Skzy - what is it? means of cryptographic information protection. Means of cryptographic information protection: types and applications Why cryptographic information protection is needed

Means of cryptographic information protection (CIPF)

"...Cryptographic information protection tool (CIPF) - certified in the manner prescribed by law Russian Federation, hardware and (or) software that provide encryption, integrity control and the use of digital signatures when exchanging electronic documents;..."

Source:

"Methodological recommendations for providing organizations engaged in the production and (or) circulation (except for import and retail sale) of ethyl alcohol, alcoholic and alcohol-containing products on the territory of the Russian Federation, software unified state automated information system for recording the volume of production and turnover of ethyl alcohol, alcohol and alcohol-containing products and their installation in technical means for recording and transmitting information on the volume of production and turnover of ethyl alcohol, alcohol and alcohol-containing products to a unified state automated information system accounting for the volume of production and turnover of ethyl alcohol, alcoholic and alcohol-containing products" (approved by Rosalkogolregulirovanie)

"...Cryptographic information protection tools (CIPF) are a set of software and hardware that implement cryptographic transformations with source information and the function of generating and verifying an electronic digital signature..."

Source:

Board of the Pension Fund of the Russian Federation dated January 26, 2001 N 15 "On the introduction of cryptographic information protection and electronic digital signature in the system of the Pension Fund of the Russian Federation" (together with the "Regulations for registration and connection of legal and individuals to the electronic document management system of the Pension Fund of the Russian Federation")

Official terminology. Akademik.ru. 2012.

See what “Cryptographic information protection tools (CIPF)” are in other dictionaries:

CIPF- means of cryptographic information protection CIPF means of monitoring information security Source: http://pcweek.ru/?ID=476136 … Dictionary of abbreviations and abbreviations

Guiding document. Protection against unauthorized access to information. Terms and Definitions- Terminology Guidance document. Protection against unauthorized access to information. Terms and definitions: 29. Security administrator Access subject responsible for security automated system from unauthorized access to... ... Dictionary-reference book of terms of normative and technical documentation

EToken- smart card and USB key eToken PRO, eToken NG FLASH, eToken NG OTP, eToken PRO (Java) and eToken PASS eToken (from English electronic and English token sign, token) trademark for a line of personal products... ... Wikipedia

OPTIMA-WorkFlow- This article or section contains a list of sources or external references, but the sources of individual statements remain unclear due to the lack of footnotes. You can improve the article by making more precise references to sources... Wikipedia - Hardware encryption is an encryption process performed using specialized computing devices. Contents 1 Introduction 2 Advantages and disadvantages of hardware encryption ... Wikipedia

Cryptographic information protection tools are used to protect personal or secret information transmitted over communication lines. To maintain the confidentiality of data, it is recommended to undergo authorization, authenticate the parties using the TLS, IPSec protocols, and ensure the security of the electronic signature and the communication channel itself.

ISBC offers effective branded solutions regarding the use of secure storage facilities for important information, electronic signature, access protection when using control systems. The largest companies cooperate with us state organizations, including the Federal Tax Service of Russia, leading manufacturers of cryptographic information security tools and developers software, certification centers operating in different regions of Russia.

CIPF: types, application

When using CIPF, the following methods are used:

1. Authorization of data, ensuring cryptographic protection of their legal significance during transmission and storage. For this purpose, algorithms are used to generate an electronic key and verify it in accordance with the specified regulations.
2. Cryptographic protection of personal or secret information, control over its integrity. Application of asymmetric encryption, imitation protection (elimination of the possibility of data substitution).
3. Cryptographic protection of application and system software. Ensuring control over unauthorized changes and incorrect operation.
4. Management of the main elements of the system in accordance with established regulations.
5. Authentication of parties that exchange data.
6. Cryptographic protection of information transmission using the TLS protocol.
7. Using cryptographic protection for IP connections using ESP, IKE, AH.

A full description of the use of cryptographic information protection means is contained in relevant documents.

CIPF solutions

In the process of ensuring information security, CIPF uses the following methods:

1. Authentication in applications is carried out thanks to the Blitz Identity Provider. The authentication server allows, using a single account, manage connected resources of any type (Native, Web, Desktop applications), provides strict authentication of users using a token, smart card.
2. At the moment of establishing communication, identification of the parties is ensured thanks to an electronic signature. Inter-PRO provides HTTP traffic protection, the ability to edit, and control digital signatures online.
3. Cryptographic protection tools used for the confidentiality of digital document flow also use an electronic signature. To work with an electronic key in a web application format, the Blitz Smart Card Plugin is used.
4. The use of cryptographic security means eliminates the introduction of embedded devices and malware, as well as system modification.

CIPF classification

Tools used for cryptographic protection open information in different systems, ensuring confidentiality in open networks, aimed at protecting data integrity. It is important that the use of such tools for storing state secrets is prohibited by law, but is quite suitable for ensuring the safety of personal information.

The means used for cryptographic information protection are classified depending on the probable threat and an assessment of the likely method of hacking the system. They depend on the presence of undocumented capabilities or non-compliance with the stated characteristics, which may contain:

1. system software;
2. application software;
3. other disadvantages of the storage medium.

Software protection is represented by a set of solutions designed to encrypt messages located on various storage media. Such storage media can be memory cards, flash drives or hard disks. The simplest of them can be found in the public domain. Software cryptographic protection includes virtual networks, designed for exchanging messages running “on top of the Internet”, for example, VPN, extensions that have the HTTP protocol, supporting extensions for HTTPS, SSL encryption. The protocols used to exchange information are used to create Internet applications in IP telephony.

Software cryptographic protection is convenient to use on home computers, for surfing the Internet, and in other areas where high demands are not placed on the functionality and reliability of the system. Or, as when using the Internet, you need to create a large number of different secure connections.

Hardware cryptographic protection systems

Hardware cryptographic protection means are physical devices associated with a data transmission system that provide encryption, recording, and transmission of information. The devices may be personal devices or look like:

• USB encryptors, flash drives.

Using these devices you can build perfectly secure computer networks.

Hardware cryptographic protection tools are easy to install and provide high speed response. The information necessary to provide a high level of cryptographic protection is located in the device memory. It can be read contact or non-contact.

When using CIPF produced under the ESMART brand, you will receive effective technologies that provide effective cryptographic protection online or offline, user authentication using tokens, smart cards or biometric data. Combination of hardware methods with software solutions allows you to get the most high level protection with little time and effort in the process of information exchange.

An important feature of the ESMART® cryptographic protection product line is the presence of a one-of-a-kind product - based on the domestic MIK 51 chip from Mikron PJSC, with which you can effectively solve many problems related to security and data protection. It is a CIPF with hardware support for Russian GOST cryptographic algorithms based on a domestic chip.

CIPF ESMART® Token GOST is issued in the form of smart cards and tokens. The development of the ESMART company is certified by the FSB of Russia in classes KS1/KS2/KS3. Certificate No. SF/124-3668 certifies that the CIPF ESMART Token GOST complies with the requirements of the FSB of Russia for encryption (cryptographic) means of class KS1/KS2/KS3, the requirements for electronic signature means approved by FSB Order No. 796 and can be used for cryptographic information protection , not containing information constituting a state secret. Notice ABPN.1-2018 allows the use of GOST R 34.10-2001 in the ESMART Token GOST CIPF during the validity period of the certificate due to the postponement of the transition to GOST R 34.10-2012 until January 1, 2020. Also, ESMART® Token GOST can be used to generate keys, generate and verify electronic signatures, strict multi-factor user authentication, etc.

The ESMART company offers to purchase modern CIPF at best prices from the manufacturer. Our engineering R&D center and production are located in Zelenograd. Use of chips Russian production allows us to offer the best, most competitive prices for cryptographic information protection tools for government projects, enterprises and organizations.

Throughout its history, man has felt the need to encrypt certain information. It is not surprising that an entire science grew out of this need - cryptography. And if previously cryptography for the most part served exclusively state interests, then with the advent of the Internet its methods have become the property of private individuals and are widely used by hackers, freedom of information activists and anyone who wants to encrypt their data on the network to one degree or another.

FURFUR is starting a series of articles about cryptography and how to use it. The first material is introductory: history of the issue and basic terms.

Formally, cryptography (from Greek - “secret writing”) is defined as a science that ensures the secrecy of a message. The pioneer who wrote the first scientific work on cryptography is considered to be Aeneas Tacticus, who completed his earthly journey long before the birth of Christ. India and Mesopotamia also tried to encrypt their data, but the first reliable security systems were developed in China. Ancient Egyptian scribes often used sophisticated writing techniques to draw attention to their texts. Most often, information encryption was used for military purposes: the Scytale cipher, used by Sparta against Athens in the 5th century BC, is widely known. e.

Cryptography actively developed in the Middle Ages, and numerous diplomats and merchants used encryption. One of the most famous ciphers of the Middle Ages is the Codex Copiale, an elegantly designed manuscript with watermarks that has not yet been deciphered. The Renaissance became the golden age of cryptography: it was studied by Francis Bacon, who described seven methods of hidden text. He also proposed a binary encryption method similar to that used in computer programs Nowadays. The emergence of the telegraph had a significant impact on the development of cryptography: the very fact of data transmission was no longer secret, which forced senders to focus on data encryption.

During World War I, cryptography became an established combat tool. The unraveling of enemy messages led to stunning results. The interception of a telegram from German Ambassador Arthur Zimmermann by American intelligence agencies led to the United States entering hostilities on the side of the Allies.

The Second World War served as a catalyst for development computer systems- through cryptography. The encryption machines used (the German Enigma, the English Turing Bomb) clearly showed the vital importance information control. In the post-war era, many governments imposed a moratorium on the use of cryptography. Key works were published exclusively in the form of secret reports - such as, for example, Claude Shannon’s book “The Theory of Communication in Secret Systems”, approaching cryptography as a new mathematical science.

The government monopoly only collapsed in 1967 with the publication of David Kahn's book, The Code Breakers. The book examined in detail the entire history of cryptography and cryptanalysis. After its publication, other works on cryptography began to appear in the open press. At the same time, a modern approach to science was formed, and the basic requirements for encrypted information were clearly defined: confidentiality, untraceability and integrity. Cryptography has been divided into two interacting parts: cryptosynthesis and cryptanalysis. That is, cryptographers provide information security, and cryptanalysts, on the contrary, look for ways to hack the system.

Wehrmacht Enigma ("Enigma")

Cipher machine of the Third Reich. Code created using Enigma
considered one of the strongest used in World War II.

Turing Bombe

A decoder developed under the direction of Alan Turing. Its use
allowed the Allies to split the seemingly monolithic Enigma code.

Modern methods of using cryptography

The advent of the accessible Internet took cryptography to a new level. Cryptographic techniques have become widely used by individuals in electronic commerce, telecommunications, and many other environments. The first gained particular popularity and led to the emergence of a new, non-state-controlled currency - Bitcoin.

Many enthusiasts quickly realized that a bank transfer is, of course, convenient, but it is not suitable for purchasing such pleasant everyday things as weapons or “substances”. It is also not suitable for advanced cases of paranoia, because it requires mandatory authentication from the recipient and the sender.

An analog calculation system was proposed by one of the “cypherpunks” discussed below, the young programmer Wei Dai. Already in 2009, Satoshi Nakamoto (whom many sacredly consider to be an entire hacker group) developed payment system new type - BitCoin. This is how cryptocurrency was born. Its transactions do not require an intermediary in the form of a bank or other financial institution, and they cannot be tracked. The network is completely decentralized, bitcoins cannot be frozen or seized, and they are completely protected from government control. At the same time, Bitcoin can be used to pay for any goods - subject to the consent of the seller.

New electronic money is produced by users themselves, who provide the computing power of their machines to operate the entire BitCoin system. This type of activity is called mining. Mining alone is not very profitable; it is much easier to use special servers - pools. They combine the resources of several participants into one network and then distribute the resulting profits.

The largest platform for buying and selling bitcoins is the Japanese Mt. Gox, through which 67% of transactions in the world are carried out. Avid anonymous users prefer the Russian BTC-E: registration here does not require user identification. The cryptocurrency rate is quite unstable and is determined only by the balance of supply and demand in the world. A warning to beginners is the well-known story of how 10 thousand units spent by one of the users on pizza turned into 2.5 million dollars after some time.

“The main problem with conventional currency is that it requires trust. The central bank requires trust in itself and its currency, but the history of fiat money is full of examples of the erosion of trust. With the advent of electronic currency based on reliable cryptography, we no longer need to trust the “honest uncle”, our money can be securely stored, and its use becomes simple and convenient.”

Satoshi Nakamoto, hacker

Terminology

The main operators are the original message (plain text, plaintext) and its modification (ciphertext, ciphertext). Decryption is the process of transforming ciphertext into plaintext. For a novice cryptographer, it is important to remember a few other terms:

ALICE, EVE AND BOB (ALICE)

Certain names of the game participants help reduce the description of the crypto protocol to a mathematical formula: Alice and Bob. The enemy in the current cryptosystem is designated as Eve (eavesdropper - eavesdropper). In rare cases, the name changes, but the enemy always remains feminine.

AUTONOMOUS ELECTRONIC PAYMENT SYSTEM (OFF-LINE E-CASH SYSTEM)

Thanks to it, the buyer and seller can work directly, without the participation of the issuing bank. The disadvantage of this system is the additional transaction that the seller makes, transferring the received money to his bank account.

ANONYMOUS (ANONYMITY)

This concept means that participants in the action can work confidentially. Anonymity can be absolute or revocable (in systems that involve the participation of a third party, an arbiter). The arbiter may, under certain conditions, identify any player.

ADVERSARY

Intruder. It seeks to breach the privacy perimeter of the protocol. In general, participants using the crypto protocol perceive each other as potential opponents - by default.

HONEST PARTY

An honest player with necessary information and strictly following the system protocol.

TRUST CENTER (AUTHORITY (TRUSTED AUTHORITY))

A kind of arbiter who enjoys the trust of all participants in the system. Necessary as a precautionary measure to ensure that participants adhere to the agreed protocol.

BIG BROTHER

Yes, that's it. Big Brother's actions are not controlled or monitored by other participants in the crypto protocol. It is impossible to prove Big Brother's foul play, even if everyone is sure of it.

Anonymity

Novice privacy enthusiasts stay incognito using special sites - web proxies. They do not require separate software and do not bother the user with complex settings. The user enters the required address not in the browser, but in address bar anonymizer site. He processes the information and transmits it on his own behalf. At the same time, such a server gets a wonderful opportunity to copy the data passing through it. In most cases, this is what happens: information is never superfluous.

Advanced anonymous people prefer to use more serious means. For example, Tor (The Onion Router). This service uses a whole chain of proxy servers, which is almost impossible to control due to its branching. The multi-layer (in slang - onion) routing system provides Tor users with a high level of data security. In addition, The Onion Router interferes with the analysis of traffic passing through it.

Cypherpunk

The term was first used by the famous hacker Jude Milhon in reference to programmers who were overly keen on the idea of ​​anonymity. The main idea of ​​cypherpunk is the ability to ensure anonymity and security on the network by the users themselves. This can be achieved through open cryptographic systems, which are mostly developed by cypherpunk activists. The movement has an implicit political overtones; most of the participants are close to crypto-anarchism and many libertarian social ideas. The most famous representative of cypherpunk is Julian Assange, who founded WikiLeaks to the delight of all world powers. Cypherpunks have an official manifesto.

"New big game- this is by no means a war for oil pipelines... The new world treasure is control
over gigantic data streams connecting entire continents and civilizations, linking into a single whole the communications of billions of people and organizations"

Julian Assange

Julian Assange

On its portal, WikiLeaks publicly demonstrated to everyone the underbelly of many government structures. Corruption, war crimes, top-secret secrets - in general, everything that an active libertarian could get his hands on became public knowledge. In addition, Assange is the creator of an infernal cryptosystem called “Deniable encryption”. This is a way of arranging encrypted information that allows for plausible deniability of its presence.

Bram Cohen

American programmer, originally from sunny California. To the delight of the whole world, he came up with the BitTorrent protocol, which is still used to this day without success.

In this article you will learn what CIPF is and why it is needed. This definition refers to cryptography - the protection and storage of data. Information protection in in electronic format can be done in any way - even by disconnecting the computer from the network and installing armed guards with dogs near it. But it is much easier to do this using cryptographic protection tools. Let's figure out what it is and how it is implemented in practice.

Main Goals of Cryptography

The decoding of CIPF sounds like a “cryptographic information protection system.” In cryptography, the information transmission channel can be completely accessible to attackers. But all data is confidential and very well encrypted. Therefore, despite the openness of the channels, attackers cannot obtain information.

Modern CIPF means consist of a software and computer complex. With its help, information is protected according to the most important parameters, which we will consider further.

Confidentiality

It is impossible to read the information if you do not have access rights to do so. What is CIPF and how does it encrypt data? The main component of the system is the electronic key. It is a combination of letters and numbers. Only by entering this key can you get to the desired section on which the protection is installed.

Integrity and Authentication

This is an important parameter that determines the possibility of unauthorized changes to data. If there is no key, then you cannot edit or delete information.

Authentication is a procedure for verifying the authenticity of information that is recorded on a key medium. The key must match the machine on which the information is decrypted.

Authorship

This is confirmation of the user’s actions and the impossibility of refusing them. The most common type of confirmation is an EDS (electronic digital signature). It contains two algorithms - one creates a signature, the second verifies it.

Please note that all operations performed with electronic signatures are processed by certified (independent) centers. For this reason, it is impossible to fake authorship.

Basic data encryption algorithms

Today, many CIPF certificates are widespread; different keys are used for encryption - both symmetric and asymmetric. And the keys are long enough to provide the required cryptographic complexity.

The most popular algorithms used in cryptographic protection:

1. Symmetric key - DES, AES, RC4, Russian R-28147.89.
2. With hash functions - for example, SHA-1/2, MD4/5/6, R-34.11.94.
3. Asymmetric key - RSA.

Many countries have their own standards for encryption algorithms. For example, in the United States they use modified AES encryption; the key can be from 128 to 256 bits long.

The Russian Federation has its own algorithm - R-34.10.2001 and R-28147.89, which uses a 256-bit key. Please note that there are elements in national cryptographic systems that are prohibited from being exported to other countries. All activities related to the development of CIPF require mandatory licensing.

Hardware crypto protection

When installing CIPF tachographs, you can ensure maximum protection of the information stored in the device. All this is implemented both at the software and hardware levels.

CIPF hardware type are devices that contain special programs, providing reliable data encryption. They also help to store information, record it and transmit it.

The encryption device is made in the form of an encoder connected to USB ports. There are also devices that are installed on motherboards PC. Even specialized switches and network cards with cryptographic protection can be used to work with data.

Hardware types of CIPF are installed quite quickly and are capable of exchanging information at high speed. But the disadvantage is the rather high cost, as well as the limited possibility of modernization.

Software cryptographic protection

This is a set of programs that allows you to encrypt information stored on various media (flash drives, hard and optical drives, etc.). Also, if you have a license for CIPF of this type, you can encrypt data when transmitting it over the Internet (for example, via email or chat).

There are a large number of protection programs, and there are even free ones - DiskCryptor is one of them. The software type of CIPF is also a virtual network that allows information exchange “over the Internet”. These are VPN networks known to many. This type of protection also includes the HTTP protocol, which supports SSL and HTTPS encryption.

CIPF software is mostly used when working on the Internet, as well as on home PCs. In other words, exclusively in those areas where there are no serious requirements for the durability and functionality of the system.

Software and hardware type of cryptographic protection

Now you know what CIPF is, how it works and where it is used. It is also necessary to highlight one type - hardware and software, which combines all the best properties of both types of systems. This method of processing information is by far the most reliable and secure. Moreover, the user can be identified in various ways - both hardware (by installing a flash drive or floppy disk) and standard (by entering a login/password pair).

Hardware and software systems support all encryption algorithms that exist today. Please note that the installation of CIPF should only be carried out by qualified personnel of the complex developer. It is clear that such CIPF should not be installed on computers that do not process confidential information.

Cryptographic means - These are special mathematical and algorithmic means of protecting information transmitted over communication systems and networks, stored and processed on a computer using a variety of encryption methods.
Technical information protection by transforming it, excluding its reading by outsiders, has worried people since ancient times. Cryptography must provide such a level of secrecy that critical information can be reliably protected from decryption by large organizations - such as the mafia, multinational corporations and large states. Cryptography in the past was used only for military purposes. However, now, with the emergence of the information society, it is becoming a tool for ensuring confidentiality, trust, authorization, electronic payments, corporate security and countless other important things. Why has the problem of using cryptographic methods become particularly relevant at the moment?
On the one hand, the use has expanded computer networks, in particular the global Internet, through which large volumes of information of a state, military, commercial and private nature are transmitted, preventing unauthorized persons from accessing it.
On the other hand, the emergence of new powerful computers, network and neural computing technologies have made it possible to discredit cryptographic systems that until recently were considered practically unbreakable.
Cryptology (kryptos - secret, logos - science) deals with the problem of protecting information by transforming it. Cryptology is divided into two areas - cryptography and cryptanalysis. The goals of these directions are directly opposite.
Cryptography deals with the search and study of mathematical methods for converting information.
The area of ​​interest of cryptanalysis is the study of the possibility of decrypting information without knowing the keys.
Modern cryptography includes 4 major sections.

· Symmetric cryptosystems.

· Public key cryptosystems.

· Electronic signature systems.

· Key management.

The main areas of use of cryptographic methods are the transfer of confidential information via communication channels (for example, Email), establishing the authenticity of transmitted messages, storing information (documents, databases) on media in encrypted form.

Terminology.
Cryptography makes it possible to transform information in such a way that its reading (recovery) is possible only if the key is known.
Texts based on a certain alphabet will be considered as information to be encrypted and decrypted. These terms mean the following.
Alphabet- a finite set of characters used to encode information.
Text- an ordered set of elements of the alphabet.
Encryption- conversion process: the original text, which is also called plaintext, is replaced by ciphertext.
Decryption- the reverse process of encryption. Based on the key, the ciphertext is converted to the original one.
Key- information necessary for smooth encryption and decryption of texts.
The cryptographic system is a family of T [T1, T2, ..., Tk] plaintext transformations. Members of this family are indexed, or designated by the symbol "k"; parameter k is the key. The key space K is the set of possible key values. Usually the key is a sequential series of letters of the alphabet.
Cryptosystems are divided into symmetric and public key.
In symmetric cryptosystems, the same key is used for both encryption and decryption.
Public key systems use two keys, a public key and a private key, that are mathematically related to each other. Information is encrypted using public key, which is available to everyone, and is decrypted using a private key known only to the recipient of the message.
The terms key distribution and key management refer to the processes of an information processing system, the content of which is the compilation and distribution of keys between users.
An electronic (digital) signature is a cryptographic transformation attached to the text, which allows, when the text is received by another user, to verify the authorship and authenticity of the message.
Cryptographic strength is a characteristic of a cipher that determines its resistance to decryption without knowing the key (i.e., cryptanalysis).
The effectiveness of encryption to protect information depends on maintaining the secrecy of the key and the cryptographic strength of the cipher.
The simplest criterion for such efficiency is the probability of revealing the key or the power of the set of keys (M). Essentially, this is the same as cryptographic strength. To estimate it numerically, you can also use the complexity of solving the cipher by trying all the keys.
However, this criterion does not take into account other important requirements for cryptosystems:

· impossibility of disclosing or meaningful modification of information based on analysis of its structure;

· perfection of the security protocols used;

minimum amount of used key information;

· minimal complexity of implementation (in the number of machine operations), its cost;

· high efficiency.

It is often more effective to use expert judgment and simulation when selecting and evaluating a cryptographic system.
In any case, the selected set of cryptographic methods must combine both convenience, flexibility and efficiency of use, as well as reliable protection of information circulating in the information system from attackers.

This division of information security means ( technical protection information), quite conditionally, since in practice very often they interact and are implemented in a complex in the form of software and hardware modules with the widespread use of information closure algorithms.

Conclusion

In this course work, I examined the local computer network of the Administration, and came to the conclusion that in order to fully protect information, it is necessary to use all security measures to minimize the loss of this or that information.

As a result of the organization of work done: computerization of workplaces with their integration into a local computer network, with the presence of a server and access to the Internet. Completing this work will ensure the fastest and most productive work of the working personnel.

The goals that were set when receiving the task, in my opinion, have been achieved. The Administration local area network diagram is given in Appendix B.

Bibliography.

1. GOST R 54101-2010 “Automation tools and control systems. Security means and systems. Maintenance and current repairs"

2. Organizational information protection: tutorial for universities Averchenkov V.I., Rytov M.Yu. 2011

3. Khalyapin D.B., Yarochkin V.I. Fundamentals of information security.-M.: IPKIR, 1994

4. Khoroshko V.A., Chekatkov A.A. Methods and means of information security (edited by Kovtanyuk) K.: Junior Publishing House, 2003 - 504 p.

5. Hardware and computer networks Ilyukhin B.V. 2005

6. Yarochkin V.I. Information Security: Textbook for university students.-M.: Academic Project!?! Foundation "Peace", 2003.-640 p.

7. http://habrahabr.ru

8. http://www.intel.com/ru/update/contents/st08031.htm

9. http://securitypolicy.ru

10. http://network.xsp.ru/5_6.php

Note A.

Note B.