Android. Operating system. Multimedia. Social media. Tools. Codecs. Graphics
You are here: » »

Determining the necessary information security measures. Information security tools

Technical (hardware) means are devices of various types (mechanical, electromechanical, electronic) that solve information security problems with hardware. Technical measures are based on the use of the following means and systems: security and fire alarms, access control and management, video surveillance and protection of facility perimeters, information security, monitoring the state of the environment and technological equipment, security systems, movement of people, transport and cargo, time recording personnel and the time of presence of various visitors at the sites. Technical means either prevent physical penetration, or, if penetration does occur, access to information, including through its masking. The first part of the problem is solved by locks, bars on windows, and security alarms. The second is noise generators, network filters, scanning radios and many other devices that “block” potential channels of information leakage or allow them to be detected. The advantages of technical means are associated with their reliability, independence from subjective factors, and high resistance to modification. Weaknesses– insufficient flexibility, relatively large volume and weight, high cost.

To date, a significant number of hardware devices have been developed

means for various purposes, but the most widely used are the following:

· special registers for storing security details: passwords, identification codes, stamps or security levels;

· sources uninterruptible power supply to temporarily support the operation of computers and devices during emergency shutdown voltage. Examples include: Liebert NX (10–1200 kVA), Liebert Hinet (10–30 kVA), Liebert UPStation GXT2;

· measuring devices individual characteristics a person (voice, fingerprints) for the purpose of his identification;

· circuits for interrupting the transmission of information in the communication line for the purpose of periodically checking the data output address;

· network noise suppression filters. For example: line filter type FR 102 from Schaffner, filter type 60-SPL-030-3-3 from Spectrum Control Inc.

The use of technical means of information security allows you to solve the following problems:

· Conducting special studies of technical means for the presence of possible channels of information leakage;

· identification of information leakage channels at different objects and premises;

· localization of information leakage channels;

· search and detection of industrial espionage means;

· countering unauthorized access to sources of confidential information and other actions.


According to their functional purpose, technical means can be classified into:

· detection means;

· search and detailed measurement tools;

· means of active and passive counteraction.

At the same time, in their own way technical capabilities information security measures can be general purpose, designed for use by non-professionals to obtain preliminary (general) assessments, and professional complexes that allow for thorough search, detection and precision measurements of all characteristics of industrial espionage means.

The use of engineering structures and security is the most ancient method of protecting people and material assets. The main task of technical means of protection is to prevent (prevent) direct contact of an attacker or the forces of nature with the objects of protection.

Information carriers in the form of electromagnetic and acoustic fields, electric current do not have clear boundaries and information hiding methods can be used to protect such information. These methods involve such changes in the structure and energy of the media in which an attacker cannot directly or using technical means extract information with a quality sufficient to use it in his own interests.

In general, the protection of information by technical means is ensured in the following ways: the source and carrier of information are localized within the boundaries of the protected object and a mechanical barrier is provided against contact with them by an attacker or the remote influence of the fields of his technical means on them.

Whether you are an entrepreneur-businessman, a public sector employee, a politician or just a private individual, you should be interested in knowing how to protect yourself from leakage of confidential information, what means to use for this, and how to identify channels for leakage of this information.

To create a system to protect an object from information leakage via technical channels it is necessary to carry out a number of activities. First of all, it is necessary to analyze the specific features of the location of buildings, premises in buildings, the area around them and the supplied communications. Then it is necessary to identify those premises within which confidential information circulates and take into account the technical means used in them. Next, the following technical measures should be carried out:
- check the equipment used to ensure that the magnitude of spurious emissions corresponds to permissible levels;
- shield the premises with equipment or this equipment in the premises;
- reinstall individual circuits, lines, cables;
- use special devices and means of passive and active protection.

It is important to emphasize that for every method of obtaining information through technical channels of leakage, there is a countermeasure, often more than one, that can reduce the threat to a minimum. In this case, success depends on two factors: - on your competence in matters of information protection (or on the competence of those persons entrusted with this matter) and on the availability of equipment necessary for protective measures. First factor more important than the second, since the most advanced equipment will remain dead weight in the hands of an amateur.

In what cases is it advisable to implement measures to protect against technical penetration? First of all, such work must be carried out preventively, without waiting for the thunder to strike. The role of an incentive can be played by information about a leak of information discussed in a specific room by a narrow group of people, or processed using specific technical means. The impetus for action may be traces indicating that unauthorized persons have entered the premises of your company, or some strange phenomena associated with the equipment used (for example, a suspicious noise on the phone).

When implementing a set of protective measures, do not strive to protect the entire building. The main thing is to limit access to those places and to the equipment where confidential information is concentrated (not forgetting, of course, the possibilities and methods of obtaining it remotely). In particular, the use of high-quality locks, alarm systems, good sound insulation of walls, doors, ceilings and floors, sound protection of ventilation ducts, openings and pipes passing through these rooms, dismantling of unnecessary wiring, as well as the use of special devices (noise generators, ZAS and etc.) will seriously complicate or make meaningless attempts to introduce special equipment.

That is why, in order to develop and implement measures to protect information from leakage through technical channels, it is necessary to invite qualified specialists, or to train our own personnel under the appropriate programs in the relevant training centers. For brevity, we agree that the abbreviation TSPI stands for Technical Means of Information Transmission.

TSPI grounding

One of the most important conditions The protection of TSPI is the correct grounding of these devices. In practice, most often you have to deal with a radial grounding system, which has fewer common areas for signal and supply currents to flow in the opposite direction (from the TSPI to outside observers).

It should be borne in mind that the grounding bus and grounding loop should not have loops, but should be made in the form of a branching tree, where the loop resistance does not exceed one ohm. This requirement is satisfied by using metal rods with high electrical conductivity as grounding conductors, immersed in the ground and connected to TSPI metal structures. Most often these are steel pipes 2-3 meters long and 35-50 mm in diameter driven vertically into the ground. Pipes are good because they allow you to reach moist layers of the earth, which have the greatest conductivity and are not subject to drying out or freezing. In addition, the use of pipes does not involve any significant excavation work.

Grounding resistance is determined mainly by the resistance of current flow in the ground. Its value can be significantly reduced by reducing the transition resistance (between the ground electrode and the soil) by thoroughly cleaning the surface of the pipe from dirt and rust, pouring table salt into the hole along its entire height and compacting the soil around each pipe. Grounding conductors (pipes) should be connected to each other by busbars using welding. In order to achieve mechanical strength and obtain sufficient conductivity, it is recommended to take the cross-section of busbars and grounding lines at least 24x4 mm.

Grounding lines outside the building must be laid at a depth of about 1.5 meters, and inside the building - along walls or special channels so that they can be inspected regularly. The lines are connected to the grounding electrode only by welding, and the line is connected to the TSPI with a bolted connection at one point. If several TSPIs are connected to the grounding main line, they must be connected to the main line in parallel (if serial connection disabling one TSPI can lead to disabling all others). When installing TSPI grounding, natural grounding agents cannot be used: metal structures of buildings connected to the ground, metal pipes laid in the ground, metal sheaths of underground cables.

Network filters

The occurrence of interference in TSPI power networks is most often due to the fact that they are connected to common power lines. Therefore, network filters perform two functions in TSPI power supply circuits: protecting equipment from external impulse noise and protecting against interference generated by the equipment itself. In this case, a single-phase power distribution system must be carried out by a transformer with a grounded midpoint, a three-phase one - by a high-voltage step-down transformer.

When choosing filters, you need to take into account: the rated values ​​of currents and voltages in the power circuits, as well as the permissible values ​​of the voltage drop across the filter at maximum load; permissible values ​​of the reactive component of the current at the main frequency of the supply voltage; required filter attenuation; mechanical characteristics of the filter (size, weight, housing type, installation method); the degree of filter screening from extraneous fields.

The filter design must provide a significant reduction in the likelihood of side coupling occurring inside the housing between the input and output due to magnetic, electric or electromagnetic fields.

Screening of premises

To completely eliminate interference from TSPI in rooms whose lines extend beyond the controlled area, it is necessary not only to suppress them in the wires extending from the source, but also to limit the scope of the electrical magnetic field, generated by the system its internal electrical wiring. This problem is solved by shielding.

Theoretically, from the point of view of material cost and ease of manufacture, the advantages are on the side of screens made of sheet steel. However, the use of mesh greatly simplifies the issues of ventilation and lighting. To decide on the screen material, you need to know how many times the TSPI radiation levels need to be attenuated. Most often this is between 10 and 30 times. This efficiency is ensured by a screen made of a single copper mesh with a 2.5 mm mesh, or from thin galvanized steel with a thickness of 0.51 mm or more.
Metal sheets (or mesh panels) must be electrically firmly connected to each other along the entire perimeter, which is ensured by electric welding or soldering.

Room doors also need to be shielded, ensuring reliable electrical contact with the door frame around the entire perimeter at least every 10-15 mm. To do this, use a spring comb made of phosphor bronze, strengthening it along the entire internal perimeter of the door frame. If there are windows in the room, they are covered with one or two layers of copper mesh with a mesh size of no more than 2x2 mm, and the distance between the mesh layers must be at least 50 mm. Both layers must have good electrical contact with the walls of the room using the same phosphor bronze comb, or by soldering (if the mesh is permanent).

The dimensions of the screened room are selected based on its purpose, the availability of free space and the cost of work. Usually it is enough to have a room of 6-8 square meters. meters at a height of 2.5-3 meters.

Phone and fax protection

Like anything electronic device, telephone and fax machines, as well as their communication lines, emit high field levels into open space in the frequency range up to 150 MHz. In order to completely suppress all types of radiation from these TSPIs, it is necessary to filter the radiation in the wires of the microtelephone, in the wires extending from the device, and also to ensure sufficient shielding of the internal circuitry of the device. Both are possible only by significantly reworking the designs of the devices and changing their electrical parameters. In other words, it is necessary to protect the microphone circuit, the bell circuit and the two-wire line telephone communication. The same applies to the problem of protecting communication lines extending beyond the premises with devices.

Generally speaking, this is a very serious problem, since such lines are almost always uncontrolled and a wide variety of information collection devices can be connected to them. There are two ways: firstly, use special wires (shielded bifilar, trifilar, coaxial cable, shielded flat cable). Secondly, they systematically check with special equipment whether there is any connection to information retrieval devices. Detection of induced signals is usually carried out at the border of the controlled area or at switching devices in distribution boxes or distribution cabinets. Then either the specific connection location is determined, or (if such a determination is not possible) noise protection is arranged. But most effective way protecting information transmitted by telephone or fax is the use of ZAS (secret communication equipment). Abroad, these devices are called scramblers.

Protection against built-in and beamforming microphones

Microphones are known to convert sound into an electrical signal. Together with special amplifiers and filters, they can be used as listening devices. To do this, a hidden wire communication line is created, which can only be detected by a physical search or (more difficult) by control measurements of signals in all wires in the room. Radio monitoring methods that are effective for searching for radio bookmarks are meaningless in this case. In addition to intercepting sound vibrations, special stethoscope microphones are very good at detecting sounds propagating through the building structures. They are used to eavesdrop through walls, doors and windows. Finally, there are a number of modifications of narrow-beam microphones that perceive and amplify sounds coming from only one direction, while attenuating all other sounds. Such microphones take the form of a long tube, a bank of tubes, or a parabolic dish with a concentrator cone. They pick up voice sounds at distances of up to one kilometer!

To protect against highly directional microphones, the following measures can be recommended;
- conduct all negotiations in rooms isolated from neighboring rooms, with doors, windows and vents closed, thick curtains drawn. The walls must also be insulated from neighboring buildings;
-floors and ceilings must be isolated from unwanted proximity in the form of agents with microphones and other listening equipment;
- do not have important conversations on the street, in squares and other open spaces, regardless of whether you are sitting or walking;
-remember that attempts to drown out a conversation with the sounds of water pouring from a tap (or fountain) are ineffective.

In modern information systems ah (IS) information has two contradictory properties - accessibility and security from unauthorized access. In many cases, IS developers are faced with the problem of choosing the priority of one of these properties.

Information protection usually means ensuring its security from unauthorized access. At the same time, under unauthorized access It is customary to understand actions that entailed “...destruction, blocking, modification, or copying of information...” (Criminal Code of the Russian Federation Art. 272). All methods and means of protecting information can be divided into two large groups: formal and informal.

Rice. 1. Classification of methods and means of information security

Formal methods and tools

These are means that perform their protective functions strictly formally, that is, according to a predetermined procedure and without direct human participation.

Technical means

Technical means of protection are various electronic and electronic-mechanical devices that are included in the technical means of the IP and perform certain protection functions independently or in combination with other means.

Physical means

Physical means of protection are physical and electronic devices, structural elements of buildings, fire extinguishing means, and a number of other means. They ensure the following tasks:

  • protection of the territory and premises of the computer center from intruders;
  • protection of equipment and storage media from damage or theft;
  • preventing the possibility of observing the work of personnel and the operation of equipment from outside the territory or through windows;
  • preventing the possibility of intercepting electromagnetic radiation from operating equipment and data transmission lines;
  • control over the work schedule of personnel;
  • organizing access to the premises for employees;
  • control over the movement of personnel in various work areas, etc.

Cryptographic methods and tools

Cryptographic methods and means are special transformations of information, as a result of which its presentation changes.

In accordance with the functions performed, cryptographic methods and tools can be divided into the following groups:

  • identification and authentication;
  • access control;
  • encryption of protected data;
  • protection of programs from unauthorized use;
  • information integrity control, etc.

Informal methods and means of information security

Informal means are those that are implemented as a result of the purposeful activities of people, or regulate (directly or indirectly) this activity.

Informal means include:

Organizational means

These are organizational, technical and organizational and legal measures carried out in the process of creating and operating information systems in order to ensure information protection. According to their content, the entire set of organizational activities can be divided into the following groups:

  • activities carried out during the creation of IP;
  • activities carried out during the operation of the information system: organization of access control, organization of automated information processing technology, organization of work in shifts, distribution of access control details (passwords, profiles, authorities, etc.);
  • general measures: taking into account security requirements when recruiting and training personnel, organizing scheduled and preventive checks of the security mechanism, planning information security measures, etc.

Legislative means

These are legislative acts of the country that regulate the rules for the use and processing of restricted information and establish penalties for violating these rules. We can formulate five “basic principles” that underlie the system of information protection laws:

  • systems should not be created that accumulate large amounts of personal information, the activities of which would be classified;
  • there must be ways by which an individual can determine that personal information has been collected, why it is being collected, and how it will be used;
  • there must be guarantees that information obtained for one purpose will not be used for other purposes without informing the person to whom it relates;
  • there must be ways by which a person can correct information relating to him and contained in the IP;
  • any organization that accumulates, stores and uses personal information shall ensure that data is stored securely when used appropriately and shall take all measures to prevent misuse of data.

Moral and ethical standards

These norms can be either unwritten (generally accepted norms of honesty, patriotism, etc.) or written, i.e. formalized in a certain set of rules and regulations (charter).

On the other hand, all methods and means of protecting information can be divided into two large groups according to the type of object being protected. In the first case, the object is the information carrier, and all informal, technical and physical methods and means of protecting information are used here. In the second case we're talking about about the information itself, and cryptographic methods are used to protect it.

The most dangerous (significant) threats to information security are:

  • violation of confidentiality (disclosure, leakage) of information constituting banking, judicial, medical and commercial secrets, as well as personal data;
  • disruption of performance (disorganization of work) of the information system, blocking of information, disruption of technological processes, failure to solve problems in a timely manner;
  • violation of the integrity (distortion, substitution, destruction) of information, software and other IP resources, as well as falsification (forgery) of documents.

Below we give a brief classification of possible channels of information leakage in information systems - ways of organizing unauthorized access to information.

Indirect channels, allowing unauthorized access to information without physical access to IS components:

  • use of listening devices;
  • remote monitoring, video and photography;
  • interception of electromagnetic radiation, registration of crosstalk, etc.

Channels related to access to IS elements, but not requiring changes to system components, namely:

  • observation of information during processing in order to remember it;
  • theft of storage media;
  • collection of production waste containing processed information;
  • intentionally reading data from other users' files;
  • reading residual information, i.e. data remaining on the fields of storage devices after executing requests;
  • copying storage media;
  • deliberate use of registered user terminals to access information;
  • masquerading as a registered user by stealing passwords and other information access control details used in the information system;
  • the use of so-called “loopholes” to access information, that is, opportunities to bypass the access control mechanism that arise as a result of imperfections and ambiguities of programming languages ​​and system-wide components software in IS.

Channels associated with access to IS elements and changes in the structure of its components:

  • illegal connection of special recording equipment to system devices or communication lines;
  • malicious modification of programs in such a way that these programs, along with the basic functions of information processing, also carry out unauthorized collection and registration of protected information;
  • malicious disabling of the protection mechanism.

1.3.3. Restricting access to information

In general, the system for protecting information from unauthorized access consists of three main processes:

  • identification;
  • authentication;
  • authorization.

At the same time, the participants in these processes are considered to be subjects - active components (users or programs) and objects - passive components (files, databases, etc.).

The task of identification, authentication and authorization systems is to determine, verify and assign a set of powers to a subject when accessing an information system.

Identification of a subject when accessing an IS, the process of comparing it with a certain stored system in a certain object, a characteristic of the subject - an identifier, is called. Subsequently, the subject identifier is used to provide the subject with a certain level of rights and powers when using the information system.

Authentication subject is the procedure for verifying that an identifier belongs to a subject. Authentication is performed on the basis of one or another secret element (authenticator), which is available to both the subject and the information system. Usually, in some object in the information system, called an account database, it is not the secret element itself that is stored, but some information about it, on the basis of which a decision is made about the adequacy of the subject to the identifier.

Authorization subject is the procedure for vesting him with rights corresponding to his powers. Authorization is carried out only after the subject has successfully passed identification and authentication.

The entire identification and authentication process can be schematically represented as follows:

Rice. 2. Scheme of the identification and authentication process

2- requirement to undergo identification and authentication;

3- sending identifier;

4- checking the presence of the received identifier in the account database;

6- sending authenticators;

7- checking the correspondence of the received authenticator to the previously specified identifier in the account database.

From the above diagram (Fig. 2) it is clear that in order to overcome the system of protection against unauthorized access, you can either change the work of the subject implementing the identification/authentication process, or change the contents of the object - the account database. In addition, it is necessary to distinguish between local and remote authentication.

With local authentication, we can assume that processes 1,2,3,5,6 take place in a protected zone, that is, the attacker is not able to eavesdrop or change the transmitted information. In the case of remote authentication, one must take into account the fact that the attacker can take either passive or active participation in the process of sending identification/authentication information. Accordingly, such systems use special protocols that allow the subject to prove knowledge of confidential information without disclosing it (for example, a non-disclosure authentication protocol).

The general scheme of information protection in IS can be presented as follows (Fig. 3):

Rice. 3. Removing information protection in the information system

Thus, the entire information protection system in the IS can be divided into three levels. Even if an attacker manages to bypass the system of protection against unauthorized access, he will be faced with the problem of finding the information he needs in the IS.

Semantic protection involves hiding the location of information. For these purposes, for example, a special recording format on a medium or steganographic methods can be used, that is, hiding confidential information in container files that do not carry any significant information.

Currently, steganographic methods of information security have become widespread in two most relevant areas:

  • hiding information;
  • copyright protection.

The last obstacle on an attacker's path to confidential information is its cryptographic transformation. This transformation is usually called encryption. A brief classification of encryption systems is given below (Fig. 4):

Rice. 4. Classification of encryption systems

The main characteristics of any encryption system are:

  • key size;
  • the difficulty of encrypting/decrypting information for a legal user;
  • the difficulty of “breaking” encrypted information.

Currently, it is generally accepted that the encryption/decryption algorithm is open and publicly known. Thus, only the key whose owner is a legal user is unknown. In many cases, it is the key that is the most vulnerable component of the information protection system from unauthorized access.

Of Microsoft's ten security laws, two are dedicated to passwords:

Law 5: “A weak password will break the strictest security”

Law 7: “Encrypted data is only as secure as the decryption key.”

That is why the selection, storage and change of the key in information security systems is given particular importance. The key can be chosen by the user independently or imposed by the system. In addition, it is customary to distinguish between three main forms of key material:

1.3.4. Technical means of information security

In general, information protection by technical means is ensured in the following ways:
the source and carrier of information are localized within the boundaries of the protected object and a mechanical barrier is provided against contact with them by an attacker or remote influence on them of the fields of his technical means

  • the ratio of the energy of the carrier and interference at the input of the receiver installed in the leakage channel is such that the attacker is unable to remove information from the carrier with the quality necessary for its use;
  • the attacker cannot detect the source or carrier of the information;
  • Instead of true information, the attacker receives false information, which he accepts as true.

These options implement the following protection methods:

  • preventing an attacker from directly penetrating the source of information with the help of engineering structures and technical security means;
  • hiding reliable information;
  • “giving” false information to the attacker.

The use of engineering structures and security is the most ancient method of protecting people and material assets. The main task of technical means of protection is to prevent (prevent) direct contact of an attacker or the forces of nature with the objects of protection.

Objects of protection are understood as people and material assets, as well as information carriers localized in space. Such media include paper, machine media, photographic and film film, products, materials, etc., that is, everything that has clear dimensions and weight. To organize the protection of such objects, such technical means of protection as security and fire alarms are usually used.

Information carriers in the form of electromagnetic and acoustic fields, electric current do not have clear boundaries and information hiding methods can be used to protect such information. These methods involve such changes in the structure and energy of the media in which an attacker cannot directly or using technical means extract information with a quality sufficient to use it in his own interests.

1.3.5. Information security software

These security tools are designed specifically to protect computer information and are based on the use of cryptographic methods. The most common software tools are:

  • Programs for cryptographic processing (encryption/decryption) of information (“Verba” MO PNIEI www.security.ru; “Krypton” Ankad www.ancud.ru; “Secret Net” Informzashchita www.infosec.ru; “Dallas Lock” Confident www. confident.ru and others);
  • Programs for protection against unauthorized access to information stored on a computer (“Sobol” Ankad www.ancud.ru and others);
  • Steganographic information processing programs (“Stegano2ET” and others);
  • Software tools guaranteed destruction of information;
  • Systems for protecting against unauthorized copying and use (using electronic keys, for example, the Aladdin company www.aladdin.ru and with reference to the unique properties of the StarForce storage medium).

1.3.6. Anti-virus information protection tools

In general, we should talk about “malware programs”, this is how they are defined in the governing documents of the State Technical Commission and in existing legislative acts (for example, Article 273 of the Criminal Code of the Russian Federation “Creation, use and distribution malware for computers"). All malware can be divided into five types:

  • Viruses– defined as pieces program code, which have the ability to generate objects with similar properties. Viruses, in turn, are classified according to their habitat (for example: boot -, macro -, etc. viruses) and according to their destructive action.
  • Logic bombs– programs that launch only when certain conditions are met (for example: date, pressing a key combination, absence/presence of certain information, etc.).
  • Worms- programs that have the ability to spread over a network, transferring to the destination node not necessarily the entire program code at once - that is, they can “assemble” themselves from individual parts.
  • Trojans– programs that perform undocumented actions.
  • Bacteria– unlike viruses, they are integral programs that have the property of reproducing their own kind.

Currently, malware in its “pure” form practically does not exist - they are all some kind of symbiosis of the types listed above. That is, for example: a Trojan may contain a virus and, in turn, the virus may have the properties of a logic bomb. According to statistics, about 200 new malicious programs appear every day, with worms taking the “leadership”, which is quite natural due to the rapid growth in the number of active Internet users.

To protect against malware, it is recommended to use anti-virus software packages (for example: DrWeb, AVP - domestic developments, or foreign ones, such as NAV, TrendMicro, Panda, etc.). The main diagnostic method for all existing anti-virus systems is “signature analysis”, that is, an attempt to check the new information received for the presence of a malicious program “signature” - a characteristic piece of program code. Unfortunately, this approach has two significant drawbacks:

  • It is possible to diagnose only already known malware, and this requires constant updating of the “signature” databases. This is precisely what one of Microsoft's security laws warns about:

Law 8: “Not updated antivirus program not much better than the complete absence of such a program"

  • The continuous increase in the number of new viruses leads to a significant increase in the size of the “signature” database, which in turn causes a significant use of computer resources by the anti-virus program and, accordingly, a slowdown in its operation.

One of the well-known ways to increase the efficiency of diagnosing malware is to use the so-called “ heuristic method" In this case, an attempt is made to detect the presence of malware, taking into account known methods for creating it. However, unfortunately, if a highly qualified specialist took part in the development of the program, it can only be discovered after it has demonstrated its destructive properties.

Print version

Reader

Title of work Annotation

Workshops

Workshop name Annotation

Presentations

Presentation title Annotation

To ensure the confidentiality of information, protect the buildings of companies and firms from eavesdropping, and effectively combat industrial espionage, numerous methods and techniques for protecting information are used. Many of these methods are based on the use of technical means of information security.

Existing technical means of protecting information for enterprises and organizations can be divided into several groups.
1) Devices for detecting and destroying unauthorized technical reconnaissance equipment:
. nonlinear locators (study the response to the influence of an electromagnetic field);
. nonlinear wire line locators;
. magnetic resonance locators;
. X-ray meters;
. acoustic correlators;
. metal detectors;
. thermal imagers;
. devices for searching for changes in the magnetic field;
. electromagnetic radiation search devices - scanners, receivers, frequency meters, sound level meters, infrared radiation detectors, spectrum analyzers, microvoltmeter, radio radiation detectors;
. search devices based on changes in telephone line parameters. To identify connections to a telephone line, circuits are used - telephone line analyzers, microcircuit-based line status indicators, parallel telephone blockers.

2) Passive means of protecting premises and equipment:
. jamming devices. Acoustic noise generators that mask beep in rooms and communication lines (white noise with an amplitude spectrum distributed according to a normal law). Window glass modulators (make the amplitude of glass vibrations greater than that caused by a person’s voice) - to prevent the interception of voice messages by special devices. Surge filters that eliminate the possibility of information leakage from power supply circuits.
. surveillance devices - open surveillance systems, secret surveillance systems;
. devices automatic recording telephone conversations.

3) Technical means of cryptographic information protection.

4) Special technical means for recognizing PC users.

Electronic access keys personal computers. The key contains a microprocessor; unique information for each user is entered into its storage device.
. fingerprint identification devices.
. voice identification devices. The individuality of the voice is influenced by both anatomical features and acquired habits of a person: the frequency range of vibration of the vocal cords, the frequency characteristics of the voice.

From the point of view of technical implementation, the most acceptable is to study exactly frequency characteristics. For this purpose, special multichannel filters are used. Recognition of user commands is carried out by comparing current data with a reference signal on each frequency channel.

The given list of technical means of information security is far from complete, and with the development of modern science and technology, it is constantly updated, providing enterprises and organizations additional methods and ways to protect confidential data and trade secrets.

Unlike legislative and administrative ones, they are designed to get rid of the human factor as much as possible. Indeed, compliance with legislative measures is conditioned only by integrity and fear of punishment. Compliance with administrative measures is monitored by people who can be deceived, bribed or intimidated. In this way, strict execution of established rules can be avoided. And in the case of using technical means of defense, a potential adversary is presented with a certain technical (mathematical, physical) problem that he needs to solve in order to gain access to information. At the same time, a simpler path should be available to the legitimate user, allowing him to work with the information put at his disposal without solving complex problems. Technical methods of protection include a lock on the chest in which books are stored, and storage media that self-destruct if attempted to be misused. True, such media are much more common in adventure films than in reality.

In relation to information security, technical methods protections are designed to provide solutions to information security problems.

Currently, to obtain confidential information, attackers, including industrial spies, use a wide variety of means and methods of penetrating objects, developed on the basis of the latest achievements of science and technology, using latest technologies in the field of miniaturization in the interests of their covert use. To counter this onslaught, security services are equipped with the necessary equipment that is not inferior in reliability and functionality attackers' equipment. Engineering and technical support for information security by implementing the necessary technical and organizational measures should exclude:

unauthorized access to information processing equipment by controlling access to production premises;

unauthorized removal of storage media by personnel involved in data processing through exit control in the relevant production premises;

unauthorized entry of data into memory, modification or erasure of information stored in memory;

unauthorized use of information processing systems and illegal acquisition of data as a result;

access to information processing systems through homemade devices and illegal obtaining of data;

the possibility of unauthorized transmission of data through a computer network;

uncontrolled data entry into the system;

processing customer data without the latter’s appropriate instructions;

unauthorized reading, changing or erasing data during transmission or transportation of storage media.

Methods for protecting information from most threats are based on engineering and technical measures. Engineering and technical protection is a set of special bodies, technical means and measures that function together to perform a specific task of protecting information.

Engineering and technical protection uses the following means:

physical means;

hardware;

software;

cryptographic means.

Physical means include various engineering means and structures that prevent physical penetration of attackers into protected objects and protect personnel (personal security equipment), material resources and finances, information from illegal actions.

According to the level of physical protection, all zones and production premises can be divided into three groups:

carefully controlled areas with high level of security;

protected areas;

weakly protected areas.

Hardware includes instruments, devices, devices and other technical solutions used to ensure safety.

In the practice of any organization, a wide variety of equipment is widely used: from telephone set to perfect automated information systems that ensure its production activities. The main task of hardware is to ensure reliable security of commercial activities.

Software tools are special programs, software systems and information security systems in information systems for various purposes and data processing tools.

Cryptographic tools are special mathematical and algorithmic means of protecting information transmitted over communication networks, stored and processed on computers using encryption methods.

Obviously, this division of information system security means is quite arbitrary, since in practice they very often interact and are implemented in a complex in the form of software and hardware implementation with the widespread use of information closure algorithms.

It should be noted that the purpose of the above mechanisms can be varied. Some are designed to reduce the risk of threats, others provide protection against these threats, and others detect them. At the same time, cryptography methods play an important role for each of the mechanisms, allowing the creation of more advanced security measures.

When creating a physical security system (as well as information security in general), there should be an analysis of threats (risks) as real (in at the moment), and potential (in the future).

Based on the results of risk analysis using optimization tools, requirements for the security system of a specific enterprise and facility in a specific environment are formed. Overestimation of requirements leads to unjustified expenses, underestimation leads to an increase in the likelihood of threats being realized.

Heading: Games
Share