Informational security refers to the security of information and its supporting infrastructure from any random or malicious impacts, the result of which may be damage to the information itself, its owners or supporting infrastructure.

There are many reasons and motives for which some people want to spy at others. Having some money and effort, attackers can organize a number of channel leakage channels using their own ingenuity and (or) the negligence of the information owner. Information security tasks are reduced to minimizing damage, as well as forecasting and preventing such impacts.

To build a system reliable information protection It is necessary to identify all possible security threats, assess their consequences, to determine the necessary measures and means of protection, assess their effectiveness. Risk assessment is made by qualified specialists with various tools, as well as methods for modeling information protection processes. Based on the results of the analysis, the highest risks that transfer the potential threat to the category of really dangerous and, therefore, requiring additional security measures to be adopted.

Information may have several levels of importance, importance, value, which provides for the presence of several levels of its confidentiality accordingly. The presence of different levels of access to information implies a different degree of providing each of the information security properties - privacy, integrity and availability.

Analysis of information protection system, modeling of probable threats makes it possible to determine the necessary protection measures. When building an information protection system, it is necessary to strictly observe the proportion between the cost of the protection system and the degree of value of the information. And only having information about the market of open domestic and foreign technical means unauthorized removal of information, it is possible to determine the necessary measures and ways to protect information. This is one of the most difficult tasks in the design of the system of protection of commercial secrets.

In the event of various threats, they have to be defended. In order to estimate the likely threats, it is necessary to list the main categories of sources of confidential information - these may be people, documents, publications, technical carriers, technical means of ensuring industrial and work activities, products, industrial and production waste, and so on. Possible channels of information leakage should include joint activities with other firms; participation in negotiations; fictitious requests from the opportunity to work at the firm in various positions; visiting guests of the company; Knowledge of sales representatives of the company's characteristics; excessive advertising; supply of adjustments; consulting specialists from the parties; publications in print and speeches, conferences, symposia, etc.; conversations in non-working rooms; law enforcement agencies; "Offended" employees of the enterprise, etc.

All possible ways to protect information Go down to several main techniques:

preventing direct penetration to the source of information with the help of engineering structures of technical means of protection;

hiding reliable information;

providing false information.

It is simplified to allocate two forms of perception of information - acoustic and visual (signal). Acoustic information in the message streams is predominant. The concept of visual information is very extensive, so it should be divided into volume and species and analog-digital.

The most common ways of unauthorized receipt of confidential information are:

listening to premises using technical means;

observation (including photographing and video shooting);

intercepting information using radio-monitoring tools of informative photographic radiation;

theft of media of information and production waste;

reading residual information in system storage devices after executing a sanctioned request, copying media;

unauthorized use of registered user terminals using passwords;

making changes, disinformation, physical and program methods of destruction (destruction) of information.

The modern concept of the protection of information circulating in the premises or technical systems of the commercial object requires not periodic, but permanent control in the location zone of the object. Protection of information includes a whole complex of organizational and technical measures to ensure information security by technical means. It should solve such tasks as:

preventing an attacker access to sources of information in order to destroy it, embarrassment or change;

protection of media information from destruction as a result of various influences;

prevent information leakage on various technical channels.

Methods and means of solving the first two tasks do not differ from the methods and means of protecting any material values, the third task is solved exclusively by ways and means of engineering and technical protection of information.

To determine how to curb the leakage of information, it is necessary to consider well-known technical means of tightness of information and the principles of their action.

The attackers have a fairly large selection of funds for unauthorized receipt of confidential information. Some are convenient for simplicity of installation, but, accordingly, it can also be easily detected. Others are very difficult to find, but they are not easy and installed. They differ in application technology, according to the schemes and methods of using energy, by type of channel transmission channels. It is important to emphasize that for each method of obtaining information on the technical channels of its leakage there is a method of opposition, often not one, which can reduce such a threat to a minimum.

Depending on the scheme and the method of using the energy of special use of the unwashed information, it is possible to divide into passive (reserving) and active (emitting). Mandatory elements of all active specials It is a sensor or sensor of controlled information that converts information into an electrical signal. A converter amplifier that enhances the signal and converts it to one form or another for subsequent information transmission. The signal form can be analog or digital. An obligatory element of active special information is removable of information is the terminal module.

Passive devices Do not emit extra energy. To obtain information from such devices from a remote control point in the direction of the controlled object, a powerful signal is sent. Reaching an object, the signal is reflected from it and the surrounding items and partially returns to the checkpoint. The reflected signal carries information about the properties of the control object. Passive special needs formally include practically all means of interception of information on natural or artificial communication channels. All of them are energetically and physically hidden.

The most common and relatively inexpensive method of unwinding information still remains the installation of a variety of bookmarks (bugs). BACKING DEVICE - Hiddenly installed technical means of unlawful removal of information. Some of them are intended to obtain acoustic information, others - to obtain species images, digital or analog data from the computing and office equipment used, communications, telecommunications, etc.

Today there is a huge number of similar devices on the market. They differ in the execution and method of transmitting information - autonomous or network, they can be made in the form of standard elements of existing power and low-current lines (forks, connectors, etc.), radio label in the form of steps, ashtons, cardboard, "forgotten" personal belongings , standard elements of telephone sets, etc. To the same category of funds include various variants of miniature voice recorders, microcamers, cameras, and so on.

More expensive and designed for long-term control, technical means are installed in advance at control facilities (for example, during a period of capital or cosmetic repairs). These can be wired tools with microphones, deeply disguised bookmarks (for example, in computer technology), acoustic or video monitoring agents, autonomic radiomycrophones or optoelectronic microphones with rendered radiating elements, etc.

The most difficult and accordingly the most expensive - special technical means Allowing to intercept information at some distance from its source. These are a variety of recorders of vibro-acoustic oscillations of walls and communications systems arising from the conversation in the room; Registrars of weakened acoustic fields penetrating through natural sounds (for example, ventilation systems); Registrators of side emissions from working office equipment; directed and highly sensitive microphones to control speech information from remote sources; means of remote visual or video monitoring; Laser means of controlling vibrations of window glass, etc.

Registration of conversations (negotiations) is one of the most common ways and a fairly informative channel of the unbelief information. Listening can be carried out by directly listening (through the door, ventilation channels, walls, etc.) and using technical means. These can be a variety of microphones, voice recorders (analog with a magnetic tape recording, digital with a flash memory recording, including equipped with acoustomatomatomate), directed microphones, etc. The tactics of the use of these devices is quite simple, but effective.

Acoustic microphones. The most common devices are various microphones. Microphones can be built into the walls, electrical and telephone sockets, various equipment, etc. They can be sealed for anything, for example, may have the form of a conventional capacitor, which is in the printer circuit and is connected to its power system. Most often used wired microphones With the transfer of information on specially paved wires, over the power supply network, by alarm wire, radio broadcast, etc., the range of information transmission from such devices is practically not limited. As a rule, they appear after various repairs, after renting premises, visits of various inspections, etc. Found with difficulty, but it is easily eliminated.

Radiomicrophons - These are umbl-range microswitters that can be stationary and temporary. The conversations themselves are intercepted at a distance of several tens of meters. The range of information is from dozens to hundreds of meters, and intermediate repeaters are used to increase the range, and "bugs" are installed on metal objects - water supply pipes, household electrical appliances (serving an additional transmitting antenna).

Any radio microphones and telephone transmitters provide themselves with radium radiumpace (20-1500 MHz), so maybe they can be detected using passive means. Atmospheric and industrial interference, which are constantly present in the medium distribution medium of information, have the greatest impact on the amplitude of the signal, and to a lesser extent - at its frequency. In functional channels allowing the transmission of more broadband signals, for example, in the VHF range, the transmission of information is carried out, as a rule, frequency-modulated signals as more noise-resistant, and in narrowband dv-, and kb-bands - amplitude-modulated signals. To enhance secure work, the transmitter power is described small. The high highlighting of the signal transmission from radio microphones is often achieved by choosing the operating frequency close to the carrier frequency of the powerful radio station, and is masked by its signals.

Contributed microphones May have the most diverse design corresponding to the acoustic "slots". "Needle" microphone, sound to which is supplied through a thin tube of about 30 cm long, can be sucked in any gap. Dynamic heavy capsule, for example, you can omit into the ventilation pipe from the roof. A flat crystalline microphone can be brought under the door below.

Optical microphone transmitter transmits a signal from the remote microphone an invisible eye infrared radiation. A special optoelectronic apparatus with a silicon photodetector is used as a receiver.

By the time of operation, specialized transmitters are divided into continuously emitting, with the inclusion of transmission during the appearance in the controlled placement of conversations or noise and remotely controlled. Today, "bugs" appeared with the possibility of accumulating information and the subsequent transmission to ether (transmission signals), with a pseudo-random buckwalking rearrangement of the radio signal frequency, with a direct expansion of the source spectrum and the modulation of the carrier frequency of the pseudo-random M-sequence (noise-like signals).

The disadvantage of all acoustic exploration tools described above is the need to penetrate the object of interest in the purpose of secure installation of special installations. These shortcomings are deprived directional microphones To listen to conversations. They may have a different constructive execution.

Used microphone with parabolic reflector A diameter of 30 cm to 2 m, in the focus of which there is a sensitive ordinary microphone. Microphone tube Can camouflage under a cane or umbrella. Not so long ago the so-called flat directional microphoneswhich can be embedded in the wall of the diplomat or mutually worn in the form of a vest under a shirt or jacket. The most modern and effective are considered laser and infrared microphoneswhich allow you to reproduce speech, any other sounds and acoustic noises with light-cycle sounding of window windows and other reflective surfaces. At the same time, the listening distance depending on the actual situation can reach hundreds of meters. These are very expensive and complex devices.

Unauthorized access to acoustic information can also be carried out with stethoscopes and hydroacoustic sensors. Sound waves carrying speech information are well propagated by ducts, water pipes, reinforced concrete structures and are recorded by special sensors installed outside the protected object. These devices flow microcolebanishes of contact partitions using a miniature vibrator bar attached to the opposite side with the subsequent signal conversion. With the help of stethoscopes, it is possible to listen to negotiations through the walls of a thickness of more than meter (depending on the material). Sometimes hydroacoustic sensors are used, allowing you to listen to the conversations in the rooms using water supply pipes and heating.

The leakage of acoustic information is also possible due to the impact of sound oscillations on the elements of the electrical circuit of some technical devices due to the electroacoustic transformation and the heterodyne equipment. To the number of technical devices capable of forming electrical leakage channels, Painphones (especially push-button), security and fire alarm sensors, their lines, electrical wiring network, etc.

For example, in the case of telephone devices and electrical clock, the leakage of information occurs due to the conversion of sound oscillations into an electrical signal, which then distributes via wired lines. Access to confidential information can be carried out by connecting to these wired lines.

In televisions and radio receivers, the leakage of information occurs due to the heterodine (frequency generators) available in these devices. Due to the modulation by sound oscillation of the carrier frequency of the heterodyne into the system "seeps" the sound information and is emitted in the form of an electromagnetic field.

To detect the presence of such leakage channels in the protected area, include a powerful source of sound oscillations and check the presence of signals on the outgoing lines.

To detect bookmarks with transmission of acoustic information on natural wired channels (telephone line, electrical circuit, security and fire alarm chains, etc.) use a method for detecting a known beep. With this technology, the search for mortgage devices is carried out by listening to signals in wired communication in order to identify the known sound "on the hearing".

To reduce possible losses from the leakage of information to a minimum, there is no need to try to protect the entire building. The main thing - it is necessary to limit access to those places and to that technique where confidential information is concentrated (taking into account the possibilities and methods of its remote receipt).

Particularly important is the choice of place for the meeting room. It is advisable to post on the upper floors. It is desirable that the meeting room does not have windows or they would come out into the courtyard. Using alarm tools, good sound insulation, sound protection of holes and pipes passing through these rooms, disassembling excessive wiring, the use of other special devices will seriously impede the introduction of special equipment of the removal of acoustic information. Also in the meeting room should not be televisions, receivers, copier, electric clock, telephone sets, etc.

The task of technical information security tools is either eliminating the channel leakage channels, or a decrease in the quality of the information by the attacker. The main indicator of the quality of speech information is the intelligibility - syllable, verbal, phrase, etc. Most often use slightening, measured as a percentage. It is believed that the quality of acoustic information is sufficient if about 40% of syllable intelligibility is ensured. If you disassemble the conversation is almost impossible (even using modern technical means to increase the intelligibility of speech in noise), then syllable intelligibility corresponds to about 1-2%.

Warning of information leakage on acoustic channels is reduced to passive and active protection methods. Accordingly, all adaptations of information protection can be safely divided into two large classes - passive and active. Passive - measure, determine, localize leakage channels, without contributing to the external environment. Active - "worshiped", "burn out", "rock" and destroy all sorts of special needs of the checked receipt of information.

Passive technical protection - A device that ensures the hiding object of protection against technical intelligence methods by absorption, reflection or dispersion of its radiation. Passive technical protection equipment includes shielding devices and structures, masks of various purposes, separation devices in power supply networks, protective filters, etc. The purpose of the passive method is to easily weaken the acoustic signal from the sound source, for example, due to the walls of the walls with sound-absorbing materials.

According to the results of the analysis of architectural and construction documentation, a complex of necessary measures for passive protection of certain areas are formed. Partitions and walls, if possible, should be layered, materials of layers - selected with sharply different acoustic characteristics (for example, concrete-foam). To reduce the membrane transfer, it is desirable that they are massive. In addition, it is wiser to set double doors with an air layer between them and sealing gaskets around the perimeter of the jamb. To protect windows from the leakage of information, it is better to do with double glazing, applying sound-absorbing material and increasing the distance between glasses to enhance sound insulation, use curtains or blinds. It is advisable to equip windows with radiating vibrator. Various holes during confidential conversations should be overlapped with soundproof dampers.

Another passive way to curb the leakage of information is the correct mending device for the technical means of transmitting information. The grounding tire and the grounding circuit should not have a loop, and it is recommended to perform in the form of a branching tree. Grounding highways outside the building should be made at a depth of about 1.5 m, and inside the building - on walls or special channels (for the possibility of regular inspection). In the case of connecting to the maintenance highway, several technical means connects them to the main in parallel. When the grounding device cannot be used natural earthing (metal structures of buildings having a compound from the ground, laid in the ground metal pipes, metal shells of underground cables, etc.).

Since usually a variety of technical devices are connected to a common network, it arises in it different tips. To protect technology from external network interference and protection from the flooring created by the device itself, you must use network filters. The filter design should ensure a significant reduction in the likelihood of inside the side of the side communication between the entrance and the yield due to magnetic, electrical or electromagnetic fields. At the same time, a single-phase system of distribution of electricity should be equipped with a transformer with a grounded midpoint, a three-phase-high-voltage lowering transformer.

Shielding of premises Allows you to eliminate the films from the technical means of transmitting information (intercoms, server, etc.). The best are leaf steel screens. But the application of the grid greatly simplifies the issues of ventilation, lighting and the cost of the screen. To weaken the levels of radiation of technical information transfer tools about 20 times, it is possible to recommend a screen made of a single copper mesh with a cell of about 2.5 mm or from thin-sheet galvanized steel with a thickness of 0.51 mm and more. Screen sheets must be electrically connected to each other all over the perimeter. The doors of the premises also need to be shielded, with the provision of reliable electrocontacts with the door frame around the perimeter at least than 10-15 mm. In the presence of windows in the windows, they are tightened with one or two layers of the copper mesh with a cell no more than 2 mm. The layers should have a good electrocontact with the walls of the room.

Active technical protection - A device that provides the creation of masking active interference (or imitating them) for technical intelligence facilities or violating the normal functioning of the means of the unwashed removal of information. Active ways to prevent information leakage can be divided into detection and neutralization of these devices.

Various simulators, means of setting aerosol and chimneys, electromagnetic and acoustic sleeve devices and other means of formulation of active interference include various imitation techniques. Active method for preventing information leakage on acoustic channels is reduced to the creation in a "dangerous" medium of a strong interference signal, which is difficult to filter from useful.

Modern lightning technique has reached such a level that it becomes very difficult to detect reading and listening devices. The most common methods for identifying bookmark devices are: Visual inspection; Nonlinear location method; Metal detection; X-ray shocking.

Conduct special measures to detect the channel leakage channels and expensive. Therefore, as a means of protecting information, it is often more profitable to use telephone negotiation protection devices, spatial income generators, alternatives of acoustic and vibroacoustic sleeve, network filters. To prevent unauthorized recording of negotiations, dictaphones suppression devices are used.

Inadverters of dictaphones (Also, effectively affecting microphones) are used to protect information with acoustic and electromagnetic interference. They can affect the information carrier itself, the microphones in the acoustic range, on the electronic chains of the recording device. There are stationary and wearable versions of the performance of various suppressors.

Under the conditions of noise and interference, the threshold of hearing to receive weak sound increases. Such an increase in the threshold of hears is called acoustic disguise. For the formation of vibroacoustic interference, special generators based on electrovacuum, gas-discharge and semiconductor radio elements are used.

In practice, the most widespread use found noise oscillation generators. Noise-generators the first type It is used to suppress directly microphones in both radio transmission devices and in voice recorders, i.e., such a device tritely produces a certain routine signal transmitted to acoustic speakers and quite effectively masking human speech. In addition, such devices are used to combat laser microphones and stethoscopic listening. It should be noted that acoustic noise generators - hardly the only means to combat wired microphones. When organizing an acoustic disguise, it should be remembered that acoustic noise creates additional discomfort for employees, for negotiation participants (the usual noise generator capacity is 75-90 dB), but in this case the convenience must be sacrificed.

It is known that the "white" or "pink" noise used as an acoustic disguise, in its structure, has differences from the speech signal. On the knowledge and use of these differences, the algorithms of river signals are based, widely used by technical intelligence specialists. Therefore, along with such noise interferences in order to active acoustic disguise, more efficient generators of "rico-like" interference, chaotic impulse sequences, etc., are used today. The role of devices converting electrical oscillations in the acoustic oscillations of the speech frequency range are usually performed by small-sized broadband acoustic speakers. They are usually installed indoors in places of the most likely placement of acoustic intelligence.

"Pink" noise is a complex signal, the level of spectral density of which decreases with an increase in frequency with a constant steepness equal to 3-6 dB per octave in the entire frequency range. "White" is called noise, the spectral composition of which is uniform over the entire range of radiated frequencies. That is, such a signal is complex, as well as a human speech, and it cannot be distinguished by some predominant spectral components. The "rico-like" interference is formed by mixing in various combinations of speech signals and musical fragments, as well as noise interference, or from fragments of the most hidden speech signal with repeated overlap with different levels (most effective method).

Systems ultrasonic suppression Emit powerful ultrasound fluctuations in the human ear (about 20 kHz). This ultrasound exposure leads to overload of the low frequency amplifier and to significant distortions of the recorded (transmitted) signals. But the experience of using these systems showed their inconsistency. The intensity of the ultrasound signal was higher than all allowable medical standards for human impact. With a decrease in the intensity of ultrasound, it is impossible to reliably suppress the listening equipment.

Acoustic and vibrationacoustic generators produce noise (river, "white" or "pink") in the sound signal band, regulate the level of noise interference and control the acoustic emitters to form a solid noise acoustic interference. The vibratory emitter serves to form a solid noise vibropomeu on the enclosing designs and building communications of the room. Expanding the boundaries of the frequency range of interference signals reduces the requirements for the level of interference and reduce the verbal intelligibility of speech.

In practice, the same surface has to coat a few vibration emitters working from different, non-corrosive sources of interference signals, which clearly does not contribute to a decrease in the level of noise indoors. This is associated with the possibility of using the method of compensation for interference when listening to the room. This method is to install several microphones and a two-or three-channel removal of a mixture of a hidden signal with an interference in spatially separated points, followed by subtraction of interference.

Electromagnetic generator (generator second type) Introduces radio cameras directly on the microphone amplifiers and the input chains of the dictaphon. This equipment is equally effective against kinematic and digital voice recorders. As a rule, for these purposes, radio domain generators with a relatively narrow radiation strip are used to reduce the effects on ordinary radio electronic equipment (they practically do not affect the operation of the GSM cell phones, provided that the telephone connection was installed before the suppression of the suppressor). Electromagnetic interference The generator emit directed, usually this cone is 60-70 °. And to extend the suppression zone, the second generator antenna or even four antennas are installed.

It should be known that with the unsuccessful arrangement of suppressors, false responses of the security and fire alarm can occur. Instruments with a capacity of more than 5-6 W do not pass through medical standards for human impact.

Telephone communication channels is the most convenient and the most unprotected way of transmitting information between real-time subscribers. The electrical signals are transmitted over the wires in the open form, and listen to the telephone line is very simple and cheap. Modern telephone technology continues to remain the most attractive for espionage purposes.

There are three physical ways to connect mortgage devices to wired telephone lines:

contact (or galvanic method) - information is removed by directly connected to the controlled line;

non-contact induction - interception of information occurs due to the use of the magnetic tension of the dispersion field near telephone wires. In this case, the method of the signal being removed is very small and such a sensor responds to foreign interference electromagnetic effects;

contactless capacitive - interception of information occurs due to the registering of the electrical component of the dispersion field in the immediate vicinity of telephone wires.

With an induction or capacitive way, the interception of information occurs with the help of appropriate sensors without direct connection to the line.

Connecting to a telephone line can be performed on a PBX or anywhere between a telephone and PBX. Most often it happens in the nearest distribution box. The listening device is connected to the line or in parallel, or sequentially, and it takes a gauge to the post of interception.

So-called system "Telephone Ear" It is a device connected to a telephone line or an embedded to the phone. An attacker by calling the phone equipped in this way and having transferred a special inclusion code, it is possible to listen to conversations in the controlled room on the telephone line. The telephone of the subscriber is disconnected without allowing it to sprout.

Information can also be removed from the telephone line when the tube lying on the lever by external activation by high-frequency oscillations of its microphone ( high frequency pumping). High-frequency pump allows you to shoot information also from household and special equipment (radio, electric clock, fire alarm) if it has a wired exit from the room. Such systems are essentially passive, to detect them outside of use is very difficult.

In phones with electromagnetic call, it is possible to realize its reversibility (the so-called "Microphone Effect"). With mechanical (including voice) vibrations of moving parts of the phone, it has an electric current with an amplitude of the signal to several milcias. This voltage is enough for further signal processing. It should be said that it is similar that you can intercept useful microelectroots not only from the telephone, but also from the apartment call.

In computerized telephone systems, all telephone connections are carried out by a computer in accordance with the program embedded in it. When remotely penetrate into the local computer system or in the managing computer, the attacker has the ability to change the program. As a result, he gets the opportunity to intercept all types of information exchange in the controlled system. At the same time detect the fact of such interception is extremely difficult. All methods for protecting computerized telephone systems can be reduced to replace the usual modem connecting PBX with external lines, to a special, which provides access to the system only from authorized numbers, protection of internal software terminals, careful verification of employees who perform the duties of the system administrator, sudden software checks PBX installations, tracking and analyzing suspicious calls.

Organize listening to a cell phone It is much easier than it is considered. To do this, have several scanners (radioontrol posts) and adapt to the movement of the control object. Mobile phone cellular communications is actually a complex miniature receiving-transmitting radio station. To intercept the radio projector, necessarily knowledge of the communication standard (carrier frequency of radio transmission). Digital cellular networks (DAMPS, NTT, GSM, CDMA, etc.) can be heard, for example, using a conventional digital scanner. The use of standard encryption algorithms in cellular link systems does not guarantee protection either. It is easiest to listen to the conversation, if one of the talking leads a conversation from a regular landline phone, just just gain access to a distribution box. It is more difficult - mobile negotiations, since the movement of the subscriber during the conversation process is accompanied by a decrease in signal power and the transition to other frequencies in the case of signal transmission from one base station to another.

The phone is almost always next to its owner. Any mobile phone can be reprogrammed or replaced by an identical model with a "stitched" secret function, after which it becomes possible to listen to all conversations (not only telephone) even in the off state. When you call from a specific number, the phone automatically "raises" the tube and does not give the signal and does not change the image on the display.

For listening to a cell phone, the following types of equipment are used. Various homemade, produced by hackers and frictions using "flashing"

and reprogramming of mobile phones, "cloning" of phones. Such a simple method requires only minimal financial costs and skills to work with hands. This is a different radio device that is freely sold on the Russian market, and special equipment for radio visor in cellular communication networks. Equipment installed directly at the cellular operator itself is most effective for listening.

A conversation from a cell phone can be listened to both programmable scanners. Radio sterevature cannot be returned, and for its neutralization, active methods of counteraction are developed. For example, coding of radio signals or a method sharply "jumping" frequency. Also, to protect a cell phone from listening, it is recommended to use instruments with activation of the built-in noise generator from the GSM radiation detector. Once the phone is activated - the noise generator turns on, and the phone can no longer "listen" conversations. Mobile capabilities today allow not only to record voice and transmit it to the distance, but also to shoot a video image. That is why local information uses local blocks of cell phones.

Setting the location of the owner of the cell phone can be carried out by the method of triangulation (direction finding) and through a computer network providing the operator's connection. Diapering is implemented by the location of the source of radio signals from several points (usually three) special preparation. This technique is well designed, has high accuracy and is quite accessible. The second method is based on withdrawal information from the computer network of information on where the subscriber is at a given time, even if it does not lead any conversations (by signals automatically transmitted by the phone to the base station). Analysis of data on subscriber's communication sessions with various base stations allows you to restore all the movements of the subscriber in the past. Such data can be stored in cellular communication from 60 days to several years.

Protection of phone channels It can be carried out with the help of cryptographic protection systems (scramblers), telephone lines analyzers, single speech masquemen, passive protection tools, actuators of active barrier interference. Information protection can be carried out on a semantic (meaning) level with the use of cryptographic methods and the energy level.

The existing equipment, opposing the possibility of listening to telephone conversations, is divided into three classes by the degree of reliability:

I class - the simplest converters, distorting signal, relatively cheap, but not very reliable - these are various noise generators, push-button alarms, etc.

II class - Schembers, when working, a replaceable key password is used, a relatively reliable way to protect, but professionals using a good computer can restore the meaning of the recorded conversation;

III CLASS - Speech coding equipment, transforming speech into digital codes, which is powerful computers, more complex than personal computers. Not knowing the key, it is almost impossible to restore the conversation.

Installation on the phone speech Coding Tools (Scrambler) Provides signal protection throughout the telephone line. The subscriber's voice message is processed according to any algorithm (encoded), the treated signal is sent to the communication channel (telephone line), then the signal obtained by another subscriber is converted by the reverse algorithm (decoded) into the speech signal.

This method, however, is very complex and expensive, requires the installation of compatible equipment in all subscribers who participate in closed communication sessions, and causes temporary delays to synchronize the equipment and sharing keys from the beginning of the transfer until the voice message is received. Scramblers can also provide closing fax messages. Portable scramblers have a weak protection threshold - using the computer, its code can be solved in a few minutes.

Telephone lines analyzers Signals a possible connection based on measuring the electrical parameters of a telephone line or detecting foreign signals in it.

Analysis of communication lines and wired communications lines is to measure the electrical parameters of these communications and allows you to detect mortgage devices that read information from communication lines or transmitting information over wired lines. They are installed on a pre-proven telephone line and customize with its parameters. If there are any unauthorized connections of devices that feed on the telephone line, an alarm is issued. Some types of analyzers are able to imitate the operation of the telephone and thereby detect the listening devices that are activated by the call signal. However, such devices are characterized by a high frequency of false response (since the existing telephone lines are very far from perfect) and cannot detect some types of connections.

To protect against the "Microphone Effect", it should be simply turned on in series with a call, two first-starred in the counter direction of the silicon diode. To protect against "high-frequency pumping", it is necessary to include in parallel with the microphone corresponding to (with a capacity of 0.01-0.05 μF) capacitor, shorting high-frequency oscillations.

Method "Syphase" masking low-frequency interference It is used to suppress the device for removing speech information connected to the telephone line sequentially into the gap of one of the wires or through the induction sensor to one of the wires. When talking to each telephone line, the masking interference frequency bandwidters (discrete pseudo-random signal pulse pulse signals in the frequency range from 100 to 10,000 Hz) are served. Since the phone is connected parallel to the telephone line, coordinated by amplitude and phase, the interference signals compensate for each other and do not lead to distortion of the useful signal. In mortgage devices connected to one telephone wire, the interference signal is not compensated and "superimposed" to a useful signal. And since its level significantly exceeds a useful signal, then the interception of the transmitted information becomes impossible.

Method high-frequency masking interference. The telephone line is supplied to a hollow signal of a high frequency (usually from 6-8 kHz to 12-16 kHz). Broadband Analog Signals of the type "white" noise or discrete signals of the type of pseudo-random sequence of pulses with a spectrum width of at least 3-4 kHz are used as a masking noise. In the protection device connected in parallel to the telephone rupture, a special low-pass filter is installed with a boundary frequency above 3-4 kHz, which suppresses (shunt) High frequency interference signals and does not have a significant effect on the passage of low-frequency speech signals.

Method enhance or slow voltage. The voltage change method is used to violate all types of electronic device intercepting devices with contact (both serial and parallel) connecting to the line, using it as a power source. Changing the voltage in the line calls for telephone bookmarks with a sequential connection and parametric stabilization of the frequency of the transmitter "Care" carrier frequency and deterioration of speech intelligibility. Telephone bookmark transmitters with parallel connection to the line at such racing voltages in some cases are simply disconnected. These methods provide the suppression of devices for removing information connected to the line only on the site from the protected telephone to the PBX.

Compensation method. On the receiving side, the "digital" masking noise signal of the speech frequency speech range is fed. The same signal ("Clean" noise) is fed to one of the inputs of a two-channel adaptive filter, to another input of which the mixture of the resulting speech signal and masking noise. The filter compensates for the noise component and highlights the hidden speech signal. This method is very effectively suppressing all known means of the unwashed removal of information connected to the line on the entire portion of the telephone line from one subscriber to another.

So-called "Burning" It is carried out by supplying high-voltage (more than 1500 c) pulses with a power of 15-50 W with their radiation to the telephone line. The input cascades and power supplies are galvanically connected to the electronic device of the electronic devices. The result of the work is the failure of semiconductor elements (transistors, diodes, microcircuits) of means of removal of information. The supply of high-voltage pulses is carried out when the telephone from the line is turned off. At the same time, for the destruction of parallel connected devices, the supply of high-voltage pulses is carried out with open, and successively connected devices - with a "shortened" (as a rule, in the telephone box or shield) of the telephone line.

The most affordable and, accordingly, the cheapest method of finding the means of removal of information is a simple inspection. Visual control It consists in a scrupulous examination of the premises, building structures, communications, interior elements, equipment, office supplies, etc. During control, endoscopes, lighting devices, inspection mirrors, etc. can be used. When examined, it is important to pay attention to the characteristic features of the tackle Removal of information (antennas, microphone holes, unknown destination wires, etc.). If necessary, dismantling or disassembling equipment, communications, furniture, other items.

To search for mortgage devices there are various methods. Most often, for this purpose, the radio was controlled by various radio receivers. These are various voice recorders, field indicators, frequency meters and intestitors, scanner receivers and spectrum analyzers, software and hardware controls, nonlinear locators, X-ray complexes, conventional testers, special equipment for checking wired lines, as well as various combined devices. With their help, the search and fixation of the working frequencies of the mortgage devices are carried out, and their location is determined.

The search procedure is quite complex and requires appropriate knowledge, skills of working with measuring equipment. In addition, when using these methods, constant and long-term control of the radio or the use of complex and expensive special automatic hardware-software radio control systems is required. The implementation of these procedures is possible only if there is a fairly powerful security service and very solid financial resources.

The simplest devices for searching for deposit devices are indicator electromagnetic field. It is a simple audio or light signal notifies the presence of an electromagnetic field with tension above the threshold. Such a signal may indicate the possible presence of a mortgage device.

Frequency - a scanning receiver used to detect funds for information, weak electromagnetic radiation of a voice recorder or a mortgage device. It is these electromagnetic signals that are trying to accept, and then analyze. But each device has its own unique spectrum of electromagnetic radiation, and attempts to select non-narrow spectral frequencies, and wider bands can lead to a general decrease in the selectivity of the entire device and, as a result, to reduce the noise immunity of the frequency meter.

The frequency meters also determine the carrier frequency of the strongest at the receiving point. Some devices allow not only automatic or manual capture of the radio signal, to detect and listen through the speaker, but also determine the frequency of the detected signal and the modulation type. The sensitivity of such detectors of the field is small, so they allow you to detect radiation of radio layers only in close proximity to them.

Infrared probe produced using a special IR Probe and allows you to detect mortgage devices that transmit information on the infrared communication channel.

Special (professional) are significantly greater sensitivity. radio receivers with automated radiode scanning (Scanner receivers or scanners). They provide a search in the frequency range from tens to billion hertz. The best opportunities for finding radio layers have spectrum analyzers. In addition to intercepting emissions of mortgage devices, they allow you to analyze and their characteristics, which is important when radio layers are detected using complex types of signals to transmit information.

The ability to pair scan receivers with portable computers was the basis for creating automated complexes To search for radio layers (so-called "software and hardware control complexes"). The radio operation method is based on the automatic comparison of the signal level from the radio transmitter and the background level followed by self-adjustment. These devices allow the signal to carry out a signal radio operation during no more than one second. The radio personnel can also be used in the "acoustic string" mode, which is the self-excitation of a listening device due to positive feedback.

Separately, we should highlight the ways to search for mortgage devices that do not work at the time of the examination. Takes off at the time of searching "bugs" (microphones of listening devices, voice recorders, etc.) do not emit signals for which they can be detected by radio reception equipment. In this case, special X-ray equipment, metal detectors and nonlinear locators are used to detect them.

Disgrave emptiness allow you to detect possible locations in the installation of mortgage devices in the voids of walls or other structures. Metal detectors React to the presence in the search area of \u200b\u200belectrically conductive materials, above all, metals, and allow you to detect housings or other metal elements of bookmarks, examine non-metallic items (furniture, wooden or plastic building structures, brick walls, and so on.). Portable x-ray installations Apply to translucent items, the purpose of which cannot be revealed without disassembly, first of all, at the moment when it is impossible without destroying the found item (take pictures of the nodes and blocks of equipment in the X-ray rays and compare with snapshots of standard nodes).

One of the most effective ways to detect bookmarks is the use of nonlinear locator. Nonlinear locator - This is a device for detecting and localizing any p-N. Transitions in places where their knowingly does not happen. The principle of operation of a nonlinear locator is based on the property of all nonlinear components (transistors, diodes, etc.) of radio-electronic devices to emit (with over-frequency signal irradiation) harmonic components. The nonlinear locator receiver takes the 2nd and 3rd harmonics of the reflected signal. Such signals penetrate through the walls, ceilings, floor, furniture, etc. In this case, the conversion process does not depend on whether the irradiated object is turned on or off. The intake of the nonlinear locator of any harmonic component of the search signal indicates the presence in the search area of \u200b\u200bthe radio electronic device, regardless of its functional purpose (radio microphone, telephone tab, voice recorder, an amplifier microphone, etc.).

Nonlinear radars are able to detect voice recorders at much long distances than metal detectors, and can be used to control the rigid recording devices at the entrance to the room. However, there are such problems as the level of safe radiation, the response identification, the presence of dead zones, compatibility with the surrounding systems and electronic techniques.

Locator radiation power can be from hundreds of millivatt to hundreds of watts. It is preferable to use nonlinear locators with a larger radiation power having a better detective ability. On the other hand, at high frequency, the high power of the device radiation is a danger to the health of the operator.

The disadvantages of the nonlinear locator is its response to the telephone or TV located in the adjacent room, etc. Nonlinear Locator will never find the natural channels of information leakage (acoustic, vibroacoustic, wired and optical). The same applies to the scanner. From here it follows that a complete check is always necessary on all channels.

The optical channel leakage of information is implemented by direct perception by the eye of a person of the environment by applying special technical means that expand the possibilities of vision organ of vision in conditions of insufficient illumination, with the remoteness of observation objects and insufficiency of the angular resolution. This is the usual peeping from a neighboring building through binoculars, and registering radiation of various optical sensors in a visible or IR range, which can be modulated with useful information. At the same time, it is very often a documenting of visual information with the use of film-film or electronic media. Observation gives a large amount of valuable information, especially if it is associated with copying documentation, drawings, product samples, etc. In principle, the observation process is complicated, as it requires significant costs of strength, time and means.

The characteristics of any optical device (including a person's eyes) are determined by such primary indicators as angular resolution, illumination and frequency of change of images. The choice of components of the surveillance system is of great importance. The observation at large distances is carried out by lenses of large diameter. A large increase is provided by using long-phocus lenses, but then the angle of view of the system as a whole is inevitably reduced.

Video shooting and photographing For observation, it is fairly wide. Used camcorder can be wired, radio programs, wears, etc. Modern equipment allows you to observe in daylight lighting and at night, on the overall distance and on the distance to several kilometers, in the visible light and in the infrared range (you can even reveal corrections, fakes, and also Read the text on the burnt documents). Known tele lebs The size of everything with matchboxes, however, clearly remove the printed text at distances up to 100 meters, and the camera in the wristwatch allows you to take pictures without a fitting to sharpness, setting, diaphragms and other subtleties.

Under conditions of poor illumination or low visibility, night vision devices and thermal imagers are widely used. The basis of modern night vision devices The principle of converting a weak light field into a weak electron field, gain the resulting electronic image using a microchannel amplifier, and finite conversion of the enhanced electronic image to a visible mapping (using a fluorescent screen) in the visible eye of the spectrum region (almost in all devices - in the green spectrum region ). The image on the screen is observed using a magnifying glass or registering device. Such devices are capable of seeing the light on the border of the near IR range, which was the basis for creating active surveillance systems with laser IR illumination (a set for night surveillance and video for remote observation and photographing in conditions of complete darkness using a special infrared laser lantern). Structurally, night vision devices can be performed in the form of vizers, binoculars, night vision points, sights for small arms, instruments for documenting the image.

Teplovira Capable "see" a longer-wavelength section of the optical frequency spectrum (8-13 μm), in which there is a maximum of thermal radiation of objects. At the same time, they do not interfere with precipitation, but they have a low angular resolution.

The market presents samples of uncooled thermal imagers with a temperature resolution to 0.1 ° C.

Image documentation devices - These are sets of equipment, which includes a high-quality observant night vizer, an image registration device (camera, camcorder), an IR spotlight, a reference device (tripod). Executed on established standards, these devices are easily combined with standard lenses.

The technical revolution has significantly simplified the task of unauthorized receipt of video information. To date, highly sensitive small-sized and even superminature television, photo and video cameras of black and white and even color images are created. Achievements in the field of miniaturization allow you to place a modern spy chamber in almost any interior items or personal items. For example, a fiber optic observation system has a cable up to two meters long. It allows you to penetrate the premises through the locking wells, cable and heating inputs, ventilation mines, rands and other holes. The viewing angle of the system is 65 °, focusing - almost indefinitely. Works with low lighting. With it, you can read and photograph documents on the tables, notes in desktop calendars, wall tables and diagrams, read information from displays. Issues of recording and transferring video images over long distances are similar to those discussed above. Accordingly, similar ways of detecting transmitting information transmitters are used.

Methods for detecting hidden cameras It is much more complicated to recognize other channel leakage channels. Today, search for working video cameras with a signal transmission by radio channel and wires is carried out nonlinear location method. All schemes of modern electronic devices emit electromagnetic waves of a radio view. At the same time, each diagram has a side radiation spectrum inherent in it. Therefore, any working device having at least one electronic circuit can be identified if you know the side radiation spectrum. "Noisy" and electronic control circuits of CCD-matrices of the camcorder. Knowing the emission spectrum of a particular camera, it can be detected. Information about the emission spectra of detectable video cameras is stored in the device's memory. The complexity lies in the low level of their emissions and the availability of a large number of electromagnetic interference.

Automation of search and measurement parameters of signals by PEMI revealed the need for a clear separation of the process of special studies to the following steps: search for signals by PEMI, measurement of their parameters and the calculation of the required security values. Practice of manual measurements often puts this order questioned due to the routine and large amount of work. Therefore, the search and measurement process of the parameters of the PEMI signals is often combined.

Special technical means for the inspiring (destruction) of information from its storage, processing and transfers are divided into:

special signal radio transmitters placed in computing equipment, modems, etc. devices that transmit information about operation modes (passwords, etc.) and processed data;

technical means of monitoring and analyzing side emissions from PCs and computer networks;

special tools for express copying of information from magnetic carriers or its destruction (destruction).

Two main nodes of probable sources of side electromagnetic emissions are isolated - signal cables and high-voltage blocks. For the radiation of the signal to the air, an antenna coordinated at a particular frequency is necessary. Such an antenna often protrude various connecting cables. At the same time, the monitor ray amplifiers have much greater energy and also act as radiating systems. Their antenna system is both connecting loops and other long chains, galvanically associated with these nodes. Pami does not have only devices that work with the information presented in analog form (for example, copying devices using direct operations).

Electromagnetic radiation of various devices make two dangers in themselves:

1) the possibility of removing side electromagnetic emissions. By virtue of its stability and conspiracy, such a way of the unlawful receipt of information is one of the promising channels for intruders;

2) the need to ensure the electromagnetic compatibility of different technical means to protect information from the unintentional effects of radiation devices. The concept of "susceptibility to interference" is a set of information protection measures from the ability of office equipment, processing information, when exposed to electromagnetic interference, distort the content or irretrievably lose information, change the process of controlling its processing, etc. and even the possibility of physical destruction of the instrument elements.

With the joint work of several technical means it is necessary to place them so that the "zones of their interference" do not intersect. If it is impossible to perform this condition, it is necessary to strive to disseminate the radiation of the source of the electromagnetic field in frequency or disseminate the periods of the technical means in time.

The easiest way in the technical plan is solved by the task of intercepting information displayed on the PC Display screen. When using special accelerated antennas with a large gain coefficient, the distance of the interception of by-electromagnetic emissions can reach hundreds of meters. This ensures the quality of information recovery corresponding to the quality of text images.

In general, the signal interception systems across the PEMI channels are based on microprocessor equipment, have proper special software and memory that allows you to remember signals from lines. As part of such systems, there are appropriate sensors intended for removal of signaling information from telecommunication lines. For analog lines in interception systems, there are appropriate converters.

The easiest task of the interception of PEMI is solved in the case of unshielded or weakly shielded communication lines (security and fire alarm lines, inside-scale computer communication lines using twisted pairs, etc.). It is much more difficult to remove signals with highly shielded lines using a coaxial cable and optical fiber. Without the destruction of their screen shell, at least partially, the solution of tasks seems unlikely.

The widest use of computers in business led to the fact that large amounts of business information are stored on magnetic media are transmitted and obtained on computer networks. Receiving information from computers can be carried out in various ways. This is theft of information carriers (floppy disks, magnetic disks, etc.); reading information from the screen (during the display during the operation of the legal user or in its absence); connecting special hardware providing access to information; The use of special technical means for intercepting side electromagnetic radiation PEVM. It is known that with the help of a directional antenna, such interception is possible in relation to the PEVM in the metal case at distances up to 200 m, and in plastic to one kilometer.

Signal radio layers (Placed in computing equipment, modem and other devices), transmitting information about operating modes (passwords, etc.) and processed data, are electromagnetic signal repeaters from working computers, printers, other office equipment. The signals themselves can be analog or digital. Such special radios, appropriately camouflaged, have a high degree of physical secretion. The only distinctive feature is the presence of radio emission. They can also be revealed when examining office equipment modules by specialists who know their hardware well.

The most informative is the onscreen display signal on the computer monitor. Interception of information from the monitor screen can also be used using special television cameras. Professional equipment of the interception of side emission from a computer is used to intercept emissions from personal computer and reproduction of the monitor images. Keyboard microtroders are also known for inhibited receipt of information about all operations on the computer keyboard (codes, passwords, dialing text, etc.).

To search for side electromagnetic emissions registrar of spare radiation. The role of such a registrar use a specialized highly sensitive analyzer of the radio frequency spectrum with the possibility of multichannel, including the correlation processing of spectral components and visual display of results.

Measurements of side electromagnetic radiation are carried out using an antenna equipment (selective voltmeters, measuring receivers, spectrum analyzers). Selective voltmeters (nanovoltmeters) are used to determine the magnitude of the electric and magnetic field strength. Measuring receivers combine the best characteristics of selective voltmeters (presence of a preselector) and spectrum analyzers (visual representation of the panorama of the analyzed frequency range), but they are quite expensive. The spectrum analyzers on functionality compete with measuring receivers, but a number of metrological characteristics due to the lack of a preselector they have worse. But their price is 4-5 times lower than the price of a similar measuring receiver.

The detector for analyzing side electromagnetic radiation (PEMI) may be peak (shows the amplitude of the signal), linear (instantaneous signal implementation at the time of its measurement), the mean square (transmits the signal power) and quasipy (does not basically have no physical quantity and is intended for unification Measurements of radio interference for the tasks of study on electromagnetic compatibility). Correct measurements only with a peak detector.

Allocate the following ways to solve the problem of electromagnetic radiation with technical measures:

1) Shielding is an environment or source or a receptor with a metal alloy casing. When choosing equipment, preference should be given to cables having a shielding shell (coaxial cable), fiber-optic cables that do not emit electromagnetic interference and unresponsible to them. The screen during installation should have a dense (better positioned) contact with the hull bus, which, in turn, must be grounded;

Used grounding schemes are divided into three groups. The easiest way to ground is sequential at one point, but it corresponds to the greatest level of interference due to the flow of currents on the general sections of the grounding chain. Parallel grounding at one point is free from this disadvantage, but requires a large number of extended conductors, due to the length of which it is difficult to provide small ground resistance. The multipoint scheme eliminates the shortcomings of the first two options, however, it may be difficult to occur due to the advent of resonant interference in the circuit contours. Usually, hybrid schemes are used when equipped with grounding: at low frequencies, one-point preference is preferred, and at higher frequencies - multipoint scheme.

To create a system for efficient protection against sewaging information on technical channels, it is recommended to hold a number of events. Analysis should be analyzed by the characteristic features of the location of buildings, premises in buildings, the territory around them and the subordinate communications. Next, it is necessary to determine the premises within which the confidential information circulates and take into account the technical means used in them. To carry out such technical measures as checking the techniques used for compliance with the magnitude of the side emissions permissible levels, the shielding of the room with equipment or this equipment indoors, remount individual chains (lines, cables), use special devices and means of passive and active protection.

The dependence of modern society from information technologies is so high that malfunction systems are able to lead to significant incidents in the "real" world. No one needs to explain that the software and data stored in the computer need protection. Razing computer piracy, malicious viruses, hacker attacks and sophisticated commercial espionage tools forcing manufacturers and users of programs to look for ways and means of protection.

There are a large number of methods for restricting access to information stored in computers. Safety of Information and Communication Systems It can be divided into technological, software and physical. FROM technological The point of view of security, the information systems are widely used and "mirror" servers, and double hard drives.

Be sure to use reliable systems uninterrupted nutrition. Voltage jumps can erase the memory, make changes to the program and destroy the chips. Protect servers and computers from short-term power supplies can network filters. Uninterrupted power sources provide the ability to disable the computer without data loss.

To provide software Safety Actively applies fairly developed software anti-virus software, protection against unauthorized access, recovery and information reservation systems, PC proactive protection systems, identification systems and information encoding systems. Within the framework of the section, it is impossible to disassemble the enormous variety of software, hardware and software complexes, as well as various access devices, as this is a separate topic that deserves a specific, detailed consideration, and it is the task of the information security service. It addresses only devices to ensure the protection of computer equipment by technical means.

The first aspect of computer security is the threat of the embezzlement of information outsiders. This embarrassment can be carried out through physical Access to information carriers. To prevent unauthorized access to a computer of other persons while it is protected information, and ensure data protection on media from the embezzlement, you should begin to secure your computer from the banal theft.

The most common and primitive type of office equipment is a small lock on the system unit housing (a computer turns off with a key). Another elementary way to protect monitors and system blocks from theft is to make them stationary. This can be achieved by a simple fastening of PC elements to some cumbersome and heavy objects or a compound of PC elements.

The desktop protection kit must ensure the implementation of a wide range of security methods, including the protection of the internal parts of the computer, so as to access the inner space of the system unit, without removing the universal fastener, it would be impossible. The safety of not only one system unit should be ensured, but also parts of peripheral devices. The security package must be so universal so that it can be used to protect not only computer, but also other office equipment.

The CD protection device, DVD and drives and drives look like a floppy disk with a lock on its end part. Insert it the "drive" part into the drive, rotate the key in the lock, and the drive cannot be used. Mechanical or electromechanical keys pretty reliably protect the data on the computer from the copy and theft of media.

To protect against an outsider view of information shown on the monitor, special filters. Using the microalli, the data displayed on the screen is visible only to sitting directly in front of the monitor, and under a different angle of view only a black screen is visible. Similar functions are filters operating on the principle of image blur. Such filters consist of several films, due to which the above effect is ensured, and the stranger can only see the blurred, completely unreadable image.

The market presents protection complexesconsisting of a sensor (electronic, motion sensor, impact, leash sensor) and a siren block installed on a protective computer. The triggering of the siren, the power of which is 120 dB, will only occur when the sensor is disconnected or triggering. Installing such protection on the housing, however, does not always ensure the safety of the contents of the system unit. Equipping all components of a computer with similar sensors will help prevent their possible embezzlement.

Most laptops are serially equipped safety slot (Security Slot.). In the reception offices of many Western firms there are even specially selected tables equipped with mechanical devices for the possibility of "fastening" the laptop in case you need to leave it for a while. Laptop owners actively use Sensor - Siren security systems in one case. Such kits can be activated (deactivated) or key or keychain.

To protect local networks exist uniform security complexes. Each protected computer is supplied with sensors that are connected to the central security panel through special sockets or wireless. After installing all sensors to protected objects (on system units, such sensors are recommended to be installed on the junction of the casing and case) you just need to connect the wires from the sensor to the sensor. When you trigger any of the sensors, the alarm enters the central panel, which automatically will notify the relevant services.

It should be mentioned that a powerful electromagnetic pulse is capable of destroying the information contained on magnetic media at a distance, and the fire, which happened even in the next room, is likely to lead to the conclusion of the available office equipment. To protect there are high-tech agents that allow at an external environment at 1100 ° C to maintain the viability of the computer system for two hours and resist physical destruction and hacks, as well as powerful electromagnetic pulses and other overloads.

But the protection of information stored in the computer is not reduced only to the installation of a reliable lock in the server, the purchase of a safe for storing information media and the installation of a fire system. To protect the transmitted and stored information, it must be encrypted with hardware, usually connecting an additional electronic board to the computer.

To date, the leading positions among media are occupied by magnetic media. These include audio, video, strimmertic cassettes, flexible and hard drives, magnetic wire, etc. It is known that the fulfillment of the information is standard for any operating system only apparent destruction. Information does not disappear at all, only references to it in the directory and the file placement table are disappeared. The same information can be easily restored using the relevant programs (the ability to recover data exists even with formatted hard drive). Even when recording new information on top of the destroyed initial information, they can be restored by special methods.

Sometimes in practice there is a need for complete destruction by stored in the enterprise of information. Today there are several ways to quickly and reliably destroy information on magnetic media. Mechanical method - Grinding media, including the use of pyrotechnic agents, usually does not ensure guaranteed destruction of information. With mechanical destruction of the carrier, the possibility of restoring information fragments by an expert remains.

To date, the most developed ways physical destruction of informationbased on the brief material of the carrier working layer to the state of magnetic saturation. By design, it can be a powerful permanent magnet that is not very convenient in use. More efficient to destroy information is the use of a briefly created powerful electromagnetic field sufficient for magnetic saturation of the media material.

Developments that implement a physical way to destroy information make it easy and quickly solving problems associated with the "utilization" of information stored on magnetic media. They can be built into the equipment or are made in the form of a separate instrument. For example, informational safes can be used not only to destroy recorded information, but also for storing its magnetic media. Usually they have the ability to remotely initialize the erasure procedure by means of an alarm button. Safes can be additionally completed with modules to start the erasure process using the Touch Key keys or remote start using a radiotic range up to 20 m. When exposed to a carrier with a powerful electromagnetic pulse, the erase of the data occurs instantly, for this it is only necessary to let the accumulated charge in advance Storage chamber. Media information can be in special chambers and at the same time be completely in working condition (for example, hard drives). The impact on the carrier is carried out by two pulsed magnetic fields of the opposite direction.

Chemical method The destruction of the working layer or the base of the carrier by aggressive media is simply insecable and has significant disadvantages that make it dubious to its widespread use in practice.

Thermal method of destruction of information (burning) It is based on the heating of the carrier to the temperature of the destruction of its bases by electric arc, electro-adduction, pyrotechnic and other methods. In addition to the use of special stacks for burning media, there are developing on use for the destruction of pyrotechnic compositions. A thin layer of pyrotechnic composition is applied to the disk, capable of destroying this surface for 4-5 s at a temperature of 2000 ° C to the state of "not the remaining readable sign". The triggering of the pyrotechnic composition occurs under the influence of an external electrical pulse, while the drive remains intact.

With increasing temperature, the absolute value of the saturation induction of the ferromagnet decreases, due to this, the state of the magnetic saturation of the material of the working layer of the carrier can be achieved at lower levels of the external magnetic field. Therefore, a combination of thermal impact on the material of the working layer of the magnetic medium of information with an exposure to it can be very promising.

Practice has shown that modern magnetic information carriers with a small dose of irradiation retain their characteristics. Strong ionizing radiation is unsafe for people. It talks about the low probability of use radiation method of destruction of information on magnetic media.

To dispose of unnecessary documents (including the used copier paper from typewriters), special equipment is available - paper shredders.

Reliable method of information security is encryption, since in this case, the data itself is protected directly, and not access to them (for example, an encrypted file cannot be read even in the case of theft of a floppy disk).

Cryptographic methods (The transformation of semantic information into a set of chaotic characters) is based on the transformation of the information itself and are not related to the characteristics of its material carriers, as a result of which the most versatile and potentially cheap in the implementation. Provision of secrecy is considered the main task of cryptography and is solved by encrypting the transmitted data. The recipient will be able to restore the data in its original form, only owning the secret of such a conversion. The same key is required and the sender for the message encryption. According to the principle of Kerkhoff, in accordance with which all modern cryptosystems are built, the secret part of the cipher is its key - a segment of a certain length of data.

The implementation of cryptographic procedures is submitted to a single hardware, software or software and hardware module (encryser - a special encryption device). As a result, neither reliable protection of information or complexity or convenience for users is not achieved. Therefore, the main cryptographic functions, namely the algorithms for converting information and generate keys, are not allocated to individual independent blocks, and embedded in the form of internal modules into application programs or are even provided for by the developer themselves in its programs or the operating system core. Due to inconvenience in practical application, most users prefer to abandon the use of encryption funds even to the detriment of the preservation of their secrets.

With a wide distribution of various devices and computer programs for data protection by converting them to one of the world's open open encryption standards (DES, FEAL, LOKI, Idea, etc.), there was a problem that to exchange confidential messages via the open communication channel, it is necessary to Both of its end to deliver the keys to the data conversion. For example, for a network of 10 users, 36 different keys are involved at the same time, and for a network of 1000 users they will need 498 501.

Method of open key distribution. Its essence is that users on their own and independently of each other using the random numbers sensors generate individual passwords or keys and store them in a secrete on a diskette, a special magnetic or processor card, a non-volatile memory tablet ( Touch Memory.), on paper, perflate, punch or other carrier. Then each user from its individual number (key) using a well-known procedure calculates its key, i.e. the information block that it makes it available to anyone, with whom I would like to exchange confidential messages. Algorithms of "kneading" are arranged that any two users will result in the same general, known only to them by the two of them, which they can use to ensure the confidentiality of the mutual exchange of information without the participation of third parties. Open keys users can exchange between themselves immediately before sending closed messages or (which is much easier) by charging someone to collect in advance all the open keys of users in a single directory and assuring its digital signature, send this directory to all other users.

Information protection tools for inflated tools when implementing the safety policies of various structures. Today there are quite a variety of tracking equipment, so the high-quality hardware organization of the security system is the key to the successful functioning of divisions of various activities. SpecTexthexulting offers all interested to buy information protection tools, using which can be implemented a modern reliable security system. We have the most different information security equipment in the widest assortment - you are guaranteed to purchase everything you need based on the specifics of the functioning of your organization or structure.

Based on the level of secrecy of internal information and the current situation in the work of the company, information security tools can be set to temporarily or use on an ongoing basis. For example, information protection means makes sense to apply during meaningful negotiations with business partners or internal meetings, but they can work on an ongoing basis to fully prevent information leakage from certain structural divisions of the company. In "SpecTehKonsulting" you can buy means of protecting information of a variety of principle of operation and purpose. To implement the global information security system, it is necessary to use comprehensively - use hardware, software and organizational protection tools.

Specialists "Specialthekonsalting" are ready to provide comprehensive assistance that the technical equipment of information protection chosen by you is effectively and completely prevented by leakage of data. Various information security tools must be chosen in a thoroughly, given the strengths and weak aspects, the possibilities of interaction and other specifics. Just buy information protection tools for various principles of action is not enough to implement an effective security system. On the pages of the online catalog "SpecTechConsulting", all technical information is presented in detail and the possibilities of the equipment implemented by us for information security are given. We tried to provide optimal conditions for selecting our visitors.

Tracking and espionage tools are improved all the time, but even more powerful and effective information security tools appear evenly. Therefore, with a competent approach to the implementation of information security, it is possible to guarantee its efficient operation. In "SpecTehkensalting", you can purchase information protection tools that will help reliably protect commercial, production or service information that does not provide for use from outside. The installation of modern information security equipment will create conditions for safe operation, negotiation and important business meetings.

The concept of "information" is consumed very widely and versatile. It is difficult to find such an area of \u200b\u200bknowledge, wherever it is used. Huge information flows literally overlook people. Like any product, information has consumers who need it, and therefore has certain consumer qualities, and also has its own owners or manufacturers.

From the point of view of the consumer, the quality of the information used allows to obtain an additional economic or moral effect.

From the point of view of the owner - preservation in the secret of commercially important information allows you to successfully compete in the production market and sales of goods and services. This, naturally, requires certain actions aimed at protecting confidential information. At the same time, safety is understood as the state of the protection of the vital interests of the person, enterprise, states from internal and external threats.

When storing, maintaining and providing access to any information object, its owner or the person authorized by them imposes an obviously either self-evident set of rules for working with it. Intentional violations are classified as an attack on information.

What are the possible consequences of attacks on information? First of all, of course, these are economic losses.

The disclosure of commercial information can lead to serious direct market losses.

News about the stealing of a large amount of information usually seriously affects the reputation of the company, leading indirectly to losses in trading volumes.

Competitors can take advantage of theft of information if it remained unnoticed in order to completely ruin the company, imposing her fictitious or knowingly unprofitable deals.

The substitution of information, both at the transfer stage, and at the storage phase in the firm can lead to huge losses.

Multiple successful attacks on a firm providing any type of information services reduce confidence in the company from customers, which affects the volume of income.

According to domestic and foreign printing, malicious actions on information are not only not reduced, but also have a fairly stable trend towards growth.

Information protection is a set of activities aimed at ensuring the most important aspects of information security (integrity, availability and, if necessary, the confidentiality of information and resources used to enter, storing, processing and transmitting data).

The system is called safe if it, using the appropriate hardware and software, manages access to information so that only properly authorized persons or the processes acting on their behalf receive the right to read, write, create and delete information.

There are no absolutely safe systems, so they talk about a reliable system in the sense of "a system that can be trusted" (as you can trust a person). The system is considered reliable if it uses sufficient hardware and software tools to simultaneously process information of different degree of secrecy by a group of users without violating access rights.

The main criteria for evaluating reliability are the security policy and warranty.

Safety policy, being an active protection component (includes an analysis of possible threats and the choice of appropriate countermeasures), displays that set of laws, rules and norms of behavior that uses a specific organization when processing, protecting and disseminating information.

The choice of specific system security mechanisms is made in accordance with the formulated security policies.

Warranty, being a passive element of protection, displays the measure of confidence, which can be provided to the architecture and implementation of the system (in other words, it shows how correctly the mechanisms that ensure system security) are selected.

In a reliable system, all the occurring safety events must be recorded (the mechanism of logging accountability should be used, which is complemented by the analysis of the memorable information, that is, an audit).

The main directions of information protection - the protection of state, commercial, service, banking secrets, personal data and intellectual property.

State secrecy - state-protected information in the field of its military, foreign policy, economic, intelligence, counterintelligence and operational investigative activities, the dissemination of which can cause damage to the security of the Russian Federation.

Correspond to the list of information constituting the state secret, are not included in the list of information not to be classified, and meet the legislation of the Russian Federation on state secrets (principle of legality);

The feasibility of classifying specific information is established by expert assessment of probable economic and other consequences, the possibility of damage to the safety of the Russian Federation, based on the balance of the vital interests of the state, society and individuals (the principle of validity);

Restrictions on the dissemination of these information and access to them are established from the moment they are received (development) or in advance (the principle of timeliness);

The competent authorities and their officials took the decision on the specific information about the attribution of them to state secrets and classifying and established them with respect to their relevant regime of legal protection and protection (the principle of mandatory protection).

Commercial mystery is protected with the assistance of the state. An example of this statement can serve numerous facts of restricting access to foreigners to the country (in China to protect the secrets of the production of porcelain), in certain sectors of the economy or specific production. In Russia, the commercial secret attributed a commercial secret, but then it was liquidated as a legal institution in the early 1930s and in connection with the nationalization of the sectors of the economy was defended as a state and official mystery. Now the reverse process began.

Information can be a commercial secret if it meets the following requirements (legal protection criteria):

Has a valid or potential commercial value due to its uncertainty to third parties;

Does not fall under the list of information, access to which cannot be limited, and the list of information assigned to the state secret;

It does not have free access to legal grounds;

The owner of information takes measures to protect its confidentiality.

To commercial secrets, information cannot be attributed:

Subject to disclosure by the issuer of securities, a professional participant in the securities market and the owner of securities in accordance with the legislation of the Russian Federation on securities;

Associated with compliance with environmental and antitrust legislation, ensuring safe working conditions, sales of products that cause harm to the health of the population, other violations of the legislation of the Russian Federation, the legislation of the constituent entities of the Russian Federation, as well as containing data on the amount of damages causal;

On the activities of charitable organizations and other non-commercial organizations that are not related to entrepreneurial activities;

About the availability of free jobs;

On the storage, use or displacement of materials and the use of technologies that are dangerous to the life and health of citizens or the environment;

On the implementation of the state privatization program and the conditions for the privatization of specific objects;

On the size of property and invested means for privatization;

On the liquidation of a legal entity and on the procedure and deadlines for submitting applications or requirements by his creditors;

For which restrictions on the establishment of a commercial secrecy regime in accordance with federal laws and adopted in order to implement them by subtitle acts.

The main subjects of the right to commercial secrets are the owners of commercial secrets, their successors.

Owners of commercial secrecy - physical (regardless of citizenship) and legal (commercial and non-commercial organizations) Persons engaged in entrepreneurial activities and having a monopoly right to information that makes a commercial secret for them.

All information from the point of view of law is divided into several main segments:

1) Information without restricting access rights. This kind of information, for example, belongs:

Public information provided to users for free;

Information on the state of the environment, its contamination is information (data) obtained as a result of monitoring the environment, its pollution (Federal Law of May 2, 1997 No. 76-FZ "On the destruction of chemical weapons");

Information in the field of work on storage, transportation, destruction of chemical weapons - information on the state of health of citizens and environmental facilities in areas of placement of objects for the storage of chemical weapons and objects for the destruction of chemical weapons, activities to ensure chemical, sanitary and hygienic, environmental and fire safety When carrying out work on the storage, transportation and destruction of chemical weapons, as well as measures to prevent emergency situations and the elimination of their consequences in the implementation of these works, provided at the request of citizens and legal entities, including public associations (Federal Law of May 2, 1997 № 76-ФЗ "On the destruction of chemical weapons", Article 1.2).

Information containing information about the circumstances and facts representing the threat of life, the health of citizens, cannot be classified, cannot be attributed to the secret.

2) Information with limited access - state secrets, service secrets, commercial mystery, banking mystery, professional mystery and personal data as an institution for the protection of the right to privacy.

3) information whose distribution is harmful to the interests of society, legitimate interests and rights of citizens, - pornography; Information, inciting national, racial and other retail; Propaganda and calls for war, false advertising, advertising with hidden inserts, etc. - so-called "harmful" information.

4) objects of intellectual property (something that cannot be attributed to information with limited access, but is protected by special procedure through the institutions of intellectual property - copyright, patent law, individualization tools, etc. The exception is the know-how protected in Commercial Secret mode).

Computer crimes are extremely multifaceted and complex phenomena. The objects of such criminal encroachments may be the technical means (computers and peripherals) as material objects or software and databases for which technical means are environment; The computer can act as a subject of encroachment or as a tool.

Types of computer crimes are extremely diverse. This is an unauthorized access to information stored in a computer, and input to the "logic bombs" software, which are triggered when performing certain conditions and partially or completely output a computer system, and the development and distribution of computer viruses, and theft of computer information. Computer crime may also occur due to negligence in the development, manufacture and operation of software and computing complexes or due to fake computer information.

Among the entire set of information protection methods are allocated as follows:

Figure 11.1. Classification of information protection methods in computer systems

The methods and means of organizational protection of information include organizational and technical and legal events held in the process of creating and operating the COP to ensure information protection. These activities should be carried out in the construction or repair of premises in which computers will be placed; designing system, installation and commissioning of its technical and software; Tests and testing the performance of the computer system.

The basis for organizing events is the use and preparation of legislative and regulatory documents in the field of information security, which at the legal level should regulate access to information from consumers. In Russian legislation, later than in the legislation of other developed countries, the necessary legal acts have emerged (although not all).

Engineering and technical protection (ITZ) is a combination of special bodies, technical means and activities for their use in the interests of protecting confidential information.

The diversity of goals, tasks, objects of protection and events involves consideration of a certain system of classification of funds, orientation and other characteristics.

For example, engineering protection means can be considered on the objects of their impact. In this regard, they can be used to protect people, material resources, finances, information.

The variety of classification characteristics allows us to consider engineering and technical means on the objects of impact, the nature of the activities, methods of implementation, the scale of coverage, the class of means of intruders, who are opposed to the security service.

According to the functional purpose, the means of engineering and technical protection are divided into the following groups:

1. Physical agents that include various means and structures that prevent physical penetration (or access) of intruders on protecting facilities and to material carriers of confidential information (Fig. 16) and protecting personnel, material funds, finance and information from unlawful impacts;

2. Hardware - appliances, devices, devices and other technical solutions used in the interests of information protection. In the practice of the enterprise, the most wide use of the most different equipment, starting with the telephone device to perfect automated systems, providing production activities. The main task of hardware is to provide a persistent protection of information from disclosure, leakage and unauthorized access through technical means of ensuring production activities;

3. Software, covering special programs, software complexes and information protection systems in information systems for various purposes and processing tools (collection, accumulation, storage, processing and transmission) data;

4. Cryptographic means are special mathematical and algorithmic means of protecting information transmitted by systems and communication networks, stored and processed on a computer using a variety of encryption methods.

Physical remedies are a variety of devices, devices, designs, devices, products designed to create obstacles to the movement of intruders.

Physical facilities include mechanical, electromechanical, electronic, electron-optical, radio and radio engineering and other devices for the reversion of unauthorized access (entry, output), fraction (removal) of means and materials and other possible types of criminal action.

These funds are used to solve the following tasks:

1) protection of the territory of the enterprise and monitoring it;

2) protection of buildings, indoor premises and control over them;

3) protection of equipment, products, finance and information;

4) Implementation of controlled access to the building and premises.

All physical means of protecting objects can be divided into three categories: means of preventing, detection tools and threat elimination system. Security alarms and security television, for example, belong to threat detection tools; Fences around objects are means of preventing unauthorized penetration into the territory, and reinforced doors, walls, ceilings, windows lattices and other measures are protected from penetration, and from other criminal actions (listening, shelling, throwing garnet and explosives, etc. .). Fire extinguishing products belong to threat liquidation systems.

The hardware of information protection includes the most different technical structures on the principle of action, device and capabilities, ensuring the prevention of disclosure, protection against leakage and countering unauthorized access to sources of confidential information.

Hardware tools for information protection are used to solve the following tasks:

1) conducting special research of technical means of ensuring production activities for the presence of possible channel leakage channels;

2) identification of channel leakage channels on different objects and indoors;

3) localization of information leakage channels;

4) search and detecting industrial espionage funds;

5) Counteraction to unauthorized access to sources of confidential information and other actions.

Computer protection systems from someone else's invasion are very diverse and classified as:

1) funds provided for by general software;

2) means of protection in the composition of the computing system;

3) information protection tools;

4) actuate means;

5) Passive protection and others.

You can allocate the following areas of use of programs to ensure confidential information, in particular, such:

1) protection of information from unauthorized access;

2) protection of information from copying;

3) protection of coping programs;

4) Protection of programs from viruses;

5) Protection of information from viruses;

6) Software protection of communication channels.

For each of these areas there is a sufficient amount of high-quality developed by professional organizations and distributed in software products.

Protection software has the following types of special programs:

1) identification of technical means, files and user authentication;

2) registration and control of the operation of technical means and users;

3) maintenance of modes of processing information of limited use;

4) protection of operating tools of computer and user application programs;

5) destruction of information in protective devices after use;

6) signaling resource disorders;

7) auxiliary protection programs for various purposes.

To protect against someone else's invasion, certain security measures are necessarily provided. The main functions that should be implemented by software, this is:

1) identification of subjects and objects;

2) distinction (sometimes complete isolation) access to computing resources and information;

3) Control and registration of actions with information and programs.

The most common identification method is password identification. However, practice shows that the password data protection is a weak link, since the password can be overheard or high, intercept or just solve.

Copy protection tools prevent the use of stolen copies of the software and are currently the only reliable means - both protecting the copyright programmers-developers and stimulating market development. Under the means of protection against copying is understood to the means that ensure the execution of the program of their functions only when identifying a certain unique non-populated element. Such an element (called key) can be a diskette, a specific part of the computer or a special device connected to a personal computer. Copy protection is implemented by a number of functions that are common to all protection systems:

1. The identification of the medium from which the program (diskette or PC) will be launched;

2. Environmental authentication from which the program is running;

3. Reaction to launch from an unauthorized environment;

4. Registration of sanctioned copy;

5. Countering the study of the system's work algorithms.

Prreditary programs and, above all, viruses represent a very serious danger when storing confidential information on PEVM. The underestimation of this danger may have serious consequences for user information. Knowledge of the mechanisms of action of viruses, methods and means of combating them allows to effectively organize the opposition to viruses, minimize the likelihood of infection and losses from their impact.

Computer Viruses are small executable or interpretable programs that have the property of distribution and self-reproduction (replication) in the computer system. Viruses can change or detect software or data stored in PC. In the process of spreading, viruses can modify themselves.

Currently, there are more than 40 thousand of only registered computer viruses in the world. Since the overwhelming majority of modern pest programs have the ability to self-insulating, they are often referred to as computer viruses. All computer viruses can be classified according to the following features:

- on the habitat of the virus,

- by the way of infecting the habitat,

- on destructive capabilities,

- According to the characteristics of the virus algorithm.

Mass distribution of viruses, the seriousness of the consequences of their impact on the resources of computers caused the need to develop and use special antivirus and methods for their use. Antivirus tools are used to solve the following tasks:

- Detection of viruses in the COP,

- blocking the work of viruses programs,

- elimination of the effects of virus effects.

The detection of viruses is desirable to implement at the stage of their implementation or at least before the implementation of the destructive functions of viruses. It should be noted that there are no antivirus tools that guarantee the detection of all possible viruses.

When a virus is detected, it is necessary to immediately stop the operation of the virus program to minimize the damage from its impact on the system.

The elimination of the effects of virus impact is conducted in two directions:

- removal of viruses,

- Restore (if necessary) files, memory areas.

To combat viruses, software and hardware and software are used, which are used in a certain sequence and combination, forming methods to combat viruses.

The most reliable method of protection against viruses is the use of hardware and software antivirus. Currently, special controllers and their software are used to protect the PEVM. The controller is installed in the expansion connector and has access to a common bus. This allows it to control all access to the disk system. In the controller software, the areas on disks are remembered, the change in which is not allowed in normal modes. Thus, you can set protection for changing the main boot record, boot sectors, configuration files, executable files, etc.

When performing forbidden actions, any program controller issues the appropriate message to the user and blocks the operation of the PC.

Hardware and software anti-virus agents have a number of advantages over software:

- work constantly;

- all viruses detect, regardless of the mechanism of their action;

- Block unresolved actions that are the result of the operation of the virus or unqualified user.

The disadvantage of these funds is one - dependence on the hardware PCH. Changing the latter leads to the need to replace the controller.

Modern software antivirus can carry out a comprehensive computer check for the identification of computer viruses. This uses such antivirus programs like - Kaspersky Anti-Virus (AVP), Norton Antivirus, Dr. Web, Symantec Antivirus. All of them have antiviral bases that are periodically updated.

Cryptography as a means of protection (closure) of information is becoming increasingly important in the world of commercial activities.

Cryptography has a fairly long history. Initially, it was used mainly in the field of military and diplomatic communications. Now it is necessary in industrial and commercial activities. If we consider that today there are hundreds of millions of messages, telephone conversations, huge amounts of computer and telemetry data in the country today, and all this is not for foreign eyes and ears, it becomes clear: the preservation of the mystery of this here is extremely necessary.

Cryptography includes several sections of modern mathematics, as well as special sectors of physics, electronics, communications and some other related industries. Its task is to convert by mathematical methods transmitted over the communication channels of the secret message, telephone conversation or computer data in such a way that they become completely incomprehensible to unauthorized persons. That is, cryptography should provide such protection of secret (or any other) information, which even if it is intercepted by unauthorized persons and processing with any ways using the fastest EUM and the latest achievements of science and technology, it should not be decrypted for several decades. For such a transformation of information, various encryption means are used - such as document encryption tools, including portable execution, speech encryption tools (telephone and radio engineering), telegraph messages and data transmission.

Initial information that is transmitted through communication channels may be speech, data, video signals, called unencrypted messages R.

In the encryption device, the message P is encrypted (converted to the message C) and is transmitted over the "unclosed" communication channel. On the receiving side, the message with decryption to restore the source value of the message R.

The parameter that can be applied to extract separate information is called the key.

If in the process of sharing information for encryption and read use one same key, then such a cryptographic process is called symmetrical. Its main disadvantage is that before starting the exchange of information, you need to transmit the key, and this requires a secure connection.

Currently, when exchanging data from communication channels uses asymmetric cryptographic encryption based on the use of two keys. These are new open-key cryptographic algorithms based on the use of two types of keys: secret (closed) and open.

In the open key cryptography, at least two keys are, one of which is impossible to calculate from the other. If the key decryption key cannot be obtained from the encryption key, the secrecy of information encrypted using an unfaithful (open) key will be provided. However, this key must be protected from the substitution or modification. The decryption key must also be secret and protected from substitution or modification.

If, on the contrary, the computational methods cannot obtain the encryption key from the decryption key, the decryption key may not be secret.

The keys are arranged in such a way that the message encrypted by one half can be decrypted only by another half. Having created a pair of keys, the company widely distributes an open (public) key and reliably protects the closed key.

Protection with a public key is not absolutely reliable. Having studied the algorithm for its construction, you can reconstruct a private key. However, the knowledge of the algorithm also does not mean the ability to reconstruct the key in a reasonable acceptable time frame. Based on this, the principle of adequacy of information protection is formed: information protection is assumed sufficient if the cost of overcoming exceeds the expected cost of the information itself. This principle is guided by asymmetric data encryption.

The separation of encryption functions and decryption by separation into two parts of the additional information required to perform operations is the valuable idea that underlies the open key cryptography.

Cryptographic protection specialists pay special attention, considering it the most reliable, and for information transmitted by a large length of a large length - the only means of protection against theft.

Informational security understands the state of information protection of the society environment from internal and external threats, ensuring its formation, use and development in the interests of citizens, organizations, states (the law of the Russian Federation "On participation in international informational exchange").

The information security system imposes certain requirements:

- clarity to determine the powers and rights of users to access certain types of information;

- providing the user to the minimum authority necessary for him to fulfill the commissioned work;

- minimizing the number of common protection for several users;

- accounting of cases and attempts to unauthorized access to confidential information;

- ensuring the evaluation of the degree of confidential information;

- ensuring control of the integrity of protection funds and immediate response to their failure.

Under the security system, the organized combination of special bodies, services, means, methods and activities that protect the vital interests of the individual, enterprises and states from internal and external threats are understood.

Like any system, the information security system has its own goals, tasks, methods and means of activity that are coordinated by place and time depending on the conditions.

From the point of view of information security, the information has the following categories:

1. Privacy - a guarantee that specific information is available only to the circle of persons for which it is intended; Violation of this category is called the predation or disclosure of information.

2. Integrity - a guarantee that the information now exists in its original form, that is, unauthorized changes were made during its storage or transmission; Violation of this category is called message falsification.

3. Aauthentic is a guarantee that the source of information is exactly the person who is stated as its author; Violation of this category is also called falsification, but already the author of the message.

4. Appeemability is a rather complicated category, but often used in e-commerce - a guarantee that, if necessary, it will be possible to prove that the author of the message is the stated person, and no one else can be; The difference between this category from the previous one that when the author is substituted, someone is trying to declare that he is the author of the communication, and when the appeal is impaired, the author himself is trying to "disappear" from his words signed by him once.

Under the threats of confidential information, it is customary to understand potential or actually possible actions with respect to information resources, leading to unlawful mastering protected information.

Such actions are:

Familiarization with confidential information in various ways and ways without disrupting its integrity;

Modification of information for criminal purposes as a partial or significant change in the composition and content of information;

Destruction (destruction) of information as an act of vandalism in order to directly apply material damage.

Actions resulting in unlawful mastering confidential information:

1. The disclosure is intentional or careless actions with confidential information that led to familiarization with them who were not admitted to them.

2. The leakage is an uncontrolled way out of confidential information beyond the organization or a circle of those who were trusted.

3. Unauthorized access is an unauthorized intentional mastering of confidential information by a person who does not have access to protected secrets.

1. Why do you need to protect information?

2. What is understood by the protection of information?

3. What system can be called safe?

4. What is a state secret?

5. What information can be attributed to state secrets?

6. What is a commercial mystery?

7. What information is the commercial secret?

8. What does not apply to a commercial secret?

9. What levels of access to information are regulated by Russian legislation?

10. How are the methods of information protection are divided?

11. What are the organizational and legal methods and information protection means?

12. What engineering techniques and means are used when protected information?

13. How to protect information from unauthorized access?

14. What is a "computer virus"?

15. How are computer viruses classified?

16. What funds are used for antivirus protection?

17. With the help of which the virus can get into the computer?

18. How to protect information from copying?

19. What are cryptographic methods and information protection tools?

20. How is asymmetric data encryption?

21. What is the meaning of information security?

23. What is the threat of information security?

24. What actions lead to unlawful mastering information?

In modern information systems (IP), information has two contradictory properties - accessibility and security from unauthorized access. In many cases, IP developers face the problem of choosing the priority of one of these properties.

Under the protection of information is usually understood precisely providing its security from unauthorized access. At the same time, under the unauthorized access itself, it is customary to understand the actions that entailed "... destruction, blocking, modification, or copying information ..." (Criminal Code of Article 272). All methods and means of information protection can be consecrated into two large groups: formal and informal.

Fig. 1. Classification of methods and means of information protection

Formal methods and means

These are such funds that perform their protective functions strictly formally, that is, according to a predetermined procedure and without direct human participation.

Technical means

Technical means of protection are called various electronic and electron-mechanical devices, which are included in the technical means of IP and are performed independently or in a complex with other means, some features of protection.

Physical means

The physical and electronic devices are called physical and electronic devices, elements of buildings, fire extinguishing equipment, and a number of other means. They ensure the following tasks:

• protection of the territory and premises of the computing center from the penetration of intruders;
• protection of equipment and carriers of information from damage or embezzlement;
• preventing the possibility of observing the work of personnel and the functioning of equipment from outside the territory or through the windows;
• preventing the possibility of intercepting electromagnetic emissions of working equipment and data lines;
• monitoring staff;
• organization of access to the staff of the staff;
• control over the movement of personnel in various work areas, etc.

Cryptographic Methods and Means

Cryptographic methods and means are called special information transformation, as a result of which its representation changes.

In accordance with the functions performed, cryptographic methods and tools can be divided into the following groups:

• identification and authentication;
• access separation;
• encryption protected data;
• protection of programs from unauthorized use;
• monitoring the integrity of information, etc.

Informal methods and means of information protection

Informal tools are such that are implemented as a result of targeted activities of people or regulate (directly or indirectly) this activity.

Informal funds include:

Organizational means

These are organizational and technical and legal activities carried out in the process of creating and operating IP in order to ensure information protection. In its content, all many organizational measures can be divided into the following groups conditionally:

• events carried out when creating IP;
• activities carried out during the operation of the IP: the organization of the bandwidth, the organization of automated information processing technology, the organization of work in shifts, the distribution of details of the separation of access (passwords, profiles, powers, etc.);
• general Events: Accounting for protection requirements for selection and training, organization of planned and preventive verification mechanism for protection, planning of information protection measures, etc.

Legislative means

These are legislative acts of the country that regulate the rules for use and processing information of limited use and establish responsibility measures for violating these rules. It is possible to formulate five "basic principles", which underlie the system of law protection laws:

• systems that accumulate large amounts of personal information should not be created, whose activities would be classified;
• there must be ways with which a single personality can establish the fact of collecting personal information, find out what it is going, and how will be used;
• there should be guarantees that the information obtained for some one goal will not be used for other purposes without informing the person to which it belongs;
• there must be methods with which a person can correct information relating to it and contained in IP;
• any organization, accumulating, storing and using personal information, should ensure the reliability of data storage with their appropriate use and should take all measures to prevent malfunction of data.

Moral - ethical norms

These norms can be as not written (generally accepted norms of honesty, patriotism, etc.) and written, i.e. decorated in some set of rules and regulations (charter).

On the other hand, all methods and information security tools can be divided into two large groups by the type of protected object. In the first case, the object is a carrier of information, and all informal, technical and physical methods and information protection means are used here. In the second case, we are talking about the information itself, and cryptographic methods are used to protect it.

The most dangerous (significant) information threats are:

• violation of confidentiality (disclosure, leakage) of information constituting banking, judicial, medical and commercial secret, as well as personal data;
• impairment of performance (disorganization of work) of IP, blocking information, violation of technological processes, breaking the timely solution of tasks;
• violation of integrity (distortion, substitution, destruction) of information, software and other IP resources, as well as falsification (fake) of documents.

Let us give a brief classification of possible channel leakage channels in the methods of organizing unauthorized access to information.

Indirect channelsallowing unauthorized access to information without physical access to IP components:

• use of overhearding devices;
• remote observation, video and photography;
• interception of electromagnetic radiation, registration of crosspads, etc.

Channels related to access to IP elements, but do not require changes in the components of the system, namely:

• monitoring information in the processing process to memorize it;
• theft of media;
• collecting production waste containing processed information;
• intentional reading of data from files of other users;
• reading residual information, i.e. data remaining on the storage fields after queries;
• copying media;
• intentional use to access the information terminals of registered users;
• disguise under a registered user by abduction of passwords and other details of delimitation of access to information used in IP;
• use to access information so-called "laseeks", that is, the possibilities for bypassing the accessing mechanism of access arising from the imperfection and ambiguities of programming languages \u200b\u200band system-wide software components in the IP.

Channels related to access to IP elements and with a change in the structure of its components:

• illegal connection of special recording equipment to system devices or communication lines;
• malicious change in programs so that these programs along with the basic information processing functions also carried out an unauthorized collection and registration of protected information;
• the malicious conclusion is due to the protection mechanism.

1.3.3. Restricting access to information

In general, the information protection system from unauthorized access consists of three main processes:

• identification;
• authentication;
• authorization.

At the same time, participants in these processes it is customary to the subjects - active ingredients (users or programs) and objects - passive components (files, databases, etc.).

The task of identification, authentication and authorization systems is the definition, verification and purpose of a set of percentage of the subject when accessing the information system.

Identification subject When accessing the IP is called the process of comparing it with some stored system in some object, the characteristic of the subject - the identifier. In the future, the subject identifier is used to provide a subject of a certain level of rights and powers when using the information system.

Authentication The subject is called the verification procedure to the identifier to the subject. Authentication is made on the basis of a secret element (authenticator), which have both the subject and the information system. Usually, in some facility in the information system, called the database of accounts, the secret element itself is stored, and some information about it, on the basis of which the decision is made on the adequacy of the subject by the identifier.

Authorization The subject is called the procedure for entering by its rights relevant to its powers. Authorization is carried out only after the subject has successfully passed identification and authentication.

The entire identification and authentication process can be schematically represented as follows:

Fig. 2. Identification and authentication process scheme

2- requirement to pass identification and authentication;

3- reference of the identifier;

4- checking the availability of the received identifier in the account database;

6- sending authenticators;

7- Checking the compliance of the authenticator received by the previously specified account identifier.

From the diagram (Fig. 2) it can be seen that to overcome the system of protection against unauthorized access, it is possible to either change the subject to the subject that implements the process of identification / authentication, or change the contents of the object - the account database. In addition, it is necessary to distinguish between local and remote authentication.

With local authentication, it can be considered that the processes 1,2,3,5,6 pass in the protected zone, that is, the attacker does not have the ability to listen or change the transmitted information. In the case of remote authentication, it is necessary to reckon with the fact that the attacker can take both passive and active participation in the process of sending identification / authentication information. Accordingly, such systems use special protocols that allow the subject to prove knowledge of confidential information without disclosure (for example, an authentication protocol without disclosure).

The general information protection scheme in IP can be represented as follows (Fig. 3):

Fig. 3. Removing information security in the information system

Thus, the entire system for the protection of information in IP can be divided into three levels. Even if the attacker succeeds in bypassing a system of protection against unauthorized access, it will face the problem of finding the information you need into IP.

Semantic protection implies concealment of the location of the information. For these purposes, it can be used, for example, a special format for recording for media or steganographic methods, that is, concealing confidential information in file-container files that are not carrying any significant information.

Currently, the steganographic methods for the protection of information were widespread in the two most actual directions:

• concealing information;
• copyright protection.

The last obstacle to the path of the attacker to confidential information is its cryptographic transformation. Such a conversion is called chipping. A brief classification of encryption systems is shown below (Fig.4):

Fig. 4. Classification of encryption systems

The main characteristics of any encryption system are:

• key size;
• the complexity of the encryption / decryption information for legal user;
• the complexity of "hacking" encrypted information.

Currently it is assumed that the encryption / decryption algorithm is open and is well known. Thus, only the key is unknown, the owner of which is a legal user. In many cases, it is the key that is the most vulnerable component of the information protection system from unauthorized access.

Of the ten security laws, Microsoft two are dedicated to passwords:

Law 5: "Weak password will violate the most strict protection",

Law 7: "Encrypted data is accurately protected as much as the key of the decryption is."

That is why the choice, storage and change of the key in information protection systems are of particular importance. The key can be selected by the user independently or impose by the system. In addition, it is customary to distinguish between three main forms of key material:

1.3.4. Technical means of information protection

In general, information protection by technical means is provided in the following options:
The source and carrier of information are localized within the boundaries of the protection object and the mechanical barrier is provided from contact with them an attacker or remote effects on them fields of its technical means

• the ratio of the carrier energy and interference at the receiver input installed in the leakage channel is such that the attacker cannot withdraw information from the carrier with the quality items necessary for its use;
• an attacker cannot detect a source or carrier of information;
• instead of true information, the attacker gets the false, which he takes as true.

These options implement the following protection methods:

• preventing the direct penetration of the attacker to the source of information with the help of engineering structures, technical means of protection;
• hiding reliable information;
• "Using" an attacker of false information.

The use of engineering structures and protection is the most ancient method of protecting people and material values. The main task of the technical means of protection is to prevent (prevent) direct contact of the attacker or nature forces with protection objects.

Under the objects of protection are understood as people and material values \u200b\u200band carriers of information localized in space. Such media includes paper, machine carriers, photo and film, products, materials, etc., that is, everything that has clear sizes and weight. To organize the protection of such objects, such technical means of protection as a security and fire alarm are commonly used.

Media of information in the form of electromagnetic and acoustic fields, electric currents do not have clear boundaries and methods of hiding information can be used to protect such information. These methods provide such changes in the structure and energy of the carriers in which the attacker cannot directly or with the help of technical means to allocate information with quality sufficient to use it in its own interests.

1.3.5. Information security software

These protections are designed specifically to protect computer information and are built on the use of cryptographic methods. The most common software are:

• Cryptographic processing programs (encryption / decryption) of information ("Verba" Mo PNIEI www.security.ru; "Crypton" Ankad www.ancud.ru; SECRET NET informschitis www.infosec.ru; "DALLAS LOCK" WWW configurity. confident.ru and others);
• Programs to protect against unauthorized access to information stored on a computer ("Sable" Ankad www.ancud.ru and others);
• Programming programs of information ("Stegano2et" and others);
• Software guaranteed information destruction;
• Protection systems from unauthorized copying and use (using electronic keys, for example, Aladdin www.aladdin.ru and with reference to the unique properties of the starforce information media).

1.3.6. Anti-virus information protection tools

In general, it is necessary to talk about "malware", which is how they are determined in the governing documents of the State Technical Commission and in the existing legislative acts (for example, Article 273 Ukrf "Creating, Use and Dissemination of Malicious Programs for ECM"). All malicious programs can be divided into five types:

• Viruses - Defined as pieces of software code that have the ability to generate objects with similar properties. Viruses in turn are classified by habitat (for example: boot -, macro - etc. viruses) and destructive action.
• Logic bombs- Programs, the launch of which occurs only when performing certain conditions (for example: Date, pressing the key combination, the absence / availability of specific information, etc.).
• Worms - Programs that have the opportunity to distribute over the network, transferring to the destination node not necessarily completely all the program code - that is, they can "collect" themselves from individual parts.
• Troyans- Programs that do not documented actions.
• Bacteria - Unlike viruses, this is a solid program that have the property of reproducing themselves like.

Currently, malicious programs in the "clean" form practically do not exist - all of them are some symbiosis of the above types. That is, for example: Troyan may contain a virus and in turn the virus can have the properties of a logical bomb. According to statistics, about 200 new malicious programs appears daily, and the "leadership" belongs to the worms, which is quite natural, due to the rapid growth of the number of active Internet users.

As protection against malware, it is recommended to use anti-virus software packages (for example: DrWeb, AVP - domestic developments, or foreign, such as NAV, TrendMicro, Panda, etc.). The main method of diagnosing all available antivirus systems is an "signature analysis", that is, an attempt to check the received new information for the "signature" of a malicious program in it is a characteristic piece of program code. Unfortunately, this approach has two essential drawbacks:

• You can diagnose only already known malware, and this requires constant updating of the "signatures" databases. This is about this warns one of the security laws Microsoft:

Law 8: "Not updated antivirus program is not much better than the absence of such a program"

• A continuous increase in the number of new viruses leads to a significant increase in the size of the "signature" base, which in turn causes significant use of the computer's resource anti-virus program and, accordingly, slowing its operation.

One of the well-known ways to improve the efficiency of diagnosing malware is the use of the so-called "heuristic method". In this case, an attempt is made to detect the presence of malicious programs, given the well-known methods of their creation. However, unfortunately, in the event that a high-class specialist participated in the development of the program, it is possible to detect it only after the manifestation of its destructive properties.

print version

Reader

Workshop

Presentations

Information Today is an important resource whose loss is fraught with unpleasant consequences. The loss of confidential data of the company carries in themselves the threats of financial losses, since competitors or intruders can take advantage of the information. To prevent such unwanted situations, all modern firms and institutions use information protection methods.

Safety of information systems (IP) is a whole course that all programmers and specialists in the field of building IP are undergoing. However, the types of information threats and protection technologies are necessary for everyone who works with secret data.

Types of information threat

The main type of information threats to protect against which the whole technology is created at each enterprise is the unauthorized access of attackers to the data. The attackers are planning in advance criminal actions that can be carried out by direct access to devices or by remote attack using programs specially designed to theft.

In addition to the actions of hackers, firms are often faced with loss of information due to violation of software and hardware.

In this case, the secret materials do not fall into the hands of attackers, but are lost and not subject to recovery or restored for too long. Failures in computer systems may occur for the following reasons:

• Loss of information due to damage to carriers - hard drives;
• Mistakes in software tools;
• Violations in the work of hardware due to damage or wear.

Modern information protection methods

Data protection technologies are based on the use of modern methods that prevent information leakage and its loss. Today is six main ways to protect:

• Let;
• Disguise;
• Regulation;
• Control;
• Compulsion;
• Movement.

All listed methods are aimed at building an efficient technology, in which losses are excluded due to negligence and successfully reflect different types of threats. The obstacle means a way to physically protect information systems, thanks to which the attackers do not have the opportunity to get into a protected area.

Masking - Ways to protect information providing for data transformation into a form, not suitable for perception of unauthorized persons. For decryption requires knowledge of principle.

Management - Ways to protect information under which management over all components of the information system.

Regulation is the most important method of protecting information systems, involving the introduction of special instructions, according to which all manipulations with protected data should be carried out.

Forcing - methods for the protection of information, closely related to regulation, implying the introduction of a complex of measures, in which employees are forced to fulfill the established rules. If methods of exposure to workers under which they perform instructions on ethical and personal reasons, they are talking about prompting.

On video - detailed lecture on the protection of information:

Information Systems Protection Means

Ways to protect information involve the use of a certain set of funds. To prevent the loss and leakage of secret information, the following means are used:

• Physical;
• Software and hardware;
• Organizational;
• Legislative;
• Psychological.

Physical means of protecting information prevent the access of unauthorized persons to the protected area. The main and oldest means of physical obstacle is to install durable doors, reliable locks, lattices on the windows. To enhance information protection, bandwidths are used on which access controls are carried out (guards) or special systems. In order to prevent information loss, the installation of the fire system is also advisable. The physical means are used to protect data both on paper and on electronic media.

Software and hardware are an indispensable component to ensure the safety of modern information systems.

Hardware is presented by devices that are embedded in equipment for information processing. Software - programs reflecting hacker attacks. Also, the software can also be attributed to the software complexes that perform the recovery of lost information. With the help of a set of equipment and programs, a backup of information is provided - to prevent losses.

Organizational tools are associated with several methods of protection: regulation, management, coercion. Organizational means include developing job descriptions, conversations with employees, a set of penalties and promotion measures. With the effective use of organizational funds, the enterprise employees are well aware of the technology of working with protected information, clearly fulfill their duties and are responsible for providing unreliable information, leakage or loss of data.

Legislative remedies - a set of regulatory acts governing people who have access to protected information and determining the measure of responsibility for the loss or theft of secret information.

Psychological means - a set of measures for creating personal interest of workers in the safety and authenticity of information. To create personal interest personnel, managers use different types of encouragements. Psychological means include the construction of corporate culture, in which each employee feels an important part of the system and is interested in the success of the enterprise.

Protection of transmitted electronic data

To ensure the security of information systems today, the methods of encryption and protection of electronic documents are actively used. These technologies allow remote data transmission and remote confirmation of authentication.

Information protection methods by encryption (cryptographic) are based on changing information using the secret keys of a special type. At the heart of the technology of electronic data cryptography - transformation algorithms, replacement methods, algebra matrices. The stability of encryption depends on how difficult the conversion algorithm was. Encrypted information is reliably protected from any threats other than physical.

Electronic digital signature (EDS) - an electronic document parameter that serves to confirm its authenticity. The electronic digital signature replaces the signature of the official on the paper document and has the same legal force. EDS serves to identify its owner and to confirm the absence of unauthorized transformations. The use of EDS provides not only information protection, but also contributes to the cheapening of document management technology, reduces the time of the documents of the documents when reporting.

Information System Safety Classes

The protection technology and the degree of efficiency is determined by the security class of the information system. International standards allocate 7 security classes systems that are combined in 4 levels:

• D - zero security level;
• C - systems with arbitrary access;
• In - systems with compulsory access;
• A - systems with verified security.

The level D corresponds to the systems in which the defense technology is poorly developed. With this situation, any extraneous person has the ability to access information.

The use of underdeveloped protection technology is fraught with loss or loss of information.

The level C has the following classes - C1 and C2. Security C1 assumes data and users. A specific user group has access to only specific data, it is necessary to receive an authentication - user authentication by requesting a password. When security class C1, there are hardware and software for protection. Systems with C2 class are complemented by measures that guarantee user responsibility: A access log is created and supported.

Level B includes security technologies that have level C classes, plus a few optional. Class B1 assumes the availability of security policies, a trusted computing database for managing safety tags and forced access control. When class B1, experts carry out careful analysis and testing of the source code and architecture.

Security class B2 is characteristic of many modern systems and suggests:

• Supply of the secrecy of all resources of the system;
• Registration of events that are related to the organization of secret memory sharing channels;
• Structuring a trusted computing base on well-defined modules;
• Formal security policy;
• High stability of systems to external attacks.

Class B3 suggests, in addition to the class B1, alert of the administrator about attempts to violate security policies, analysis of the emergence of secret channels, the presence of mechanisms for data recovery after the equipment failure or.

Level A includes one, the highest security class - A. To this class includes systems that have been tested and received confirmation of compliance with formal top-level specifications.

On video - detailed lecture on the safety of information systems: