Scientific articles on information security. The Essence of Information Security - International Journal

Bashkir State Agrarian University

Annotation:

This article is about the development information technologies and relevance of quality assurance information security in modern world. The article deals with the problems of information protection in computer networks and ways to solve them.

This article focuses on the development of information technologies and the relevance of qualitative information security in today's world. The article deals with the problems of information security in computer networks and solutions.

Keywords:

information; data protection; safety

information; data protection; security

UDC 004.056.57

Modern life is completely tied to the use of information technology. Computers help people make purchases, pay bills, perform transactions, conduct research, operate power plants and spacecraft. Each of us has a computer or laptop at home. We use smartphones, etc. In addition to civilian use, computers help in the defense and security of the state. And this text was also typed on a computer.

But every medal has two sides, and in this case the second side is that it is precisely the highest degree of automation that modern society, makes it dependent on the level of security of the information technologies used. The well-being and life of people depends on them. The massive use of computer systems, which made it possible to solve the problem of automating the processing of constantly growing volumes of information, made these processes extremely vulnerable to aggressive influences and confronted consumers with information technologies. new problem, is the problem of information security.

Find examples that can confirm topicality given problems can be found in countless numbers on the Internet. For example, these are hacking the websites of special services and various ministries, hacking the accounts of public people, theft Money from accounts, theft of confidential information. There are many different virus programs. In Russia, more than 60% of all software used is "pirated". Home users very rarely buy expensive operating systems for their personal computers, preferring to download them on torrents.

Every hack, every virus, every failure is a loss for the attacked companies. Losses can run into hundreds of millions of dollars. Plus reputation loss. But often the causes of failures or virus attacks are not mythical evil hackers, but their own employees. Accidental or intentional errors, negligence - all these problems are also the area of ​​information security interests.

The current situation in the field of information technology security once again confirms the well-known unpleasant feature technical progress to generate in the course of solving some problems new, sometimes even more complex.

All of the above clearly emphasize the relevance of secure information processing. The need to build quality systems information security is major problem modern society.

In general, in information technology, the concept of security implies the preservation of three main characteristics of information - availability, integrity, confidentiality. This is the so-called classical information security triad. To save each of the characteristics of information requires its own approach, its own decision. This creates new problems, as a balance must be struck. For example, if you burn secret documents, then the confidentiality of the information contained in them will be one hundred percent. But both accessibility and integrity clearly suffer.

Of course, in many countries information security in organizations is regulated by the state. But in order to fulfill all the laws, it is necessary to understand exactly how to fulfill them and to what extent. Therefore, all the problems of information security cannot be solved by simply reading the next normative act.

One of the problems of information security, which is quite acute for various organizations, is the protection of confidential information located in computer systems, from unauthorized access. Information protection in computer systems has a number of specific features related to the fact that information is not rigidly associated with the media, can be easily and quickly copied and transmitted over communication channels. Known very big number threats to information that can be implemented both by external violators and internal violators.

In the process of transmitting information over computer networks, there may be the following problems with its security:

Information theft - the integrity of information is preserved, but its confidentiality is violated;

Modification of information - the transmitted information is changed in some way, and the addressee may receive a completely different message. That is, there is a violation of the integrity of information;

Information blocking - for example, during a DDoS attack on a website on the Internet. There is a violation of the availability of information;

And these are just some of the information security threats that need to be addressed.

Cryptography is one of the most effective methods information protection. Modern algorithms Encryptions are so powerful that it takes millions of years to break them. At the same time, they practically do not affect the performance of the automated system. Cryptographic data transformations are the most effective tool ensuring data confidentiality. To check the integrity and authenticity transmitted information You can use an electronic signature. Besides electronic signature It is convenient in that it can replace a real signature in the modern workflow of an organization.

To protect information, they also use a method such as access control. Different users are assigned different rights to access protected information, depending on the range of tasks performed by them. For example, rights system administrator should definitely not be given to all employees of the organization. One of them is sure to destroy everything, knowingly or accidentally.

Pay attention to protecting the network from unauthorized access. For this, firewalls are used. Usually they are installed on the border of the local network of the enterprise and the Internet. In this case, it is generally recommended to set two firewalls. One at the edge of the Internet and own network, and the second - between its own network and the network segment where confidential information circulates.

The above list of information security methods is far from complete. There is also the designation of a controlled zone, engineering and technical security of the premises where confidential information is processed, access restriction to this premises, etc. There is no one solution, no panacea for all ills. Only the use of a wide range of information security methods can provide reliable protection against various threats.

It should be remembered that high degree protection can lead to poor network performance. If you surround the building with several fences and checkpoints, then by the time employees reach their workplaces, it will be time to go home. It is necessary to maintain a balance in the very triad of information security. You cannot completely sacrifice one for the sake of it.

Bibliographic list:

1. Blinov A.M. Information security - St. Petersburg: SPbGUEF, 2010 - 96 p.
2. Petrenko S.A., Kurbatov V.A. Company security policies when working on the Internet - M .: DMK-Press, 2011 - 396 p.

Reviews:

06/18/2015, 20:15 Gruzdeva Lyudmila Mikhailovna
Review: In my opinion, the article contains common truths. I do not recommend the article for publication.

06/20/2015, 21:12 Kamenev Alexander Yurievich
Review: There is no novelty (neither scientific nor technical). The article also clearly does not pull on "analysis". Agree with the previous reviewer. Not recommended for printing.

2.07.2015, 9:23 Kuzmenko Igor Nikolaevich
Review: One gets the impression that this is not a scientific work of the author, but an abstract. Rising scientists, I ask you, write not what you know from textbooks, but what no one has raised before you. Ask questions, put them in a way that no one has asked before you, and everything will work out for you. Good luck! As it stands now, this is not an article. I do not recommend publishing!

The collection, processing, storage and use of personal data is carried out in many areas of activity of society and the state. For example, in the financial and tax spheres, in pension, social and medical insurance, in operational and search activities, labor and other areas of public life.

In various fields of activity, personal data are often understood as mismatched sets of information. Definitions of personal data are contained in various federal laws, and the amount of information is defined in them in different ways.

With the development of information technology, the protection of commercial information is becoming increasingly important, allowing the company to maintain the competitiveness of its products, organize work with partners and customers, and reduce the risk of sanctions from regulators.

It is possible to protect the company's commercial secret and bring those responsible for disclosure to justice by introducing a trade secret regime, i.e. by taking legal, organizational and technical measures to protect the confidentiality of information.

To date virus attacks still occur with alarming frequency. The most effective attacks are carried out using files opened by common applications. For example, malicious code may be contained in Microsoft files Word or PDF documents. Such an attack is called an exploit and is not always detected by a regular antivirus.

Palo Alto Networks Traps provides advanced workstation protection against targeted malicious attacks, prevents exploitation of operating system and application vulnerabilities.

Recommendations for information protection when working in RB systems

AT recent times cases of fraudulent activities in remote control systems have become more frequent banking services(RBS) aimed at stealing the secret keys of users and funds of organizations. In this article, we reviewed the practical measures needed to reduce the likelihood of theft of funds and provided recommendations for responding to possible fraudulent activities.

Since the 2000s, cyber threats have become relevant for everyone, from the largest government information systems to the computers of ordinary citizens. A cyberthreat is an illegal intrusion or threat of malicious intrusion into the virtual space to achieve political, social or other goals.

Cyber ​​wars between countries

The largest cyber conflicts unfold between states with the most computing and intellectual resources for cyber warfare. Information about electronic non-aggression agreements, as well as confrontation in virtual space between countries, highlighted in a separate article:

Natural Threats: A company's information security can be affected by a variety of external factors: the cause of data loss may be improper storage, theft of computers and media, force majeure and other circumstances.

The main problems of data protection in information systems

The ultimate goal of implementing security measures

Improving the consumer properties of the protected service, namely:

• Ease of use of the service
• Security when using the service

• In relation to remote banking systems, this means the safety of money
• In relation to systems of electronic interaction, this means control over the rights to the object and the safety of resources
• Loss of any security property means loss of trust in the security service

What undermines trust in security services?

At the household level

• Information about the theft of money and property, often exaggerated
• Intimidation of people by incomprehensible, and therefore uncontrollable threats (cyber attacks, hackers, viruses, etc.)
• Poor performance of the provided service (failures, errors, inaccurate information, loss of information)
• Insufficiently strong identity authentication
• Fraud facts that people face or have heard about

At the legal level

• Loss of data authenticity
• Loss of legitimacy of the security service on a formal basis (expiration of the certificate, certificate for an object, license for a type of activity, end of support)
• Malfunctions in the work of ACS-CUD, violation of confidentiality
• Weak level of trust in the authentication service
• Failures and shortcomings in the operation of protection systems, making it possible to challenge the legitimacy of transactions

Building any computer network begins with the installation of workstations, therefore, the information security subsystem begins with the protection of these objects.

Here are possible:

• means of protecting the operating system;
• additional devices user authentication;
• means of protecting workstations from unauthorized access;
• application level encryption tools.

On the basis of the listed information security tools, the first level of information security subsystems is built in automated systems. At the second stage of system development, individual workstations are combined into local networks, dedicated servers are installed, and access from the local network to the Internet is organized.

On the this stage information protection means of the second level are used - the level of protection of the local network:

• security tools for network operating systems;
• means of differentiating access to shared resources;
• means of protecting the local network domain;
• user authentication server;
• firewall proxy servers;
• tools for detecting attacks and vulnerabilities protecting the local network.

When combined local networks to a common intranet using public networks (including the Internet) as a communication medium, the security of information exchange is ensured by the use of VPN technology, which forms the basis of the third level of information security.

Physical ways to ensure information security

Physical protection measures- these are various kinds of mechanical, electro- and electronic-mechanical devices and structures, specially designed to create physical obstacles on the possible ways penetration and access of potential intruders to components information system and protected information. To the list physical ways information security includes:

• organization of access control;
• organization of accounting, storage, use and destruction of documents and media with confidential information;
• distribution of access control details;
• organization of hidden control over the activities of users and maintenance personnel of the information system;
• activities carried out in the design, development, repair and modification of hardware and software.

When physical and technical means are not available, administrative information security measures are applied. The experience of functioning of organizations with a complex organization of the information system has shown that best results in achieving information security are achieved using a systematic approach.

Why in SMBs the risks in the field of information security are high

Many small business leaders underestimate the importance of information security, believing that small companies are not as interesting to hackers as large ones. It's a delusion. Small business is just very attractive to Internet scammers. First of all, the fact that he is not too concerned about information security.

Not every small business in the state has an information technology specialist, but illegal software, "left" antivirus. Data can be stored in public folders, the keys to the remote banking system (RBS) - in the manager's desk drawer. Increases the risk of leakage of corporate information and the use of smartphones and tablets in the work.

As the analysis of emerging incidents shows, attackers, as a rule, do not hunt for any particular company, “setting” viruses on everyone who comes to hand.

“And those who are less protected or not protected at all become the first “victims” of hackers who, penetrating into information network companies, kidnap secret keys, transaction or customer data,” notes Oleg Ilyukhin, director of the information technology department at SDM-Bank.

Safety regulations

There are several mandatory information security rules that you simply need to follow (2014).

Virus and Spam Shield

Shield for viruses and spam. The biggest threat to a company's security, according to experts, is malware. As of August 2014, about 200 thousand of its new samples appear daily. According to information security market participants, in 2013 95% Russian companies been subjected to at least once hacker attack. An equally serious threat is leakage as a result of an unsecured exchange corporate information through mobile devices employees.

In order to prevent the occurrence of these threats, it is necessary to abandon the "left" software, install a firewall and a modern antivirus, and update it regularly.

Everyone at least once heard heartbreaking phrases about the need to support quality level information security. These horror stories about break-ins filled with screams and desperation. Nightmarish consequences discussed on almost every site ... Therefore, right now you have to fill the computer with security tools to capacity, as well as cut the wires ... There are a lot of security tips, but for some reason they are of no use it doesn't work out very much. In many ways, the reason lies in the lack of understanding of such simple things as "what we protect", "from whom we protect" and "what we want to get as a result". But, first things first.

Information Security this term means various measures, state of preservation, technologies, etc., but everything is much simpler. And therefore, first answer yourself the question, how many people from your environment have at least read the definition of this concept, and do not just mean comparing words with their meanings? Most people associate security with antiviruses, firewalls, and other security software. Of course, these tools allow you to protect your computer from threats and increase the level of system protection, but few people realize what these programs actually do.

When thinking about information security, you should first of all start with the following questions.:

• Object of protection- you need to understand what exactly you want to protect. These are personal data stored on the computer (so that other people do not get it), this is the performance of the computer (so that viruses and trojans do not bring the system to the level of the first pentium), this is network activity (so that programs greedy for the Internet do not send statistics about you every half hour) , is the availability of the computer (to blue screens death did not flood the system), it is ...
• Desired level of security. A fully protected computer is a computer that does not exist. No matter how hard you try, there will always be a chance that your computer will be hacked. Keep in mind and always remember that there is such a direction as social engineering(get passwords from trash cans, eavesdropping, peeping, etc.). However, this is not a reason to leave the system unprotected. For example, protecting a computer from most known viruses is a completely feasible task, which, in fact, every ordinary user performs by installing one of the popular antiviruses on his computer.
• Permissible level of consequences. If you understand that your computer can be hacked, for example, by a hacker who is simply interested in you (it so happened that an attacker liked your IP address), then you should think about acceptable level consequences. The system broke down - unpleasant, but not scary, because you have a recovery disk at hand. Your computer constantly visits spicy sites - pleasant and unpleasant, but tolerable and fixable. But, for example, if your personal photos got on the Internet, which no one should know about (a serious blow to reputation), then this is already a significant level of consequences and it is necessary to take preventive measures (exaggerating, take an old computer without the Internet and look at the pictures only On him).
• What do you want to get as an output? This question involves a lot of things - how many unnecessary actions you have to perform, what you have to sacrifice, how protection should affect performance, whether it should be possible to add programs to exclusion lists, how many messages and alarms should appear on the screen (and whether they should appear at all) , as well as much more. Today there are a lot of security tools, but each of them has its pros and cons. For example, the same Windows UAC in operating system Vista was not made in a very successful way, but already in Windows 7 it was brought to the point where the protection tool became relatively convenient to use.

Having answered all these questions, it will become much easier for you to understand how you are going to organize the protection of information on your computer. Of course, this is not the whole list of questions, however, a sufficient part ordinary users are not set even by one of them.

Installing and configuring security tools on a computer is only part of the steps taken. By opening suspicious links and confirming all the actions of no less suspicious applications, you can easily nullify all the efforts of protection programs. For this reason, it is also always worth thinking about your actions. For example, if your task is to protect the browser, but you can’t avoid opening suspicious links in any way (for example, due to specifics), then you can always install additional browser, used solely to open suspicious links, or a short link checker extension . In this case, if any of them turns out to be phishing (theft of data, access, etc.), then the attacker will achieve little.

The problem of determining a set of actions to protect information usually lies in the lack of answers to the questions from the previous paragraph. For example, if you don’t know or don’t understand what exactly you want to protect, then come up with or find some additional measures security will always be difficult (except for such commonplace ones as not opening suspicious links, not visiting dubious resources, and others). Let's try to consider the situation on the example of the task of protecting personal data, which is most often put at the head of protected objects.

Protection of personal information this is one of the toughest challenges people face. With the rapid growth in the number and content social networks, information services and specialized online resources, it would be a huge mistake to think that protecting your personal data is about providing a reliable level of security for your computer. Not so long ago, it was almost impossible to find out anything about a person living hundreds of kilometers away from you, or even in a neighboring house, without having the appropriate connections. Today, almost everyone can learn quite a lot personal information about each in just a couple of hours of clicking the mouse in the browser, or even faster. At the same time, all his actions can be absolutely legal, but you yourself have placed information about yourself in public access.

Everyone has met with an echo of this effect. Have you heard that the test word on Security Question should not be connected with you and others? And this is only a small part. As much as it may surprise you, but in many ways protection personal information depends only on you. No security tool, even if it does not allow anyone other than you to access the computer, can protect information transmitted outside the computer (conversations, the Internet, recordings, etc.). You left your mail somewhere - expect an increase in spam. You left pictures hugging a teddy bear on third party resources, wait for the appropriate humorous "crafts" from bored authors.

If a little more seriously, then the huge openness of the Internet data and your frivolity / openness / windiness, with all security measures, can nullify the latter. For this reason, it is necessary to take care of the choice of information security methods and include in them not only technical means but also activities covering other aspects of life.

Note: Of course, you should not assume that the underground bunker is the best place in life. However, understanding that the protection of personal data depends on you will give you great advantage in front of attackers.

Information security methods often equated with technical solutions, ignoring such a huge reservoir for potential threats as the actions of the person himself. You can give the user the ability to run just one program and be doing the cleanup in just five minutes, if that's even possible. One message in the forum about the information heard can break the most perfect protection (exaggerating, about the prevention of protection nodes, in other words, the temporary lack of protection).

To decide on data protection methods, you need to not only look for suitable security tools, lazily clicking the mouse in the browser window, but also think about how information can spread and what it can concern. No matter how it sounds, but for this you need to pick up paper and pencil, and then consider everything possible ways dissemination of information and what it can be associated with. For example, let's take the task of keeping a password as secret as possible.

Situation. you came up with complex password, which is not connected with you in any way, fully complies with the most stringent security requirements, did not leave a single mention anywhere (such aspects as leftovers in computer memory, on disk and other points are not taken into account), do not use password managers, enter the password only with one computer, using a secure keyboard, use a VPN to connect, boot the computer only from LiveCD. In one phrase, a real paranoid and security fanatic. However, this may not be enough to protect the password.

Here are some simple possible situations that clearly demonstrate the need for a broad view of information security methods:

• What will you do if you need to enter a password when there are other people in the room, even "the best"? You can never guarantee that they won't randomly mention indirect password information. For example, sitting in a pleasant environment in a diner, the phrase "he has such long password, as many as a dozen and a bunch different characters", which quite well narrows the area of ​​password guessing for an attacker.
• What will you do if this happens and you need another person to perform the operation for you? The password can accidentally be heard by another person. If you dictate a password to a person who is poorly versed in computers, then it is likely that he will write it down somewhere, it will not be justified to demand your fanaticism from him.
• What will you do if this happens and someone finds out about the way you come up with passwords? Such information also narrows down the selection area quite well.
• How can you protect the password if one of the sites that provides secure transmission of the password has been hacked by an attacker? For example, it was hacked VPN server through which you access the Internet.
• Would your password make sense if the system you were using was hacked?
• And others

Of course, this does not mean the need for a stubborn and persistent search for many months of information protection methods. The point is that even the most complex systems can be broken by simple human flaws, consideration of which has been abandoned. Therefore, while arranging the security of your computer, try to pay attention not only technical side question, but also to the world around you.