254
tomonidan de facto standart tomonidan
tan olingan format yoki tavsif
standard organization or
recognized by an industry de
facto standard
Suqilib kirishga
sinash
tizimni uning himoyalash
vositasini
(xususan, ruxsatsiz foydalanishdan
himoyalash vositasini) tekshirish
maqsadida sinash.
system test for the purpose of
check of means of its protection
(in particular from illegally go
access).
Tahdid
Jamiyat axborot soxasining faoliyatiga
xavf tug‘dirayotgan jami omillar va
omillar guruhi
A group of factors and factors
that threaten the functioning of
the public information sector
Tarmoq
taxlillagichlari
(sniffer)
tarmoqtrafigini “tinglash”ni va tarmoq
trafigidan avtomatik tarzda
foydalanuvchilar ismini, parollarni,
kredit kartalar nomerini, shu kabi
boshqa axborotni ajratib olishni amalga
oshiruvchi dasturlar.
programs, asking for “listening”
network traffic and
automatically selects the
network
traffic of user names,
passwords, credit card numbers,
other similar information.
Teng huquqli
mantiqiy ob’ektning
autentifikatsiyasi
qandaydir uyushmaning teng huquqli
mantiqiy ob’ekti so‘ralgan mantiqiy
ob’ekt ekanligini tasdiqlash.
sonfirmation that a peer entity
in an association is the one
claimed logical entity.
Tizimning osilib
qolishi
yangi topshiriqlar kiritilishini bostirish
yo‘li bilan multidastur tizimini
to‘xtatish (“yaxlatish”).
system hang - stop ("freezing")
multiprogramming system by
inhibiting the entry of new jobs.
Trafik taxlili
1. Trafik oqimini kuzatish (borligi,
yukligi xajmi, yunalishi va chastotasi)
asosida axborat xolati xususida xulosa
qilish. 2. Deshifrlanishga sabab
bo‘lmaydigan, ammo g‘animga yoki
buzg‘unchiga uzatilayotgan ochik matn
va, umuman, kuzatilayotgan aloqa
tizimining ishlashi xususidagi bilvosita
axborotni olishiga imkon beruvchi aloqa
tizimi orqali uzatiluvchi shifrlangan
xabarlar majmuining tahlili. Trafik
tahlili shifrlangan xabarlarning
rasmiylashtirish xususiyatlaridan,
ularning uzunligi,
uzatilish vaqti,
uzatuvchi va qabul qiluvchi xususidagi
malumotlardan foydalanadi.
1 . Report on the state
information based on
observation of traffic flows
(presence , absence, amount ,
direction and frequency . 2 .
Analysis of all encrypted
messages sent over the
communication system does not
lead to decrypt , but allowing
the opponent and / or the
offender obtain indirect
information about the
transmitted Post and generally
observed on the functioning of
the communication system. A.
that uses features of registration
messages encrypted , and their
length , the transmission time ,
the data sender and recipient ,
etc.
Xabarlar
autentifikatsiyasi
ma’lumotlarda har
qanday
o‘zgarishlarni aniqlash maqsadida
ma’lumotlar blokiga nazorat hoshiyasini
qo‘shish. Ushbu hoshiya qiymatini
hisoblashda faqat ma’lumotlar
to add to the data control field
to detect any changes in the
data. In calculating the value of
this field is used key known
only to the receiver data.
255
priyemnigiga ma’lum kalitlar ishlatiladi.
Xavf - xatar taxlili
nomuvofik hodisalar paydo bo‘lish
holida kutiladigan zararni aniqlash
maqsadida, ehtimollik hisoblashlardan
foydalanib, tizim xarakteristikalarini va
salbiy tomonlarini o‘rganish jarayoni.
Xavf – xatarni tahlillash masalasi u yoki
bu xavf – xatarning maqbullik
darajasini aniqlashdan iborat.
the process of studying the
characteristics and weaknesses
of the system, conducted using
a probabilistic calculations in
order
to determine the expected
damage in case of adverse
events. The task of risk analysis
is to determine the acceptability
of a risk to the system.
Xavfsizlik xizmati
ma’muri
xavfsizlikni ta’minlashning bir yoki bir
necha tizimi hamda loyihalashni
nazoratlash va ulardan foydalanish
xususida to‘liq tasavvurga ega shaxs
(yoki shaxslar guruhi).
person (or group of people)
having (s) complete
understanding of one or more
security systems and controls
(s) design and use.
Xizmat qilishdan
voz kechishga
undaydigan atayin
qilinmaydigan
hujum
tasodifiy yuz bergan holat natijasida
(reklama natijasida qiziqishning keskin
oshishi, to‘satdan va kutilmagan
kamdan – kam bo‘ladigan mashhurlik
va h.)DOS hujumning mavaffaqiyatli
o‘tkazilgani xususida taassurot
tug‘diruvchi qandaydir servis uchun
xizmat qilishdan voz kechish.
Ko‘pincha faollikning avj onlarida
yangilik saytlariga qiziqarli axborotni
joylashtirish natijasida,
xamda qidiruv
tizimlariyordamida ommabop URL –
havolalarni o‘tkazish qobiliyati
cheklangan foydalanish kanallariga ega
media – resurslariga indekslash
natijasida paydo bo‘ladi.
denial of service for any service
which has come as a result of
chance ( sharply increased
interest in the result of the
promotion , the sudden and
unexpected exception pop, etc. )
, giving the impression of a
successful DoS attack . Often
occurs in times of peak activity
as a result of placement of
interesting information on news
sites , as well as from popular
search engines indexing URL-
links to
various media resources
with limited bandwidth channel
access.
Yagona
avtorizatsiya
yagona kirish va avtorizatsiyalash
texnologiyasi. Unga binoan
foydalanuvchi bitta seans mobaynida
birdaniga bir necha ilovalardan yoki
portalning bir necha bo‘limlaridan
foydalanishi uchun ismini / parolni
fakat bir marta kiritishi lozim.
technology SSO and
authorization, in which a user to
gain access to a single session
to multiple applications or
several sections of the portal to
enter username / password only
once.
Yashirin kanal
xavfsizlik siyosatini buzish uchun
ishlatilishi mumkin bo‘lgan, axborot
texnologiyasi tizimini va
avtomatlashtirilgan tizimlarni ishlab
chiqaruvchilar ko‘zda tutmagan
kommunikatsiya kanali. Axborot
uzatish mexanizmi bo‘yicha yashirin
kanallar xotira bo‘yicha yashirin
kanalga, vaqt bo‘yicha yashirin kanalga
va statistik yashirin kanalga bo‘linadi.
unforeseen
the developer of
system of technologies
information and systems
automated the communication
channel which can be applied to
security policy violation. On the
information transfer mechanism
c.s subdivide on: c.s. on
memory c.s. on time; hidden
statistical channels.