2020-04-12
525
For over twenty years, information security has held confidentiality, integrity and availability (known as the CIA triad) to be the core principles of information security. There is continuous debate about extending this classic trio.
Other principles such as Accountability have sometimes been proposed for addition. It has been pointed out that issues such as Non-Repudiation do not fit well within the three core concepts, and as regulation of computer systems has increased (particularly amongst the Western nations) Legality is becoming a key consideration for practical security installations in 1992.
In 2002 the OECD's Guidelines for the Security of Information Systems and Networks proposed the nine generally accepted principles: Awareness, Responsibility, Response, Ethics, Democracy, Risk Assessment, Security Design and Implementation, Security Management, and Reassessment. Based upon those, in 2004 the NIST's Engineering Principles for Information Technology Security proposed principles. From each of these derived guidelines and practices in 2002, Donn Parker proposed an alternative model for the classic CIA triad that he called the six atomic elements of information.
The elements are confidentiality, possession, integrity, authenticity, availability, and utility.
Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems. For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network.
The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred. Breaches of confidentiality take many forms.
|
|
|
Permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it could be a breach of confidentiality. If a laptop computer containing sensitive information about a company's employees is stolen or sold, it could result in a breach of confidentiality.
Giving out confidential information over the telephone is a breach of confidentiality if the caller is not authorized to have the information. Confidentiality is necessary (but not sufficient) for maintaining the privacy of the people whose personal information a system holds.
In information security, integrity means that data cannot be modified undetectably. This is not the same thing as referential integrity in databases, although it can be viewed as a special case of Consistency as understood in the classic ACID model of transaction processing.
Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality.
For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks.
In computing, e-business and information security it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine. It is also important for authenticity to validate that both parties involved are who they claim they are.
In law, non-repudiation implies one's intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction.
Electronic commerce uses technology such as digital signatures and public key encryption to establish authenticity and non-repudiation.
Notes
1. Non-repudiation – с невозможностью отказа от авторства когда невозможно заявить, что вы не посылали какое-либо сообщение. Например, если в нём присутствует ваша цифровая подпись.
2. OECD – Organization for Economic Cooperation and Development (Организация экономического сотрудничества и развития, ОЭСР).
|
|
|
3. NIST – National Institute of Standards and Technology (Национальный институт стандартов и технологий США).
4. CIA – Central Intelligence Agency (Центральное разведывательное управление, ЦРУ (США).
5. Log file – регистрационный файл.
6. Backup – резервная копия (программ, данных).
7. Breach of confidentiality – разглашение секретной информации public key encryption – шифрование с открытым ключом.
8. Referential integrity – целостность ссылочных данных, ссылочная целостность.
9. Denial of service attack – атака (системы) с целью нарушения нормального обслуживания пользователей.
10. Authenticity – подлинность, достоверность, аутентичность.
SATELLITE GEODESY
Satellite geodesy is the measurement of the form and dimensions of the Earth, the location of objects on its surface and the figure of the Earth's gravity field by means of artificial satellite techniques-geodesy by means of artificial satellites. It belongs to the broader field of space geodesy, which also includes such techniques as geodetic very long baseline interferometry (VLBI) and lunar laser ranging.
Traditional astronomical geodesy is not commonly considered a part of satellite geodesy, although there is considerable overlap between the techniques.
The main goals of satellite geodesy are:
1. Determination of the figure of the Earth, positioning, and navigation (geometric satellite geodesy).
2. Determination of Earth's gravity field and geoid (dynamical satellite geodesy).
3. Measurement of geodynamical phenomena, such as crustal dynamics and polar motion.
Satellite geodetic data and methods can be applied to diverse fields such as navigation, hydrography, oceanography and geophysics. Satellite geodesy relies heavily on orbital mechanics.
First steps (1957-1970). Satellite geodesy began shortly after the launch of Sputnik in 1957. Observations of Explorer 1 and Sputnik 2 in 1958 allowed for an accurate determination of Earth's flattening.
The 1960s saw the launch of the Doppler satellite Transit-1B and the balloon satellites Echo 1, Echo 2, and PAGEOS. The first dedicated geodetic satellite was ANNA-1B, a collaborative effort between NASA, the DoD, and other civilian agencies. ANNA-1B carried the first of the US Army's SECOR (Sequential Collation of Range) instruments.
These missions led to the accurate determination of the general shape of the geoids, and linked the world's geodetic datum.
Toward the World Geodetic System (1970-1990). The Transit satellite system was used extensively for Doppler surveying, navigation, and positioning. Observations of satellites in the 1970s by worldwide triangulation networks allowed for the establishment of the World Geodetic System.
The development of GPS by the United States in the 1980s allowed for precise navigation and positioning and soon became a standard tool in surveying. In the 1980s and 1990s satellite geodesy began to be used for monitoring of geodynamic phenomena, such as crustal motion, Earth rotation, and polar motion.
Modern Era (1990-present). The 1990s were focused on the development of permanent geodetic networks and reference frames. Dedicated satellites were launched to measure Earth's gravity field in the 2000s, such as CHAMP, GRACE, and GOCE.
Satellite geodetic measurement techniques. Techniques of satellite geodesy may be classified by instrument platform. A satellite may be observed with ground-based instruments (Earth-to-space-methods); carry an instrument or sensor as part of its payload to observe the Earth (spaceto-Earth methods); use its instruments to track or be tracked by another satellite (space-to-space methods). Geodetic use of GPS/GNSS.
Global navigation satellite systems are dedicated radio positioning services, which can locate a receiver to within a few meters. The most prominent system, GPS, consists of a constellation of 31 satellites (as of June 2011) in high, 12-hour circular orbits, distributed in six planes with 55° inclinations.
The principle of location is based on trilateration. Each satellite transmits a precise ephemeris with information on its own position and a message containing the exact time of transmission. The receiver compares this time of transmission with its own clock at the time of reception and multiplies the difference by the speed of light to obtain a "pseudorange."
In theory, three satellites are required to position the receiver in three-dimensional space, however the receiver's clock will likely not be synchronized with the atomic clocks aboard the satellite, so a fourth pseudorange measurement is used to correct the receiver's clock bias. In this manner, the receiver's position can be determined to within a few meters.
More sophisticated methods, such as real-time kinematic (RTK) can yield positions to within a few millimeters. In geodesy, GNSS is used as an economical tool for surveying and time transfer. It is also used for monitoring Earth's rotation, polar motion, and crustal dynamics. The presence of the GPS signal in space also makes it suitable for orbit determination and satellite-to-satellite tracking.
Satellite laser ranging. In satellite laser ranging (SLR) a global network of observation stations measure the round trip time of flight of ultrashort pulses of light to satellites equipped with retroreflectors. This provides instantaneous range measurements of millimeter level precision which can be accumulated to provide accurate measurement of orbits and a host of important scientific data.
Satellite laser ranging is a proven geodetic technique with significant potential for important contributions to scientific studies of the Earth/Atmosphere/Oceans system. It is the most accurate technique currently available to determine the geocentric position of an Earth satellite, allowing for the precise calibration of radar altimeters and separation of long-term instrumentation drift from secular changes in ocean surface topography.
Doppler techniques. Doppler positioning involves recording the Doppler shift of a radio signal of stable frequency emitted from a satellite as the satellite approaches and recedes from the observer. The observed frequency depends on the radial velocity of the satellite relative to the observer, which is constrained by orbital mechanics. If the observer knows the orbit of the satellite, then the recording of the Doppler profile determines the observer's position.
|
|
|
Conversely, if the observer's position is precisely known, then the orbit of the satellite can be determined and used to study the Earth's gravity. In DORIS, the ground station emits the signal and the satellite receives.
Optical tracking. In optical tracking, the satellite can be used as a very high target for triangulation and can be used to ascertain the geometric relationship between multiple observing stations.
Optical tracking with the BC-4, PC-1000, MOTS cameras consisted of photographic observations of a satellite, or flashing light on the satellite, against a background of stars. The stars, whose positions were accurately determined, provided a framework on the photographic plate or film for a determination of precise directions from camera station to satellite.
Geodetic positioning work with cameras was usually performed with one camera observing simultaneously with one or more other cameras. Camera systems are weather dependent and that is one major reason why they fell out of use by the 1980s.
Radar altimetry. A radar altimeter uses the round-trip flight-time of a microwave pulse between the satellite and the Earth's surface to determine the distance between the spacecraft and the surface. From this distance or height, the local surface effects such as tides, winds and currents are removed to obtain the satellite height above the geoid. With a precise ephemeris available for the satellite, the geocentric distance to the satellite, determined for the time of each observation, along with the local radius of the ellipsoid are available.
It is then possible to compute the geoid height by subtracting the ellipsoidal radius and the satellite height from the satellite's geocentric distance. This allows direct measurement of the geoid, since the ocean surface closely follows the geoid.
The difference between the ocean surface and the actual geoid gives ocean surface topography.
Notes
1. Very long baseline interferometer – интерферометр со сверхдлинной базой.
2. Lunar laser ranging – лазерная локация Луны.
3. Crustal dynamics – динамика земной коры.
4. Polar motion – движение полюсов.
5. The earth's flattening – приплюснутость земного шара.
6. NASA (National Aeronautics and Space Agency [Administration]) – Национальное управление по аэронавтике и исследованию космического пространства, НАСА.
7. DoD (Department of Defense) Министерство обороны США, МО США отвечает за спонсирование многих стандартов в области разработки ПО.
8. SECOR – система SECOR, система дальней радионавигации и обнаружения воздушных целей, состоящая из четырёх наземных РЛС и спутниковой РЛС с активным ответом.
9. Doppler – эффект Доплера, доплеровский эффект; доплеровская частота, доплеровский сдвиг частоты.
10. Earth-to-space method – система передачи по линии "Земля – космос".
11. Space-to-space communication – связь между КА. 35
|
|
|
12. Laser ranging – измерение расстояния лазером.
13. Retroreflector – световозвращатель.
14. Optical tracking – оптические наблюдения (ИСЗ).
15. Radar altimeter – импульсный радиовысотомер больших высот.
