Information protection from unauthorized access: means, requirements, types and methods

Issues related to the protection of information from unauthorized access have been discussed in Russia for a long time. Currently, the problem of data privacy is very acute.

Society is developing, private property relations are being improved, an active struggle for power is going on. The expansion of the scope of human activity leads to an increase in the value of information and especially information that can bring its owner any benefit - material, political, etc. Let us further consider the features of protecting information from unauthorized access, classification of existing methods of ensuring data confidentiality.

Relevance of the problem

In a market economy, a prerequisite for the effectiveness of any enterprise, maximizing profits, maintaining the integrity of the organizational structure of any company is to ensure the protection of information from unauthorized access. This problem is solved by using a set of tools, methods and systems that prevent unauthorized persons from receiving important information.

Changes in the country's economy have a significant impact on data privacy. Russia has its own financial and credit system, enterprises of various forms of ownership operate. According to statistics, over the past few years, the number of cases of theft of business and technical information has significantly increased. Such actions often lead to adverse consequences for the business: enterprises suffer losses, and in some cases become bankrupt.

Responsibility for protecting information from unauthorized access is borne, as a rule, by persons who are at the lowest level of the management apparatus. Meanwhile, any enterprise should have a responsible employee coordinating activities to ensure data confidentiality. He should be in the highest echelon of the administrative apparatus.

Ways to violate the confidentiality of information

To effectively protect information from unauthorized access, any user should have an idea of ​​the main ways of illegally obtaining data. The most common ways to violate the confidentiality of information can be considered:

1. Theft of storage media and industrial waste.
2. Disguise as registered users.
3. Copy data by breaking locks.
4. Hoax. It is a disguise for system requests.
5. Selfish use of operating system and programming language flaws.
6. Data interception.
7. The use of viruses.
8. Remote photography.
9. Deliberate decommissioning of defense mechanisms.

Of course, this is not a complete list of ways to illegally obtain confidential data.

Methods of protecting information from unauthorized access

Violation of data confidentiality involves unplanned, unlawful familiarization, processing, copying, modification, destruction of information, introduction of viruses that destroy software. All these actions violate the provisions of regulatory acts governing the use of data.

The existing means of protecting information from unauthorized access today are used to prevent intruders from entering databases containing information important to users. Today, in the field of data protection from illegal actions there are several areas:

1. Prevention of intruders to the computer environment. In this area, technical means of protecting information from unauthorized access are used, which allow identifying an attacker and stopping his actions at the initial stage of implementation in the network.
2. Creation of special software products that protect the computing environment.
3. Use of information protection from unauthorized access for a specific computer.

You must understand that to solve a particular problem related to ensuring data confidentiality, different methods and technologies are used.

Normative base

Requirements for the protection of information from unauthorized access, characteristics, functions, classification of means and methods are established by special regulatory acts. The body authorized to monitor compliance is the State Technical Commission. The main regulatory documents to protect information from unauthorized access should include:

1. "Automated systems. Classification of AS, requirements for protecting information from unauthorized access."
2. "Means of VT. Indicators of security against unauthorized access."

Technical means

They are divided into built-in and external. The first include such methods of protecting information from unauthorized access, such as setting a password on the BIOS, operating system, DBMS (database management system). The second group includes methods aimed at strengthening existing tools or introducing additional functions into them. Among them are:

1. Hardware methods of trusted boot.
2. Hardware-software systems for sharing access rights between users.
3. Strong authentication methods for connections.

Let us consider separately each specified type of information protection from unauthorized access.

Hardware

They are products that are sometimes referred to as electronic locks. The functions of these tools are to provide reliable user identification, verify the integrity of the software of a particular computer. Typically, the hardware looks like a PC expansion card in which the appropriate software is installed. It is recorded either on a flash memory or on a hard drive.

The principle of hardware is quite simple. During the boot of the PC, the BIOS and protective boards are activated. After that, the user ID is requested. It is compared with data stored in flash memory. The identifier can be additionally password protected. After that, the operating system of the computer or board is activated. After that, the software verification program starts. Typically, an analysis is made of the system areas of the disk, boot elements, files, the verification of which is requested by the user.

The analysis is carried out on the basis of either an insert or hashing algorithm. The result is compared with the data on the flash memory. If differences from the standard are detected, the board blocks the subsequent operation, and a corresponding message appears on the screen. If no differences are found, control from the board is transferred to the PC, and further loading is performed. Identification and analysis processes are recorded in a journal.

A significant advantage of technical protection elements is their high reliability. In addition, they are easy to use and inexpensive. As a rule, if a PC has one user, then such a product is quite enough to maintain data confidentiality.

Hardware and software systems

They apply if a single PC has multiple users. These software tools to protect information from unauthorized access provide separation of powers of persons working with a computer.

The tasks of maintaining data confidentiality are solved by establishing for specific users:

• prohibitions on the launch of certain processes and applications;
• permissions for certain types of actions.

The organization of the protection of information from unauthorized access using hardware and software can be carried out in different ways. Usually, during the system startup, a program is activated that ensures the confidentiality of data. It is located in the PC memory as a resident module. The program allows you to control the actions of users launching applications and accessing certain information.

The actions of the subjects are recorded in the journal. Only the administrator responsible for security has access to it.

The composition of hardware and software

In these complexes there is a trusted boot board. It serves to additionally verify the integrity of the protection system software on the hard disk. The board is the hardware. The program element is represented by a resident module. It is located in a special catalog.

It is worth saying that hardware and software can be used on a PC with which one user works. In this case, access to the installation and launch of applications that are not involved in work may be blocked.

Strong Authentication

It is used when the functioning of workstations in a network must meet certain requirements for protecting information from unauthorized access by this network and from changing either the data itself or the software. Strong authentication is also used when it is necessary to prevent processes from starting by an inappropriate user.

The essence of the method

One of the key tasks of data protection is the provision of identification and authentication of a network user. The subject can be recognized by what he represents, what he has and what he knows. Consider the essence of the method in more detail.

What does the user know? Your username (name) and password. This information is the basis of password identification. The disadvantage of this scheme is that the user often needs to memorize complex combinations. Often a simple password is chosen that can be easily picked up. Some users write complex combinations on paper, in a notebook, etc. Accordingly, in case of loss, the password may reach inappropriate persons.

If only such protection is used, measures must be taken to ensure the management of the creation of complex combinations, their duration and their timely removal. These tasks can be solved using cryptographic password closure.

What does the user have? Of course, it has a special key, i.e. a unique identifier (smart card, cryptographic key, etc.). It encrypted the user record in a common database. The variant with the identifier is considered more reliable. However, in this case, the unique key should always be with the user. As a rule, it is attached to a keyring with keys, which is often left out of oblivion at home or is tritely lost. In order to avoid such situations, it is advisable to instruct the issuance of identifiers to the administrator. Every morning, users will receive their key, which will be recorded in a special journal. In the evening, identifiers should be handed over to the administrator.

What is a user like? Each subject has only its inherent attributes. They are used for biometric identification. A fingerprint, palm, eye shell pattern, etc. can act as a “key”. Today, this method of protection is considered the most reliable. In this case, users do not need to have something with them. In the short term, the cost of biometric identification systems will become affordable for all companies.

Encryption

Changing data is currently one of the common software ways to protect information. Encryption allows you to convert information into data that is not accessible to unauthorized persons.

This method is used primarily for transmitting classified information. You can encrypt absolutely any data: drawing, text, sound, etc. The conversion of information has been used since the time when it became necessary to hide something from the enemy.

Coding and decoding of information is carried out by cryptology methods. Two directions are distinguished in this science: cryptography and cryptanalysis. The first is studying encryption methods, and the second is decryption methods.

Encryption Features

It is assumed that the information conversion algorithm is known to all. However, the key with which to read the message is missing. This is the difference between encryption and simple encoding. In the second case, to obtain information, it is enough to know the algorithm for changing them.

The key is a parameter by which you can choose a specific transformation of information from the whole set of options that the algorithm provides. If the user knows him, then he can encrypt and decrypt the data without any problems.

Ciphers are divided into two categories: asymmetric and symmetric. In the latter case, one key can be used both for encryption and for decryption. Asymmetric ciphers are created with one key, and opened with another. In this case, the first is available to any user, and the second is only available to the data recipient.

An important property of the converted information is its cryptographic strength. It represents decryption resistance in the absence of a key. An algorithm will be considered persistent if its disclosure requires unattainable computing resources, a huge amount of intercepted information, or such a period that after it expires encrypted information will lose relevance.

Conclusion

The choice of one or another remedy is carried out depending on various factors. Identified and potential threats, PC specifications are of great importance. It cannot be said that the hardware protection method will be uniquely more reliable than the software one.

Analysis of the object of protection, the identification of threats - the tasks are extremely complex. It is advisable to entrust their decision to professionals.