Presentation on the topic software information security. Information security prepared - presentation. Protection against unauthorized access

Description of the presentation for individual slides:

1 slide

Slide Description:

Topic: Protection from unauthorized access to information KOU VO "Evening (shift) secondary school No. 2" Ustyuzhna Completed: Shcheglova L.А.

2 slide

Slide Description:

Basic concepts Information security is a set of measures aimed at ensuring information security. Information security - protecting the integrity, availability and confidentiality of information. accessibility - the ability to receive the required information service within a reasonable time. Integrity - the relevance and consistency of information, its protection from destruction and unauthorized changes. Confidentiality - protection from unauthorized access to information.

3 slide

Slide Description:

Information security is the state of security of the information environment. In computing, the concept of security implies the reliability of the computer, the safety of valuable data, the protection of information from changes to it by unauthorized persons, the preservation of the secrecy of correspondence in electronic communications. In all civilized countries, there are laws on the safety of citizens, the Federal Law of July 27, 2006 N 149-FZ "On Information, Information Technologies and Information Protection" (with amendments and additions) is used to protect information, but still the reliability of computer systems relies heavily on self-defense measures.

4 slide

Slide Description:

Unauthorized access Unauthorized access - actions that violate the established access procedure or the rules of delimitation, access to programs and data that are received by subscribers who have not been registered and have no right to familiarize themselves with or work with these resources. Access control is implemented to prevent unauthorized access.

5 slide

Slide Description:

Password protection Passwords are used to protect against unauthorized access to programs and data stored on your computer. The computer allows access to its resources only to those users who are registered and entered the correct password. Each specific user can be allowed access only to certain information resources. In this case, registration of all unauthorized access attempts can be made.

6 slide

Slide Description:

Password protection is used when booting the operating system Password logon can be set in BIOS Setup, the computer will not start booting the operating system if the correct password is not entered. Overcoming such defenses is not easy.

7 slide

Slide Description:

Every disk, every folder, every file of the local computer can be protected from unauthorized access. Certain access rights can be set for them: full access, the ability to make changes, only read, write, etc. The rights can be different for different users.

8 slide

Slide Description:

What is a password? "a password is a secret set of various characters that allows you to identify a legitimate user and his right to work in a computer system." The general idea is that the best password is a random and meaningless set of characters. Store your password in a safe place. Change passwords regularly. This can be misleading to attackers. The stronger the password, the longer you can use it. A password of 8 or less characters can be used within a week, while a combination of 14 or more characters can last for several years.

9 slide

Slide Description:

Biometric security systems At present, biometric identification systems are increasingly used to protect against unauthorized access to information. Biometric identification is a way of identifying a person based on individual specific biometric features (identifiers) inherent in a particular person. Biometric identification methods are divided into two groups: Static methods Dynamic fingerprint methods; by the geometry of the palm of the hand. By handwritten handwriting. This technology is becoming a very popular alternative to painting with a pen. The dynamic signs of writing are analyzed - the degree of pressure, the speed of writing along the iris; by the image of the face; By voice. Constructions of the voice identification code, as a rule, are various combinations of the frequency and statistical characteristics of the voice

10 slide

Slide Description:

Fingerprint identification Optical fingerprint readers are installed on laptops, mice, keyboards, flash drives, and are also used as separate external devices and terminals (for example, at airports and banks). If the pattern of the fingerprint does not match the pattern of the authorized user, then access to the information is impossible.

11 slide

Slide Description:

Identification by the palm of the hand In biometrics, for identification purposes, simple geometry of the hand is used - size and shape, as well as some information signs on the back of the hand (images on the folds between the phalanges of the fingers, patterns of the location of blood vessels). Palm ID scanners are installed in some airports, banks and nuclear power plants.

12 slide

Slide Description:

Identification by the iris of the eye For identification by the iris of the eye, special scanners connected to a computer are used. The iris is a biometric characteristic that is unique to each person. The eye image is separated from the face image and a special barcode mask is applied to it. The result is a matrix that is individual for each person.

13 slide

Slide Description:

Face recognition Face recognition technologies are often used to identify a person. Human recognition occurs at a distance. Identification marks take into account the shape of the face, its color, as well as the color of the hair. Currently, the issuance of new passports is starting, in the micro-scheme of which a digital photograph of the owner is stored. Important features also include the coordinates of the points of the face in places corresponding to the change in contrast (eyebrows, eyes, nose, ears, mouth and oval).

14 slide

Slide Description:

Until recently, it was believed that the most reliable method of biometric identification and personality authentication is a method based on scanning the retina. It contains the best features of identification by the iris and by the veins of the arm. The scanner reads the pattern of capillaries on the surface of the retina. The retina has an immobile structure that does not change over time, except as a result of an eye disease such as cataracts. Unfortunately, a number of difficulties arise when using this biometrics method. The scanner here is a very complex optical system, and a person must not move for a considerable time while the system is guided, which causes discomfort.

15 slide

Slide Description:

Dynamic identification methods - based on handwritten text Biometric equipment manufacturers are trying to create reliable face identification systems using dynamic features. The additional hardware for such systems is cheaper than fingerprint or iris scanners. Personal identification systems based on the dynamics of reproduction of handwritten passwords (signatures) are very convenient and promising in their class.

SECURITY Security of an information system is a property that implies the ability of a system to ensure its normal functioning, that is, to ensure the integrity and secrecy of information. To ensure the integrity and confidentiality of information, it is necessary to protect information from accidental destruction or unauthorized access to it.

THREATS There are many possible directions of information leakage and ways of unauthorized access to it in systems and networks: interception of information; information modification (the original message or document is changed or replaced by another and sent to the addressee); substitution of authorship of information (someone can send a letter or document on your behalf); exploiting the shortcomings of operating systems and application software; copying data carriers and files with overcoming security measures; illegal connection to equipment and communication lines; disguise as a registered user and assigning his powers; introduction of new users; the introduction of computer viruses and so on.

PROTECTION The means of protecting information IP from actions of subjects include: means of protecting information from unauthorized access; information protection in computer networks; cryptographic information protection; electronic digital signature; protection of information from computer viruses.

UNAUTHORIZED ACCESS Gaining access to the resources of the information system involves performing three procedures: identification, authentication and authorization. Identification - assignment of unique names and codes (identifiers) to a user (object or subject of resources). Authentication is the identification of the user who submitted the identifier or verifying that the person or device that provided the identifier is indeed who it claims to be. The most common method of authentication is to assign a password to the user and store it on the computer. Authorization - checking the authority or checking the user's right to access specific resources and perform certain operations on them. Authorization is carried out in order to differentiate access rights to network and computer resources.

COMPUTER NETWORKS Local networks of enterprises are very often connected to the Internet. For the protection of local networks of companies, as a rule, firewalls are used - firewalls. A screen (firewall) is an access control tool that allows you to divide the network into two parts (the border runs between the local network and the Internet) and form a set of rules that determine the conditions for the passage of packets from one part to another. Screens can be implemented both in hardware and software.

CRYPTOGRAPHY To ensure the secrecy of information, its encryption or cryptography is used. For encryption, an algorithm or device is used that implements a specific algorithm. The encryption is controlled by a variable key code. The encrypted information can only be retrieved using a key. Cryptography is a very effective method that increases the security of data transmission over computer networks and when exchanging information between remote computers.

ELECTRONIC DIGITAL SIGNATURE To exclude the possibility of modifying the original message or replacing this message with others, it is necessary to send the message along with the electronic signature. An electronic digital signature is a sequence of characters obtained as a result of cryptographic transformation of the original message using a private key and allows you to determine the integrity of the message and its ownership by the author using the public key. In other words, a message encrypted with a private key is called an electronic digital signature. The sender transmits the unencrypted message in its original form along with a digital signature. The recipient uses the public key to decrypt the message's character set from the digital signature and compares it to the unencrypted message's character set. If the characters match completely, it can be argued that the received message is not modified and belongs to its author.

ANTI-VIRUSES A computer virus is a small malicious program that can independently create copies of itself and inject them into programs (executable files), documents, boot sectors of data carriers and spread through communication channels. Depending on the habitat, the main types of computer viruses are: Software (infect files with the extension .COM and .EXE) viruses Boot viruses. Macroviruses. Network viruses. Removable media and telecommunications systems can be sources of virus infection. The most effective and popular anti-virus programs include: Kaspersky Anti-Virus 7.0, AVAST, Norton AntiVirus and many others.

SITES USED informacii-v-komp-yuternyh-setyah.html informacii-v-komp-yuternyh-setyah.html html ht ml ht ml

1 slide

Modern methods and means of information security Completed by: student of group T3-09 Apetov Alexander 2012

2 slide

Information security is a complex of organizational, technical and technological measures to protect information from unauthorized access, destruction, modification, disclosure and delays in access.

3 slide

Information security guarantees that the following goals are achieved: confidentiality of information (property of information resources, including information related to the fact that they will not become available and will not be disclosed to unauthorized persons); integrity of information and related processes (invariability of information in the process of its transmission or storage); availability of information when it is needed (property of information resources, including information, which determines the possibility of their receipt and use at the request of authorized persons); accounting of all processes associated with information.

4 slide

Ensuring information security consists of three components: Confidentiality, Integrity, Accessibility. The points of application of the information protection process to the information system are: hardware, communication software (communications). The protection procedures (mechanisms) themselves are divided into physical level protection, personnel protection, organizational level. Communication Hardware Software

5 slide

A security threat to a computer system is a potentially possible incident (intentional or not) that can have an undesirable effect on the system itself, as well as on the information stored in it. Threat analysis carried out by the National Computer Security Association in the United States revealed the following statistics:

6 slide

7 slide

A security policy is a set of measures and active actions to manage and improve security systems and technologies.

8 slide

Organizational protection, organization of the regime and protection. organization of work with employees (selection and placement of personnel, including familiarization with employees, their study, training in the rules of working with confidential information, familiarization with measures of responsibility for violation of information protection rules, etc.) organization of work with documents and documented information (development, use, accounting, execution, return, storage and destruction of documents and carriers of confidential information) organization of the use of technical means of collection, processing, accumulation and storage of confidential information; organization of work to analyze internal and external threats to confidential information and develop measures to ensure its protection; organization of work to conduct systematic control over the work of personnel with confidential information, the procedure for accounting, storage and destruction of documents and technical media.

9 slide

Technical means of information security To protect the perimeter of the information system, the following are being created: security and fire alarm systems; digital video surveillance systems; access control systems (ACS). Protection of information from its leakage by technical communication channels is provided by the following means and measures: using a shielded cable and laying wires and cables in shielded structures; installation of high-frequency filters on communication lines; construction of shielded rooms ("capsules"); use of shielded equipment; installation of active noise systems; creation of controlled areas.

10 slide

Information security hardware Special registers for storing security details: passwords, identifying codes, labels or secrecy levels; Devices for measuring individual characteristics of a person (voice, fingerprints) in order to identify him; Circuits for interrupting the transmission of information in the communication line in order to periodically check the address of the data delivery. Information encryption devices (cryptographic methods). Uninterruptible power supply systems: Uninterruptible power supplies; Load redundancy; Voltage generators.

11 slide

Software means of information protection Means of protection against unauthorized access (NSD): Authorization means; Mandatory access control; Selective access control; Role-based access control; Logging (also called Auditing). Systems for analysis and modeling of information flows (CASE-systems). Network Monitoring Systems: Intrusion Detection and Prevention Systems (IDS / IPS). Systems for preventing leaks of confidential information (DLP systems). Protocol analyzers. Antivirus tools.

12 slide

Information security software Firewalls. Cryptographic means: Encryption; Digital signature. Backup systems. Authentication systems: Password; Access key (physical or electronic); Certificate; Biometrics. Tools for analyzing protection systems: Monitoring software product.

13 slide

TYPES OF ANTI-VIRUS APPLICATIONS Detectors allow detecting files infected with one of several known viruses. Some detector programs also perform heuristic analysis of files and system areas of disks, which often (but by no means always) allows detecting new viruses unknown to the detector program. Filters are resident programs that notify the user of all attempts by a program to write to the disk, and even more so to format it, as well as other suspicious actions. Doctor programs or phages not only find files infected with viruses, but also “cure” them, ie. remove the body of the virus program from the file, returning the files to their original state. Inspectors remember information about the state of files and system areas of disks, and on subsequent launches - compare their state to the original. If inconsistencies are identified, this is reported to the user. The guards or filters are resident in the computer's RAM and check the files being launched and inserted USB drives for viruses. Vaccine programs or immunizers modify programs and disks in such a way that this does not affect the operation of the programs, but the virus from which the vaccination is carried out considers these programs or disks already infected.

14 slide

Disadvantages of antivirus software None of the existing antivirus technologies can provide complete protection against viruses. The antivirus program takes away part of the system's computing resources, loading the central processor and hard disk. This can be especially noticeable on weak computers. Antivirus programs can see a threat where it does not exist (false positives). Antivirus programs download updates from the Internet, thereby wasting traffic. Various methods of encrypting and packaging malware make even known viruses undetectable by antivirus software. Detecting these "cloaked" viruses requires a powerful unpacking engine that can decrypt files before scanning them. However, many anti-virus programs do not have this capability and, therefore, it is often impossible to detect encrypted viruses.

15 slide

Understanding a computer virus A computer virus is a special program that deliberately causes harm to the computer on which it is run, or to other computers on the network. The main function of the virus is its reproduction.

16 slide

Classification of computer viruses by habitat; by operating systems; by the algorithm of work; for destructive opportunities.

Presentation on the topic: Modern methods and means of protecting information

1 of 22

Presentation on the topic: Modern methods and means of information protection

Slide No. 1

Slide Description:

Slide No. 2

Slide Description:

Slide No. 3

Slide Description:

Slide No. 4

Slide Description:

Ensuring information security consists of three components: Confidentiality, Integrity, Accessibility. The points of application of the information protection process to the information system are: hardware, communication software (communications). The procedures (mechanisms) of protection themselves are divided into protection of the physical level, protection of personnel at the organizational level.

Slide No. 5

Slide Description:

Slide No. 6

Slide Description:

Slide No. 7

Slide Description:

Slide No. 8

Slide Description:

organization of the regime and protection. organization of work with employees (selection and placement of personnel, including familiarization with employees, their study, training in the rules of working with confidential information, familiarization with measures of responsibility for violation of information protection rules, etc.) organization of work with documents and documented information (development, use, accounting, execution, return, storage and destruction of documents and carriers of confidential information) organization of the use of technical means of collection, processing, accumulation and storage of confidential information; organization of work to analyze internal and external threats to confidential information and develop measures to ensure its protection; organization of work to conduct systematic control over the work of personnel with confidential information, the procedure for accounting, storage and destruction of documents and technical media.

Slide No. 9

Slide Description:

Slide No. 10

Slide Description:

Slide No. 11

Slide Description:

Slide No. 12

Slide Description:

Slide No. 13

Slide Description:

Detectors allow you to detect files infected with one of several known viruses. Some detector programs also perform heuristic analysis of files and system areas of disks, which often (but by no means always) allows detecting new viruses unknown to the detector program. Filters are resident programs that notify the user of all attempts by a program to write to the disk, and even more so to format it, as well as other suspicious actions. Doctor programs or phages not only find files infected with viruses, but also "cure" them, ie. remove the body of the virus program from the file, returning the files to their original state. Inspectors remember information about the state of files and system areas of disks, and on subsequent launches - compare their state to the original. If inconsistencies are identified, this is reported to the user. The guards or filters are resident in the computer's RAM and check the files being launched and inserted USB drives for viruses. Vaccine programs or immunizers modify programs and disks in such a way that this does not affect the operation of the programs, but the virus from which the vaccination is carried out considers these programs or disks already infected.

Slide No. 14

Slide Description:

Slide No. 19

Slide Description:

3) According to the algorithm of work Residency Viruses with this property operate constantly while the computer is turned on. Self-encryption and polymorphism Polymorphic viruses change their code or the body of the program, making them difficult to detect. Stealth - Algorithm Stealth viruses “hide” in the RAM and the anti-virus program cannot detect them. Non-standard techniques Fundamentally new methods of influencing a virus on a computer.

Slide Description:

A Trojan horse is a program that contains a certain destructive function that is activated when a certain trigger condition occurs. Usually such programs are disguised as some useful utilities. Types of destructive actions: Destruction of information. (The specific choice of objects and methods of destruction depends only on the imagination of the author of such a program and the capabilities of the OS. This function is common for Trojan horses and bookmarks). Interception and transmission of information. (passwords typed on the keyboard). Purposeful change of the program. Worms are viruses that spread across global networks, infecting entire systems, rather than individual programs. This is the most dangerous type of viruses, as the objects of attack in this case are information systems of a national scale. With the advent of the global Internet, this type of security breach poses the greatest threat because any of the computers connected to this network can be exposed to it at any time. The main function of this type of viruses is to hack the attacked system, i.e. overcoming protection in order to violate security and integrity.

Slide No. 22

Slide Description:

identification is the naming of oneself by the system; authentication is the establishment of a correspondence between a person and an identifier named by him; authorization - providing this person with opportunities in accordance with the rights assigned to him or checking the availability of rights when trying to perform an action

Presentation on the topic software information security. Information security prepared - presentation. Protection against unauthorized access

Presentation on the topic: Modern methods and means of information protection

The last

You need to know