Tasdiqlayman ” Denov Tadbirkorlik va Pedagogika Instituti Axborot texnologiyalari kafedrasi mudiri: Rajabov. T “ ” 2023 yil kiberxavfsizlik asoslari fanidan ii-kurs Kompyuter injiniringi uchun



Yüklə 7,7 Mb.
səhifə162/162
tarix28.08.2023
ölçüsü7,7 Mb.
#140791
1   ...   154   155   156   157   158   159   160   161   162
Majmua Kiberxavfsizlik asoslari II-Kurs

Xavfsizlik atributi – baholanish obyektining xavfsizlik siyosatini amalga oshirishda ishlatiluvchi subyektlar, foydalanuvchilar va/yoki obyektlar bilan bog’lik axborot.
Xavfsizlik auditi – kompyuter tizimi xavfsizligiga ta’sir etuvchi bo’lishi mumkin bo’lgan xavfli harakatlarni xarakterlovchi, oldindan aniqlangan hodisalar to’plamini ro’yxatga olish (audit faylida qaydlash) yo’li bilan himoyalanishni nazoratlash.
Xavfsizlik xizmati ma’muri – xavfsizlikni ta’minlashning bir yoki bir necha tizimi hamda loyihalashni nazoratlash va ulardan foydalanish xususida to’liq tasavvurga ega shaxs (yoki shaxslar guruhi).
Xavfsizlikni aktiv testlash nishon bilan to’g’ridan – to’g’ri o’zaro aloqaga mo’ljallangan xavfsizlikni testlash, masalan, talab qilingan nishongacha paketni yuborish.
Xavfsizlikning avtomatlashtirilgan domeni - asboblar, texnologiyalar guruhini hamda ma’lumotlarni o’z ichiga olgan axborot xavfsizligi sohasi.
Xeshlash algoritmi – kriptografiyada kriptografik xesh-funksiyani amalga oshiruvchi algoritm. Matematika va dasturlashda – odatda, satr uzunligini kamaytiruvchi simvollar satrini o’zgartiruvchi algoritm. Chiqish yo’li satrining har bir simvolining qiymati kirish yo’li simvollarining katta soniga (idealda – barchasiga) murakkab tarzda bog’liq. Odatda xeshlash algoritmi ixtiyoriy uzunlikdagi satrni belgilangan uzunlikdagi satrga o’zgartiradi.
Xodim xavfsizligi – qandaydir jiddiy axborotdan foydalanish imkoniyatiga ega barcha xodimlarning kerakli avtorizatsiyaga va barcha kerakli ruxsatnomalarga egalik kafolatini ta’minlovchi usul.
Yolg’on axborot – xarakteristikalari va alomatlari noto’g’ri akslantiriluvchi hamda real mavjud bo’lmagan obyekt xususidagi axborot.
Zombi - tizimda o’rnatilgan, boshqa tizimlarga hujum qilishga majbur qiluvchi dastur.

ADABIYOTLAR RO‘YXATI

  1. Information Technology Security Evaluation Criteria (ITSEC), Provisional Harmonized Criteria (1991) Luxembourg: Office for Official Publications of the European Communities, 1991 ISBN 92-826-3004-8, Catalogue Number: CD-71- 91-502-EN-C © ECSC-EEC-EAEC, Brussels • Luxembourg.

  2. National Information Systems Security (InfoSec) Glossary (2000) National Security Telecommunications and Information Systems Security Committee. National Security Agency US.

  3. Pfleeger, C.P. (1997) Security in Computing. Second Edition, Prentice Hall, Upper Saddle River.

  4. Guttman, B. and Roback, E. (1995) An Introduction to Computer security: The NIST Handbook. DIANE Publishing. http://dx.doi.org/10.6028/NIST.SP.800-12

  5. Stamp M. Information security: principles and practice // John Wiley & Sons, 2011, -P. – 606.

  6. Purdy G. ISO 31000: 2009—setting a new standard for risk management //Risk Analysis: An International Journal. – 2010. – Т. 30. – №. 6. – С. 881-886.

  7. ISACA C. S. X. Cybersecurity Fundamentals //Study Guide. – 2014.

  8. Curricula C. Curriculum guidelines for post-secondary degree programs in cybersecurity. – 2017.

  9. Акбаров Д.Е. Ахборот хавфсизлигини таъминлашнинг криптографик усуллари ва уларнинг қўлланилиши // Тошкент, 2008, -Б. - 394.

  10. Ганиев С.К., Каримов М.М., Худойқулов З.Т., Кадиров М.М. Ахборот хавфсизлиги бўйича атама ва тушунчаларнинг рус, ўзбек ва инлиз тилларидаги изоҳли луғати // Тошкент 2017, -Б. - 480.

  11. Ferguson N., Schneier B. Practical cryptography // New York: Wiley, 2003. – P. - 432.

  12. Bruce S. Applied cryptography: protocols, algorithms, and source code in C //New York: Wiley. – 1996, - P. - 1027.

  13. Smart N. P. et al. Cryptography: an introduction. – New York : McGraw-Hill, 2003. – Т. 3.

  14. Шаньгин, В. Ф. Информационная безопасность компьютерных систем и сетей : учеб. пособие / В.Ф. Шаньгин. — Москва : ИД «ФОРУМ» : ИНФРА-М, 2017. — 416 с.

  15. Хасанов П.Ф., Хасанов Х.П., Ахмедова О.П., Давлатов А.Б. “Криптотаҳлил ва унинг махсус усуллари” электрон ўқув қўлланма. 2010 й.

  16. Акбаров Д.Е., Хасанов П.Ф., Хасанов Х.П., Ахмедова О.П. “Криптографиянинг математик асослари” электрон ўқув қўлланма. 2010 й.

  17. Zlatanov, Nikola. (2015). Hard Disk Drive and Disk Encryption. 10.13140/RG.2.1.1228.9681.

  18. Healy, Michael & Newe, Thomas & Lewis, Elfed. (2008). Analysis of Hardware Encryption Versus Software Encryption on Wireless Sensor Network Motes. 10.1007/978-3-540-79590-2_1.

  19. Scarfone K. et al. Guide to storage encryption technologies for end user devices //NIST Special Publication. – 2007. – Т. 800. – С. 111.

  20. Chuvakin A., Williams B. R. PCI Compliance. – Syngress, 2011.

  21. Shinder D. L., Cross M. Scene of the Cybercrime. – Elsevier, 2008.

  22. Введение в информационную безопасность автоматизированных систем: учебное пособие / В. В. Бондарев. — Москва : Издательство МГТУ им. Н. Э. Баумана, 2016. — 250, с.

  23. Regulations O., Guidance R. Code of Federal Regulations //Respiratory Protection. – 1910.

  24. Frields J. National Industrial Security Program. Operating Manual Supplement. – DEPARTMENT OF DEFENSE WASHINGTON DC, 1995. – №. DOD-5220.22-M-SUP-1.

  25. Ganiev S.K., Khudoykulov Z.T., Islomov Sh.Z., Selection suitable

biometrics for cryptographic key generators // TUIT BULLETIN, Тashkent, 2016,
№4 (40), – P. 80-92.

  1. Rathgeb C., Uhl A. A survey on biometric cryptosystems and cancelable biometrics //EURASIP Journal on Information Security, 2011, №1, – P. 1-25.

  2. Report to Congress on Breaches of Unsecured Protected Health Information For Calendar Years 2015, 2016, and 2017. U.S. Department of Health and Human Services Office for Civil Rights. https://www.hhs.gov/sites/default/files/breach-report-to-congress-2015-2016- 2017.pdf

  3. http://smartkardtechnologies.com/productdetails/acr39u-smart-card- rader

  4. https://www.turbosquid.com/3d-models/3d-airport-x-ray-machine- security-1405223

  5. https://www.ptsecurity.com/ww-en/analytics/web-vulnerabilities- 2020/

  6. https://www.nuigalway.ie/itsecurity/howtospotphishingemails/

  7. https://techjaws.com/beware-of-fake-microsoft-security-essentials/

  8. https://www.pcmag.com/roundup/256703/the-best-antivirus- protection

  9. https://www.us-cert.gov/ncas/tips/ST05-003

  10. https://blog.layershift.com/why-high-availability-for-your-business/

  11. https://en.wikipedia.org/wiki/Zimmermann_Telegram

  12. https://www.rutoken.ru/

  13. https://en.wikipedia.org/wiki/Comparison_of_disk_encryption_softwa

re

  1. https://www.theguardian.com/world/2013/jun/16/nsa-dmitry-

medvedev-g20-summit

  1. https://ciser.cornell.edu/wp- content/uploads/2017/01/CRADC_Destruction_and_Return_of_Restricted_Data.p df

  2. https://www.fbi.gov/services/information-management/foipa/privacy- impact-assessments/iafis

  3. https://www.pctattletale.com/blog/1505/best-keylogger-software- windows-10

Yüklə 7,7 Mb.

Dostları ilə paylaş:
1   ...   154   155   156   157   158   159   160   161   162



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Stomatologiya
Anesteziologiya
Cərrahlıq
Ginekologiya
Tibb

yükləyin