Unfortunately, our age is different from all previous volumes of information that a person receives and processes. Previously, people read talked, but not to such extent. As scientists found out, an average person takes 53Tbytes / sec per second. This is a lot. Since this information passes not only through a person, but also through other communication systems, it must be protected. So how can you protect information?
Information Security Tools:
There are several ways to protect information. One of these are technical means, which in turn are divided into hardware and physical.
So what are the technical means - electrical, electromechanical, electronic, and others type of devices? This tool is different from the rest in its reliability and independence from subjective factors, highly resistant to modification. But unfortunately, there are weaknesses to this remedy: lack of flexibility compared to other means of protection, as well as relatively large volume and mass.
Hardware - these are devices that are embedded directly in the equipment or device and which can also be interfaced with the device itself.
Physical - an example (locks on the door, bars on the windows and the like)
Unauthorized access paths:
Their large number, now we will list them:
The use of listening devices;
Interception of electromagnetic radiation;
Theft of information carrier;
Unauthorized copying of information;
The use of software traps;
Using flawed programming languages;
Illegal connection to hardware communication lines;
Malicious failure of defense mechanisms;
Technical tools are divided into:
-Hardware - devices embedded directly into the equipment, or devices that interface with the local area network equipment via a standard interface (parity information control circuits, key memory fields protection schemes, special registers);
Physical - implemented in the form of autonomous devices and systems (electronic-mechanical equipment of security alarm and surveillance. Locks on the doors, bars on the windows).
Software tools are programs that specialize in information security. This program does not allow attackers to use or read information by encrypting data and provides access to a certain circle of people.
The advantages of the software are flexibility, reliability, simplicity, ability to modify and develop.
Disadvantages of software - limited network functionality, use of part of file server and workstations resources, high sensitivity to accidental or deliberate changes, possible dependence on types of computers (their hardware).
In the course of developing the concept of protecting information, experts concluded that the use of any one of the listed methods of protection would not bring a hundred percent protection. It is necessary to provide an integrated approach to information security.
Software protection of information:
Now let's take a closer look at one of the most popular types of information security.
The local network uses the following protections:
Data archiving tools are tools that merge several files into one large, single file, which in turn has a smaller volume than the original one, but at the same time has the ability to fully recover.
Antivirus software - software designed to protect information from viruses;
Cryptographic tools - include special encryption methods.
Means of indication and user authentication - the authentication is the authentication of the object, which in turn claims the right to access information.
Access control means are means with the goal of restricting and registering an object's entry and exit in a given “territory through points of passage”
Logging and auditing - logging provides for the collection and accumulation of information about events occurring in the information system. Audit is the process of analyzing accumulated information. The goal of a computer audit is to monitor the compliance of a system or network with the required security rules, principles, or industry standards. An audit provides an analysis of anything that may relate to security problems, or anything that could lead to security problems.
Built-in information security in network operating systems:
Built-in means of protecting information in network operating systems are available, but not always, as already noted, can completely solve the problems that arise in practice. For example, NetWare 3.x, 4.x network operating systems allow for reliable “echeloned” data protection from hardware failures and damage.
Novell’s SFT (System Fault Tolerance) system includes three basic levels:
SFT Level I, in particular, provides for the creation of additional copies of FAT and Directory Entries Tables, immediate verification of each data block newly recorded on the file server, as well as backup of about 2% of the disk capacity on each hard disk. When a failure is detected, the data is redirected to the reserved area of the disk, and the failed block is marked as “bad” and is not used in the future.
SFT Level II contains additional features for creating "mirrored" disks, as well as duplication of disk controllers, power supplies and interface cables.
SFT Level III allows you to use duplicated servers in the local network, one of which is “master”, and the second, containing a copy of all the information, comes into operation in the event that the “main” server goes down.
The system for controlling and limiting access rights in NetWare networks (protection against unauthorized access) also contains several levels:
The initial access level - the simplest type of control, implies user authentication in the network.
The level of user rights - implies, a restriction on the performance of certain operations or the work of the user as a whole
The attribute level of directories and files - the restriction on the modification of files in the file system.
File server console level - blocking the file server keyboard for the time being the network administrator until he has entered a special password.
Specialized software to protect information from unauthorized access have generally better capabilities and characteristics than the built-in network operating system. In addition to encryption programs and cryptographic systems, there are many other available external means of information protection. Of the most frequently mentioned solutions, the following two systems should be noted, which allow limiting and controlling information flows.
Firewalls - firewalls (firewall - firewall). Special intermediate servers are created between the local and global networks, which inspect and filter all network / transport traffic passing through them. This can dramatically reduce the threat of unauthorized access from outside to corporate networks, but does not completely eliminate this danger. A more protected type of method is masquerading, when all traffic originating from a local network is sent on behalf of a firewall server, making the local network almost invisible.