - assigning unique names and codes (identifiers) to the user (object or subject of resources). Authentication - establishing the identity of the user who provided the identifier or verifying that the person or device providing the identifier is actually who it claims to be. The most common method of authentication is to assign the user a password and store it on the computer. Authorization is a check of authority or verification of a user's right to access specific resources and perform certain operations on them. Authorization is carried out to differentiate access rights to network and computer resources.

COMPUTER NETWORKS Local enterprise networks are very often connected to the Internet. To protect local networks of companies, as a rule, firewalls are used. A firewall is a means of access control that allows you to divide the network into two parts (the border runs between local network and the Internet) and create a set of rules that determine the conditions for the passage of packets from one part to another. Screens can be implemented either in hardware or software.

CRYPTOGRAPHY To ensure the secrecy of information, encryption or cryptography is used. Encryption uses an algorithm or device that implements a specific algorithm. Encryption is controlled using a changing key code. Encrypted information can only be retrieved using a key. Cryptography is very effective method, which increases the security of data transmission on computer networks and when exchanging information between remote computers.

ELECTRONIC DIGITAL SIGNATURE To exclude the possibility of modification of the original message or substitution of this message for others, it is necessary to transmit the message along with electronic signature. An electronic digital signature is a sequence of characters obtained as a result of cryptographic transformation of the original message using a private key and allowing one to determine the integrity of the message and its authorship using a public key. In other words, a message encrypted using a private key is called an electronic digital signature. The sender transmits the unencrypted message in its original form along with a digital signature. The recipient uses the public key to decrypt the message's character set from the digital signature and compares it with the unencrypted message's character set. If the characters completely match, we can say that the received message has not been modified and belongs to its author.

ANTI-VIRUSES A computer virus is a small malicious program that can independently create copies of itself and inject them into programs ( executable files), documents, boot sectors of storage media and distributed over communication channels. Depending on the environment, the main types of computer viruses are: Software viruses (attack files with the extension .COM and .EXE) Boot viruses. Macroviruses. Network viruses. Removable media and telecommunication systems can be sources of virus infection. The most effective and popular anti-virus programs include: Kaspersky Anti-Virus 7.0, AVAST, Norton AntiVirus and many others.

SITES USED informacii-v-komp-yuternyh-setyah.html informacii-v-komp-yuternyh-setyah.html html ht ml ht ml

1. Information environment. 2. Security models. 3. Spheres software protection. 4. Organizational system of protected objects. 5. Network protection tools. 6. Create firewalls in corporate networks TABLE OF CONTENTS

The information sphere (environment) is a field of activity associated with the creation, distribution, transformation and consumption of information. Any information security system has its own characteristics and at the same time must meet general requirements. General requirements to the information security system are the following: 1. The information security system must be presented as a whole. The integrity of the system will be expressed in the presence of a single goal for its functioning, information connections between its elements, and the hierarchy of the construction of the subsystem for managing the information security system. 2. The information security system must ensure the security of information, media and the protection of the interests of participants in information relations.

3. The information security system as a whole, methods and means of protection should be as “transparent” as possible for the user, not create large additional inconveniences associated with access procedures to information and at the same time be insurmountable to unauthorized access by an attacker to the protected information. 4. The information security system must provide information connections within the system between its elements for their coordinated functioning and communication with the external environment, before which the system manifests its integrity and acts as a single whole.

A model of three categories is often cited as a standard security model: · Confidentiality - a state of information in which access to it is carried out only by subjects who have the right to it; · Integrity - avoidance of unauthorized modification of information; · Availability - avoiding temporary or permanent concealment of information from users who have received access rights. There are also other not always mandatory categories of the security model: · non-repudiation or appealability - the impossibility of renouncing authorship; · accountability - ensuring identification of the subject of access and registration of his actions; · reliability - the property of compliance with the intended behavior or result; · authenticity or authenticity - a property that guarantees that the subject or resource is identical to that declared.

According to Kaspersky Lab experts, the task of ensuring information security must be solved systematically. This means that various protections (hardware, software, physical, organizational, etc.) must be applied simultaneously and under centralized control. In this case, the system components must “know” about the existence of a friend, interact and provide protection from both external and internal threats. Today, there is a large arsenal of methods for ensuring information security: · means of identification and authentication of users (the so-called 3 A complex); · means of encrypting information stored on computers and transmitted over networks; · firewalls; · virtual private networks; · content filtering tools; · tools for checking the integrity of disk contents; · antivirus protection tools; · network vulnerability detection systems and network attack analyzers.

Software and hardware methods and means of ensuring information security. The literature offers the following classification of information security tools. [Means of protection against unauthorized access: Means of authorization; Mandatory access control; Selective access control; Role-based access control; Logging (also called Auditing). Systems for analysis and modeling of information flows (CASE systems). Network monitoring systems: Intrusion detection and prevention systems (IDS/IPS). Confidential information leak prevention systems (DLP systems).

Protocol analyzers Anti-virus tools Firewalls Cryptographic tools: Encryption Digital signature. Backup systems Uninterruptible power systems: Uninterruptible power supplies; Load backup; Voltage generators. Authentication systems: Password; Access key (physical or electronic); Certificate; Biometrics. Means to prevent case break-ins and equipment theft. Access control equipment for premises. Tools for analyzing security systems: Antivirus.

Organizational protection of informatization objects Organizational protection is the regulation of production activities and relationships between performers on a legal basis that excludes or significantly complicates the unlawful acquisition of confidential information and the manifestation of internal and external threats. Organizational protection provides: organization of security, regime, work with personnel, with documents; the use of technical security means and information and analytical activities to identify internal and external threats to business activity.

Network protection tools for LAN. Classification of firewalls It is customary to distinguish the following classes of protective firewalls: filtering routers; session level gateways; application level gateways. Filtering routers Filter incoming and outgoing packets using data contained in TCP and IP headers. To select IP packets, groups of packet header fields are used: sender IP address; Recipient IP address; sender port; recipient port.

Individual routers control the network interface of the router from which the packet came. This data is used for more detailed filtering. The latter can be performed different ways, interrupting connections to certain ports or PCs. Filtering rules for routers are difficult to create. There is no way to check for correctness other than slow and labor-intensive manual testing. Also, the disadvantages of filtering routers include cases where: the internal network is visible from the Internet; complex routing rules require excellent knowledge of TCP and UDP; in case of burglary firewall All computers on the network become defenseless or inaccessible. But filtering routers also have a number of advantages: low cost; flexible definition of filtering rules; low latency when working with packets

Creating firewalls in corporate networks If you need to establish a reliable corporate or local network, you need to solve the following problems: protecting the network from unauthorized remote access using the global Internet; protecting network configuration data from global network visitors; separation of access to a corporate or local network from a global one and vice versa. To ensure the security of the protected network, various schemes for creating firewalls are used: A firewall in the form of a filtering router is the simplest and most common option. The router sits between the network and the Internet. For protection, data from the analysis of addresses and ports of incoming and outgoing packets is used.

A firewall using a two-port gateway is a host with two network interfaces. The main filtering for data exchange is carried out between these ports. A filter router can be installed to increase security. In this case, an internal shielded network is formed between the gateway and the router, which can be used to install an information server. A firewall with a shielded gateway provides high management flexibility, but an insufficient degree of security. Distinguished by the presence of only one network interface. Packet filtering is performed in several ways: when an internal host allows access to global network only for selected services, when all connections from internal hosts are blocked. Firewall with a shielded subnet - two shielding routers are used to create it. The external one is installed between the shielded subnet and the Internet, the internal one is installed between the shielded subnet and the internal protected network. A good option for security with significant traffic and high speed.

SECURITY The security of an information system is a property that consists in the ability of the system to ensure its normal functioning, that is, to ensure the integrity and secrecy of information. To ensure the integrity and confidentiality of information, it is necessary to protect information from accidental destruction or unauthorized access to it.

PROTECTION The means of protecting IP information from the actions of subjects include: means of protecting information from unauthorized access; protection of information in computer networks; cryptographic information protection; electronic digital signature; protecting information from computer viruses.

COMPUTER NETWORKS Local enterprise networks are very often connected to the Internet. To protect local networks of companies, as a rule, firewalls are used. A firewall is a means of access control that allows you to divide a network into two parts (the border runs between the local network and the Internet) and create a set of rules that determine the conditions for the passage of packets from one part to the other. Screens can be implemented either in hardware or software.

CRYPTOGRAPHY To ensure the secrecy of information, encryption or cryptography is used. Encryption uses an algorithm or device that implements a specific algorithm. Encryption is controlled using a changing key code. Encrypted information can only be retrieved using a key. Cryptography is a very effective method that increases the security of data transmission on computer networks and when exchanging information between remote computers.

ELECTRONIC DIGITAL SIGNATURE To exclude the possibility of modification of the original message or substitution of this message for others, it is necessary to transmit the message along with an electronic signature. An electronic digital signature is a sequence of characters obtained as a result of cryptographic transformation of the original message using a private key and allowing one to determine the integrity of the message and its authorship using a public key. In other words, a message encrypted using a private key is called an electronic digital signature. The sender transmits the unencrypted message in its original form along with a digital signature. The recipient uses the public key to decrypt the message's character set from the digital signature and compares it with the unencrypted message's character set. If the characters completely match, we can say that the received message has not been modified and belongs to its author.

ANTI-VIRUSES A computer virus is a small malicious program that can independently create copies of itself and inject them into programs (executable files), documents, boot sectors of storage media and spread over communication channels. Depending on the environment, the main types of computer viruses are: Software viruses (attack files with the extension .COM and .EXE) Boot viruses. Macroviruses. Network viruses. Removable media and telecommunication systems can be sources of virus infection. The most effective and popular anti-virus programs include: Kaspersky Anti-Virus 7.0, AVAST, Norton AntiVirus and many others.

SITES USED informacii-v-komp-yuternyh-setyah.html informacii-v-komp-yuternyh-setyah.html html ht ml ht ml

1 slide

Modern methods and means of protecting information Completed by: student of group T3-09 Apetov Alexander 2012

2 slide

Information security is a set of organizational, technical and technological measures to protect information from unauthorized access, destruction, modification, disclosure and delays in access.

3 slide

Information security provides a guarantee that the following goals are achieved: confidentiality of information (the property of information resources, including information, related to the fact that they will not become accessible and will not be disclosed to unauthorized persons); integrity of information and related processes (constancy of information during its transmission or storage); availability of information when it is needed (a property of information resources, including information, that determines the possibility of their receipt and use at the request of authorized persons); accounting of all processes related to information.

4 slide

Ensuring information security consists of three components: Confidentiality, Integrity, Availability. The points of application of the information security process to the information system are: hardware, software, communications. The protection procedures (mechanisms) themselves are divided into physical level protection, personnel protection and organizational level. Providing communications Hardware Software

5 slide

A security threat to a computer system is a potential occurrence (whether intentional or not) that could have an undesirable impact on the system itself as well as the information stored on it. A threat analysis conducted by the National Computer Security Association in the United States revealed the following statistics:

6 slide

7 slide

Security policy is a set of measures and active actions to manage and improve security systems and technologies.

8 slide

Organizational protection; organization of regime and security. organization of work with employees (selection and placement of personnel, including familiarization with employees, their study, training in the rules of working with confidential information, familiarization with penalties for violating information security rules, etc.) organization of work with documents and documented information (development, use, accounting, execution, return, storage and destruction of documents and media of confidential information) organization of the use of technical means of collecting, processing, accumulating and storing confidential information; organization of work to analyze internal and external threats to confidential information and develop measures to ensure its protection; organization of work to carry out systematic monitoring of personnel’s work with confidential information, the procedure for recording, storing and destroying documents and technical media.

Slide 9

Technical means of information security To protect the perimeter of the information system, the following are created: security and fire alarm systems; digital video surveillance systems; access control and management systems (ACS). Protection of information from leakage by technical communication channels is ensured by the following means and measures: the use of shielded cable and the laying of wires and cables in shielded structures; installation of high-frequency filters on communication lines; construction of shielded rooms (“capsules”); use of shielded equipment; installation of active noise systems; creation of controlled zones.

10 slide

Hardware information security Special registers for storing security details: passwords, identification codes, classifications or security levels; Devices for measuring individual characteristics of a person (voice, fingerprints) for the purpose of identification; Circuits for interrupting the transmission of information in a communication line for the purpose of periodically checking the data output address. Devices for encrypting information (cryptographic methods). Uninterruptible power systems: Uninterruptible power supplies; Load backup; Voltage generators.

11 slide

Software tools for information security Tools for protecting against unauthorized access (NSD): Authorization tools; Mandatory access control; Selective access control; Role-based access control; Logging (also called Auditing). Systems for analysis and modeling of information flows (CASE systems). Network monitoring systems: Intrusion detection and prevention systems (IDS/IPS). Confidential information leak prevention systems (DLP systems). Protocol analyzers. Antivirus products.

12 slide

Information security software Firewalls. Cryptographic means: Encryption; Digital signature. Backup systems. Authentication systems: Password; Access key (physical or electronic); Certificate; Biometrics. Security systems analysis tools: Monitoring software product.

Slide 13

TYPES OF ANTI-VIRUS PROGRAMS Detectors allow you to detect files infected with one of several known viruses. Some detector programs also perform heuristic analysis of files and system areas of disks, which often (but by no means always) allows them to detect new viruses unknown to the detector program. Filters are resident programs that notify the user of all attempts by any program to write to a disk, much less format it, as well as other suspicious actions. Doctor programs or phages not only find files infected with viruses, but also “treat” them, i.e. remove the body of the virus program from the file, returning the files to their original state. Auditors remember information about the state of files and system areas of disks, and during subsequent starts, they compare their state to the original one. If any discrepancies are detected, the user is notified. Guards or filters are located resident in the computer's RAM and check launched files and inserted USB drives for viruses. Vaccine programs or immunizers modify programs and disks in such a way that this does not affect the operation of the programs, but the virus against which the vaccination is performed considers these programs or disks to be already infected.

Slide 14

Disadvantages of antivirus programs None of the existing antivirus technologies can provide complete protection against viruses. The antivirus program takes up part of the system's computing resources, loading the central processor and hard drive. This can be especially noticeable on weak computers. Antivirus programs can see a threat where there is none (false positives). Antivirus programs download updates from the Internet, thereby wasting bandwidth. Various encryption and malware packaging techniques make even known viruses undetectable by antivirus software. Detecting these "disguised" viruses requires a powerful decompression engine that can decrypt files before scanning them. However, many antivirus programs do not have this feature and, as a result, it is often impossible to detect encrypted viruses.

15 slide

The concept of a computer virus A computer virus is special program, causing deliberate harm to the computer on which it is executed, or to other computers on the network. The main function of the virus is its reproduction.