METHODS AND MEANS OF PROTECTION OF INFORMATION IN COMPUTER SYSTEMS...

METHODS AND MEANS OF INFORMATION PROTECTION IN COMPUTER SYSTEMS

As a result of mastering the materials of this chapter, students must:

know

- purpose and functionality of the main mechanisms for ensuring information security;

- the most important requirements of regulatory documents for the organization of information security;

be able to

- justify the choice of mechanisms for IP protection against a certain information risk;

own

- skills of setting up the Windows information protection subsystem;

- the skills of using the capabilities of MS Office applications and Internet Explorer to protect information.

Organizational methods of information protection

At the enterprise level, organizational methods are the core of an integrated information risk management system. Only with the help of these methods is it possible to unite, on a legal basis, economic, technical, software and cryptographic tools and methods for ensuring the security of information in a single integrated system.

Organizational methods for managing information risks can be divided into the following groups:

• methods of using management tools;

• methods of direct management of information risks;

• General management methods.

A large group of organizational methods of managing information risks are methods of applying risk management tools. To implement these management methods, methods, instructions, schedules, schemes, rules, and functional duties are developed that allow personnel to use information risk management tools. In essence, these are methods that ensure the use of funds within certain technologies for managing information risks.

Managing individual information risks can be carried out without the use of special tools. Such methods are used if organizational methods are more efficient than methods using special tools or when organizational methods are used in addition to other mechanisms. As examples of organizational methods of managing information risks that have independent significance, the following organizational methods can serve: organization of storage of information carriers in special storage facilities, joint execution and control of particularly responsible operations, admission to premises with the participation of controllers, etc.

General management methods include management methods that are performed in any enterprise, with the management of any system: work planning, documentation creation, collection, processing and transfer of control information, control, audit, etc.

Economic methods of managing information risks are used to ensure the economic effectiveness of the application of the information risk management system. The following methods can be applied to economic management methods:

• determination of costs for the information risk management system;

• estimates of damage from information risks;

• optimization of the overall costs of information risk management;

• Information Risk Insurance;

• creating reserves to minimize damage.

Random Threat Protection Mechanisms

The analysis of the peculiarities of random threats to the security of information systems allows us to draw a number of important conclusions that must be taken into account when choosing mechanisms to protect against these threats:

• The threats of this class are causing the greatest damage to the enterprise;

• Protection mechanisms against threats of this class are implemented and used at all stages of the life cycle of information systems;

• System stability to threats at the operational stage is provided mainly by specialists of IT departments.

All directions for countering random threats can be grouped as follows (Figure 14.1).

Duplicating information or backup ( backup ) is one of the most effective ways to ensure the integrity of information. It ensures the protection of information from both accidental threats and deliberate exposures.

Depending on the value of information, features of the construction and modes of operation of the COP, various methods of duplication can be used, which are classified according to various characteristics.

By the time information is recovered, duplication methods can be divided into operational and non-operational ones. Operative methods include methods of duplication of information, which allow using duplicate information in real time. This means that the transition to the use of duplicate information is carried out in a time that allows you to execute a request to perform specified actions in real time for this COP. All methods that do not provide a real-time mode are referred to as non-operational methods of duplication.

In terms of the degree of spatial remoteness of the carriers of primary and duplicating information, the methods are duplicated -

Random Threat Protection Directions

Fig. 14.1. Directions for protection against accidental threats

Names can be divided into concentrated duplication methods and distributed redundancy methods.

For certainty, it is advisable to consider methods of concentrated duplication to be methods for which carriers with basic and duplicate information are located in the same room. All other methods are dispersed.

Spatial duplication is achievable in computer networks and is practically the only way to ensure the integrity and accessibility of information in natural disasters and major accidents.

For duplication tools used for duplication, the methods of duplication can be divided into methods that use: specially allocated areas of memory on non-removable machine media; removable media; additional external storage devices (blocks).

According to the number of copies, duplication methods are divided into single-level and multi-level. With single-level duplication, a single copy is used. As a rule, the number of levels does not exceed three.

In accordance with the procedure of duplication, the methods of mirroring are different; full copy; partial copying and combined copying.

When mirroring, any changes to the basic information are accompanied by the same changes in duplicate information. With this duplication, the basic information and the double are always identical. At full copying all files are periodically duplicated. Partial copying involves creating duplicate files, such as user files. One type of partial copy, called incremental copying, is the method of creating duplicate files changed since the last copy. Combined copying allows combinations, for example full and partial copying with different frequency of their conduct.

Finally, according to the type of duplicating information, duplication methods are divided into methods with information compression and methods without data compression.

In case of non-operational duplication, information is almost always compressed with the help of archiver programs. In case of rapid duplication can be used

Both methods are used depending on the characteristics of the system and the algorithm of its functioning.

The ideology of reliable and efficient storage of information on hard drives is reflected in the technology RAID (Redundant Array of Independent Disks). This technology implements the concept of creating a block storage device with the ability to perform parallel requests and restore information in the event of failures of individual hard disk drive units. Devices implementing this technology are called RAID systems (RAID systems) or RAID disk arrays.

There are six main levels in RAID technology: from 0 to 5. Various combinations of these levels are also used. RAID levels determine how to write to independent disks and how to recover information. They differ in the speed of the system and the efficiency of information recovery.

Zero RAID level assumes independent parallel use of blocks (magnetic disk drives) for writing and reading files. The maximum possible data exchange rate and system capacity are achieved, but duplication is not used.

The first level of RAID provides a mirrored mirroring mode. Advantages of the first level of RAID are the fastest transition to the use of duplicate data and ease of implementation.

Starting from the second level, the recovery of lost data is not done using duplicate information, but with the help of control information. Moreover, information recovery is possible in case of failure of only one disk. With the simultaneous failure of two or more drives to recover lost information is impossible.

The principle of operation of RAID-systems can be considered using the example of a system of the third level. At the 3rd RAID level, data bytes are alternately written to the working disks. The control information is recorded on one dedicated disk. The principle of the formation and use of control information for the restoration of lost data should be considered using the example (Figure 14.2).

Let's use two disks for working information (D1, D2) and one (Dk) for the control. Control information -

Restoring Information in a Level 3 RAID System

Fig. 14.2. Information recovery in a RAID level 3 system

The formation is obtained by adding modulo 2 (mod2) bytes of information written to work disks. When added modulo 2, the resulting control bits complement the number of ones to an even number, for example:

If the disks D1 and D2 work correctly, the data is read from these disks. In the event of a single disk failure (disk D2 in the figure), the lost data is restored by mod2 addition of bytes stored on the workable disks and on the control disk.

The number of data drives is unlimited. The disk malfunction is fixed by means of the built-in control. If the drive with the control information is faulty, it is disconnected before replacement

Improving Reliability and Resiliency The IS is one of the ways to preserve the integrity and availability of information.

Reliability means the property of the system to perform the tasks assigned to it under certain operating conditions. When a failure occurs, the computer system can not perform all the tasks specified by the documentation, i.e. goes from a healthy state to a faulty one. If, at the onset of a failure, the computer system is able to perform the specified functions, keeping the values ​​of the main characteristics within the limits established by the technical documentation, then it is in a working state.

From the point of view of ensuring the security of information, it is necessary to keep at least the operational state of the CS.

To solve this problem, it is necessary to ensure high reliability of functioning of algorithms, programs and technical (hardware) means.

Improving the reliability of the elements of the information system is a necessary requirement for building a fault-tolerant system, but not sufficient. This is because the reliability of the elements can not be absolute even at a high level of technology. In addition, the real operating conditions of the elements of the system may not correspond to the conditions of normal operation, including but also because of deliberate pest effects.

Therefore, it is necessary to create fault-tolerant systems. Fault Tolerance is a CC property that can be maintained when individual devices, blocks, or circuits fail.

There are three main approaches to creating fault-tolerant systems:

• Simple backup;

• Noiseproof coding of information;

• Creation of adaptive systems.

Simple backup is based on the use of devices, blocks, nodes, circuits only as backup. If the main element fails, the transition to the use of the backup is performed. For reservation purposes, one spare element or more can be used. The levels and depth of redundancy determine the capabilities of the system to parry failures, as well as hardware costs. Such systems should have simple hardware-software means for controlling the operability of the elements and means of transitioning to the use of reserve elements, if necessary.

Noiseless coding is based on the use of information redundancy. Working information in the COP is supplemented by a certain amount of special control information. The presence of this control information (control bits) makes it possible to determine errors and even correct them by performing certain actions on the working and control information.

The most perfect systems, resistant to failures, are adaptive systems. They achieve a reasonable compromise between the level of redundancy introduced to ensure the system's tolerance (tolerance) to failures, and the efficiency of using such systems for their intended use.

Adaptive systems contain hardware and software tools for automatic control of the operability of the elements of the system and the implementation of its reconfiguration in the event of failures of elements. During the reconfiguration the failed element is disconnected, the necessary information is restored (if it is lost or distorted), the links and modes of operation of the system elements are changed.

The property of adaptability provides high efficiency not only by increasing the resistance to negative events. Adaptive systems allow to solve other tasks of optimization of functioning, for example, to reduce power consumption by disabling certain units while reducing the load on the system, to choose the optimal ways of transferring data taking into account their workload, to switch to the optimal mode of service of requests in queues.

For counteracting technogenic accidents and natural disasters the information system must remain operational in conditions of adverse effects of natural factors and technogenic accidents. To do this, the survivability of the IP objects must be ensured. Vitality is considered as a property of the information system to remain operative in the conditions of natural disasters, accidents and failures.

In addition to the system's adaptability to failures and failures, it must have the property of resistance to natural or man-made disasters. In recent years, the requirements for business continuity and efficiency have led to the need to create disaster-proof systems. The difference between such systems and systems that have the property of survivability lies in their ability not to reduce the effectiveness of IP in disasters. One of the most promising and economically viable directions for creating disaster-proof systems is the use of so-called cloud technologies.

When creating objects that are resistant to man-made accidents and natural disasters, it is necessary to choose the location of the object; to carry out design and construction of buildings meeting the requirements of survivability; to equip the premises with means of prompt response to natural disasters, accidents and refusals; to create mechanisms of adaptation of the system to catastrophes; prepare staff for action in extreme conditions.

One of the main ways to protect information in IP from unintended threats is to reduce the number of errors of users and attendants, and minimize the consequences of these errors. To achieve these goals, it is necessary to create optimal conditions for the work of users and staff; training of staff to work in IP; the organization of multilevel control of actions of employees when working in IS.

thematic pictures

Also We Can Offer!

Other services that we offer

If you don’t see the necessary subject, paper type, or topic in our list of available services and examples, don’t worry! We have a number of other academic disciplines to suit the needs of anyone who visits this website looking for help.

How to ...

We made your life easier with putting together a big number of articles and guidelines on how to plan and write different types of assignments (Essay, Research Paper, Dissertation etc)