Гвоздева Цомпутер сциенце 2011

Study the sentences.

1.The difficulty of computing the private key from the respective public key is exactly that of factoring big integers.

2.Today the computer industry is transferring from the model in which a particular company’s architecture dominates to that in which computer products conform to open standards.

III. N + to Vo; N + to be V3

An infinitive after a noun characterizes it and expresses an action which must be done or could be done in the future.

Study the sentences.

1.There are two keys: one public key to lock the safe, and one private one to open it.

2.In fact, the internet itself could be transformed into a software platform to challenge the Wintel standards.

IV. One is a personal pronoun and can be used as the subject of a sentence = You. It is a formal subject. One is not translated.

Study the sentences.

1.One can easily derive a public key from a private key but not vice versa.

2.However, with enough time, resources, and motivation, one can break most algorithms.

V. We use must and have to (do) to say that it is necessary to do something. Often it doesn’t matter which you use.

Study the sentences.

1.In these systems users do not have to agree on a secret key before they send a message.

2.To investigate the matters we have to extend our studies of memory beyond laboratory animals to human beings.

VI. Any branch of exact sciences involves terminology.

a. Terms are expressed as a chain of nouns. The last N in the chain is the basic one.

E.g. the key distribution problem a publickey system

a public-key cryptosystem

a system network malfunction information processing memory capacity

41

b. Terms are expressed as N + V3 + N E.g. a knowledge-based search

a PCbased desktop videoconferencing system

Give Russian correspondence:

before, so (therefore), vice versa, to exploit (to use), unfortunately

THE KEY DISTRBUTION PROBLEM

Study the passage.

Mathematicians have tried hard to solve the key distribution problem. The 1970s brought a

clever mathematical discovery in the shape of “public key” systems. In these systems users do not have to agree on a secret key before they send a message. They work on the principle of a safe with two keys, one public key to lock it, and one private one to open it. Everyone has a key to lock the safe but only one person has a key that will open it again, so anyone can put a message into the safe but only one person can take it out. In practice the two keys are two large integer numbers. One can easily derive a public key from a private key but not vice versa. The system exploits the fact that certain mathematical operations are easier to perform in one direction than the other. Public-key cryptosystems avoid the key distribution problem but unfortunately their security depends on unproved mathematical assumptions, such as the difficulty of factoring large integers. An enemy who knows your public key can in principle calculate your private key because the two keys are mathematically related; however, the difficulty of computing the private key from public key is exactly that of factoring big integers.

Vocabulary Notes

1.an integer number – a large number – a dimensionless number

2.to avoid – trying not to do

3.an assumption – a supposition

42

POST-READING TASK (To be done in writing)

1.Explain the principle of a public key system in one sentence.

2.Explain the mathematics involved.

3.Explain the incompleteness of mathematics the system is based

on.

4.Make your own conclusion about the effectiveness of a publickey system.

UNIT 3

ID TECHNOLOGY

PRE-READING TASK

I. Ving is a verbal noun. It is formed from a verb + ing. While an infinitive expresses an action, a verbal noun expresses a process. We often use Ving as the subject of the sentence or in combination with prepositions.

Study the sentences.

1.Defining what constitutes an attack is difficult.

2.Windows NT is on its way to becoming the leading server OS. We use without + Ving to say how we do something = Russian – не

делая.

Study the sentences.

The goal of ID is to characterize attack manifestations without identifying false attacks.

II. We use to V to talk about the purpose of doing something (why someone does something). We also use in order to + V or so as to V

Study the sentences.

1.Some users may use ID to identify and correct vulnerabilities.

2.The race is on to find faster technologies that can meet the future needs of the Internet and communications applications.

III. We use for + N + to V to talk about the purpose of doing something = Russian – для того, чтобы

Study the sentences.

1.For an intrusion to occur, it requires both an act by an attacker and manifestation of the attack.

43

2. Networking infrastructure is facilities, services and equipment that are needed for an organization to function properly.

IV. N + to V (active); N + to be V3 (passive)

An infinitive (to V) after a noun characterizes it and expresses an action that must be done or could be done in the future.

Study the sentences.

1. Some users may be interested in collecting forensic information to locate intruders

2. Others may use ID to trigger the actions to protect computing resources.

Give Russian correspondence:

to result in (to lead to, to give rise to), despite (in spite of), the only (single), a means (a method, a way), any, a number of (a set of, a range of), typically (usually), no + N, to result from (to be the result of), both …. and, so as to V (in order to)

INTRUSION DETECTION SYSTEMS

FYI

Framework is a particular set of rules or methods that form a structure.

Groundwork is early work which forms the basis for further work.

Study the passage.

Intrusion detection systems (IDSs) are an important component of defensive measures protecting computer systems and networks from abuse. ID has been an active field of research for about two decades and provided a methodological framework that resulted in many researches and laid the groundwork for commercial products. Despite substantial research and commercial investment, ID technology is immature, and its effectiveness is limited.

The Intrusion Perspective

Defining what constitutes an attack is difficult. Attacks may involve any number of attackers and victims. The attacker’s viewpoint is typically characterized by intent and risk of exposure. From a victim’s

44

perspective, intrusions are characterized by their manifestations, which may or may not include damage. Some attacks may produce no manifestations, and some manifestations may result from system network malfunctions. For an intrusion to occur, it requires both an act by an attacker and manifestation, observable by the victim, which results from that act.

The goal of ID is to characterize attack manifestations so as to positively identify all true attacks without identifying false attacks. The motivation for using ID technology may vary. Some users may be interested in collecting forensic information to locate intruders. Others may use ID to trigger the actions to protect computing resources. Still others may use ID to identify and correct vulnerabilities.

Vocabulary Notes

1.an intrusion – an attack

2.an abuse – the use in a wrong way or for a bad purpose

3.mature – fully developed – ant. immature

4.to rely upon – to depend on,

5.a victim – the one who has been attacked

6.a manifestation – a sign that something is happening

7.a damage – harm

8.an intent – an intention

9.an exposure – detection

10.forensic – legal

11.to trigger – to provoke

12.a vulnerability – a flaw – a weakness

POST-READING TASK

(to be done in writing)

Formulate sentences to cover the points:

1.The goal of ID.

2.The results of ID research.

3.The motives for using ID.

4.Make your own conclusions about the effectiveness of ID.

45

UNIT 4

NETWORKING SECURITY

PRE-READING TASK Study some grammar points.

I. We use be (am/is/are/was/were) + to V to say that something is planned to happen.

Study the sentences.

1.You must also understand the different types of firewalls, where they are to be placed, and their interactions with other devices,

2.Prices are still too high for wide use, but they are to fall dramatically within a few years.

3.When Turing was 23 years old, he impressed his peers at the University of Cambridge by inventing the mathematical characterization of a machine that was to become one of the most important contributions in the history of computing.

II. N + to Vo (active); N + to be V3 (passive)

An infinitive (to V) after a noun characterizes it and expresses an action which must be done or can be done in the future.

Study the sentences.

1.Layers within security are important, so that if the attacker is able to bypass one layer, another layer stands in the way to protect the internal network

2.Networking and communications are complicated topics to understand.

III. If we want to emphasize a word or a part of the sentence we use this structure:

It is …… that … = именно, только

Study the sentences.

1.It is the complexity that makes networking the most fun for those who truly enjoy this field.

2.It is Java that can compete with the Wintel standard.

3.It is a security professional who will understand these issues.

IV. You translate a past participle V3 without any words referring to it before you translate a N.

46

Study the sentences.

1.To secure a network architecture, you must understand the various networking platforms involved.

2.Over 55% of printers sold are ink-jet models.

Give Russian correspondence:

challenging (difficult), an approach (a method, a technique), although (though), an outcome (a result)

FYI

1.Maintaining networking security is regular checking networking infrastructure and reducing vulnerabilities.

2.Networking infrastructure is facilities, services and equipment that are needed for an organization to function properly.

Terminology

1.to configure computing software – выбрать конфигурацию программных средств

2.interoperability – совместное функционирование сетей

3.to troubleshoot – находить неисправности

4.an environment – оборудование

5.an application – приложение, программа

6.a buffer – буфер (дополнительное устройство памяти для промежуточного хранения данных)

7.an overflow – переполнение

8.an architecture – структура

9.a platform – платформа (программно –аппаратная среда, в которой выполняется прикладная система)

10.a firewall – межсетевой экран

11.a router – маршрутизатор (программа, занимающаяся прокладыванием маршрутов в локальной вычислительной сети)

12.a bridge – мост (устройство, соединяющее несколько локальных сетей)

13.a protocol – протокол (процедура регистрации и коммутации сообщений)

14.a layer – уровень

47

MAINTAINING NETWORKING SECURITY

IS MORE FUN THAN WORK

Study the passage. Translate the paragraph marked with asterisks in writing.

*Telecommunications and networking use various mechanisms, devices, software, and protocols that are interrelated and integrated. Networking is one of the more complex topics in the computer field, mainly because so many technologies and concepts are involved. A network administrator or engineer must know how to configure networking software, protocols and services, and devices; deal with interoperability issues; install, configure and interface with telecommunications software and devices; and troubleshoot effectively. A security professional must understand these issues and be able to analyze them a few levels deeper to understand where vulnerabilities can arise within networks. This can be a challenging task.*

To secure an application that contains a buffer overflow, for example, you must understand what a buffer overflow is, what the outcome of the exploit is, how to identify a buffer overflow properly, and possibly how to write program code to remove this weakness from the program. To secure a network architecture, you must understand the various networking platforms involved, network devices, and how data flow through a network. You must understand how various protocols work, their purposes, their interaction with other protocols, how they may provide vulnerabilities, and how to choose and implement the appropriate types of protocols in a given environment.

You must also understand the different types of firewalls, routers, switches, and bridges, when one is more appropriate than the other, where they are to be placed, and their interactions with other devices, and the degree of security each device provides. The many different types of devices, protocols and security mechanisms within the environment provide different functionality, but they also provide a layered approach to security.

Layers within security are important, so that if the attacker is able to bypass one layer, another layer stands in the way to protect the internal network. Many networks have routers, firewalls, intrusion detection systems, antivirus software, and more. Each specializes in a certain

48

piece of security, but they all should work in concert to provide a layered approach to security.

Although networking and communications are complicated topics to understand, it is the complexity that makes it the most fun for those who truly enjoy these fields.

Vocabulary Notes

1.properly – appropriately – correctly

2.to remove – to take away – to eliminate

3.an exploit – a use

4.to implement – to effect – to carry out – to realize

5.appropriate – correct

POST-READING TASK

(to be done in writing)

I. Give answers to the questions.

1.What must a network engineer know?

2.What must a security professional know?

3.Is it a challenging task?

4.In what case is maintaining security more fun than work?

5.What makes the most fun?

6.How can a network engineer secure an application that contains a buffer-overflow?

7.What must a security professional know to secure a network architecture?

8.Why are layers important for maintaining security?

9.How is it possible to provide a layered approach to security?

II. You are a network engineer. You maintain networking security. Write about it.

CLASS EXERCISES

Exercise 1 (in groups)

Experts in networking security speak about their field; students majoring in this field ask the experts the questions suggested in post-reading I.

49

Exercise 2 (do it yourself)

You are looking for a job as a network engineer. Write your resume.

Exercise 3 (in groups)

You are applying for a job as a network administrator. You are being interviewed.

One of the students is giving his resume; the others are asking him questions.

STUDY SOME MORE GRAMMAR POINTS

I. S + is likely + to Vo = probably and expresses the probability of the action in the present or in the future.

S + is unlikely + to V = hardly Study the sentences.

1.The two emerging printer types are likely to be popular.

2.Network computers are unlikely to become PC killers.

3.PCbased desktop videoconferencing systems are likely to grow

fast.

II.S + is sure + to V = certainly

S + is certain + to V = certainly

Study the sentences.

1.Such devices are currently expensive but prices are sure to decline as production increases.

2.Network computers are certain to be attractive to corporations for Internet applications and for replacing old terminals.

III. Emphatic sentences

To make a sentence emphatic we change the word order.

To understand, reconstruct the usual word order S + V + what, where, when.

Study the sentence.

Also expected are devices that can print checks, access bank and financial information; that can run educational programs from a variety of sources and machines that can simplify such kitchen tasks as menu planning, shopping, and cooking.

50