close

Вход

Забыли?

вход по аккаунту

?

9.Обучение устной речи и чтению литературы на английском языке по спец. «Защита информации»

код для вставкиСкачать
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
Московский государственный технический университет
имени Н.Э. Баумана
О.И. Комарова, Е.И. Румянцева
ОБУЧЕНИЕ УСТНОЙ РЕЧИ
И ЧТЕНИЮ ЛИТЕРАТУРЫ
НА АНГЛИЙСКОМ ЯЗЫКЕ
ПО СПЕЦИАЛЬНОСТИ
«ЗАЩИТА ИНФОРМАЦИИ»
В трех частях
Часть 1
Учебно-методическое пособие
Москва
Издательство МГТУ им. Н.Э. Баумана
2010
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
УДК 802.0
ББК 81.2 Англ-923
К63
Рецензент И.Ф. Беликова
К63
Комарова О.И.
Обучение устной речи и чтению литературы на английском языке по специальности «Защита информации» : учеб.метод. пособие: в 3 ч. – Ч. 1 / О.И. Комарова, Е.И. Румянцева. – М. : Изд-во МГТУ им. Н. Э. Баумана, 2010. – 30, [2] с.
Пособие состоит из трех тематических разделов: первый включает тексты об основных принципах информационной защиты, второй – о компьютерных вирусах, третий – о способах защиты (ключах и криптографии). Предлагаются тексты для ознакомительного
чтения и краткого изложения содержания прочитанного. Тексты
представляют собой статьи или извлечения из статей англоязычных
авторов. Представлены также упражнения на понимание текста, отработку и закрепление лексико-грамматических конструкций, развитие навыков устной речи. Для студентов 3-го курса, обучающихся
по специальности «Защита информации».
УДК 802.0
ББК 81.2 Англ-923
Учебное издание
Комарова Ольга Ивановна
Румянцева Елена Ивановна
Обучение устной речи и чтению литературы на английском языке
по специальности «Защита информации»
Часть 1
Корректор Р.В. Царева
Компьютерная верстка О.В. Беляевой
Подписано в печать 18.11.2010. Формат 60×84/16.
Усл. печ. л. 1,86. Тираж 200 экз. Изд. № 31.
Заказ
Издательство МГТУ им. Н.Э. Баумана.
Типография МГТУ им. Н.Э. Баумана.
105005, Москва, 2-я Бауманская ул., 5.
© МГТУ им. Н.Э. Баумана, 2010
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
ПРЕДИСЛОВИЕ
Настоящее пособие предназначено для студентов 3-го курса
(пятый семестр), обучающихся по специальности «Защита информации» (кафедра ИУ-10).
Авторы пособия имеют целью формирование у студентов профессионально-ориентированной коммуникативной компетенции.
В пособии представлены оригинальные тексты, степень трудности которых соответствует уровню подготовки студентов 3-го
курса (пятый семестр).
Состоит пособие из трех разделов (units). Их тематика соответствует тематике изучаемой специальности.
В каждый раздел включены текст для чтения и перевода, послетекстовые упражнения на закрепление, отработку и использование в речи лексико-грамматических конструкций. Помимо этого в
каждом разделе даны дополнительные тексты для устного изложения и обсуждения.
В конце каждого раздела даны упражнения на повторение
грамматического материала, лексическое наполнение которого не
основано на специальной тематике.
Содержание пособия позволяет студентам охватить широкий
спектр информации по изучаемой специальности, активизировать
пройденный ранее материал, сформировать компетенцию специализированной коммуникации.
3
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
UNIT 1
Read and translate the text.
Text A
Basic Principles of Information Protection.
Considerations Surrounding the Study of Protection
Many examples of systems requiring protection of information are
encountered every day: airline seat reservation systems, credit bureau
data banks; law enforcement information systems; time-sharing service
bureaus; on-line medical information systems; and government social
service data processing systems. These examples span a wide range of
needs for organizational and personal privacy. All have in common
controlled sharing of information among multiple users. All, therefore,
require some plan to ensure that the computer system helps implement
the correct authority structure. Of course, in some applications no special provisions in the computer system are necessary. It may be, for instance, that an externally administered code of ethics or a lack of
knowledge about computers adequately protects the stored information.
Although there are situations in which the computer need provide no
aids to ensure protection of information, often it is appropriate to have
the computer enforce a desired authority structure.
The words ‘privacy’, ‘security’, and ‘protection’ are frequently
used in connection with information-storing systems. Not all authors
use these terms in the same way. Here are the definitions commonly
encountered in computer science literature. The term ‘privacy’ denotes
a socially defined ability of an individual (or organization) to determine
whether, when, and to whom personal (or organizational) information is
to be released.
The term ‘security’ describes techniques that control who may use
or modify the computer or the information contained in it.
Security specialists have found it useful to place potential security
violations in three categories.
4
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
1. Unauthorized information release: an unauthorized person is able
to read and take advantage of information stored in the computer. This
category of concern sometimes extends to ‘traffic analysis’, in which
the intruder observes only the patterns of information use and from
those patterns can infer some information content. It also includes unauthorized use of a proprietary program.
2. Unauthorized information modification: an unauthorized person
is able to make changes in stored information – a form of sabotage.
Note that this kind of violation does not require that the intruder see the
information he has changed.
3. Unauthorized denial of use: an intruder can prevent an authorized
user from referring to or modifying information, even though the intruder may not be able to refer to or modify the information. Causing a
system ‘crash’, disrupting a scheduling algorithm, or firing a bullet into
a computer are examples of denial of use. This is another form of sabotage.
The term ‘unauthorized’ in the three categories listed above means
that release, modification, or denial of use occurs contrary to the desire
of the person who controls the information, possibly even contrary to
the constraints supposedly enforced by the system. The biggest complication in a general-purpose remote-accessed computer system is that
the ‘intruder’ in these definitions may be an otherwise legitimate user
of the computer system.
Examples of security techniques sometimes applied to computer
systems are the following:
1) labeling files with lists of authorized users;
2) verifying the identity of a prospective user by demanding a password;
3) shielding the computer to prevent interception and subsequent interpretation of electromagnetic radiation;
4) enciphering information sent over telephone lines;
5) locking the room containing the computer;
6) controlling who is allowed to make changes to the computer system (both its hardware and software);
7) using redundant circuits or programmed cross-checks that maintain security in the face of hardware or software failures;
8) certifying that the hardware and software are actually implemented as intended.
It is apparent that a wide range of considerations are pertinent to the
engineering of security of information. Historically, the literature of
computer systems has more narrowly defined the term protection to be
5
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
just those security techniques that control the access of executing programs to stored information. An example of a protection technique is
labeling of computer-stored files with lists of authorized users. Similarly, the term authentication is used for those security techniques that
verify the identity of a person (or other external agent) making a request of a computer system. An example of an authentication technique
is demanding a password. This paper concentrates on protection and
authentication mechanisms, with only occasional reference to the other
equally necessary security mechanisms. One should recognize that concentration on protection and authentication mechanisms provides a narrow view of information security, and that a narrow view is dangerous.
The objective of a secure system is to prevent all unauthorized use of
information, a negative kind of requirement. It is hard to prove that this
negative requirement has been achieved, for one must demonstrate that
every possible threat has been anticipated.
COMPREHENSION CHECK
1. Give the Russian equivalents to the following words and
word combinations:
to encounter; to span a wide range of needs for; multiple users; special provisions; to ensure protection; to enforce smth; techniques; potential security violations; to take advantage of; to disrupt a scheduling
algorithm; the intruder; legitimate user; shielding; to encipher information; redundant circuits; to certify; possible threat; to anticipate.
2. Provide definitions in the context of protecting information in
computers:
Access
Authenticate
Authorize
Certify
Encipherment
Password
Privacy
Protection
Security
Check them with the Glossary given at the end.
3. Answer the questions to the text and perform the tasks.
6
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
1. Give your own examples of systems requiring protection of information.
2. What is the main difference between the notions protection and
security?
3. Span the needs for organizational and personal privacy.
4. What are the three categories of the potential security violations?
Describe them.
5. Why can release, modification, or denial of use occur contrary to
the desire of the person?
6. Give examples of security techniques sometimes applied to computer systems.
7. What are the other definitions of the terms protection and authentication?
8. Why are these terms considered to provide a narrow view of information security?
4. Discuss the basic principles of information protection.
GRAMMAR REVISION
1. Use the correct tense form.
This story happened to Mr. Brown who (was living, lived, had
lived) in the suburbs of one of the towns in England. One evening he
(walked, was being walked, was walking) home from the railway station. The road (had been, was, being) dark and lonely. Suddenly he
heard someone (was approaching, approached, approaching) him from
behind and thought he (being followed, was being followed, was followed). Mr. Brown (was, had been, being) terribly frightened and
started (run, ran, running). The footsteps still followed him. The man
ran into an old cemetery and threw himself on the grass near one of the
graves.
Lying there Mr. Brown thought, ‘If he (came, was coming, comes)
here there (will be, is, was) no doubt he (wanted, wants, will want) to
rob me’.
The man behind really came there too. Mr. Brown wondered what
he (wants, wanted, will want) and why he (is following, had followed,
was following) him.
The stranger said that he (was going, went, had gone) to Mr.
Robertson's and he had been told that Mr. Brown (was living, lived, had
7
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
lived) next door to the Robertsons. That's why he decided to follow
him. And the stranger thought it was a sort of exercise Mr. Brown (was
using, used, is using) to do in the evenings.
2. Put the questions to the following sentences.
1. The weather was stormy yesterday. (What?)
2. A lot of hamburgers are eaten in the USA. (How many?)
3. Ann has just come back from London. (When?)
4. He had to borrow some money. (Why?)
5. They have been quarrelling since morning. (How long?)
6. Stephen and Paul lead an adventurous life. (Who?)
7. We used to go to the theatre on Friday nights. (Where?)
8. Dick won't be able to join us tomorrow. (Why?)
9. She speaks English very well. (How?)
3. Andrea is giving a talk to her class at the language school
about her first few weeks in Britain. Complete what she says. Put
the verbs in brackets into the correct tense.
I (arrive) about eight weeks ago. I (not be) to Britain before, so
I (not know) what to expect. My friends Vince and Sue (meet) me at the
airport. They (wait) for me when I (come) out of the arrivals gate. I (be)
very pleased to see them. You see, my cousin Carmen (come) to stay
with Sue the summer before last, but there (not be) anyone to meet her
at the airport, because Sue (have) an accident. Anyway, as I said, I (be)
here for about two months now. I (learn) a lot of English in that time
and I (do) a lot of things. I (be) to London a Few times and last weekend I (go) to Oxford to see Sue. While Sue (show) me some of the colleges. I (see) some people from my town in. Argentina. They (arrive) in
England the day before. We (be) all so surprised. We (can't) believe it.
4. Supply some, any, no for the following sentences.
1. If you have ... news, call me back. 2. She helped borrow ... more
money. 3. There is hardly ... place in this house where we can talk
alone. 4. ... boy at the school had ever taken a scholarship to the university. 5. It meant real hardship to my mother unless I earned ... money at
once. 6. My mother hoped that perhaps the school had ... funds to give
me a grant. 7. It was unlikely that ... of the guests would take particular
notice of it. 8. They understood each other without ... words. 9. ‘Let's
go back home. It's already late’. ‘I'd rather stay out a little longer’.
8
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
‘I suppose we've got to go home ... time’. 10. There isn't ... boot-polish
in this tin. 11. You have ... fine flowers in your garden. 12. Go and ask
him for ... more paper, I haven't ... in my desk. 13. Later we had ... tea.
14. He wants ... more pudding. You can take it away. 15. There are ...
matches left. We must buy ... .16. I wouldn't go to his concert. He is ...
pianist. 17. ... time ago I read his story in a magazine. 18. I don't think
there is ... milk left in the jug. 19. ... student can answer the question.
Summarize the text.
Text B
Functional Levels of Information Protection
Many different designs have been proposed and mechanisms implemented for protecting information in computer systems. One reason
for differences among protection schemes is their different functional
properties – the kinds of access control that can be expressed naturally
and enforced. It is convenient to divide protection schemes according to
their functional properties. A rough categorization is the following.
a) Unprotected systems: Some systems have no provision for preventing a determined user from having access to every piece of information stored in the system.
b) All-or-nothing systems: These are systems that provide isolation
of users, sometimes moderated by total sharing of some pieces of information. If only isolation is provided, the user of such a system might
just as well be using his own private computer, as far as protection and
sharing of information are concerned. More commonly, such systems
also have public libraries to which every user may have access. In some
cases the public library mechanism may be extended to accept user contributions, but still on the basis that all users have equal access.
c) Controlled sharing: Significantly more complex machinery is required to control explicitly who may access each data item stored in the
system. For example, such a system might provide each file with a list
of authorized users and allow an owner to distinguish several common
patterns of use, such as reading, writing, or executing the contents of
the file as a program.
d) User-programmed sharing controls: A user may want to restrict
access to a file in a way not provided in the standard facilities for con9
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
trolling sharing. For such cases, and a myriad of others, a general escape is to provide for user-defined protected objects and subsystems. A
protected subsystem is a collection of programs and data with the property that only the programs of the subsystem have direct access to the
data (that is, the protected objects). Access to those programs is limited
to calling specified entry points. Thus the programs of the subsystem
completely control the operations performed on the data.
e) Putting strings on information: The foregoing three levels have
been concerned with establishing conditions for the release of information to an executing program. The fourth level of capability is to maintain some control over the user of the information even after it has been
released. Such control is desired, for example, in releasing income information to a tax advisor; constraints should prevent him from passing
the information on to a firm which prepares mailing lists. The printed
labels on classified military information declaring a document to be
‘Top Secret’ are another example of a constraint on information after its
release to a person authorized to receive it. There is a consideration that
cuts across all levels of functional capability: the dynamics of use. This
term refers to how one establishes and changes the specification of who
may access what. At any of the levels it is relatively easy to envision
(and design) systems that statically express a particular protection intent. But the need to change access authorization dynamically and the
need for such changes to be requested by executing programs introduces much complexity into protection systems.
In many cases, it is not necessary to meet the protection needs of
the person responsible for the information stored in the computer entirely through computer-aided enforcement. External mechanisms such
as contracts, ignorance, or barbed wire fences may provide some of the
required functional capability. This discussion, however, is focused on
the internal mechanisms.
Supplementary reading.
Text C
Design Principles
Whatever the level of functionality provided, the usefulness of a set
of protection mechanisms depends upon the ability of a system to prevent security violations. Design and construction techniques that sys10
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
tematically exclude flaws are the topic of much research activity, but no
complete method applicable to the construction of large generalpurpose systems exists yet. This difficulty is related to the negative
quality of the requirement to prevent all unauthorized actions.
In the absence of such methodical techniques, experience has provided some useful principles that can guide the design and contribute to
an implementation without security flaws. Here are eight examples of
design principles that apply particularly to protection mechanisms.
a) Economy of mechanism: Keep the design as simple and small as
possible. As a result, techniques such as line-by-line inspection of software and physical examination of hardware that implements protection
mechanisms are necessary. For such techniques to be successful, a
small and simple design is essential.
b) Fail-safe defaults: Base access decisions on permission rather
than exclusion. This principle, suggested by E. Glaser in 1965, means
that the default situation is lack of access, and the protection scheme
identifies conditions under which access is permitted. It applies both to
the outward appearance of the protection mechanism and to its underlying implementation.
c) Open design: The design should not be secret. The mechanisms
should not depend on the ignorance of potential attackers, but rather on
the possession of specific, more easily protected, keys or passwords.
This decoupling of protection mechanisms from protection keys permits the mechanisms to be examined by many reviewers without concern that the review may itself compromise the safeguards. In addition,
any skeptical user may be allowed to convince himself that the system
he is about to use is adequate for his purpose.
d) Psychological acceptability: It is essential that the human interface be designed for ease of use, so that users routinely and automatically apply the protection mechanisms correctly. Also, to the extent that
the user's mental image of his protection goals matches the mechanisms
he must use, mistakes will be minimized. If he must translate his image
of his protection needs into a radically different specification language,
he will make errors.
11
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
UNIT 2
Read and translate the text.
Text А
Does Anti-Virus Software Still Matter?
Using a computer without an anti-virus program? That’s like
driving without a seatbelt – or jumping out of a plane without a
parachute, right?
As users become more knowledgeable about safe computing
practices, and as anti-virus solutions vendors ratchet up the general
level of hacker hysteria, many people are reconsidering their system
security options.
Some computer users complain about the cost of anti-virus
solutions, while others are more concerned about the technology's
impact on their machines. It's certainly no secret that anti-virus tools
place a big strain on processor and memory resources and are capable
of slowing older machines to a crawl. A growing number of computer
users are thinking about giving anti-virus software the old heave-ho.
A New Vista. Anti-virus software skeptics got a big boost last year
when Microsoft co-president Jim Allchin stated that Windows Vista's
new security features are so strong that anti-virus software is no longer
required. In fact, he boldly claimed that he would have no problem
letting his seven-year-old son use a Vista computer without any
antivirus software installed.
Allchin based his belief on Vista's formidable security arsenal. The
operating system's new anti-virus features include the User Account
Control, which defaults users to a non administrator status. Without
administrative rights, users can't accidentally (or deliberately) modify
system settings, malware can't alter system security settings or disable
anti-virus software (should it be installed), and users can't compromise
the information of other users on shared computers.
Microsoft also has made significant security improvements to Internet
Explorer, including a new Protected Mode that can reduce the impact of
malware by restricting where files can be saved without the user's consent.
Additionally, Vista can clean many worms, viruses and root kits, helping
ensure the operating system's integrity and the privacy of users' data.
Vista's Windows Defender helps protect host computers against pop-ups,
slow performance and security threats caused by spyware and other
unwanted software. Defender features Real-Time Protection, a monitoring
12
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
system that recommends actions against detected spyware, and a
streamlined interface that minimizes interruptions.
Still, Microsoft is backing away from any claim that add-on anti-virus
software isn't necessary for full system protection. In fact, the company
offers its own anti-virus service in the form of Windows Live OneCare.
The service, aimed at home users and small businesses, features an antivirus program, a firewall, a backup-and-restore utility, a tune-up utility
and integrated functionality with Windows Defender for malware
protection. Most major independent anti-virus vendors also serve the
Vista market, claiming their solutions fill gaps left open by Microsoft.
Beyond Vista. When it comes to non-Vista computers, the need for
virus protection varies in accordance with the type of system being
used. XP users, for instance, will certainly benefit from anti-virus
software, since the older operating system lacks most of Vista's built-in
safeguards. Many Linux users, on the other hand, feel perfectly safe
running their machines without any antivirus protection. It's not that
Linux features some kind of virus-proof shield; it's simply that there are
so few Linux users (at least in comparison to Windows users) that most
hackers can't be bothered to create Linux malware.
Many Macintosh users also eschew the need for anti-virus
solutions. Like their Linux counterparts, they hope that safe computing
practices, combined with their systems' low profile (when compared to
Windows), will keep their machines safe – or at least safe enough.
So does anti-virus software still matter? Well, to quote Clint
Eastwood as ‘Dirty Harry’ Callahan: ‘You've got to ask yourself a
question: Do I feel lucky?’
COMPREHENSION CHECK
1. Give the Russian equivalents to the following words and
word combinations:
to get a big boost; to place a strain; to clean worms; operating
system integrity; formidable security arsenal; spywear; pop up; to
ratchet up; to alter settings; built-in safeguards; to be bothered to do
something.
2. Are the statements true or false?
1. Vista possesses a formidable security arsenal.
2. Without administrative rights, users can't accidentally (or
deliberately) modify system settings; malware can't alter system
security settings or disable antivirus software (should it be installed).
13
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
3. Microsoft also has made few security improvements to Internet
Explorer.
4. A new Protected Mode can't reduce the impact of malware by
restricting where files can be saved without the user's consent.
5. Defender features Real-Time Protection, a monitoring system
that recommends actions against detected spyware, and a streamlined
interface that minimizes interruptions.
6. When it comes to non-Vista computers, the need for virus
protection is immense.
7. Many Linux users feel perfectly safe running their machines with
very strong anti-virus protection.
8. Many Macintosh users also feel the need for anti-virus solutions.
9. XP users certainly benefit from anti-virus software.
10. Windows Live OneCare aimed at home users and small
businesses, features an anti-virus program, a firewall, a backup-andrestore utility, a tune-up utility and integrated functionality with
Windows Defender for malware protection.
3. Answer the questions to the text.
1. How dangerous is it to use a computer without an anti-virus
program?
2. Why are many people reconsidering their system security
options?
3. What does Vista security arsenal include?
4. What is User Account Control designed for?
5. What can Protected Mode do?
6. What are the functions of Vista Windows Defender?
7. What does Windows Live One Care feature?
8. What are non-Vista systems?
4. Discuss the security features of Vista and non-Vista systems.
GRAMMAR REVISION
1. Use the required form of the adjective in the following sentences.
1. He was the (amusing) lad you ever met. 2. He's a far (intelligent)
person than my brother. 3. She was the (practical) of the family. 4.
When they told me I was cured and could go, I can tell you I was
(afraid) than glad. 5. I wanted to ask you both what you thought of my
(late) films if you saw them. 6. He is (talkative) than his sister. He
14
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
won't tire you so much. 7. He turned out to be (angry) than I had expected. 8. Today I'm no (wise) than yesterday. 9. This wine is the
(good) I ever tasted. 10. Jack is the (clever) of the three brothers. 11. I
don't think it matters in the (little) which seat I choose. 12. He felt (bad)
yesterday than the day before. 13. The (near) house is three miles away.
14. Of the two evils let us choose the (little). 15. He was the (late) man
to come. 16. She waited until her silence became the (noticeable) thing
in the room. 17. The (near) item on the program is a piano sonata.
18. He is the (tall) of the two. 19. She is (amusing) in a small company.
20. Uncle Nick was the (old) son of the family.
2. Translate the following into English.
1. Чем меньше ты будешь говорить, тем лучше. 2. К сожалению, я не смог прийти так рано, как обещал. 3.Чем больше человек
имеет, тем больше ему хочется. 4. Я не так молод, как вы. 5. Погода меняется к лучшему. 6. Окно узкое, как дверь. 7. Как пройти к
ближайшей почте? 8. Чем скорее ты сделаешь это, тем лучше. 9.
Он становился все слабее и слабее. 10. Я не могу бегать так же
быстро, как ты.
3. Change the active form into the passive one.
1. They gave up the search after three hours. 2. They ought to have
pointed that out to me at the very beginning. 3. No one brought up that
question at the meeting. 4. Somebody should look into the matter. 5. It
was clear that toe parents had brought toe child up well. 6. We had to
put off our visit until later. 7. I was shocked to hear that someone had
broken into your house. 8. Don't speak until someone speaks to you. 9.
His bank manager turned down his request for a loan. 10. You must
account for every penny you spent. 11. Someone hasn't stuck this toe
stamp on very firmly. 12. Events will bear out the truth of what I'm saying. 13. An official held us up at the Customs for half an hour. 14. How
can we bring about to the desired result? 15. He hates people making
fun of him.
4. Complete the sentences using the Passive Voice.
1. The new washing machines (turn out) at thе rate of fifty a day.
2. When her husband died, she naturally assumed that she (provide for).
3. We've had to move into a hotel while (lie house we've just bought
(do up). 4. The employee was assured of his (take on) again as soon as
work was available. 5. Richard always (tell off) for careless mistakes
15
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
nowadays. 6. The agreement had to (draw up) in the presence of two
witnesses. 7. Some Heads of Government now fear that negotiations
(break off) before a settlement is reached. 8. The chairman of thе board
of directors assured shareholder that the matter of the deficiency (look
into) by the time the next meeting was held. 9. He felt he (let down)
badly by his best friend. 10. The search party had little idea where to
start looking the climber's tracks (blot out) by a recent snowstorm.
5. Use the Passive Voice in the following sentences.
1. (Everyone) knows this fact very well. 2. (They) opened the theatre only last month. 3. (People) will soon forget it. 4. (You) must write
the answers in ink. 5. (Someone) has taken two of my books. 6. (We)
have already filled the vacancy. 7. What should (one) do in such case?
8. Did (they) say anything interesting? 9. Did (no one) ever make the
situation clear to you? 10. (One) should keep milk in a refrigerator.
11. I don't think (anyone) can do it. 12. (You) must finish the work by
7. 13. (They) are now manufacturing this type of computer in many
countries. 14. (No one) could possibly have known the secret.
Summarize the text.
Text B
Anti-virus Defense Development
Initially, developing anti-virus software programs was not difficult.
In the late 80s and early 90s, many individuals were able to create some
sort of antivirus program against a particular form of a computer virus.
Frederick Cohen proved that antivirus programs cannot solve the
computer virus problem because there is no way to create a single program that can detect all future computer viruses in finite time. Regardless of this proven fact, anti-virus programs have been quite successful
in dealing with the problem for a while. At the same time, other solutions have been researched and developed, but computer antivirus programs are still the most widely used defenses against computer viruses
at present, regardless of their many drawbacks, including the inability
to contend with and solve the aforementioned problem.
Perhaps under the delusion that they are experts on computer viruses, some security analysts state that any sort of anti-virus program is
useless if it cannot find all the new viruses. However, the reality is that
without anti-virus programs, the Internet would be brought to a standstill because of the traffic undetected computer viruses would generate.
16
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
Often we do not completely understand how to protect ourselves
against viruses, but neither do we know how to reduce the risk of becoming infected by them by adopting proper hygiene habits. Unfortunately, negligence is one of the biggest contributors to the spread of
computer viruses. The sociological aspects of computer security appear
to be more relevant than technology. Carelessly neglecting the most
minimal level of computer maintenance, network security configuration, and failing to clean an infected computer opens up a Pandora's box
that allows more problems to spread to other computers.
In the early phases of virus detection and removal, computer viruses
were easily managed because very few viruses existed (there were
fewer than 100 known strains in 1990). Computer virus researchers
could spend weeks analyzing a single virus alone. To make life even
easier, computer viruses spread slowly, compared to the rapid proliferation of today's viruses. For example, many successful boot viruses were
512 bytes long (the size of the boot sector on the IBM PC), and they
often took a year or longer to travel from one country to another. Consider this: The spread time at which a computer virus traveled in the
past compared to today's virus spread time is analogous to comparing
the speed of message transfer in ancient times, when messengers
walked or ran from city to city to deliver parcels, with today's instant
message transfer, via e-mail, with or without attachments.
Finding a virus in the boot sector was easy for those who knew what a
boot sector was; writing a program to recognize the infection was tricky.
Manually disinfecting an infected system was a true challenge in and of
itself, so creating a program that automatically removed viruses from
computers was considered a tremendous achievement. Currently, the development of anti-virus and security defense systems is deemed an art
form, which lends itself to cultivating and developing a plethora of useful
skills. However, natural curiosity, dedication, hard work, and the continuous desire to learn often supersede mere hobbyist curiosity and are thus
essential to becoming a master of this artistic and creative vocation.
Supplementary reading.
Text C
Software for Detecting and Removing Viruses
Virus protection (or antivirus) software are applications that can determine when a system has been infected with a virus. Typically, such
software runs in the back-ground and scans files whenever they are
downloaded from the Internet, received as attachments to e-mail, or
17
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
modified by another application running on the system. Most virus protection software employs one of the following methods:
 Signature-based detection: This is the traditional approach and
searches for ‘signatures’, or known portions of code of viruses that
have been detected and cataloged in the wild. Signature-based products
are fast and reliable in detecting previously known viruses but generally
cannot detect new viruses until the vendor has updated its signature
database with information about the new virus and users have
downloaded the updated signature files to their systems.
 Behavior-blocking detection: This is a newer approach borrowed from intrusion detection system (IDS) technologies and uses
policies to define which kinds of system behaviors might indicate the
presence of a virus infection. Should an action occur that violates such
a policy, such as code trying to access the address book to mass mail
itself through e-mail, the software steps in and prevents this from happening and can also isolate the suspect code in a ‘sandbox’ until the
administrator decides what to do with it. The advantage of behaviorblocking detection is that it can detect new viruses for which no signatures are known. The disadvantage is that, like IDSs, such detection
systems can generate false positives if the detection threshold is set too
low or can miss real infections if it is set too high. A few newer virus
protection products include behavior-blocking technology, but most
still operate using signature databases.
UNIT 3
Read and translate the text.
Text A
Authentication Mechanisms
The mechanics of this authentication mechanism differ from those
of the protection mechanisms for implementing virtual machines
mainly because not all of the components of the system are under uniform physical control. In particular, the user himself and the communication system connecting his terminal to the computer are components
to be viewed with suspicion. Conversely, the user needs to verify that
he is in communication with the expected computer system and the intended virtual machine. Such systems follow our abstract model of a
guard who demands a match between something he knows and some18
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
thing the requester possesses. The objects being protected by the authentication mechanism are the virtual machines. In this case, however,
the requester is a computer system user rather than an executing program, and because of the lack of physical control over the user and the
communication system, the security of the computer system must depend on either the secrecy or the unforgeability of the user's identification.
In time-sharing systems, the most common scheme depends on secrecy. The user begins by typing the name of the person he claims to
be, and then the system demands that the user type a password, presumably known only to that person. There are, of course, many possible
elaborations and embe-llishments of this basic strategy. In cases where
the typing of the password may be observed, passwords may be good
for only one use, and the user carries a list of passwords, crossing each
one off the list as he uses it. Passwords may have an expiration date, or
usage count, to limit the length of usefulness of a compromised one.
The list of acceptable passwords is a piece of information that must
be carefully guarded by the system. In some systems, all passwords are
passed through a hard-to-invert transformation before being stored, an
idea suggested by R. Needham. When the user types his password, the
system transforms it also and compares the transformed versions. Since
the transform is supposed to be hard to invert (even if the transform
itself is well known), if the stored version of a password is compromised, it may be very difficult to determine what original password is
involved. It should be noted, however, that ‘hardness of inversion’ is
difficult to measure. The attacker of such a system does not need to discern the general inversion, only the particular one applying to some
transformed password he has available.
Passwords as a general technique have some notorious defects. The
most often mentioned defect lies in choice of password – if a person
chooses his own password, he may choose something easily guessed by
someone else who knows his habits. In one recent study of some 300
self-chosen passwords on a typical time-sharing system, more than 50
percent were found to be short enough to guess by exhaustion, derived
from the owner's name, or something closely associated with the owner,
such as his telephone number or birth date. For this reason, some systems have programs that generate random sequences of letters for use
as passwords. They may even require that all passwords be systemgenerated and changed frequently. On the other hand, frequently
changed random sequences of letters are hard to memorize, so such systems tend to cause users to make written copies of their passwords, in19
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
viting compromise. One solution to this problem is to provide a generator of ‘pronounceable’ random passwords based on digraph or higher
order frequency statistics to make memorization easier.
A second significant defect is that the password must be exposed to
be used. In systems where the terminal is distant from the computer, the
password must be sent through some communication system, during
which passage a wiretapper may be able to intercept it.
An alternative approach to secrecy is unforgeability. The user is
given a key, or magnetically striped plastic card, or some other unique
and relatively difficult-to-fabricate object. The terminal has an input
device that examines the object and transmits its unique identifying
code to the computer system, which treats the code as a password that
need not be kept secret. Proposals have been made for fingerprint readers and dynamic signature readers in order to increase the effort required for forgery.
The primary weakness of such schemes is that the hard-to-fabricate
object, after being examined by the specialized input device, is reduced
to a stream of bits to be transmitted to the computer. Unless the terminal, its object reader, and its communication lines to the computer are
physically secured against tampering, it is relatively easy for an intruder
to modify the terminal to transmit any sequence of bits he chooses. It
may be necessary to make the acceptable bit sequences a secret after
all. On the other hand, the scheme is convenient, resists casual misuse,
and provides a conventional form of accountability through the physical
objects used as keys.
Suppose that a remote terminal is equipped with enciphering circuitry, such as the LUCIFER system, that scrambles all signals from
that terminal. Such devices normally are designed so that the exact encipherment is determined by the value of a key, known as the encryption or transformation key. For example, the transformation key may
consist of a sequence of 1000 binary digits read from a magnetically
striped plastic card. In order that a recipient of such an enciphered signal may comprehend it, he must have a deciphering circuit primed with
an exact copy of the transformation key, or else he must cryptanalyze
the scrambled stream to try to discover the key. The strategy of encipherment/decipherment is usually invoked for the purpose of providing
communications security on an otherwise unprotected communications
system. However, it can simultaneously be used for authentication.
20
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
COMREHENTION CHECK
1. Give the Russian equivalents to the following words and
word combinations:
to verify; rather than; unforgeability; possible elaborations and embellishments; to discern the general inversion; notorious defects; an
expiration date; usage count; by exhaustion; random sequences of; a
wiretapper; forgery; against tampering; to resist casual misuse; to
scramble all signals; magnetically striped plastic card; a recipient;
primed with; to be invoked for the purpose of.
2. Are the statements true or false?
1. The mechanics of the authentication mechanism are under uniform physical control.
2. The objects being protected by the authentication mechanism are
the computer systems.
3. The security of the computer system depends on the unforgeability of the user's identification.
4. Passwords as a general technique do not have any notorious defects.
5. One can easily guess the random sequence of letters.
6. Some systems have programs that generate invariable sequences
of letters for use as passwords.
7. In systems where the terminal is distant from the computer, the
password must be exposed to be used.
8. The computer system treats the code as a password that need not
be kept secret.
9. The scheme is inconvenient, resists casual use, and provides a
unconventional form of accountability through the physical objects
used as keys.
10. The strategy of encipherment/decipherment is usually invoked
for the purpose of providing communications security.
3. Answer the questions to the text.
1. How does authentication mechanism differ from the protection
one?
2. What are the objects being protected by the authentication
mechanism?
3. What are the possible elaborations and embellishments of this
basic strategy?
4. What are the conventional techniques while choosing password?
5. What are the most significant defects of it?
21
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
6. What is the alternative approach to secrecy?
7. What are the weaknesses of such schemes?
8. What are the main features of the LUCIFER system?
9. Why can the strategy of encipherment/decipherment simultaneously be used for authentication?
GRAMMAR REVISION
1. Fill in the blanks with modal verbs.
A. ‘Granddad says he'll be glad when you get out of the house’, the
little girl said after she had been sitting still for nearly a minute.
‘Does he?’ said Ted.
‘Yes. He says he ... (not) trust you round the corner’.
‘Oh?’
‘What ... you do round the corner?’
‘I ... do a lot of things’.
‘What sort of things?’
‘All sorts of things’.
The girl occupied herself for a short time with her own thoughts.
Then she said: ‘Mummy says you're a cheat. What is a cheat?’
‘I don't know’, said Ted rather bitterly.
‘But ... you be a cheat if you don't know what it is? ’
‘I ... (not), of course. I am not one’.
‘Is Granddad a cheat?’
‘I shouldn't be surprised’.
‘... I ask him if he is a cheat?’
‘I don't think you ... ’.
‘Why not?’
‘He ... (not) like it’.
‘Why not?’
‘I don't know’, said Ted. ‘I don't really know anything about cheats,
Ann. And I think you ... have made a mistake about the word altogether’.
B. ‘The house is absolutely full of gas. Whatever have you been doing?’ I asked the maid, entering her bedroom.
‘I have done nothing’, she said, weakly.
‘Oh, then, who was it?’ I said, trying to open the windows. ‘You ...
have been dead. I ... (not) think what you ... have been doing. The gas
oven was on. I suppose it ... have been Flora. Was she playing in the
kitchen’?
22
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
‘Yes. She ... have done it. What a naughty girl, trying to kill us all.’
‘Do you mean,’ I said, ‘that you didn't even notice? That since
seven o'clock you haven't noticed a thing?’
‘I did not notice anything, no’.
‘You … be an idiot’, I said. ‘What if I had stayed out all night,
you'd probably all have been dead by the morning’.
2. Supply the necessary modal verbs for the following sentences,
noticing carefully the Russian equivalents given in brackets:
1. He ... not and ... not believe her (не мог, не хотел). 2. Не sat,
thinking unhappily of his talk with Jimmy. He wondered if he ... have
stayed with him. He felt he ... have said something at least, to warn
Jimmy against Smith. But what ... he have said? And Jimmy ... not have
listened (надо было бы, следовало бы, мог бы, не стал бы). 3. ‘By
the way,’ I asked, ‘what's Bill doing now’? ‘How in the world ... I
know?’ Arthur looked pained. ‘I thought he ... have been bothering you
for money’ (откуда мне знать, может быть). 4. Не came out of the
water, smiling. ‘You ... have come earlier’, he said. ‘We ... have swum
together. The water is great’ (зря не пришел, могли бы). 5. ‘Last
night, you know, Hugh suddenly began to speak to me about what my
future was going to be like’. ‘What ... it have meant?’ ‘How ... I know?’
(и что это могло значить, откуда мне знать). 6. There was an old apple tree beside the path. I said, ‘I bet I ... climb that’. ‘No, you ... not’,
said Jack (могу, не надо). 7. ‘Well, then, ... you hold the line while I
find the letter?’ ‘I ... not, I'm in a telephone box’. ‘Then ... I ring you
back?’ ‘I'm not on the telephone’. ‘Then I think perhaps you ... ring me
back in half an hour. By then I ... have some idea what this is all about’.
(можешь ли, не могу, можно мне, тебе лучше, может быть). 8. Не
knows he ... read classics. He ... change to something else (нет нужды,
мог бы). 9. ‘Monday will be my last day in London’, Hudson said.
‘I......stay down here fairly late’. (может быть придется). 10. In any
case, I ... not hang about outside indefinitely while the sisters finished
their quarrel. They ... continue for hours (не мог же, может быть).
11. It's too bad she ... not have a drink with us. We ... have learned a
great deal about the theatre tonight (не могла, могли бы). 12. If you
help me now I......help you later (может быть смогу). 13. ‘I shall wait
to hear what Lily has to say about it’. ‘You......wait a long time’ (может
быть, придется). 14. I think you ... certainly have told us the truth, and
we ... have decided what was the best thing to do (следовало бы, могли бы). 15. If your mother calls, tell her I......be a little late (возможно
придется). 16. On Saturday Charles broke the news to his father. Mr.
23
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
March began to grumble: ‘You ... have chosen a more suitable time to
tell me. You ... have known that hearing this would put me out of step
for the day’ (следовало бы, мог бы).
3. Put the verbs in brackets into the correct tenses. Conditional
sentences: type 2.
1. If I had a typewriter I (type) it myself. 2. If I (know) his address
I'd give it to you. 3. He (look) a lot better if he shaved more often. 4. If
he worked more slowly he (not make) so many mistakes. 5. More tourists would come to this country if it (have) a better climate. 6. If someone (give) you a helicopter what would you do with it? 7. If he (clean)
his windscreen he'd be able to see where he was going. 8. If he knew
that it was dangerous he (not come). 9. The whole machine would fall
to pieces if you (remove) that screw. 10. I'd go and see him more often
if he (live) on a bus route.
4. Put the verbs in brackets into the correct tenses. Conditional
sentences: type 3.
1. If I had known that you were in hospital I (visit) you. 2. If you
(arrive) ten minutes earlier you would have got a seat. 3. I shouldn't
have believed it if I (not see) it with my own eyes.4. If he had asked
you, you (accept)? 5. If I (had) a map I would have been all right. 6. I
(offer) to help him if I had realized that he was ill. 7. If I had realized
that the traffic lights were red I (stop). 8. But for the fog we (reach) our
destination ages ago. 9. If he had known that the river was dangerous he
(not try) to swim across it. 10. If you (speak) more slowly he might
have understood you. 11. If he had known the whole story he (not be)
so angry. 12. If you (look) at the engine for a moment you would have
seen what was missing.
5. Translate the sentences.
A. 1. Если бы я знал французский, я бы помог вам. 2. Если бы
он был более пунктуален, с ним было бы легче иметь дело. 3. Если
бы он получил ваше письмо, он бы приехал раньше. 4. Если бы вы
не вмешались, они, возможно, спорили бы долго. 5. Если бы он был
более опытен, он не сделал бы такой ошибки. 6. Если бы вы позвонили
ему вчера, сейчас бы вы не волновались.
7. Жаль, что Оскара там не было. Он бы рассказал им много интересных историй.
В. 1. Если бы я знал м-ра Робертсона, я бы поговорил с ним.
2. Если бы Ричард был здесь, он дал бы вам другой совет. 3. Если бы
24
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
я знал, что Смиты были тогда в Париже, я бы зашел к ним. 4. Если
бы старик не купил галерею, его картина не получила бы премию.
5. Если бы у него было чувство юмора, он бы не рассердился. 6. Если
бы вы извинились перед ним тогда, он бы на вас сейчас не сердился.
7. Почему бы вам не принять участие в завтрашнем соревновании?
Вы могли бы получить приз.
Summarize the text.
Text B
Substitution Сiphers
A substitution cipher is one in which the units of the plaintext (usually letters or numbers) are replaced with other symbols or groups of symbols. The actual order of the units of the plaintext is not changed. The simplest substitution cipher is one where the alphabet of the cipher is merely a
shift of the plaintext alphabet, for example, A might be encrypted as В, С
as D and so forth. Of this type of cipher, the most well-known is Caesar
cipher, used by Julius Caesar in which A becomes D etc. It is easy to guess
that cyclical-shift substitution ciphers of this sort are not at all secure because individual letter frequencies are left completely intact.
Product ciphers. In the days of manual cryptography i. e. without the
aid of the computer product ciphers were a useful device for the cryptographer and double transposition ciphers on keyword-based matrices were,
in fact, widely used. There was also some use of a particular class of product ciphers called fractionation systems. In a fractionation system a substitution is first made from symbols in the plaintext to multiple symbols (usually pairs, in which case the cipher is called bilateral cipher) in the ciphertext, which is then superencrypted by a transposition.
Block ciphers. Generally, ciphers transform pieces of the plaintext
of a fixed size into ciphertext. In older, manual systems, these pieces
were usually single letters or characters (or sometimes, as in the Playfair cipher, digraphs), since these were the largest units that could be
easily encrypted or decrypted by hand. Although systems which operated on sets of three characters and other, larger groups of numbers
were proposed and understood to potentially be more secure they were
implemented because of the extra difficulty in the manual encryption or
decryption process. In modern, single key cryptography however, the
units of information can be much larger.
A block cipher is a type of symmetric-key encryption algorithm that
changes a fixed-length block of the plain text into the same length of
cipher text. The encryption works by means of a key. Decryption is a
simply the reverse of the encryption process using the same secret key.
25
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
The fixed length is called the block size and for modern block ciphers is
usually 64 bits. As processors become more sophisticated, however, it
is likely that this ‘block’ size will increase to 128 bits.
Stream ciphers. A stream cipher also breaks the plaintext into units,
this time it is normally a single character. It then encrypts the n* unit of
the plaintext with the в* unit of the key stream. Stream ciphers can be
designed to be exceptionally fast, much faster than any block cipher.
While the encryption of any particular plaintext with a block cipher will
result in the same ciphertext when the same key is used. With a stream
cipher, the transformation of the smaller plaintext units will vary, depending on when they are encountered during the encryption process.
A stream cipher generates what is known as a keystream – a sequence of bits, which is used as a key. The encryption process involves
combining the keystream with the plaintext. The keystream can be generated in two ways.
1. Independent of the plaintext and ciphertext (this yields what is
known as a synchronous stream cipher).
2. Depending on the data and its encryption (in which case the
stream cipher is said to be self-synchronising).
In a chosen plaintext attack the cryptanalyst has the capability to
find the ciphertext corresponding to an arbitrary plaintext message of
his or her own choosing. The likelihood of this type of attack being
possible is not much. Codes which can survive this attack are considered to be very secure.
In a chosen ciphertext attack the cryptanalyst can choose an arbitrary
cipher-text and find the corresponding decrypted plaintext. This attack can
be used in public key systems, where it may reveal the private key.
In an adaptive chosen plaintext attack the cryptoanalyst can determine the ciphertext of chosen plaintexts in an iterative process based on
previous results. This is the general name for a method of attacking
product ciphers called ‘differential cryptoanalysis’.
Read the text and speak about the types of cryptoanalysis.
Text C
Types of cryptoanalysis
There are several distinct types of cryptoanalytic attack. The type
used depends on the type of cipher and how much information the cryptoanalyst has.
Types of cryptoanalytic attacks. A standard cryptoanalytic is to determine the key which maps a known plaintext to a known ciphertext.
26
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
This plaintext can be known because it is standard or because it is
guessed. If the plaintext segment is guessed it is unlikely that its exact
position is known however a message is generally short enough for a
cryptoanalyst to try all possible positions in parallel. In some systems a
known cipher-text-plaintext pair will compromise the entire system
however a strong encryption algorithm will be unbreakable under this
type of attack.
A brute force attack requires a large amount of computing power
and a large amount of time to run. It consists of trying all possibilities
in a logical manner until the correct one is found. For the majority of
the encryption algorithms a brute force attack is impractical due to the
large number of possibilities.
Another type of brute force attack is a dictionary attack. This essentially involves running through a dictionary of words in the hope that the
key (or the plaintext) is one of them. This type of attack is often used to
determine passwords since people usually use easy to remember words.
In a ciphertext only attack the cryptanalyst has only the encoded message from which to determine the plaintext, with no knowledge whatsoever of the actual message. A ciphertext only attack is presumed to be
possible, if not easy. In fact, an encryption techniques resistance to a ciphertext only attack is considered the basis for its cryptographic security.
Supplementary reading.
Text D
Public Key Criptography
Since the invention of public key cryptography in 1976 by Whitfield Diffie and Martin Hellman, numerous public-key cryptographic
systems have been proposed. All of these systems rely on the difficulty
of a mathematical problem for the security.
Before cryptographic systems and the corresponding mathematical
problems can be discussed, the difficulty of a problem must be defined.
What does it mean for a mathematical problem to be difficult? To explain this concept, the notion of an algorithm is required. An algorithm
is a process which describes the steps to take to solve a problem. For
example, in high school everyone is taught an algorithm for adding two
numbers – simply a sequence of steps which takes as input two numbers a and b, to be added, and outputs their sum a + b. Now mathematical problem is difficult if the fastest algorithm to solve the problem
takes a long time relative to the input size.
To analyze how long an algorithm takes, computer scientists introduced the idea of polynomial time algorithms and exponential time algo27
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
rithms. Roughly speaking, an algorithm runs quickly relative to the size of
its input if it is a polynomial time algorithm, and slowly if it is an exponential time algorithm. Therefore, easy problems equate with polynomial time
algorithms, and difficult problems equate with exponential time algorithms.
It is important to notice the words ‘relative to the input size’ in the
definition of polynomial time and exponential time algorithms. All problems are straightforward to solve if the input size is very small, but we are
interested in how much harder a problem gets as the size of the input
grows. For example, adding 2 and 12 to get 14 is straightforward, as is
factoring 15 as 3 × 5.
However, addition is an example of an easy problem, because there is
an algorithm to add numbers which runs in polynomial time, meaning that
it would not take very long to add two enormous numbers. On the other
hand, factoring is a hard problem because, in general, factoring i\ large
number takes a very long lime. Thus, when looking for a mathematical
problem on which to base a public-key cryptographic system, cryptographers are searching for a problem for which the fastest algorithm takes
exponential time. In broad terms, the longer it takes to compute the best
algorithm for a problem, the more secure a public-key cryptosystem based
on that problem will be.
The use of public-key cryptography is quite simple. Suppose Alice
wants to communicate with Bob. Rather than Bob and Alice sharing a
single secret key (as the case of symmetric key systems), Bob (the recipient of Alice's messages) instead has two keys – a public key that is available to everyone in the world (including Trudy the intruder!) and a private
key that is known only to Bob. In order to communicate with Bob, Alice
first fetches Bob's public key. Alice then encrypts her message to Bob
using Bob's public key and a known (e.g., standardized) encryption algorithm. Bob receives Alice's encrypted message and uses his private key
and a known (e.g., standardized) decryption algorithm to decrypt Alice's
message. In this manner, Alice can send a secret message to Bob without
either of them having to have to distribute any secret keys!
28
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
GLOSSARY
The following glossary provides, for reference, brief definitions for
several terms as used in this paper in the context of protecting information in computers.
Access
The ability to make use of information stored in a computer system.
Used frequently as a verb, to the horror of grammarians.
Access control list
A list of principals that are authorized to have access to some object.
Authenticate
To verify the identity of a person (or other agent external to the protection system) making a request.
Authorize
To grant a principal access to certain information.
Capability
In a computer system, an unforgeable ticket, which when presented
can be taken as incontestable proof that the presenter is authorized
to have access to the object named in the ticket.
Certify
To check the accuracy, correctness, and completeness of a security
or protection mechanism.
Complete isolation
A protection system that separates principals into compartments between which no flow of information or control is possible.
Confinement
Allowing a borrowed program to have access to data, while ensuring that the program cannot release the information.
29
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
Descriptor
A protected value which is (or leads to) the physical address of
some protected object.
Discretionary
(In contrast with nondiscretionary.) Controls on access to an object
that may be changed by the creator of the object.
Domain
The set of objects that currently may be directly accessed by a principal.
Encipherment
The (usually) reversible scrambling of data according to a secret
transformation key, so as to make it safe for transmission or storage
in a physically unprotected environment.
Grant
To authorize (q. v.).
Hierarchical control
Referring to ability to change authorization, a scheme in which the
record of each authorization is controlled by another authorization,
resulting in a hierarchical tree of authorizations.
List-oriented
Used to describe a protection system in which each protected object
has a list of authorized principals.
Password
A secret character string used to authenticate the claimed identity of
an individual.
Permission
A particular form of allowed access, e.g., permission to READ as
contrasted with permission to WRITE.
Prescript
A rule that must be followed before access to an object is permitted,
thereby introducing an opportunity for human judgment about the
need for access, so that abuse of the access is discouraged.
Principal
The entity in a computer system to which authorizations are
granted; thus the unit of accountability in a computer system.
30
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
Privacy
The ability of an individual (or organization) to decide whether,
when, and to whom personal (or organizational) information is released.
Propagation
When a principal, having been authorized access to some object, in
turn authorizes access to another principal.
31
Copyright ОАО «ЦКБ «БИБКОМ» & ООО «Aгентство Kнига-Cервис»
ЛИТЕРАТУРА
Арбекова Е.И. Я хочу и буду знать английский. М.: Телер, 1993.
Krylova I.P. An English Practice Book. М.: Высш. шк., 1978.
A Practical English Grammar. M.: Высш. шк., 1978.
Сальная Л.К. Английский язык для специалистов в области информационной безопасности. М.: Гелиос-АРВ, 2008.
Saltzer J.Н, Schroeder M.D. The Protection of Information in Computer
Systems. University of Virginia, Fall, 2000.
CONTENTS
Предисловие ...............................................................................................
Unit 1 .............................................................................................................
Unit 2 .............................................................................................................
Unit 3 .............................................................................................................
Glossary .........................................................................................................
Литература....................................................................................................
32
3
4
12
18
29
32
1/--страниц
Пожаловаться на содержимое документа