O‘zbekiston respublikаsi raqamli texnologiyalar vazirligi muhammad al-xorazmiy nomidagi toshkent axborot texnologiyalari universiteti samarqand filiali
Yüklə 12,7 Mb. Pdf görüntüsü
|
|
participant is both prove-down and inspection. This allows a single session the protocol of each participant to another participant to prove their identity. Parollar lug‘atiga asoslangan hujum parol qiymatlarini saralashga asoslangan hujum. an attack on a cryptosystem based on iterating values password. Ro‘yxatga ishlov berish Ro‘yxat elementlarini tahlil qilish va tartibga keltirish. Ro‘yxatlarga ishlov berishda, ma’lumotlar elementlarining bog‘lanishlarini namoyon qiladigan modellash amalga oshiriladi, bu esa ularni izlashni yengillashtiradi. Analyze and organize list items. When processing lists, modeling is performed that shows the relationships of data elements, which makes them easier to find. Ruxsatli erkin foydalanish 1. Axborot resursiga shtat texnika vositalari yordamida belgilangan qoidalarga muvofiq amalga oshirilayotgan erkin foydalanish. 2. Erkin foydalanishlar uchun chegaralaviy qoidalarni buzmasdan axborotdan erkin foydalanish. 1. Access to information resources using state technical means in accordance with the established rules. 2. Free access to information without violating the restrictive rules for free use. Server Tarmoqda joylashgan fayllar va boshqa resurslardan foydalanishni taqdim etuvchi tarmoqdagi kompyuter A computer on a network that provides access to files and other resources located on a network Standart Tan olingan standart tashkiloti tomonidan tasdiqlangan yoki sanoat A format or description approved by a recognized 254 tomonidan de facto standart tomonidan tan olingan format yoki tavsif standard organization or recognized by an industry de facto standard Suqilib kirishga sinash tizimni uning himoyalash vositasini (xususan, ruxsatsiz foydalanishdan himoyalash vositasini) tekshirish maqsadida sinash. system test for the purpose of check of means of its protection (in particular from illegally go access). Tahdid Jamiyat axborot soxasining faoliyatiga xavf tug‘dirayotgan jami omillar va omillar guruhi A group of factors and factors that threaten the functioning of the public information sector Tarmoq taxlillagichlari (sniffer) tarmoqtrafigini “tinglash”ni va tarmoq trafigidan avtomatik tarzda foydalanuvchilar ismini, parollarni, kredit kartalar nomerini, shu kabi boshqa axborotni ajratib olishni amalga oshiruvchi dasturlar. programs, asking for “listening” network traffic and automatically selects the network traffic of user names, passwords, credit card numbers, other similar information. Teng huquqli mantiqiy ob’ektning autentifikatsiyasi qandaydir uyushmaning teng huquqli mantiqiy ob’ekti so‘ralgan mantiqiy ob’ekt ekanligini tasdiqlash. sonfirmation that a peer entity in an association is the one claimed logical entity. Tizimning osilib qolishi yangi topshiriqlar kiritilishini bostirish yo‘li bilan multidastur tizimini to‘xtatish (“yaxlatish”). system hang - stop ("freezing") multiprogramming system by inhibiting the entry of new jobs. Trafik taxlili 1. Trafik oqimini kuzatish (borligi, yukligi xajmi, yunalishi va chastotasi) asosida axborat xolati xususida xulosa qilish. 2. Deshifrlanishga sabab bo‘lmaydigan, ammo g‘animga yoki buzg‘unchiga uzatilayotgan ochik matn va, umuman, kuzatilayotgan aloqa tizimining ishlashi xususidagi bilvosita axborotni olishiga imkon beruvchi aloqa tizimi orqali uzatiluvchi shifrlangan xabarlar majmuining tahlili. Trafik tahlili shifrlangan xabarlarning rasmiylashtirish xususiyatlaridan, ularning uzunligi, uzatilish vaqti, uzatuvchi va qabul qiluvchi xususidagi malumotlardan foydalanadi. 1 . Report on the state information based on observation of traffic flows (presence , absence, amount , direction and frequency . 2 . Analysis of all encrypted messages sent over the communication system does not lead to decrypt , but allowing the opponent and / or the offender obtain indirect information about the transmitted Post and generally observed on the functioning of the communication system. A. that uses features of registration messages encrypted , and their length , the transmission time , the data sender and recipient , etc. Xabarlar autentifikatsiyasi ma’lumotlarda har qanday o‘zgarishlarni aniqlash maqsadida ma’lumotlar blokiga nazorat hoshiyasini qo‘shish. Ushbu hoshiya qiymatini hisoblashda faqat ma’lumotlar to add to the data control field to detect any changes in the data. In calculating the value of this field is used key known only to the receiver data. 255 priyemnigiga ma’lum kalitlar ishlatiladi. Xavf - xatar taxlili nomuvofik hodisalar paydo bo‘lish holida kutiladigan zararni aniqlash maqsadida, ehtimollik hisoblashlardan foydalanib, tizim xarakteristikalarini va salbiy tomonlarini o‘rganish jarayoni. Xavf – xatarni tahlillash masalasi u yoki bu xavf – xatarning maqbullik darajasini aniqlashdan iborat. the process of studying the characteristics and weaknesses of the system, conducted using a probabilistic calculations in order to determine the expected damage in case of adverse events. The task of risk analysis is to determine the acceptability of a risk to the system. Xavfsizlik xizmati ma’muri xavfsizlikni ta’minlashning bir yoki bir necha tizimi hamda loyihalashni nazoratlash va ulardan foydalanish xususida to‘liq tasavvurga ega shaxs (yoki shaxslar guruhi). person (or group of people) having (s) complete understanding of one or more security systems and controls (s) design and use. Xizmat qilishdan voz kechishga undaydigan atayin qilinmaydigan hujum tasodifiy yuz bergan holat natijasida (reklama natijasida qiziqishning keskin oshishi, to‘satdan va kutilmagan kamdan – kam bo‘ladigan mashhurlik va h.)DOS hujumning mavaffaqiyatli o‘tkazilgani xususida taassurot tug‘diruvchi qandaydir servis uchun xizmat qilishdan voz kechish. Ko‘pincha faollikning avj onlarida yangilik saytlariga qiziqarli axborotni joylashtirish natijasida, xamda qidiruv tizimlariyordamida ommabop URL – havolalarni o‘tkazish qobiliyati cheklangan foydalanish kanallariga ega media – resurslariga indekslash natijasida paydo bo‘ladi. denial of service for any service which has come as a result of chance ( sharply increased interest in the result of the promotion , the sudden and unexpected exception pop, etc. ) , giving the impression of a successful DoS attack . Often occurs in times of peak activity as a result of placement of interesting information on news sites , as well as from popular search engines indexing URL- links to various media resources with limited bandwidth channel access. Yagona avtorizatsiya yagona kirish va avtorizatsiyalash texnologiyasi. Unga binoan foydalanuvchi bitta seans mobaynida birdaniga bir necha ilovalardan yoki portalning bir necha bo‘limlaridan foydalanishi uchun ismini / parolni fakat bir marta kiritishi lozim. technology SSO and authorization, in which a user to gain access to a single session to multiple applications or several sections of the portal to enter username / password only once. Yashirin kanal xavfsizlik siyosatini buzish uchun ishlatilishi mumkin bo‘lgan, axborot texnologiyasi tizimini va avtomatlashtirilgan tizimlarni ishlab chiqaruvchilar ko‘zda tutmagan kommunikatsiya kanali. Axborot uzatish mexanizmi bo‘yicha yashirin kanallar xotira bo‘yicha yashirin kanalga, vaqt bo‘yicha yashirin kanalga va statistik yashirin kanalga bo‘linadi. unforeseen the developer of system of technologies information and systems automated the communication channel which can be applied to security policy violation. On the information transfer mechanism c.s subdivide on: c.s. on memory c.s. on time; hidden statistical channels. |