Скачать 1.12 Mb.
|
Prevention of Computer Crimes in Banking Applying the modern technical means of the information security has become the significant element of the computer crime prevention in banking (prevention implies the access restriction or the use of the whole computer system or just part of it). The Regulations about technical information security in Russia indicates that technical information security with the restricted access in the automated systems and means of computer engineering is directed on preventing the disturbance of data integrity with the restricted access and its leaking in the way of:
The engineering information security with restricted access in the automated systems and means of computer engineering meant for forming, transferring, accepting, transforming, displaying and keeping some information is provided with a complex of designer, organizational programme and engineering measures at all stages of their creation and their work. The main methods and means of engineering information security with the restricted access in the automated systems and means of computer engineering are:
These measures can play serious generally preventive role in the fight with computer crimes at their skilful and comprehensive use. Taking into consideration the fact that the problem dealing with computer criminality and its preventive measures in banking in our country has been studied only since 90 years, and in some foreign countries this problem has been studied for a long time, we should learn the broad experience of these countries and put it into the domestic practice taking into account the acting normative and legal basis of Russia. There are main means of information security: physical measures, hardware means, software means, hardware and software means, cryptographic and organizational methods. The physical means of protection are the measures which are necessary for outer protection of a computer, the territory and the objects on the basis of computer engineering which are specially meant for creating the physical obstacles on possible ways of penetration and access of the potential infringes to the components of information systems and data which are under protection. The simplest and reliable method of information security from the threats of the unauthorized access is the regime of the independent use of a computer by one user in a specially meant room in the absence of unauthorized persons. In this case the specially set room plays the role of an exclusive circle of protection, and the physical security is windows, walls, a floor, a ceiling, a door. If the wall, the ceiling, the floor and the door are substantial, the floor has no hatches adjoining to other rooms, the windows and the door are supplied with a signaling system, then the stability of security will depend on the performance specification of a signaling system in the user’s absence in the off time. In the working time when a computer is on, the leak of information is possible through the channels of adjacent electromagnetic radiation. To prevent such a threat a special examination of means (a computer itself) and devices of electronic computer machinery (ЕCM) (a computer in a room specially marked out) is carried out. This examination implies a certification procedure and categorization of means and devices of ЕCM with issuing the corresponding operating permit. Moreover, the door of the room must be supplied with the mechanical or electromechanical lock. In some cases if there is no signaling system and the computer user is absent during a long period it is desirable to keep a system block and the machine information carriers in the safe to provide better safety. The use of a hardware password in the input/output system of BIOS in some computers, which disables loading and operating ECM, does not provide proper security against the threats of the unauthorized access, for the hardware element of the BIOS*carrier of a password can be substituted for another one alike in the absence of the mechanical lock on case of the system block and the absence of a user, as the clusters (blocks) of BIOS are unified and they have the certain password data. For this reason the mechanical lock disabling the process of a computer switching on and its loading is the most effective measure in this case. To provide security against the leakage the specialists suggest the mechanical attaching of a computer to the user’s table. Meanwhile it is necessary to keep in mind that in the absence of a signaling system ensuring constant access control to the room or to the safe the reliability of locks and attachments must be of the kind that the time the infringe needs to force them would not exceed the period when the computer user’s will be absent. If this kind of security is not provided, the signaling system is required without fail. The range of modern physical security means is very wide. This group of security means also includes various means of screening the workrooms and the data transmission channels. The hardware means of security are various electronic, mechanical and electronic means and other system devices which are embedded in the serial blocks of electronic systems of data processing and data transferring to provide internal security of computer facilities: terminals, devices of data input and output, processors, transmission links, etc. The main functions of hardware means of security are:
These functions are carried out in the way of:
The implementation of these functions is carried out with the help of applying various engineering devices of special purpose. In particular, they include:
The protection means of ports have some protective functions, in particular: 1) “a comparison of the code”. The computer of port security verifies the code of the authorized users with the code required “a disguise”. Some means of ports protection disguise the existence of ports on the line of a telephone link in the way of synthesizing a human voice which answers the calls of the viewer; 2) “a counter*bell”. In the memory of a means of ports protection not only access codes but also identification telephone numbers are kept; 3) input of the automatic “electronic record” of access to the computer system with fixing the main user’s operations. Software security means are necessary to accomplish logical and intellectual functions of security which embedded in the software tools of the system. There are some aims of the safety which are realized with the help of software security means:
The hardware and software security means are the means, which are based on the synthesis of program and hardware means. These means are widely used in authentication of users of the automated banking systems. Authentication is the inspection of the user’s identifier before its access to the system resource. The hardware and software safety means are also used at overlaying electronic and digital signatures of the accountable users. The use of smart cards containing passwords and users’ codes are widespread in the automated banking systems. The organizational security means of the computer information make up the set of measures concerning staff recruitment, inspection and training of the staff who participate in all stages of information process. The analysic of the material of criminal cases leads to the conclusion that the main reasons and conditions which make for committing computer crimes are mainly the following:
The experience of foreign countries testifies that the most effective security of information systems is bringing in the position of the specialist on computer safety or creating special services, both private and centralized ones depending on a particular situation. The availability of such a department (service) in a bank system according to the foreign specialists decreases two-fold the undertaking of crimes in the sphere of computer technologies. |
Учебно-методический комплекс по дисциплине «Иностранный язык» составлен... Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | Учебно-методический комплекс дисциплины дисциплина «иностранный язык» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | ||
Учебно-методический комплекс дисциплины «Иностранный язык» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | Учебно-методический комплекс дисциплины «Иностранный язык» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | ||
Учебно-методический комплекс дисциплины «Иностранный язык» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | Учебно-методический комплекс дисциплины «иностранный язык» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | ||
Учебно-методический комплекс дисциплины «иностранный язык (английский)» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | Учебно-методический комплекс дисциплины «Иностранный язык (английский)» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | ||
Учебно-методический комплекс дисциплины «иностранный (английский) язык» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | Учебно-методический комплекс «Иностранный язык» Специальность: 031001.... Учебно-методический комплекс «Иностранный язык» составлен в соответствии с требованиями Государственного образовательного стандарта... | ||
Учебно-методический комплекс дисциплины «иностранный язык» Учебно-методический комплекс составлен в соответствии с требованиями государственного образовательного стандарта высшего профессионального... | Учебно-методический комплекс дисциплины «Деловой иностранный язык» Учебно-методический комплекс дисциплины составлен в соответствии с требованиями государственного образовательного стандарта высшего... | ||
Учебно-методический комплекс дисциплины «иностранный (английский) язык» Учебно-методический комплекс дисциплины составлен в соответствии с требованиями государственного образовательного стандарта высшего... | Учебно-методический комплекс «Иностранный язык» Специальность: 080105.... Учебно-методический комплекс «Иностранный язык» составлен в соответствии с требованиями Государственного образовательного стандарта... | ||
Учебно-методический комплекс «Иностранный язык» Специальность: 080501.... Учебно-методический комплекс «Иностранный язык» составлен в соответствии с требованиями Государственного образовательного стандарта... | Учебно-методический комплекс дисциплины иностранный язык 090104.... Учебно-методический комплекс дисциплины составлен в соответствии с требованиями государственного образовательного стандарта высшего... |