The National Academies Press

Currently Skimming:

Cybercrime and the Training of Specialists to Combat It in Russia
Pages 197-206

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 197... ... All previous key inventions such as the telegraph, telephone, radio, television, and computer only paved the way for the unprecedented integration that is under way. In our times, global cyberspace -- the worldwide Internet -- simultaneously represents a repository for a colossal amount of information, a means of global broadcasting, and a medium for cooperation and human communication encompassing the entire world. Read the entire page →
From page 198... ... In the face of harsh competition, companies are forced to shift a large portion of their business communications onto the Internet, which makes them vulnerable to criminals unless matters of information protection are handled appropriately. The world community has fully realized the potential consequences of the threat of cybercrime, and in this regard representatives of the European Union member states, the United States, Canada, and Japan signed the International Convention on Cybercrime in November 2001. Read the entire page →
From page 199... ... Also arising last year was a trend for the use of the Internet as an auditorium to shape public opinion and exert pressure on private individuals and officials by spreading information damaging honor and impugning dignity or by disseminating citizens' personal or family secrets. In one example the authorities halted the activities of a perpetrator who had posted an Internet site with intentionally libelous materials regarding the president of the Russian Federation and statements insulting his honor and dignity. Read the entire page →
From page 200... ... The main element of the cyberterrorist's tactics is to ensure that the crime has maximally dangerous consequences and broad public resonance and creates an atmosphere that threatens repetition of the terrorist act without specifying a specific target of attack. The experience of the Russian Federation shows that the motives of cybercrimes are changing. Read the entire page →
From page 201... ... These include intrusion detection systems, public key infrastructure, virtual private networks, antivirus software, cryptographic systems, identification and authentication systems, security scanners, and so forth. Firewalls hold an important place among these technologies, and their adequate application can substantially reduce risks associated with unauthorized access to data. Read the entire page →
From page 202... ... THE TRAINING OF HIGHLY QUALIFIED INFORMATION SECURITY SPECIALISTS IN THE RUSSIAN FEDERATION Only a major leading university with the appropriate educational, methodological, and technical base is capable of training highly qualified specialists able to accomplish the task of ensuring comprehensive information security. The educational objectives for specialists of this type at Bauman Moscow State Technical University are as follows: Read the entire page →
From page 203... ... CYBERCRIME AND THE TRAINING OF SPECIALISTS TO COMBAT IT IN RUSSIA 203 � theoretical foundations for the engineering-technical protection of information � methodological support for the engineering-technical protection of information � creation and operating principles of information systems and networks (ISN) � methodologies for designing, building, and operating secure ISNs � criteria and methods for evaluating the security of ISNs � means and methods of unauthorized access to ISN information � architecture of protected computer networks � software, hardware, and technical means of creating protected networks � principles of building and managing protected networks � rules for the organizational, technical, and legal protection of information � use of software and hardware technologies for protecting information � construction and operation of protected databases � systematic approach to the problem of protecting information in database management systems � mechanisms for protecting information in databases and database management systems and opportunities for overcoming them � conceptions of the engineering-technical protection of information � physical foundations for the engineering-technical protection of information � organizational foundations for the engineering-technical protection of information As a result of their training in this discipline, specialists must understand the following: � promising areas for the development of computer security theory � methods for analyzing information security threats � architecture of secure ISNs � principles for constructing secure systems � typical attacks on secure ISNs � promising areas for the development of network security technologies � current problems in information security science and the role and place of information protection in networks when addressing comprehensive information security problems They must know the following: � methodological and technological foundations of comprehensive security for ISNs � threats and methods of violating ISN security Read the entire page →
From page 204... ... 204 COUNTERING URBAN TERRORISM IN RUSSIA AND THE UNITED STATES � formal models lying at the foundation of ISN protection systems � standards for evaluating ISN security and their theoretical foundations � methods and means of building and operating secure ISNs � methods and means of verifying and analyzing the reliability of secure ISNs � methodological and technological foundations for ensuring the information security of network-automated systems � threats and methods of violating the information security of networkautomated systems � physical processes in technical means and systems that lead to leakage of secure information � typical models of attacks aimed at overcoming the protection of networkautomated systems, conditions under which they might be carried out, possible consequences, and means of prevention � role of the human factor in ensuring network security � possibilities, means, and rules for applying basic software and hardware means of protecting information in networks � principles for the operation of basic secure network protocols � foundations for the application of firewalls for network protection � rules for setting network security policy � standards for evaluating secure network systems and their theoretical foundations � methods and means of designing, constructing, and evaluating secure network systems � conception of the engineering-technical protection of information � basic principles and methods of information protection � basic guiding and regulatory documents on the engineering-technical protection of information � procedures for organizing the engineering-technical protection of information They must know how to � analyze ISNs from the standpoint of ensuring computer security � develop security models and policies using well-known approaches, methods, means, and theoretical foundations � apply standards for evaluating the security of ISNs in analyzing and designing information security systems for them � implement information protection systems in ISNs in accordance with standards for evaluating ISN security � analyze network automated systems from the standpoint of ensuring information security Read the entire page →
From page 205... ... CYBERCRIME AND THE TRAINING OF SPECIALISTS TO COMBAT IT IN RUSSIA 205 � develop network security models and policies using well-known approaches, methods, means, and theoretical foundations � apply standards for evaluating secure network systems in analyzing and designing systems to protect information in automated systems � apply secure protocols and firewalls necessary for implementing information security systems in networks � take measures to counter network security threats using various software and hardware means of security in accordance with rules for their application � create information security systems in automated systems in accordance with standards for assessing system security � identify threats and technical channels for information leakage � describe (model) security targets and information security threats � apply the most effective methods and means of engineering-technical protection for information � monitor the effectiveness of security measures They must have the following skills: � work with ISNs for distributed computing and information processing � work with ISN documentation � use of criteria for evaluating ISN security � construction of formal models of ISN information security systems � construction and operation of computer networks � design of secure networks � comprehensive analysis and evaluation of network security � work with means of interface support with various categories of database management system users � work with database management systems on various platforms � develop and manage databases � work with means of ensuring database management system integrity � work with means of ensuring database confidentiality � work as database security administrator � device-based evaluation of the energy parameters of side radiation from technical means and systems � engineering calculation of the parameters of the controlled zone By completing their studies at the university, the specialists acquire theoretical information and practical skills in combating computer terrorism and can independently develop enterprise information security policies based on comprehensive integrated solutions, conduct scientific research, and develop new methods for countering cybercrime. Read the entire page →
From page 206... ... Themes for such plans could include the following: � organizing exchange programs for undergraduate and graduate students, instructors, and researchers in the leading higher educational institutions of the Russian Federation and the United States � creating a single conceptual framework, terms, and definitions regarding the development of means and systems for countering cybercrime and cyberterrorism � creating a set of recommendations for government legislative organs on studying and amending regulations and laws regarding this type of crime, including those governing international law enforcement activities � creating modern theoretical methods and applied technologies for detecting and deterring network attacks and neutralizing criminal impacts on information resources Read the entire page →

From page 197...

... All previous key inventions such as the telegraph, telephone, radio, television, and computer only paved the way for the unprecedented integration that is under way. In our times, global cyberspace -- the worldwide Internet -- simultaneously represents a repository for a colossal amount of information, a means of global broadcasting, and a medium for cooperation and human communication encompassing the entire world.

Read the entire page →

From page 198...

... In the face of harsh competition, companies are forced to shift a large portion of their business communications onto the Internet, which makes them vulnerable to criminals unless matters of information protection are handled appropriately. The world community has fully realized the potential consequences of the threat of cybercrime, and in this regard representatives of the European Union member states, the United States, Canada, and Japan signed the International Convention on Cybercrime in November 2001.

Read the entire page →

From page 199...

... Also arising last year was a trend for the use of the Internet as an auditorium to shape public opinion and exert pressure on private individuals and officials by spreading information damaging honor and impugning dignity or by disseminating citizens' personal or family secrets. In one example the authorities halted the activities of a perpetrator who had posted an Internet site with intentionally libelous materials regarding the president of the Russian Federation and statements insulting his honor and dignity.

Read the entire page →

From page 200...

... The main element of the cyberterrorist's tactics is to ensure that the crime has maximally dangerous consequences and broad public resonance and creates an atmosphere that threatens repetition of the terrorist act without specifying a specific target of attack. The experience of the Russian Federation shows that the motives of cybercrimes are changing.

Read the entire page →

From page 201...

... These include intrusion detection systems, public key infrastructure, virtual private networks, antivirus software, cryptographic systems, identification and authentication systems, security scanners, and so forth. Firewalls hold an important place among these technologies, and their adequate application can substantially reduce risks associated with unauthorized access to data.

Read the entire page →

From page 202...

... THE TRAINING OF HIGHLY QUALIFIED INFORMATION SECURITY SPECIALISTS IN THE RUSSIAN FEDERATION Only a major leading university with the appropriate educational, methodological, and technical base is capable of training highly qualified specialists able to accomplish the task of ensuring comprehensive information security. The educational objectives for specialists of this type at Bauman Moscow State Technical University are as follows:

Read the entire page →

From page 203...

... CYBERCRIME AND THE TRAINING OF SPECIALISTS TO COMBAT IT IN RUSSIA 203 � theoretical foundations for the engineering-technical protection of information � methodological support for the engineering-technical protection of information � creation and operating principles of information systems and networks (ISN) � methodologies for designing, building, and operating secure ISNs � criteria and methods for evaluating the security of ISNs � means and methods of unauthorized access to ISN information � architecture of protected computer networks � software, hardware, and technical means of creating protected networks � principles of building and managing protected networks � rules for the organizational, technical, and legal protection of information � use of software and hardware technologies for protecting information � construction and operation of protected databases � systematic approach to the problem of protecting information in database management systems � mechanisms for protecting information in databases and database management systems and opportunities for overcoming them � conceptions of the engineering-technical protection of information � physical foundations for the engineering-technical protection of information � organizational foundations for the engineering-technical protection of information As a result of their training in this discipline, specialists must understand the following: � promising areas for the development of computer security theory � methods for analyzing information security threats � architecture of secure ISNs � principles for constructing secure systems � typical attacks on secure ISNs � promising areas for the development of network security technologies � current problems in information security science and the role and place of information protection in networks when addressing comprehensive information security problems They must know the following: � methodological and technological foundations of comprehensive security for ISNs � threats and methods of violating ISN security

Read the entire page →

From page 204...

... 204 COUNTERING URBAN TERRORISM IN RUSSIA AND THE UNITED STATES � formal models lying at the foundation of ISN protection systems � standards for evaluating ISN security and their theoretical foundations � methods and means of building and operating secure ISNs � methods and means of verifying and analyzing the reliability of secure ISNs � methodological and technological foundations for ensuring the information security of network-automated systems � threats and methods of violating the information security of networkautomated systems � physical processes in technical means and systems that lead to leakage of secure information � typical models of attacks aimed at overcoming the protection of networkautomated systems, conditions under which they might be carried out, possible consequences, and means of prevention � role of the human factor in ensuring network security � possibilities, means, and rules for applying basic software and hardware means of protecting information in networks � principles for the operation of basic secure network protocols � foundations for the application of firewalls for network protection � rules for setting network security policy � standards for evaluating secure network systems and their theoretical foundations � methods and means of designing, constructing, and evaluating secure network systems � conception of the engineering-technical protection of information � basic principles and methods of information protection � basic guiding and regulatory documents on the engineering-technical protection of information � procedures for organizing the engineering-technical protection of information They must know how to � analyze ISNs from the standpoint of ensuring computer security � develop security models and policies using well-known approaches, methods, means, and theoretical foundations � apply standards for evaluating the security of ISNs in analyzing and designing information security systems for them � implement information protection systems in ISNs in accordance with standards for evaluating ISN security � analyze network automated systems from the standpoint of ensuring information security

Read the entire page →

From page 205...

... CYBERCRIME AND THE TRAINING OF SPECIALISTS TO COMBAT IT IN RUSSIA 205 � develop network security models and policies using well-known approaches, methods, means, and theoretical foundations � apply standards for evaluating secure network systems in analyzing and designing systems to protect information in automated systems � apply secure protocols and firewalls necessary for implementing information security systems in networks � take measures to counter network security threats using various software and hardware means of security in accordance with rules for their application � create information security systems in automated systems in accordance with standards for assessing system security � identify threats and technical channels for information leakage � describe (model) security targets and information security threats � apply the most effective methods and means of engineering-technical protection for information � monitor the effectiveness of security measures They must have the following skills: � work with ISNs for distributed computing and information processing � work with ISN documentation � use of criteria for evaluating ISN security � construction of formal models of ISN information security systems � construction and operation of computer networks � design of secure networks � comprehensive analysis and evaluation of network security � work with means of interface support with various categories of database management system users � work with database management systems on various platforms � develop and manage databases � work with means of ensuring database management system integrity � work with means of ensuring database confidentiality � work as database security administrator � device-based evaluation of the energy parameters of side radiation from technical means and systems � engineering calculation of the parameters of the controlled zone By completing their studies at the university, the specialists acquire theoretical information and practical skills in combating computer terrorism and can independently develop enterprise information security policies based on comprehensive integrated solutions, conduct scientific research, and develop new methods for countering cybercrime.

Read the entire page →

From page 206...

... Themes for such plans could include the following: � organizing exchange programs for undergraduate and graduate students, instructors, and researchers in the leading higher educational institutions of the Russian Federation and the United States � creating a single conceptual framework, terms, and definitions regarding the development of means and systems for countering cybercrime and cyberterrorism � creating a set of recommendations for government legislative organs on studying and amending regulations and laws regarding this type of crime, including those governing international law enforcement activities � creating modern theoretical methods and applied technologies for detecting and deterring network attacks and neutralizing criminal impacts on information resources

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

Cybercrime and the Training of Specialists to Combat It in Russia Pages 197-206

Cybercrime and the Training of Specialists to Combat It in Russia
Pages 197-206