Annotation:

In this article author describes new systematic research method of eliminating undeclared vulnerabilities on operation systems by using active kernel context control and scanning of internal process tables. New systematic research field of eliminating undeclared vulnerabilities on Operation Systems is based on using MicroKernel Object specification. KPROCESSOR _CID-table factoring is a new cross platform detail fundamental analysis of internal context_tables of processor executive region.

To quote:

Molyakov A. S.

Keywords:

Pages:

Annotation:

This article is devoted to the research of web-application protection against attacks based on second-order code injection. The description of security model, which is used for detection of web-application improper input validation vulnerabilities, and the software tool, based on this model, which helps to find such vulnerabilities, are considered in this article.

To quote:

Baranov V. A.

Keywords:

Pages:

Annotation:

The paper reviews the paradigm of information security management, which involves the system configuration fixing, security evaluation of the system state, and system adaptation to the discovered security faults through feed-back control over security settings. The sample using the discussed technique is presented for UNIX-like systems. This technique and the control system based on it allow a procedure of security adaptation to be automated and thus considerably simplified. It forms a fundament for a new class of self- adapting security systems.

To quote:

Kalinin M. O.

Keywords:

Pages:

Annotation:

This article is devoted to very rather up to date issue of the computer simulation of service arias of high accuracy position systems.

To quote:

Karetnikov V. V., Sikarev I. A.

Keywords:

Pages:

Annotation:

New kinds of threats of safety of digital and ip-office automatic telephone exchanges are considered.

To quote:

Petrenko S. A., Beliaev A. V.

Keywords:

Pages:

Annotation:

In this article it is described the using of automatic rubrication engine for providing the thematic differentiation access to text documents in system. Also in this work algorithm of processing of automatic rubricator is represented and theoretically proved.

To quote:

Baranov Y. A.

Keywords:

Pages:

Annotation:

In the past ten years theory and technology of information security become more durable and always ready to resist to new threats. Today total damage of all system, due to gap on a security system, mostly depends on a user and his knowledge. Thereby than environment is more various then defense is stronger and then threats are more complex. But what will happen if environment has been changed? Environment mandatory will be cardinally changed. To make sure about it enough to look at continuously speed up growth of functional possibilities of the Internet: e-mail, sites, big portals, social networks and so on. And growth isn't going to stop. It is known that new possibilities on the some stage of their development result in qualitative change of environment. To solve security problems in new environment we may be needed in a new theoretical base. In this article we try to research the forming process of self-learning procedures in the World Wide Web. Of course today these procedures are forming by people. But in our opinion we should think about future security problems exactly today.

To quote:

Rastorguev S. P., Tokarev R. S.

Keywords:

Pages:

Annotation:

In the paper we consider new approach of software safety based on syntax-driven control for security. The notion "regularization of a grammar" is presented. CF grammar in a regular form (CFR-grammar) supplied with extended set of operations in regular expressions in the right hand side of rules is discussed. The scheme of CFR grammar regularization has been shown. — Bibl. 7 items.

To quote:

Fedorchenko L. N., Zabolotsky V. P.

Keywords:

Pages:

Annotation:

The realization of masking of the transferred information on the basis of quantum technologies is considered.

To quote:

Vorobiev E. G.

Keywords:

Pages:

Annotation:

Elliptic curves in Hesse form admit more suitable arithmetic than ones in Weierstrass form. But elliptic curve cryptosystems usually use Weierstrass form. It is known that both those forms are birationally equivalent. Birational equivalence is partially determined and it is relatively hard to compute. We prove that elliptic curves in Hesse form and in Weierstrass form are linearly isomorhic over initial field or its small extension and this equivalence is easy to compute. If cardinality of finite field q є 5 (mod 6) and Frobenius trace T є 0 (mod 3), then equivalence is defined over initial field with high probability. This linear equivalence allows multiplying of an elliptic curve point in Weierstrass form by passing to Hessian curve, computing in this curve and passing back. This speeds up the rate about 1,35 times.

To quote:

Rostovtsev Alexander

Keywords:

Pages:

Annotation:

We consider oblivious transfer protocol based on noisy channel. We carry out detailed analysis of protocol and it's rate dependence on requirements for given parameters. The modified protocol using interactive hashing for test the receiver's adherence to the protocol is presented which results in increasing protocol rate.

To quote:

Yakovlev V., Shutyy R.

Keywords:

Pages:

Annotation:

In the paper we consider the methods for choosing rational variant of the information security systems in the items of the driven criterion.

To quote:

Zabolotsky V. P., Ivanov V. P.

Keywords:

Pages:

Annotation:

This paper describes issues of the security subsystem of the paravirtualized environment Secure Xen on ARM. An application area of this environment is considered. Reasons of using the security subsystem are adduced. The architecture of the security subsystem and it particularly modules are described.

To quote:

Andreev S. V., Dragalchuk V. K., Levin M. P., Sang-min Lee, Sang-bum Suh, Trofimov A. S., Junghyun Yoo

Keywords:

Pages:

Annotation:

The authors present the results of the analysis of specific features of up-date systems oа document turnover and shw their advantages and disadvantages. The basic notions of the elliptical curve theory as well as the description of procedures of creating and verifying the electronic digital signature have been considered. The programmed complex for implementing the schemes of creating and verifying the digital signature has been developed. The authors offer new schemes of electronic digital signature.

To quote:

Eremeyen M., Anikevich E., Sergienko P.

Keywords:

Pages:

Annotation:

В работе обсуждается возможность использования генераторов динамического хаоса в качестве встроенных источников случайных сигналов, работающих в составе систем генерации случайных чисел. Анализируются возможные атаки и безопасность данных генераторов. Сформулированы условия безопасности генераторов динамического хаоса.

To quote:

Sotov L. S., Harin V. N.

Keywords:

Pages:

Annotation:

The general principles of work of the standard of engineering digital-speech communication GSM-R, which is included in the European Train Control System (ETCS), as a subsystem of European Rail Transport Management System (ERTMS) were considered in this article. The common structure of the network GSM-R was considered, and also its main vulnerabilities were marked out. The general approach of this problems solving was offered.

To quote:

Gnatchenko I. I., Diasamidze S. V., Adadurov A. S.

Keywords:

Pages:

Annotation:

We analyze variation and functional stability of the radius of coverage base station classes AIS1 and AIS2 coefficient of mutual differences and signal interference.

To quote:

Sikarev I. A.

Keywords:

Pages:

Annotation:

We analyze variation and functional stability of the radius of coverage base station classes AIS1 and AIS2 coefficient of mutual differences and signal interference.

To quote:

Sikarev I. A.

Keywords:

Pages:

Annotation:

Scientific school in the region of the radar of sea surface with the North Western state external technical university.

To quote:

Shishkin I. F., Sergushev A. G.

Keywords:

Pages:

Annotation:

Methodical approach to aforecasting of informational attacks of automated control systems is stated.

To quote:

Zigulin G. P., Pechenevskiy Y. A.

Keywords:

Pages:

Annotation:

One of the possible approaches in the building the role-based security policy on the directed graph is presented. Various transformations of hierarchy of roles, depending on what sign is more significant: the absence of cycles or the optimality are considered in this article.

To quote:

Belim S. V., Bogachenko N. F.

Keywords:

Pages:

Annotation:

In the paper we consider the methods for choosing rational variant of the information security systems in the items of the driven criterion.

To quote:

Rakitskiy Yu. S., Belim S. V.

Keywords:

Pages:

Annotation:

The model of information security system choice was described. The technique of information security system building based on the risks assessments was reviewed.

To quote:

Lysenko A. G.

Keywords:

Pages:

Annotation:

Given the significant dangers of Large Hadron Collider (LHC) operations, access control to the accelerator controls system is required. Role-Based Access Control (RBAC) was designed in order to protect the equipment from accidental and unauthorized access. This paper describes a new mathematical model of protection the distributed control system, based on role-based access control concept. It also contains the overview of authorization, the main component of the system.

To quote:

Yastrebov I. S.

Keywords:

Pages:

Annotation:

This article concerns security aspects of buildings control and automation systems development. Nowadays RFID technology is often used in automation systems. In most cases RFID solutions are installed in airports, stadiums, distributor centers and factories. This makes human life highly dependant on security aspects on the innovative technology. Unfortunately the RFID technology is not as safe to computer viruses attacks as most believe it is. In this article new protocol is presented that proves to be safe and effective to prevent most common attacks on RFID technology.

To quote:

Жуков И. Ю.,

г. Москва, ОАО «ВНИИНС»

Михайлов Д. М., Шустова Л. И.

г. Москва, НИЯУ «МИФИ»

Keywords:

Pages:

Annotation:

The multimodel approach to revelation of harmful effects in binary memory dumps is being researched. The basic stages of the method of revelation of undocumented features under conditions of source code absence is considered.

To quote:

Lomako A. G., Eremeev M. A., Novikov V. A., Gnidko K. O., Goremykin D. V.

Keywords:

Pages:

Annotation:

Ciphers y = C(x, k) and ² = ‚(±, ¤) are isomorphic if there exists invertible computable in both directions map y « ², x « ±, k « ¤. Cipher is vulnerable if and only if isomorphic cipher is vulnerable. Instead of computing the key of a cipher it is sufficient to find suitable isomorphic cipher and compute its key. If j is arbitrary substitution and T is round substitution, its conjugate “ = jTj-1 is cipher isomorphism. Conjugate substitutions have the same cycle type. Conjugation can be composed with affine maps.

Application this method to AES gives affine conjugate substitution. Images of XOR with round key and diffusion map become non-linear. But they possess differentials and linear sums of high probability (8-12 times more then corresponding values of original S-box).

To quote:

Rostovtsev A. G.

Keywords:

Pages:

Annotation:

Classical circuits of Markov for the description of spectra processes of diffusion are considered at the organization of the passing of the ships on sluice of internal waterways. A necessary part of such structures is satellite channels of transfer as signals of communication, and radionavigation.

The purpose of work is development of the general algorithm for calculation of spectra of nonlinear diffusion without use of factor of correlation on the basis of classical circuits of Markov when conditions and time are continuous.

To quote:

Antonov V. A., Pshenitsyn K. V.

Keywords:

Pages:

Annotation:

The question of influence of hindrances of a various origin on range of action of base stations of automatic information system is considered.

To quote:

Karetnikov V. V., Sikarev I. A.

Keywords:

Pages: