Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008




НазваниеУчебно-методическое пособие Для студентов, аспирантов Таганрог 2008
страница10/16
Дата06.09.2012
Размер1.67 Mb.
ТипУчебно-методическое пособие
1   ...   6   7   8   9   10   11   12   13   ...   16

[edit] Tunneling


Tunneling is the transmission of data through a public network in such a way that routing nodes in the public network are unaware that the transmission is part of a private network. Tunneling is generally done by encapsulating the private network data and protocol information within the public network protocol data so that the tunneled data is not available to anyone examining the transmitted data frames. Tunneling allows the use of public networks (eg, the Internet), to carry data on behalf of users as though they had access to a 'private network', hence the name.

Port forwarding is one aspect of tunneling in particular circumstances.

[edit] Security dialogues


The most important part of a VPN solution is security. The very nature of VPNs — putting private data on public networks — raises concerns about potential threats to that data and the impact of data loss. A Virtual Private Network must address all types of security threats by providing security services in the areas of:

Authentication (access control) - Authentication is the process of ensuring that a user or system is who the user claims to be. There are many types of authentication mechanisms, but they all use one or more of the following approaches:

  • something you know: a login name, a password, a PIN

  • something you have: a computer readable token (i.e., a Smart card), a card key

  • something in you: fingerprint, retinal pattern, iris pattern, hand configuration, etc

Generally, systems use only of one of these components, usually a login name/password sequence. Strong authentication is usually taken to combine at least two authentication components from different areas (i.e., two-factor authentication). But note that use of weak and strong in this context can be misleading. A stolen smart card and a shoulder-surfed login name / PIN sequence is not hard to achieve and will pass a strong authentication two-factor test handily. More seriously, stolen or lost security data (eg, on a backup tape, a laptop, or stolen by an employee) dangerously furthers many such attacks on most authentication schemes. There is no fully adequate technique for the authentication problem, including biometric ones.



Vocabulary tasks

Give as many word combinations as possible and translate them.

Product


Give your definitions to the following terms.

Remote intranet access, security outsourcing, intranet publishing guideline, reactive, proactive.


Make the word combinations.

      1. internal a) breeches

      2. digital b) intranet access

      3. data c) input

      4. security d) use of Internet

      5. digital e) risks

      6. employee f) applications

      7. variable-size g) certificate

      8. encompass h) free

      9. remote i) theft

      10. collision j) signature


What do the following abbreviations from Text 1 mean?

OTP, SSL


Give English equivalents of the following words and word combinations.

Взаимодействовать, защищать надлежащим образом, подробно рассматриваться, карта информации, обеспечивать, ряд инструкций, реагировать на что-либо, прогноз, доступный.


Give Russian equivalents of the following words and word combinations.

Variable–size input, hash value, additional property, collision–free, infeasible, concisely, digital time stamping.


Translate into Russian.

VPN can be a cost effective and secure way for corporations to provide users access to the corporate network and for remote networks to communicate with each other across the Internet. VPN connections are more cost-effective than dedicated private lines. Usually a VPN involves 2 parts: the protected or "inside" network, which provides physical and administrative security to protect the transmission; and a less trustworthy, "outside" network or segment (usually through the Internet). Generally, a firewall sits between a remote user's workstation or client and the host network or server. As the user's client establishes the communication with the firewall, the client may pass authentication data to an authentication service inside the perimeter. A known trusted person, sometimes only when using trusted devices, can be provided with appropriate security privileges to access resources not available to general users.


Complete the text by translating Russian phrases given in brackets.

(1 Мы представляем новый подход) to improving the security of passwords. In our approach, the legitimate user’s typing patterns (e.g., durations of keystrokes and latencies between keystrokes) (2 сочетаются с паролем пользователя) to generate a hardened password that is (3 несомненно более надежен) than conventional passwords alone. In addition, (4 наша схема автоматически адаптируется к постепенным (периодическим) изменениям) in a user’s typing patterns while maintaining the same hardened password across multiple logins, for use in file encryption or other applications (5 для которых необходим долгосрочный секретный ключ). Using empirical data and a prototype implementation of our scheme, (6 мы подтверждаем) that our approach is viable (7 в практике, простоте использования, повышенной безопасности и исполнении).


Grammar

The Infinitive.

Инфинитив с частицей – to.

Употребление. Инфинитив – это основная форма глагола. Его формальным показателем является частица – to. Инфинитив имеет следующие формы.

Forms Active voice Passive voice

Simple to translate to be translated

Continuous to be translating –

Perfect to have translated to have been translated

Perfect Continuous to have been translating –

Simple Infinitiveобозначает действие, одновременное действию, выраженному глаголом-сказуемым. I am glad to see you. Рад тебя видеть.

Continuous Infinitive – обозначает действие, которое развивается одновременно с действием, выраженным глаголом - сказуемым. It is pleasant to be walking along the shady alley. Приятно идти по тенистой аллее.

Perfect Infinitive обозначает действие, которое предшествовало действию, выраженному глаголом-сказуемым. I am sorry not to have helped you. Мне жаль, что не смог тебе помочь.

Perfect Continuous Infinitive – обозначает действие, которое длилось в течение определенного периода времени до настоящего момента. It seems to have been raining since the very morning. Кажется, дождь идет с самого утра.

Passive Infinitive – инфинитив переходных глаголов имеет две формы пассивного залога (Simple and Perfect). В отрицательных предложениях перед инфинитивом ставится – not. We decided not to go out because of the weather. Мы решили не гулять из-за погоды.


Инфинитив без частицы – to.

Употребление. Используется в следующих случаях.

После вспомогательных глаголов. I don't understand. Я не понимаю.

После модальных глаголов. If one cannot have what one loves, one must love what one has. Если не можешь иметь то, что любишь, то люби то, что имеешь.

После глаголов чувственного восприятия. I never saw you look so well before. Я никогда не видел Вас таким раньше.

После глагола to let. Let us be friends. Давайте будем друзьями.

После глагола to make (заставлять). What makes you think so? Что заставляет Вас думать так?

После конструкций had better, would rather, would sooner. You' d better go to bed. Вам лучше бы пойти в постель.


Функции инфинитива в предложении. В простейших случаях английский инфинитив не отличается от русского.

Если инфинитив стоит в начале предложения, а за ним стоит сказуемое, то он выполняет функцию подлежащего и переводится на русский язык инфинитивом или существительным. То read is useful. Читать полезно.

Инфинитив выполняет функцию части составного именного сказуемого, если стоит после глагола to be, который переводится словами «состоит в том, чтобы», «заключается в том, чтобы» или вообще не переводится. The purpose of this test is to determine the mechanical characteristics of the material. Цель испытания – определить механические характеристики материала.

В сочетании с модальными глаголами и их эквивалентами инфинитив выполняет функцию части составного глагольного сказуемого. The design engineer must consider many factors. Инженер-конструктор должен учитывать многие факторы.

Инфинитив, стоящий после сказуемого или косвенного дополнения, выступает в функции прямого дополнения. I like to read. Я люблю читать.


Oсновные особенности, отличающие английский инфинитив от русского. Это представляет трудности при переводе.

Инфинитив, стоящий в начале предложения до группы подлежащего или после сказуемого, выполняет функцию обстоятельства цели и переводится на русский язык придаточным предложением с союзами «чтобы», «для того, чтобы». Laws were not made to be broken. Законы созданы не для того, чтобы их нарушать.

Инфинитив цели может вводиться словами in order to, so as. Sometimes you retreat in order to advance. Иногда нужно отступить, чтобы продвинуться вперед.

Инфинитив в роли определения, стоящего после определяемого слова, чаще бывает в форме пассивного залога и переводится на русский язык придаточным определительным предложением с оттенком будущности и модальности. The strengh of radio waves to be measured is expressed in microvolts. Сила радиоволн, которая должна быть измерена, выражается в микровольтах.


The Infinitive Constructions.

В научной литературе встречаются также инфинитивные обороты двух типов.

Complex Object.

Употребление. Сложное дополнение используется в научной литературе для соединения двух простых предложений, например, по формуле: Smb. did smth. + I saw this = I saw smb. do smth.

I saw him cross the street. Я видел, как он переходил улицу.

The scientist consider the sun to emit radio signals. Ученые считают, что солнце испускает радиосигналы.

В таких оборотах используются глаголы: see, hear, feel, notice, smell, find, know, think. На русский язык придаточное предложение переводится с помощью союзов «как, что». После глаголов want, wish при переводе придаточное предложение начинается с союза «чтобы»: I want smb to do smth. I want him to open the door. Я хочу чтобы он открыл дверь.

Complex Subject.

Употребление. Сложное подлежащее состоит из подлежащего, выраженного существительным в общем падеже или местоимением в именительном падеже и инфинитива. Между компонентами оборота стоит сказуемое, которое может быть выражено следующими четырьмя способами.

Глаголом в форме страдательного залога, например, is said – говорят, is known – известно, is supposed – предполагают, is believed – полагают, is assumed – предполагают, is thought – думают, is considered – считают, is found – обнаружено.

These tubes are said to give considerable economy. Говорят, что эти лампы дают значительную экономию.

Глаголами в форме активного залога, например, to seem, to appear, to prove, to happen. Перевод начинается с вводного слова «кажется, оказывается». Не seems to know English. Кажется, он знает английский.

Инфинитив употребляется со словосочетаниями to be likely, to be unlikely, to be certain, to be sure (вероятно, похоже, наверняка). He is likely to know English. Вероятно, он знает английский.

Инфинитив с for. Аналогичной конструкции в русском языке нет, поэтому она представляет некоторую трудность для понимания. It is not unusual for restored cars to sell for more than they did when new. Для реставрированных машин не является необычным тот факт, что они продаются дороже, чем стоили, когда были новыми.


Grammar tasks


Test А. Translate the sentences into Russian.

We’ll consider the formula to be used in our calculations. Computer science is to be regarded as one the most important discipline in technical university. We listened to the professor deliver a lecture. We expect this profile to be next month. The Arabs were the first to develop the principles of cryptography. To translate this article is difficult. The first step in performing encryption is to locate the two letters from the plaintext into the matrix.


Test B. Find the infinitive and the Complex Infinitive Constructions. Translate the sentences into Russian.

The only thing for you to do is to use this algorithm. Todygiu was the first student do the task. The teacher made the students do the task. The ciphers of this sort are unlikely to be secure. To approach the acceptable level of security, the route should be much more complicated. The order of the columns to be written is determined by the key. This block size is likely to increase to 128 bits. Everybody knows plaintext to be the source of information to be secured.


Теst С. Translate into English.

1. Делегация, которую нужно встретить, состоит из студентов и преподавателей.

2. Мы знаем, что первыми, кто использовал шифр, были спартанцы.

3. Л. Б. Альберти известен тем, что он изобрел шифровальный диск.

4. Чтобы читать статьи на английском языке, студенты должны знать термины.

5. Кажется, он не понимает вопросов.

6. Работа, которую нужно завершить, была очень сложной.

7. Для греков простая замена или перестановка букв в посланиях не была чем-то необычным.

8. Целью этого эксперимента было создание новых шифров.

9. Для обнаружения вируса необходимо использовать комплекс программ.

10. Я хочу, чтобы Вы представили свою разработку на конференции.

11. Говорят, что этот вирус заразил каждый пятый компьютер в мире.

12. Этот алгоритм создан для того, чтобы синтезировать речь.


Communication.

Job Interview.

Participants.

Staff Manager.

Candidate 1.

Candidate 2.

Top Manager.

Staff Manager. You’re interested in hiring a young and enthusiastic person. Think of your requirements and questions which will clear out the suitable candidate. Give the comments of your choice.

Candidate 1. You’ve just graduated from … university. You feel quite well-prepared theoretically for the job and have lots of plans. Think and be ready to present your advantages and ideas.

Candidate 2. You’ve got some job experience and good recommendations from your previous job. You’re very good at doing practical work. Think of the details and be ready to present your advantages.

Top Manager. You have to choose the most suitable candidate. Think of your requirements and questions to the candidates. Be ready to test their knowledge and professional skills and comment on your choice.


Writing.

Curriculum Vitae

Name Surname

Personal Information

Address

Telephone home:

mobile

Nationality

Marital status

Date of birth

Email

Career history


Education


Languages


Computer skills


Additional information


Additional Vocabulary.

  1. dedicated private line – частная сеть для специальных целей

  2. host network – хост-сеть

  3. host server - хост-сервер, основной сервер

  4. proprietary data - собственные данные

  5. malware – обеспечение, созданное злоумышленно

  6. Wi-Fi access point – точка доступа к Wi-Fi

  7. blocking snooping – блокирование слежения

  8. Packet sniffing - контроль сообщений, передаваемых по сети связи, с целью выявления конфиденциальной информации

  9. blocking identity spoofing - блокирование маскировки злоумышленника под законного пользователя

  10. network stack - стековое запоминающее устройство

  11. application session –соединение приложений

  12. thin client laptop – компьютер простого клиента

  13. Port forwarding - передача на мобильную радиотелефонную станцию

  14. retinal pattern – изображение сетчатки глаза, узор сетчатки глаза

  15. iris pattern – узор, изображение радужной оболочки глаза



Unit 9. Firewall.

Vocabulary


What do the following terms and word combinations mean?

Software firewall, hardware firewall, local firewall, distributed firewall, functional layer, packet filter, application layer server, session layer gateway, outside hub, IP-address, source port number, destination port number, flag, chart a table of filtering rules, packet proceeding, information outflow, net configuration, traffic filtering.

Texts

Pre-reading task.

Do you use firewall? Which one?

Where are firewalls to be used?

What are the criteria of choosing a firewall?

Text 1. Personal firewall.

Problem of information security in global network is very important today because a lot of personal computers have connection to Internet. This problem can be solved by means of using personal firewall. Firewall is a system which allows dividing network by several parts, and realizing a set of rules determining conditions of information between these parts.

Firewalls can be classified by implementation as software, hardware and mixed type; or by component model as local and distributed. But classification by function layer is the most useful. Here we can determine three types of firewalls: packet filters, application layer servers and session layer gateways.

Session layer gateway represents system translating connections outside. User process connects to firewall when access is gaining. Then firewall connects to outside hub. During the work firewall duplicates incoming and outgoing information. Such system is low efficient and doesn’t grant new network services protection.

Application layer server represents mediator between user process and required service. It passes through all traffic and takes a decision about its safety according to security policy. Such firewall is also low efficient and very expensive.

Packet filtering lies in taking decision of gating or not one or another packet on basis of information about IP-address, source and destination port numbers, flags. Administrator’s task involves charting table of filtering rules. This system has high speed of packet proceeding and low cost.

But independently from type firewall must block all known attacks types. Also it must prevent information outflow if harmful code has already penetrated into computer. Control of access to internet-resources is the best way to save labour time of staff.

The most convenient way to prevent access to undesirable internet-resources and to block external attacks lies in packet filtering. Packet filter is configured to filter incoming and outgoing packets on the basis of information containing in TCP and IP headers. This technology is used because rules of filtering can be configured flexible and speed of packet processing is high. Main disadvantage of packet filter is visibility of net configuration from the internet. But this fact is not relevant for personal computer.

There are two methods of traffic filtering. First method lies in developing user application without creating network protocol driver. Such filters are simple in realization, but they don’t grant adequate protection.

Another method of traffic filtering adverts directly to core. There are several technologies in this group, but we’ve chosen TDI-filter. Such personal firewall represents packet filter and consists of driver and application program.

Driver realizes functions of Transport Data Interface (TDI) and intercepts all addresses to original TCP driver to store information about existing connections. Transport Data Interface represents unified program interface for interconnection between transport drivers (TCP driver, for example) and TDI-clients (servers, network interfaces emulators, redirectors). TDI makes TDI-clients independent from used transport protocols.

Application program reflects information about rules and packets and realizes simple user interface. This program receives information about blocked packets from driver. Information exchange between driver and application program is realized by means of standard functions of Win32 Application Programming Interface.

Table 1. Characteristics of Firewalls


Product

ZoneAlarm

Pro

Sygate Personal Firewall

Outpost

Firewall

Pro

eSafe

Desktop

Norton

Internet

Security

Tiny

Personal

Firewall

Web-site

zonelabs.

com

sygate.com

agnitum.

com




symantec.

com

tinysoft-

ware.com

Size, Mbite

3.8

5.9

5.3

1.5

73

4.1

Price, $

49,95

39,95

39,95

free

99,95

49

Built-in antivirus

-

-

-

-

+

+

Active content filtering in Web-traffic

+

-

+

+

+

+

Active content filtering in mail-traffic

-

-

+

-

+

+

ICS support

+

+

+

-

+

+

Nonvisibility mode of the computer in the network

+

+

+

-

+

+

User’s nonvisibility mode

+

-

+

+

+

-

Banners deleting

+

-

+

+

+

-

Access block to the forbidden hosts

-

-

+

-

+

-

Applications authentication

+

+

+

-

+

+

Plug-in support

-

-

+

-

+

-

Automatic upgrade

-

-

+

-

+

-

Protocol

+

+

+

+

+

+

Scanning detection

+

+

+

-

+

+

Attack detection

+

+

+

-

+

+

Remote administration

-

+

-

-

-

-

Configuration protection using passwords

+

-

+

+

+

+


What is Firewall?

How are the firewalls classified?

Which Firewall has the most advantages?


Text 2. Read the second part of the article and write its summary.

On occasion companies choose to implement a firewall based solely on a single machine, be it a router or host. More often than not, however, the stronger firewalls are composed of multiple parts. In this section, we'll take a look at what we consider the five most common types of firewall architectures: the screening router, the dual homed gateway, the screened gateway, the screened subnet, and the "belt-and-suspenders" firewall.

Screening Router

The simplest way to implement a firewall is by placing packet filters on the router itself. This architecture is completely transparent to all parties involved, but leaves us with a single point of failure. Moreover, since routers are primarily designed to route traffic, the default failure mode on routers is usually to pass traffic to another interface. (Although most routers include an implied".. and deny everything else" statement at the end of an access list, we are referring more to the possibility of a failure in the security mechanism.) If something were to happen to the router access control mechanism (such as the vulnerability found in one router vendor's software in early 1995), then the possibility would exist for unauthorized traffic to find its way into the network or for proprietary information to "leak" out of the network.

Moreover, screening routers tend to violate the choke point principle of firewalls. Although all traffic does pass through the router at one point or another, the router merely passes the traffic on to its ultimate destination. Each and every potential destination within the network, rather than just a single choke point, must therefore be secured. Although screening routers can be an important part of a firewall architecture, we don't consider them adequate firewall mechanisms on their own.

Dual-Homed Gateways

Another common architecture places a single machine with two networks as a dual-homed gateway. Such gateway can be used as a generic dual-homed gateway, as described earlier, in which all users must log in to the machine before proceeding on to the other network, or as a host for proxy servers, in which user accounts are not required.

From a "fail-safe" perspective, dual-homed gateways offer a step up from the simple screening router. Because most host-based systems such as these have packet forwarding disabled by default, passing traffic without configuring the host to do so is nearly impossible. As a result, the failure mode of dual-homed gateways is usually more robust than that of screening routers. Nevertheless, as we discussed earlier in this chapter, dual-homed gateways have certain feasibility and usability problems that don't always make them easy to use.

Screened Host Gateway

Now let's take a look at how hosts and routers can be used together in a firewall architecture. One of the most common combinations in use today is the screened host gateway.

In the screened host gateway scenario, the router is still the first line of defense. All packet filtering and access control is performed at the router. The router permits only that traffic that the policy explicitly identifies, and further restricts incoming connections to the host gateway. This gateway performs a number of functions:

1. It acts as the name server for the entire corporate network.

2. It serves as a "public" information server, offering Web and anonymous FTP access to the world.

3. It serves as a gateway from which external parties can communicate with internal machines.

It is fairly straightforward to implement public servers such as FTP, Web, and DNS, but this machine must have modified servers to handle other individual protocols such as incoming telnet and non anonymous FTP. These servers can be modified in one of two ways : they can be replaced with proxy servers, such as those described earlier, and they can be made capable of communicating with a separate authentication server. This architecture has two major drawbacks :

The gateway host must run a number of services, in order to be able to offer them to external users. if proxy servers are not used, user accounts must also be established on the gateway. Both of these items tend to create attractive targets to a potential intruder, who will now have additional passwords to try and guess, and additional services to try and break.

The gateway still provides a single point of failure - if anything were to happen to an individual service on the machine, such as a DNS server crash or a flaw in the Web server, then the entire Internet connection could be shut down or compromised.

Nevertheless, screened host gateways remain a popular implementation, since they allow companies to easily enforce various security policies in different directions without much inconvenience to internal users. Moreover, they are relatively easy to implement, using a standard router and a single host machine. Screened gateways provide a substantial improvement over both screening routers and dual homed gateways.

Screened Subnet

The screened subnet approach takes the idea of a screened host gateway one step further. The screening router is still present as the first point of entry into the corporate network, and screens incoming traffic between the Internet and the public hosts. Rather than a single gateway, as in the screened host gateway approach, however the functions of that gateway are spread among multiple hosts. One of the hosts could be a Web server, another could serve as the anonymous FTP server, and yet a third as the proxy server host, from which all connections to and from the internal corporate are made.

Functionally, the screened subnet is similar to the screened host gateway : the router protects the gateway from the Internet, and the gateway protects the internal network from the Internet and other public hosts. One distinct advantage that the subnet has over the screened gateway is that it is much easier to implement a screened subnet using "stripped down" hosts, that is, each host on the subnet can be configured to run only those services it is required to server, thus providing an intruder with fewer potential targets on each machine. Furthermore, the machines on the subnet can be made equally accessible to clients on the internal network as well as Internet-based clients.

The internal machines need not treat the machines on the subnet any differently than they would any other "external" machines on the Internet. In fact, if this approach is taken, a screened subnet can significantly increase the potential security of a network, as any compromise of an external machine (except, perhaps, for the gateway machine with the proxy servers running) is unlikely to provide access into the internal network.

Belt and Suspenders Approach

A final architecture takes the idea of the screened subnet and extend still another step further. The principles are the same as the subnet architecture : an external screening router protects "public" machines from the Internet. Instead of a gateway running proxy server software as well as protecting the internal network, however, those functions are split: the proxy server host now resides on the DMZ subnet, while an internal screening router serves to protect the internal network from the public machines. This architecture is often called the "belt-and-suspenders" architecture.

The belt-and-suspenders architecture is only subtly different from the screened subnet, but the difference is important from a security point of view. Whereas the subnet relies on the proxy servers to perform all access control to and from the internal network, the belt-and-suspenders approach relies on the proxy server as the first line of authentication defense, but the internal router serves to back up the server, as well as to protect the internal network from the machines on the public network.




Vocabulary tasks

Give as many word combinations as possible and translate them.

Layer


What do the following abbreviations from Text 1 mean?

IP, TDI, TCP, ICS


Give your definitions to the following terms.

Function layer, packet filtering


Make the word combinations.

    1. packet a) firewall

    2. filtering b) proceeding

    3. information c) address

    4. traffic d) configuration

    5. session layer e) hub

    6. outside f) outflow

    7. functional g) gateway

    8. distributed h) rules

    9. net i) filtering

    10. IP j) layer



Translate into Russian the following passage.

When a user downloads a virus, worm or Trojan (or it penetrates a gateway security device), intrusion detection systems (IDSs) can issue alerts about those attacks and intrusion prevention systems (IPSs) can block them—if you

have enough confidence in the detection signature and if these in-line devices are on the same segment as the security breach. However, these solutions don’t effectively address non-signature threats or mitigate a network-wide outbreak.

Furthermore, a greater threat to businesses is posed by non-signature-based malicious or accidental threats such as multiple files sent to an outside e-mail address by an employee preparing to resign or music file sharing that not only

uses corporate assets but also opens that employee’s entire C: drive. These are much harder to detect and defend against.

Another area of continued concern for enterprises is the loss of intellectual property and customer record data.

Recognizing the need to protect business assets, almost 38% of large enterprises have deployed intellectual property protection solutions. According to the Yankee Group 2005 Security Leaders and Laggards Survey, another 39% plan to deploy within the next 12 months, which indicates users’ willingness to try new methods to resolve their security issues.

Network behavior analysis (NBA) systems not only help to proactively prevent internal security threats, they also offer protection against misuse of business resources. The technology complements IDS and IPS signature-based threats: The IDS lets IT staff know what threats made it through the firewall, while the IPS goes a step further and can block many attack attempts. NBA monitors inappropriate access, file sharing and other unusual activity such as

more transfers of account records than usual.


Complete the text by translating Russian phrases given in brackets.

Like every other component or device in your network, firewalls also (1 необходимо модернизировать ) so that they can continue to perform and respond to new threats.

Not that you should be pessimist, but (2 если Вы считаете, что Ваш межсетевой экран устарел еще в тот день, когда Вы его установили), you will be more able to cope with the constant need to update and cover the new services under your firewall, sometimes, if you have a packet filtering firewall, you may even need to recycle it.

Of course, (3 Вам нужен доступ к Интернет-почте и новостям), vendors, and other users to be a part of the dialog about changes in network security practices. Just as with application upgrades, (4 необходимо добавить новую услугу в Вашу сеть) the day it is issued from the vendors. (5 безопаснее немного подождать и понаблюдать) while the market “shakes out“ the bugs and (6 и будут разработаны новые стратегии безопасности). But without a doubt, (7 Ваш межсетевой экран не вечен), and eventually you will need to recycle it, update it to say the least.


Translate into English the following passage.

Для эффективного построения распределенных информационных технологий необходимо участие пользователя в функциях, выполняемых в распределенных устройствах, часто удаленных от места положения самого пользователя. В связи с этим встает задача идентификации и аутентификации пользователей в различных компонентах распределенной системы и программной инфраструктуры в зависимости от выполняемых бизнес-процессов. Существует классификация взаимодействия различных пользователей, которая требует различных решений по идентификации и аутентификации и защите информации в целом. Для служащих компании аутентификация должна позволить обеспечить доступ к различным распределенным приложениям, обеспечивая интеграцию различных приложений и в то же время устанавливая заданные требования по безопасности (В2Е).

Для покупателей и пользователей услуг идентификация и аутентификация должны позволять обеспечить доступ к услугам информационной системы при обеспечении заданных требований по безопасности (В2С). Для бизнес-партнеров идентификация и аутентификация в распределенной системе должны обеспечивать требуемые партнерские отношения и одновременно уменьшить риск от враждебных транзакций (В2В). В различных источниках описано множество примеров развития требований к идентификации и аутентификации в связи с совершенствованием информационных технологий и расширением электронного бизнеса.


Grammar

The
1   ...   6   7   8   9   10   11   12   13   ...   16

Похожие:

Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconУчебно-методическое пособие по формированию компетенции в грамматике (английский язык)
Пособие для самостоятельной работы студентов 3 – 4 курсов (бакалавриат). – Таганрог: Изд-во тти, 2008. – 100 с
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconВведение в профессию комплект методического обеспечения учебно-методическое пособие
Учебно-методическое пособие предназначено для преподавателей, студентов, аспирантов
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconСоциология Учебно-методическое пособие для студентов Казань 2010 удк 005 101 1701841 ббк 60 5 (Я 7) Печатается по решению предметно-проблемного совета гуманитарных и социально-экономических дисциплин
Учебно-методическое пособие предназначено для студентов дневной и заочной формы обучения, преподавателей и аспирантов
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconУчебно-методическое пособие по курсу «Рентгенографический анализ» Казань, 2010
Методическое пособие предназначено для студентов и аспирантов геологического факультета
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconУчебно-методическое пособие Ярославль, 2009 Скопин А. А., Разработка и технологии производства рекламного продукта: Учебно-методическое пособие. Ярославль, «Ремдер», 2009 118 с
Учебное пособие предназначено для студентов, аспирантов, преподавателей. Актуальность рассматриваемых вопросов делает пособие привлекательным...
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconУчебно-методическое пособие для аспирантов
Английский язык для аспирантов = English for Post-Graduates / Учеб метод пособие для аспирантов / Авт сост.: О. И. Васючкова, Н....
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconУчебно-методическое пособие по курсу Технико-экономическое проектирование для студентов специальности 22. 01
Учебно – методическое пособие по курсу “Технико-экономическое проектирование”. Сост. Ю. В. Брусницын, А. Н. Гармаш. Таганрог, трту,...
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconУчебно-методическое пособие Казань 2008 федеральное агентство по образованию государственное образовательное учреждение высшего профессионального образования
Полевая археологическая практика Казанского государственного университета: Учебно-методическое пособие для студентов, обучающихся...
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconМетодическое пособие для аспирантов и студентов всех форм обучения Иркутск 2008
Методическое пособие предназначено для аспирантов и студентов всех специальностей и форм обучения. В нем разъясняются важные узловые...
Учебно-методическое пособие Для студентов, аспирантов Таганрог 2008 iconМетодическое пособие для аспирантов и студентов всех форм обучения Иркутск 2008
Методическое пособие предназначено для аспирантов и студентов всех специальностей и форм обучения. В нем разъясняются важные узловые...
Разместите кнопку на своём сайте:
Библиотека


База данных защищена авторским правом ©lib.znate.ru 2014
обратиться к администрации
Библиотека
Главная страница