- •Введение
- •Information security
- •Integrity
- •Risk management
- •Risk environment and context
- •Computer viruses
- •Types of computer viruses
- •History of computer viruses and antivirus software Part 1: the beginning
- •History of computer viruses and antivirus software Part 2: Virus attacks and antivirus development
- •Computer crimes
- •Computer Crime: New Kind of Professional Crime
- •Cryptography
- •Rsa Cryptosystem
- •Tips for personal information protection Part 1
- •Хищение личной информации в сша
- •Tips for Personal Information Protection Part 2
- •Attacks on passwords
- •Hackers as social phenomenon in modern digital world
- •Computer hacking - high-tech crime
- •Texts for background reading
- •Top 10 craziest computer hacks
- •Text 2 Top 10 craziest computer hacks Part 2
- •Text 3 Top 10 Awesomely Impressive Computer Hackers
- •10 Computer Hacks & Tricks
- •Text 5 Future authentication device.
- •Список литературы
Integrity
In information security, integrity means that data cannot be modified undetectably17. Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality.
Availability
For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages18, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service19 attacks.
NOTES
prevention – предотвращение
unauthorized access – несанкционированный доступ
disclosure– раскрытие
disruption – повреждение
interchangeably – взаимозаменяемо
to be concerned with – касаться (чего-либо)
regardless of – несмотря на
amass – накапливать, собирать
Should … – зд. в случае если
breach – прорыв, нарушение, повреждение
law suits – судебные иски
evolve – эволюционировать, развивать
digital forensics – цифровая криминалистика
encrypt – зашифровывать
restrict access – ограничить (закрыть) доступ
sensitive – зд. важный, секретный
undetectably – незаметно
power outage – перебой в энергоснабжении
denial-of-service – отказ в обслуживании
Ex.2. Match pairs of synonyms in the columns below.
1. frequently
2. incorrect
3. customer
4. products
5. collect
6. display
7. detect
8. store
9. encrypt
10. remain
A. stay
B. amass
C. show
D. find
E. keep
F. wrong
G. encode
H. often
I. client
J. goods
Ex.3. Find English equivalents in the text.
Стандарты индустрии информационной безопасности; разделять общие цели; обеспечить доступность и корректную работу; попасть в руки конкурентов; онлайн-транзакции по кредитным картам; целостность ссылок в базах данных; конфиденциальная информация о сотрудниках; сбой аппаратного обеспечения.
Ex.4. Learn the following expressions by heart.
To protect information; to implement a procedure; to intercept a message; sensitive information; hardware failure; classification system; military headquarters; to destroy a document; secret message; law suits; to trust a person; to achieve goals; according to the document; deciphering department; to look over the shoulder; to steel information.
Ex.5. Make up a sentence with each of the expressions from the Ex.4.
e.g. To protect information – If our company cannot protect such information, it will go bankrupt soon!
Ex.6. Give explanation to the following expressions. Use dictionary, if necessary.
e.g. Information disclosure – This a situation when some information gets to a person who does not have right to possess it
1. Security breach –
2. Unauthorized access –
3. Restricted access –
4. Sensitive information –
5. Power outage –
6. Encoding –
7. Confidentiality –
8. Integrity –
9. Availability –
10. Cipher –
Ex.7.Answer the questions.
1. What are the main components of Information Security?
2. How can you define the term “Information Security”?
3. What is the difference between Computer Security and Information Security?
4. What will happen if confidential information falls into the wrong hands? Give examples.
5. How many specializations in the field of Information Security can you mention?
6. What is a Breach of confidentiality? Give examples.
7. What is a Breach of Integrity? Give examples.
8. What is a Breach of Availability? Give examples.
Ex.8. Translate from Russian into English.
1. Система безопасности нашей компании имеет ряд недостатков.
2. Специалисты службы безопасности обновили данные системы и теперь все порядке.
3. Их отдел обеспечивает безопасность онлайн-транзакций по кредитным картам.
4. Кто-то пытался взломать наши базы данных, но мы обнаружили попытку взлома и блокировали доступ.
5. Это конфиденциальная информация, и никто не имеет к ней права доступа кроме директора компании.
6. Вся информация о новом продукте хранится на сервере компании, и у нас нет возможности получить к ней доступ.
7. Вам необходимо сменить все пароли и коды доступа в системе, иначе завтра вы будете банкротом!
8. Сегодня утром президент компании заявил, что атака на их систему безопасности была предотвращена, но они не смогли обнаружить хакеров.
9. Безопасность важной информации не должна зависеть от банального перебоя в электроснабжении.
10. Все каналы должны работать корректно, иначе эта база данных будет недоступна.
Ex.9. Translate the following text.
“History of information security”
Since the early days of communication, diplomats and military commanders understood that it was necessary to provide some mechanism to protect the confidentiality of correspondence and to have some means of detecting tampering. Julius Caesar is credited with the invention of the Caesar cipher c. 50 B.C., which was created in order to prevent his secret messages from being read should a message fall into the wrong hands, but for the most part protection was achieved through the application of procedural handling controls. Sensitive information was marked up to indicate that it should be protected and transported by trusted persons, guarded and stored in a secure environment or strong box. As postal services expanded, governments created official organizations to intercept, decipher, read and reseal letters (e.g. the UK Secret Office and Deciphering Branch in 1653).
In the mid-19th century more complex classification systems were developed to allow governments to manage their information according to the degree of sensitivity. The British Government codified this, to some extent, with the publication of the Official Secrets Act in 1889. By the time of the First World War, multi-tier classification systems were used to communicate information to and from various fronts, which encouraged greater use of code making and breaking sections in diplomatic and military headquarters. In the United Kingdom this led to the creation of the Government Code and Cypher School in 1919.
Encoding became more sophisticated between the wars as machines were employed to scramble and unscramble information. The volume of information shared by the Allied countries during the Second World War necessitated formal alignment of classification systems and procedural controls. An arcane range of markings evolved to indicate who could handle documents (usually officers rather than men) and where they should be stored as increasingly complex safes and storage facilities were developed. Procedures evolved to ensure documents were destroyed properly and it was the failure to follow these procedures which led to some of the greatest intelligence coups of the war.
The end of the 20th century and early years of the 21st century saw rapid advancements in telecommunications, computing hardware and software, and data encryption. The availability of smaller, more powerful and less expensive computing equipment made electronic data processing within the reach of small business and the home user. These computers quickly became interconnected through the Internet.
The rapid growth and widespread use of electronic data processing and electronic business conducted through the Internet, along with numerous occurrences of international terrorism, fueled the need for better methods of protecting the computers and the information they store, process and transmit. The academic disciplines of computer security and information assurance emerged along with numerous professional organizations – all sharing the common goals of ensuring the security and reliability of information systems.
Ex.10. Make a presentation on one of the following topics.
1. Information security in ancient Rome.
2. Information security in Middle Ages.
3. Information security in modern world.
4. Information security in business and industry.
5. Information security in personal privacy
Presentation requirements: format – MS Power Point, number of slides from 10 to 15, animation (optional, but recommended), presentation plan - from 5 to 10 points, performance time - from 5 to 7 minutes.
UNIT 2
Ex.1. Read and translate the text.