The National Academies Press

Currently Skimming:

Cybercrime and the Training of Specialists to Combat It in Russia--Nikolay V. Medvedev
Pages 237-246

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 237... ... All previous key inventions such as the telegraph, telephone, radio, television, and computer only paved the way for the unprecedented integration that is under way. In our times, global cyberspace -- the worldwide Internet -- simultaneously represents a repository for a colossal amount of information, a means of global broadcasting, and a medium for cooperation and human communication encompassing the entire world. Read the entire page →
From page 238... ... In the face of harsh competition, companies are forced to shift a large portion of their business communications onto the Internet, which makes them vulnerable to criminals unless matters of information protection are handled appropriately. The world community has fully realized the potential consequences of the threat of cybercrime, and in this regard representatives of the European Union member states, the United States, Canada, and Japan signed the International Convention on Cybercrime in November 2001. Read the entire page →
From page 239... ... During this past year, the Russian Federation significantly stepped up its efforts to stop the distribution of unlicensed software, thus making a worthy contribution to the world trend toward combating computer piracy. For example, 1,483 administrative violations were uncovered in the copyright area, and 216,635 compact discs with unlicensed software with a total value of more than 9 million rubles were confiscated by court order. Read the entire page →
From page 240... ... According to the common definition of terrorism, it is a conscious and directed use of violence or the threat of violence to force society, the state, or the government to comply with the political, ideological, religious, or economic goals of the terrorist organization. A terrorist act is a crime aimed at having an emotional impact on public opinion, engendering fear and panic in society, evoking distrust of power structures, and ultimately destabilizing the politicaleconomic situation in the country. Read the entire page →
From page 241... ... However, comprehensively deterring cyberthreats is possible by developing optimal information security policy consisting of a combination of passive and active methods of applying protection technologies. Read the entire page →
From page 242... ... THE TRAINING OF HIGHLY QUALIFIED INFORMATION SECURITY SPECIALISTS IN THE RUSSIAN FEDERATION Only a major leading university with the appropriate educational, methodological, and technical base is capable of training highly qualified specialists able to accomplish the task of ensuring comprehensive information security. The educational objectives for specialists of this type at Bauman Moscow State Technical University are as follows: Read the entire page →
From page 243... ... COUNTERING URBAN TERRORISM 243 • theoretical foundations for the engineering-technical protection of information • methodological support for the engineering-technical protection of information • creation and operating principles of information systems and networks (ISN) • methodologies for designing, building, and operating secure ISNs • criteria and methods for evaluating the security of ISNs • means and methods of unauthorized access to ISN information • architecture of protected computer networks • software, hardware, and technical means of creating protected networks • principles of building and managing protected networks • rules for the organizational, technical, and legal protection of information • use of software and hardware technologies for protecting information • construction and operation of protected databases • systematic approach to the problem of protecting information in database management systems • mechanisms for protecting information in databases and database management systems and opportunities for overcoming them • conceptions of the engineering-technical protection of information • physical foundations for the engineering-technical protection of information • organizational foundations for the engineering-technical protection of information As a result of their training in this discipline, specialists must understand the following: • promising areas for the development of computer security theory • methods for analyzing information security threats • architecture of secure ISNs • principles for constructing secure systems • typical attacks on secure ISNs • promising areas for the development of network security technologies • current problems in information security science and the role and place of information protection in networks when addressing comprehensive information security problems They must know the following: • methodological and technological foundations of comprehensive security for ISNs • threats and methods of violating ISN security Read the entire page →
From page 244... ... 244 RUSSIAN VIEWS ON COUNTERING TERRORISM • formal models lying at the foundation of ISN protection systems • standards for evaluating ISN security and their theoretical foundations • methods and means of building and operating secure ISNs • methods and means of verifying and analyzing the reliability of secure ISNs • methodological and technological foundations for ensuring the information security of network-automated systems • threats and methods of violating the information security of networkautomated systems • physical processes in technical means and systems that lead to leakage of secure information • typical models of attacks aimed at overcoming the protection of networkautomated systems, conditions under which they might be carried out, possible consequences, and means of prevention • role of the human factor in ensuring network security • possibilities, means, and rules for applying basic software and hardware means of protecting information in networks • principles for the operation of basic secure network protocols • foundations for the application of firewalls for network protection • rules for setting network security policy • standards for evaluating secure network systems and their theoretical foundations • methods and means of designing, constructing, and evaluating secure network systems • conception of the engineering-technical protection of information • basic principles and methods of information protection • basic guiding and regulatory documents on the engineering-technical protection of information • procedures for organizing the engineering-technical protection of information They must know how to • analyze ISNs from the standpoint of ensuring computer security • develop security models and policies using well-known approaches, methods, means, and theoretical foundations • apply standards for evaluating the security of ISNs in analyzing and designing information security systems for them • implement information protection systems in ISNs in accordance with standards for evaluating ISN security • analyze network automated systems from the standpoint of ensuring information security Read the entire page →
From page 245... ... COUNTERING URBAN TERRORISM 245 • develop network security models and policies using well-known approaches, methods, means, and theoretical foundations • apply standards for evaluating secure network systems in analyzing and designing systems to protect information in automated systems • apply secure protocols and firewalls necessary for implementing information security systems in networks • take measures to counter network security threats using various software and hardware means of security in accordance with rules for their application • create information security systems in automated systems in accordance with standards for assessing system security • identify threats and technical channels for information leakage • describe (model) security targets and information security threats • apply the most effective methods and means of engineering-technical protection for information • monitor the effectiveness of security measures They must have the following skills: • work with ISNs for distributed computing and information processing • work with ISN documentation • use of criteria for evaluating ISN security • construction of formal models of ISN information security systems • construction and operation of computer networks • design of secure networks • comprehensive analysis and evaluation of network security • work with means of interface support with various categories of database management system users • work with database management systems on various platforms • develop and manage databases • work with means of ensuring database management system integrity • work with means of ensuring database confidentiality • work as database security administrator • device-based evaluation of the energy parameters of side radiation from technical means and systems • engineering calculation of the parameters of the controlled zone By completing their studies at the university, the specialists acquire theoretical information and practical skills in combating computer terrorism and can independently develop enterprise information security policies based on comprehensive integrated solutions, conduct scientific research, and develop new methods for countering cybercrime. Read the entire page →
From page 246... ... Themes for such plans could include the following: • organizing exchange programs for undergraduate and graduate students, instructors, and researchers in the leading higher educational institutions of the Russian Federation and the United States • creating a single conceptual framework, terms, and definitions regarding the development of means and systems for countering cybercrime and cyberterrorism • creating a set of recommendations for government legislative organs on studying and amending regulations and laws regarding this type of crime, including those governing international law enforcement activities • creating modern theoretical methods and applied technologies for detecting and deterring network attacks and neutralizing criminal impacts on information resources Read the entire page →

From page 237...

... All previous key inventions such as the telegraph, telephone, radio, television, and computer only paved the way for the unprecedented integration that is under way. In our times, global cyberspace -- the worldwide Internet -- simultaneously represents a repository for a colossal amount of information, a means of global broadcasting, and a medium for cooperation and human communication encompassing the entire world.

Read the entire page →

From page 238...

... In the face of harsh competition, companies are forced to shift a large portion of their business communications onto the Internet, which makes them vulnerable to criminals unless matters of information protection are handled appropriately. The world community has fully realized the potential consequences of the threat of cybercrime, and in this regard representatives of the European Union member states, the United States, Canada, and Japan signed the International Convention on Cybercrime in November 2001.

Read the entire page →

From page 239...

... During this past year, the Russian Federation significantly stepped up its efforts to stop the distribution of unlicensed software, thus making a worthy contribution to the world trend toward combating computer piracy. For example, 1,483 administrative violations were uncovered in the copyright area, and 216,635 compact discs with unlicensed software with a total value of more than 9 million rubles were confiscated by court order.

Read the entire page →

From page 240...

... According to the common definition of terrorism, it is a conscious and directed use of violence or the threat of violence to force society, the state, or the government to comply with the political, ideological, religious, or economic goals of the terrorist organization. A terrorist act is a crime aimed at having an emotional impact on public opinion, engendering fear and panic in society, evoking distrust of power structures, and ultimately destabilizing the politicaleconomic situation in the country.

Read the entire page →

From page 241...

... However, comprehensively deterring cyberthreats is possible by developing optimal information security policy consisting of a combination of passive and active methods of applying protection technologies.

Read the entire page →

From page 242...

... THE TRAINING OF HIGHLY QUALIFIED INFORMATION SECURITY SPECIALISTS IN THE RUSSIAN FEDERATION Only a major leading university with the appropriate educational, methodological, and technical base is capable of training highly qualified specialists able to accomplish the task of ensuring comprehensive information security. The educational objectives for specialists of this type at Bauman Moscow State Technical University are as follows:

Read the entire page →

From page 243...

... COUNTERING URBAN TERRORISM 243 • theoretical foundations for the engineering-technical protection of information • methodological support for the engineering-technical protection of information • creation and operating principles of information systems and networks (ISN) • methodologies for designing, building, and operating secure ISNs • criteria and methods for evaluating the security of ISNs • means and methods of unauthorized access to ISN information • architecture of protected computer networks • software, hardware, and technical means of creating protected networks • principles of building and managing protected networks • rules for the organizational, technical, and legal protection of information • use of software and hardware technologies for protecting information • construction and operation of protected databases • systematic approach to the problem of protecting information in database management systems • mechanisms for protecting information in databases and database management systems and opportunities for overcoming them • conceptions of the engineering-technical protection of information • physical foundations for the engineering-technical protection of information • organizational foundations for the engineering-technical protection of information As a result of their training in this discipline, specialists must understand the following: • promising areas for the development of computer security theory • methods for analyzing information security threats • architecture of secure ISNs • principles for constructing secure systems • typical attacks on secure ISNs • promising areas for the development of network security technologies • current problems in information security science and the role and place of information protection in networks when addressing comprehensive information security problems They must know the following: • methodological and technological foundations of comprehensive security for ISNs • threats and methods of violating ISN security

Read the entire page →

From page 244...

... 244 RUSSIAN VIEWS ON COUNTERING TERRORISM • formal models lying at the foundation of ISN protection systems • standards for evaluating ISN security and their theoretical foundations • methods and means of building and operating secure ISNs • methods and means of verifying and analyzing the reliability of secure ISNs • methodological and technological foundations for ensuring the information security of network-automated systems • threats and methods of violating the information security of networkautomated systems • physical processes in technical means and systems that lead to leakage of secure information • typical models of attacks aimed at overcoming the protection of networkautomated systems, conditions under which they might be carried out, possible consequences, and means of prevention • role of the human factor in ensuring network security • possibilities, means, and rules for applying basic software and hardware means of protecting information in networks • principles for the operation of basic secure network protocols • foundations for the application of firewalls for network protection • rules for setting network security policy • standards for evaluating secure network systems and their theoretical foundations • methods and means of designing, constructing, and evaluating secure network systems • conception of the engineering-technical protection of information • basic principles and methods of information protection • basic guiding and regulatory documents on the engineering-technical protection of information • procedures for organizing the engineering-technical protection of information They must know how to • analyze ISNs from the standpoint of ensuring computer security • develop security models and policies using well-known approaches, methods, means, and theoretical foundations • apply standards for evaluating the security of ISNs in analyzing and designing information security systems for them • implement information protection systems in ISNs in accordance with standards for evaluating ISN security • analyze network automated systems from the standpoint of ensuring information security

Read the entire page →

From page 245...

... COUNTERING URBAN TERRORISM 245 • develop network security models and policies using well-known approaches, methods, means, and theoretical foundations • apply standards for evaluating secure network systems in analyzing and designing systems to protect information in automated systems • apply secure protocols and firewalls necessary for implementing information security systems in networks • take measures to counter network security threats using various software and hardware means of security in accordance with rules for their application • create information security systems in automated systems in accordance with standards for assessing system security • identify threats and technical channels for information leakage • describe (model) security targets and information security threats • apply the most effective methods and means of engineering-technical protection for information • monitor the effectiveness of security measures They must have the following skills: • work with ISNs for distributed computing and information processing • work with ISN documentation • use of criteria for evaluating ISN security • construction of formal models of ISN information security systems • construction and operation of computer networks • design of secure networks • comprehensive analysis and evaluation of network security • work with means of interface support with various categories of database management system users • work with database management systems on various platforms • develop and manage databases • work with means of ensuring database management system integrity • work with means of ensuring database confidentiality • work as database security administrator • device-based evaluation of the energy parameters of side radiation from technical means and systems • engineering calculation of the parameters of the controlled zone By completing their studies at the university, the specialists acquire theoretical information and practical skills in combating computer terrorism and can independently develop enterprise information security policies based on comprehensive integrated solutions, conduct scientific research, and develop new methods for countering cybercrime.

Read the entire page →

From page 246...

... Themes for such plans could include the following: • organizing exchange programs for undergraduate and graduate students, instructors, and researchers in the leading higher educational institutions of the Russian Federation and the United States • creating a single conceptual framework, terms, and definitions regarding the development of means and systems for countering cybercrime and cyberterrorism • creating a set of recommendations for government legislative organs on studying and amending regulations and laws regarding this type of crime, including those governing international law enforcement activities • creating modern theoretical methods and applied technologies for detecting and deterring network attacks and neutralizing criminal impacts on information resources

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

Cybercrime and the Training of Specialists to Combat It in Russia--Nikolay V. Medvedev Pages 237-246

Cybercrime and the Training of Specialists to Combat It in Russia--Nikolay V. Medvedev
Pages 237-246