Training manual information security management. Information Security
- Tutorial for universities - Belov E.B., Los V.P., Meshcheryakov R.V., Shelupanov A.A. - 2006
Issues of theory and practice of providing information security of the individual, society and state. Much attention is paid to the problem security automated systems , including issues of determining the model of the intruder and requirements for information protection. Analyzed modern methods and information security tools and architecture of information security systems. The appendices provide reference material according to a number of regulatory legal documents and option work program in the discipline “Fundamentals of Information Security”.
For higher education students educational institutions , studying in specialties in the field information security, may be useful for a wide range of readers interested in information security issues.
Fundamentals of information security. Textbook for universities / E. B. Belov, V. P. Los, R. V. Meshcheryakov, A. A. Shelupanov. -M.: Hotline- Telecom, 2006. - 544 p.: ill.
ISBN 5-93517-292-5
BBK 32.97
UDC 681.3
0-75
Preface
Introduction
Part 1. FUNDAMENTALS OF STATE INFORMATION POLICY AND INFORMATION SECURITY OF THE RUSSIAN FEDERATION
1. The concept of national security
1.1. Interests and threats in the field of national security
1.2. The influence of the processes of informatization of society on the components of national security and their content
2. Information Security in the national security system Russian Federation
2.1. Basic concepts, general methodological principles of information security
2.2. National interests in information sphere
2.3. Sources and content of threats in the information sphere
3. State information policy
3.1. Basic provisions of the state information policy of the Russian Federation
3.2. Priority measures for the implementation of the state policy of ensuring information security
4. Information is the most valuable resource of modern society
4.1. The concept of “information resource”
4.2. Classes information resources
5. Problems of information warfare
5.1. Information weapon and its classification
5.2. Information war
6. Problems of information security in the field of state and municipal government
6.1. Information processes in the field of state and municipal government
6.2. Types of information and information resources in the field of GMU
6.3. State and prospects of informatization of the sphere of State Medical University
7. System of training in the field of information security in the Russian Federation
7.1. Structure of the training system in the field of information security
7.2. The composition of the educational and methodological support of the system and its control subsystem
7.3. Main directions of educational activities
Literature
Part 2. INFORMATION SECURITY OF AUTOMATED SYSTEMS
1. Modern formulation of the information security problem
2. Organizational and legal support, information security
2.1. Information as an object of legal protection. Basic principles of information classification
2.2. State system legal support information protection in the Russian Federation
3. Information systems
3.1. General provisions
3.2. Information as a product
3.3. Information Services
3.4. Sources confidential information V information systems Oh
3.5. What leads to the unlawful acquisition of confidential information in information systems
3.6. Kinds technical means information systems
4. Information threats
4.1. Classes of channels for unauthorized receipt of information
4.2. Reasons for violation of information integrity
4.3. Types of threats to information systems
4.4. Types of losses
4.5. Information infections
4.6. Losses associated with information exchange
4.7. Information systems intruder model
5. Methods and models for assessing information vulnerability
5.1. Empirical approach to assessing information vulnerability
5.2. Full overlap system
5.3. Practical implementation“threat-defense” models
6. Recommendations for the use of information vulnerability assessment models
7. Methods for determining information security requirements
8. Analysis existing techniques determining information security requirements
8.1. Information system security requirements in the USA
8.2. Security requirements for information systems in Russia
8.3. Fund security classes computer technology from unauthorized access
8.4. Assessing the State of IP Security in France
8.5. Factors influencing the required level of information security
8.6. Criteria for assessing information technology security
9. Functions and tasks of information security
9.1. General provisions
9.2. Methods for generating protection functions
9.3. Classes of information security tasks
9.4. Protection functions
9.5. States and functions of the information security system
10. Information security strategies
11. Methods and means of protecting information
12. Cryptographic methods information protection
12.1. Requirements for cryptosystems
12.2. Basic encryption algorithms
12.3. Digital signatures
12.4. Cryptographic hash functions
12.5. Cryptographic random number generators
12.6. The degree of protection provided by the cipher
12.7. Cryptanalysis and attacks on cryptosystems
13. Architecture of information security systems
13.1. Requirements for information security architecture
13.2. Construction of information protection system
13.3. Core of the information security system
13.4. Information security system resources
13.5. Organizational building
Literature
Annex 1. WORK PROGRAM FOR THE DISCIPLINE “FUNDAMENTALS OF INFORMATION SECURITY”
I. Goals and objectives of the discipline, its place in educational process. Goals of teaching the discipline
Objectives of studying the discipline
General instructions for performing practical exercises
List of disciplines, the mastery of which is necessary to study this course
II. Contents of the discipline
1. Theoretical classes (18 hours)
2. Practical lessons(18 h)
3. Independent work(28 hours)
III. Educational and methodological materials on the discipline
Main literature
additional literature
Legislation
Appendix 2. INDIVIDUAL TASKS.
First task
Second task
Appendix 3. QUESTIONS FOR THE EXAM
Appendix 4. DOCTRINE OF INFORMATION SECURITY OF THE RUSSIAN FEDERATION.
I. Information security of the Russian Federation
1. National interests of the Russian Federation in the information sphere and their provision
2. Types of threats to information security of the Russian Federation
3. Sources of threats to information security of the Russian Federation
4. The state of information security of the Russian Federation and the main tasks to ensure it
II. Methods for ensuring information security of the Russian Federation
5. General methods ensuring information security of the Russian Federation
6. Features of ensuring information security of the Russian Federation in various fields public life
7. International cooperation of the Russian Federation in the field of information security
III. Basic provisions of the state policy of ensuring information security of the Russian Federation and priority measures for its implementation
8. Basic provisions of the state policy of ensuring information security of the Russian Federation
9. Priority measures for the implementation of the state policy of ensuring information security of the Russian Federation
IV. Organizational basis of the information security system of the Russian Federation
10. Main functions of the information security system of the Russian Federation
11. Main elements of the organizational basis of the information security system of the Russian Federation
Appendix 5. FEDERAL LAW OF THE RUSSIAN FEDERATION “ON INFORMATION, INFORMATION AND INFORMATION PROTECTION”
Chapter 1. General provisions
Article 1. Scope of this Federal Law
Article 2. Terms used in this Federal Law, their definitions.
Article 3. Responsibilities of the state in the field of formation of information resources and informatization
Chapter 2. Information resources
Article 4. Fundamentals of the legal regime of information resources
Article 5. Documentation of information
Article 6. Information resources as an element of property and an object of property rights
Article 7. State information resources
Article 8. Mandatory submission of documented information for the formation of state information resources.
Article 9. Attribution of information resources to the all-Russian national heritage
Article 10. Information resources by access categories
Article 11. Information about citizens (personal data)
Chapter 3. Use of information resources
Article 12. Implementation of the right to access information from information resources
Article 13. Guarantees for the provision of information
Article 14. Access of citizens and organizations to information about them
Article 15. Duties and responsibilities of the owner of information resources
Chapter 4. Informatization. Information systems, technologies and means of supporting them
Article 16. Development and production of information systems, technologies and means of supporting them
Article 17. Ownership of information systems, technologies and means of supporting them.
Article 18. Right of authorship and ownership of information systems, technologies and means of supporting them
Article 19. Certification of information systems, technologies, means of supporting them and licensing of activities for the formation and use of information resources
Chapter 5. Protection of information and rights of subjects in the field of information processes and informatization
Article 20. Objectives of protection
Article 21. Information protection
Article 22. Rights and obligations of subjects in the field of information protection
Article 23. Protection of the rights of subjects in the field of information processes and informatization
Article 24. Protection of the right to access information
Article 25. Entry into force of this Federal Law
Appendix 6. FEDERAL LAW OF THE RUSSIAN FEDERATION “ON ELECTRONIC DIGITAL SIGNATURES”
Chapter 1. General provisions
Article 1. Purpose and scope of application of this Federal Law
Article 2. Legal regulation relations in the field of electronic digital signature
Chapter 2. Terms of use of electronic digital signature
Article 4. Conditions for recognizing the equivalence of an electronic digital signature and a handwritten signature
Article 5. Use of electronic digital signature means
Article 6. Signature Key Certificate
Article 7. Duration and procedure for storing the signature key certificate in the certification center
Chapter 3. Certification authorities
Article 8. Status of the certification center
Article 9. Activities of the certification center
Article 10. Relations between the certification center and the authorized federal executive body
Article 11. Obligations of the certification center in relation to the owner of the signature key certificate
Article 12. Obligations of the owner of the signature key certificate
Article 13. Suspension of the signature key certificate
Article 14. Cancellation of a signature key certificate
Article 15. Termination of activities of a certification center
Chapter 4. Features of using an electronic digital signature
Article 16. Use of electronic digital signature in the field of public administration
Article 17. Use of electronic digital signature in the corporate information system
Article 18. Recognition of a foreign signature key certificate
Article 19. Cases of replacement of seals
Chapter 5. Final and transitional provisions
Article 20. Bringing regulatory legal acts into compliance with this Federal Law
Article 21. Transitional provisions
Appendix 7. FEDERAL LAW “ON TECHNICAL REGULATION”
Chapter 1. General provisions
Article 2. Basic concepts
Article 3. Principles of technical regulation
Article 4. Legislation of the Russian Federation on technical regulation
Article 5. Features of technical regulation in relation to defense products (works, services) and products (works, services), information about which constitutes a state secret
Chapter 2. Technical regulations
Article 6. Purposes of adoption of technical regulations
Article 7. Contents and application of technical regulations
Article 8. Types of technical regulations
Article 9. Procedure for development, adoption, amendment and cancellation of technical regulations
Article 10. Special procedure for the development and adoption of technical regulations
Chapter 3. Standardization
Article 11. Goals of standardization
Article 12. Principles of standardization
Article 13. Documents in the field of standardization
Article 14. National body of the Russian Federation for standardization, technical committees for standardization
Article 15. National standards, all-Russian classifiers of technical, economic and social information
Article 16. Rules for the development and approval of national standards
Article 17. Standards of organizations
Chapter 4. Confirmation of conformity
Article 18. Purposes of conformity assessment
Article 19. Principles of conformity assessment
Article 20. Forms of confirmation of conformity
Article 21. Voluntary confirmation of compliance
Article 22. Marks of conformity
Article 23. Mandatory confirmation of compliance
Article 24. Declaration of conformity
Article 25. Mandatory certification
Article 26. Organization of mandatory certification
Article 27. Sign of circulation on the market
Article 28. Rights and obligations of the applicant in the field of mandatory confirmation of compliance
Article 29. Conditions for the import into the territory of the Russian Federation of products subject to mandatory confirmation of conformity
Article 30. Recognition of results of conformity assessment
Chapter 5. Accreditation of certification bodies and testing laboratories (centers)
Article 31. Accreditation of certification bodies and testing laboratories (centers)
Chapter 6. State control (supervision) over compliance with the requirements of technical regulations
Article 32. State control (supervision) bodies over compliance with the requirements of technical regulations
Article 33. Objects of state control (supervision) over compliance with the requirements of technical regulations
Article 34. Powers of state control (supervision) bodies.
Article 35. Responsibility of state control (supervision) bodies and their officials when exercising state control (supervision) over compliance with the requirements of technical regulations.
Chapter 7. Information on violation of technical regulations and product recall
Article 36. Liability for non-compliance of products, production processes, operation, storage, transportation, sales and disposal with the requirements of technical regulations
Article 37. Information on non-compliance of products with the requirements of technical regulations
Article 38. Responsibilities of the manufacturer (seller, person performing the functions of a foreign manufacturer) in the event of receiving information about the non-compliance of products with the requirements of technical regulations
Article 39. Rights of state control (supervision) bodies in the event of receiving information about product non-compliance with the requirements of technical regulations.
Article 40. Forced recall of products
Article 41. Liability for violation of the rules for performing certification work
Article 42. Responsibility of an accredited testing laboratory (center)
Chapter 8. Information about technical regulations and standardization documents
Article 43. Information about standardization documents
Article 44. Federal information fund of technical regulations and standards
Chapter 9. Financing in the field of technical regulation
Article 45. Procedure for financing expenses in the field of technical regulation from the federal budget
Chapter 10. Final and transitional provisions
Article 46. Transitional provisions
Article 47. Bringing regulatory legal acts into compliance with this Federal Law
Article 48. Entry into force of this Federal Law
Appendix 8. FEDERAL LAW “ON LICENSING CERTAIN TYPES OF ACTIVITY”
Article 1. Scope of application of this Federal Law
Article 2. Basic concepts
Article 3. Basic principles of licensing
Article 4. Criteria for determining licensed types of activities
Article 5. Determination of the powers of the Government of the Russian Federation in the implementation of licensing
Article 6. Powers of licensing authorities
Article 7. Validity of the license
Article 8. Validity period of the license
Article 9. Making a decision to grant a license
Article 10. Contents of the document confirming the presence of a license and the decision to grant a license
Article 11. Re-issuance of a document confirming the presence of a license
Article 12. Exercise of control
Article 13. Suspension of a license and revocation of a license
Article 14 Maintenance of license registers
Article 15. License fees
Article 16. Financing of licensing
Article 17. List of activities for which licenses are required
Article 18. Transitional provisions
Article 19. Recognition of certain legislative acts as invalid in connection with the adoption of this Federal Law
Article 20. Entry into force of this Federal Law
Appendix 9. FEDERAL LAW “ON TRADE SECRETS”
Article 1. Goals and scope of this Federal Law
Article 2. Legislation of the Russian Federation on trade secrets
Article 3. Basic concepts used in this Federal Law
Article 4. The right to classify information as information constituting a commercial secret, and methods of obtaining such information
Article 5, Information that cannot constitute a commercial secret
Article 6. Provision of information constituting a commercial secret
Article 7. Rights of the owner of information constituting a commercial secret
Article 8. Owner of information constituting a trade secret received within the framework of labor relations
Article 9. The procedure for establishing a trade secret regime when executing a state contract for state needs
Article 10. Protection of confidentiality of information
Article 11. Protection of confidentiality of information within the framework of labor relations
Article 12, Protection of confidentiality of information within the framework of civil law relations
Article 13. Protection of confidentiality of information when provided
Article 14. Liability for violation of this Federal Law
Article 15. Responsibility for failure to provide state authorities, other government agencies, organs local government information constituting a trade secret
Article 16. Transitional provisions
Appendix 10. GLOSSARY
Appendix 11. INFORMATION PROTECTION TERMS.
Discussed by the Department of Methodology and Modeling of Safe Development of Process Systems of the Russian Academy
natural sciences and approved for publication by the Presidium of the Russian Academy of Natural Sciences
Reviewers:
Head of the Faculty of Information Security ICSI candidate technical sciences S.N.Smirnov
Full member of the International Academy of Informatization, Doctor of Technical Sciences, Professor A. V. Petrakov
Full member of the International Academy of Informatization, Doctor of Sociological Sciences, Professor G. A. Kabakovich
Rep. editor - candidate of military sciences L.I. Filippenko
Yarochkin V.I.
Information security: A textbook for university students. - M.: Academic Project; Gaudeamus, 2nd ed.-
2004. - 544 p. (Gaudeamus).
ISBN 5-8291-0408-3 (Academic Project) ISBN 5-98426-008-5 (Gaudeamus)
In modern information society information has become a special resource for any activity, therefore, like any other resource, it needs to be protected, to ensure its safety, integrity and without danger. Who and how threatens information security and how to counter these threats, you will learn by reading this book. The textbook is intended for students of higher educational institutions, institutes of advanced training and schools for training specialists studying the problems of protecting confidential information.
UDC 002-004 BBK
© Yarochkin V.I., 2003
ISBN 5-829I-0408-3 ©Academic Project, original layout, design, 2004
Introduction Chapter 1 CONCEPT OF INFORMATION SECURITY
1.1. Basic conceptual provisions of the information security system
1.2. Conceptual model of information security
1.3. Threats to confidential information
1.4. Actions leading to unlawful possession
confidential information
Chapter 2 GUIDELINES FOR ENSURING INFORMATION SECURITY
2.1. Legal protection
2.2. Organizational defense
2.3. Engineering and technical protection
2.3.1. General provisions
2.3.2. Physical protection
2.3.3. Hardware protection
2.3.4. Security software
2.3.5. Cryptographic protections
Chapter 3 WAYS TO PROTECT INFORMATION
3.1. General provisions
3.2. Characteristics of protective actions
Chapter 4 SUPPRESSION OF DISCLOSURE OF CONFIDENTIAL INFORMATION
4.1. General provisions
4.2. Ways to suppress disclosure
Chapter 5 PROTECTING INFORMATION FROM LEAKAGE THROUGH TECHNICAL CHANNELS
5.1. General provisions
5.2. Protection of information from leakage via visual optical channels
5.2.1. General provisions
5.2.2. Means and methods of protection
5.3. Protection of information from leakage via acoustic channels
5.3.1. General provisions
5.3.2. Methods and means of protection
5.4. Protecting information from leakage via electromagnetic channels
5.4.1. Protection against heat due to the microphone effect
5.4.2. Protection against leakage due to electromagnetic radiation
5.4.4. Protection against thermal leakage in power supply circuits
5.4.5. Protection against leakage via grounding circuits
5.4.6. Protection against heat leakage due to the mutual influence of wires and communication lines
5.4.7. Protection against heat due to high-frequency imposition
5.4.8. Protection against heat in estrus fiber optic lines and communication systems
5.5. Protection of information from leakage through material channels
Chapter 6 COUNTERING UNAUTHORIZED ACCESS TO SOURCES OF CONFIDENTIAL INFORMATION
6.1. Methods of unauthorized access
6.2. Technical means of unauthorized access to information
6.3. Protection against surveillance and photography
6.4. Protection against eavesdropping
6.4.1. Counteracting eavesdropping with
microphone systems
6.4.2. Countering radio acoustic eavesdropping systems
6.4.3. Ensuring the security of telephone conversations
6.4.4. Countering laser eavesdropping
6.5. Countering illegal connection to communication lines
6.5.1. Anti-contact connection
6.5.2. Anti-contact connection
6.6. Anti-interception protection
Chapter 7. CONFIDENTIALITY WHEN WORKING WITH FOREIGN PEOPLE AND PARTNERS
7.1. Areas of interaction with foreign partners
7.1.1. Scientific and technical cooperation with foreign partners
7.1.2. Scientific and technical cooperation. Technologically, exchange and its regulation.
7.1.3. Types of commercial international transactions
7.1.4. Scientific and technical documentation - a source of confidential information
7.1.5. Possible conditions for disclosing information constituting a trade secret
7.1.6. Examination of the value transmitted scientifically-technical
documentation
7.2. Organization of work with foreign partners
7.2.1. Assessment of potential partners
7.2.2. Receiving foreign representatives and conducting commercial negotiations
7.2.3. Procedure for working with foreign partners
7.2.4. Procedure for protecting confidential information when working with foreign partners
Chapter 8 INFORMATION SECURITY AUDIT [^]
Afterword
Applications
1. State Technical Commission of Russia. Guiding document Protection against unauthorized access to information. Terms and Definitions
2. The concept of information security of the Russian Federation
3. List of information classified as state secret. Decree of the President of the Russian Federation on the list of information classified as state secrets. January 24, 1998 No. 61
4. Decree of the President of the Russian Federation. On approval of the list of confidential information
5. Regulations on licensing of technical activities
protection of confidential information. Decree of the Government of the Russian Federation of April 30, 200 2 No. 290 Moscow
6. INSTRUCTIONS for protecting confidential information when working with foreign partners
7. ENSURING THE PRESERVATION OF COMMAND SECRET
ENTERPRISES 8.CATALOG of generalized protection measures
confidential information
Bibliography
Introduction [^]
A notable feature of the current period is the transition from an industrial society to an information society, in which information becomes more important resource than material or energy resources. As you know, resources are the elements of economic potential that society has and which, if necessary, can be used to achieve specific goals of economic activity. Categories such as material, financial, labor, and natural resources that are involved in economic turnover have long become familiar and commonly used, and their purpose is clear to everyone. But then the concept of “information resources” appeared, and although it has been legalized, it is not yet sufficiently understood. In the literature cited, this concept is stated as follows: “Information resources
Individual documents and individual arrays of documents, documents and arrays of documents in information systems (libraries, archives, funds, data banks, other information systems).” Information resources are property, are under the jurisdiction of the relevant bodies and organizations, are subject to accounting and protection, since information can be used not only for the production of goods and services, but also turn it into cash by selling it to someone, or, what even worse, destroy.
Proprietary information for the manufacturer is of significant value, since often obtaining (creating) such information is a very labor-intensive and expensive process. It is obvious that the value of information (real or potential) is determined primarily by the income it generates.
A special place is given to information resources in a market economy.
The most important factor in a market economy is competition. The winner is the one who produces and sells better, of higher quality, cheaper and more quickly (time is money!). In essence, this is a universal market rule. And in these conditions, the main rule is: who owns the information, owns the world.
IN competition Various actions aimed at obtaining (extracting, acquiring) confidential information by the most
in various ways, up to direct industrial espionage using modern technical intelligence means. It has been established that 47% of stored information is obtained
With using technical means of industrial espionage.
IN Under these conditions, the protection of information from unlawful acquisition is given a very significant place. Wherein
“The goals of information protection are: preventing disclosure, leakage and unauthorized access to protected information; prevention of illegal actions of destruction, modification, distortion, copying, blocking of information; prevention of other forms of illegal interference in information resources and information systems; ensuring the legal regime of documented information as an object of property; protection of the constitutional rights of citizens to maintain personal secrets and confidentiality of personal data available in information systems; maintaining state secrets, confidentiality of documented information in accordance with the law; ensuring the rights of subjects in information processes and in the development, production and use of information systems, technologies and means of supporting them.”
As can be seen from this definition of protection objectives,
information security is quite capacious and a multifaceted problem that covers not only determining the need to protect information, but also how to protect it, what to protect from, when to protect, what to protect and what this protection should be.
The author is fully aware and aware of the complexity of the problem of information protection in general, and with the help of technical means in particular. Nevertheless, he sets out his view on this problem in this book, believing that this does not cover all aspects complex problem, but only certain parts of it.
* * *
The coming 21st century will be the century of triumph of the theory and practice of information - the information age.
Chapter 1 CONCEPT OF INFORMATION SECURITY [^]
What we store is what we have
"INFORMATION SECURITY -
this is a state of security information environment society, ensuring its formation, use and development in the interests of citizens, organizations, states.”
(Law of the Russian Federation “On participation in international information exchange”)
Postulates
1. Information is a universal property of matter.
2. Any interaction in nature and society is based on information.
3. Every process of performing work is a process of information interaction.
4. Product information about reflections of reality.
5. Reality is reflected in space and time.
6. Nothing comes from nothing.
7. Information retains its meaning unchanged as long as the information carrier - MEMORY - remains unchanged.
8. Nothing just disappears.
The concept of “information” is used very widely today
And versatile. It is difficult to find an area of knowledge where it is not used. Huge information flows literally
I overwhelm people. The volume of scientific knowledge, for example, according to experts, doubles every five years. This situation leads to the conclusion that the 21st century will be the century of the triumph of the theory and practice of INFORMATION - the information age.
It is legitimate to ask the question: what is information? The literature gives the following definition: information - information about persons, objects, facts, events, phenomena and processes, regardless of the form of their presentation. It is known that information can take various forms, including data embedded in
computers, blueprints, tracing papers, letters or memos, dossiers, formulas, drawings, diagrams, product models and prototypes, dissertations, court documents and more.
Like any product, information has consumers who need it, and therefore has certain consumer qualities, and also has its owners or producers.
From the consumer's point of view, the quality of the information used makes it possible to obtain additional economic or moral benefits.
From the owner's point of view, keeping it secret is commercial important information allows you to successfully compete in the market for the production and sale of goods and services. This naturally requires certain actions aimed at protecting confidential information.
Understanding security as the state of protection of the vital interests of an individual, enterprise, state from internal and external threats, security components can also be distinguished - such as personnel, material and financial resources and information.
1.1. Basic conceptual provisions of the information security system [^]
An analysis of the state of affairs in the field of information security shows that a fully formed concept and structure of protection has already emerged, the basis of which is the following:
a very developed arsenal of technical means of protecting information, produced on an industrial basis;
a significant number of firms specializing in solving information security issues;
a fairly clearly defined system of views on this problem;
having significant practical experience, etc.
And yet, as evidenced by the domestic and foreign press, malicious actions against information not only do not decrease, but also have a fairly steady upward trend.
Experience shows that to combat this trend, a coherent and targeted organization of the process of protecting information resources is necessary. Moreover, this should
professional specialists, administration, employees and users actively participate, which determines the increased importance of the organizational side of the issue.
Experience also shows that:
ensuring the security of information cannot be
a one-time act. This is a continuous process consisting of justification and implementation of the most rational methods, methods and ways of improving and developing the protection system, continuous monitoring of its condition, identifying its narrow and weak points and illegal actions;
information security can only be ensured
with the integrated use of the entire arsenal of available protection means in all structural elements of the production system and at all stages of the technological cycle of information processing. The greatest effect is achieved when all the means, methods and measures used are combined into a single holistic mechanism - an information security system (IPS). At the same time, the functioning of the system must be monitored, updated and supplemented depending on changes in external and internal conditions;
no information security system can provide the required level of information security without proper preparation
users and their compliance with all established rules aimed at protecting it (Fig.
The YURAYT book publishing house offers large percentage selection of educational literature on the discipline “Information Security”, as well as related disciplines. Indeed, in today’s century, due to the high growth in the volume and exchange of information, the use of methods and means of protecting transmitted data becomes important.
What is information security as a textbook?
Information protection is a discipline that allows you to comprehend its integrity, openness and secrecy.
The subject of the teaching was introduced to implement necessary measures for its protection in various organizations. They, in turn, use following methods:
- software;
- hardware;
- cryptographic.
Organizations also organize events to ensure the required level of material protection.
The purpose and objectives of the subject fundamentals of information security: textbook
After cognition, students form a knowledge system regarding information support, as well as the use of its methods and means in practice.
The tasks are formations:
- skills to ensure the protection of information and its objects;
- skills to collect documents for public authorities in the information and communication field;
- skills in performing work in the field of technical regulation, licensing of technical means, materials, systems, processes and equipment;
- skills in supplying intellectual property and research findings;
- setting up and maintaining programs and devices.
Subject specifics of the basics of information security: textbook
Characteristic of the discipline being studied is that students are shown the capabilities provided by modern means and methods of ensuring information security, and this is not the goal of studying technical details sales of special tools.
IN this section Science also provides classes in laboratory conditions, that is, completing assignments based on methodological literature. Each student is provided personal computer, which comes with a package certain programs. In conclusion, students acquire:
- familiarization with the means information security;
- experience in research work;
- teaching the sources of designing information security techniques.
Result of the subject fundamentals of information security: textbook
As a result, the subjects of study consist of:
- knowledge;
- skills;
- holdings of activity;
- activity experiences.
The last two points, by and large, relate to the extent to which you create empowerment and enable success.
And most importantly, we do not stop developing; each section of the website catalog is updated with new publications over time, which can be downloaded for free and without registering in our mobile application Yurayt.Library. And then you can read online at any convenient time.
Well, if you want to place an order for printed edition To keep modern educational literature on hand, then feel free to click on the “buy” button. Moreover, the price will definitely not disappoint you.
