CC BY
5
УДК 621.397
Boboyeva B.N.
Teacher of Chirchik Vocational college of Industry and Service
Uzbekistan, Tashkent city APPROACHES TO CREATE A PROTECTED OPERATING SYSTEM
Аннотация: в статье говорится о подходах к созданию защищенной операционной системы.
Ключевые слова: операционная система, идентификация, аутентификация, авторизация, аудит, криптография.
Abstract: The article talks about approaches to creating a secure operating system.
Keywords: operating system, identification, authentication, authorization, audit, cryptography.
Various applications are used to protect the information system. They require operating system support. The environment of the operating system is called a reliable computing base, provides protection, guidance, network resources, physical protection even organizational elements in the information system.
The operating system is considered protected if it is protected from the main threat means.
As part of a secure operating system, there are various prohibitions on accessing different network resources if there is a threat of access violation, so the user must have a security feature on the network. In addition, measures should be taken against the accidental shutdown of the operating system.
If the operating system is not protected from all threats, but from certain threats, then such an operating system is called a partially protected operating system.
In creating a secure operating system, there are 2 basic approaches -fragmented and complex.
A fragmented approach is protection first from one threat, only then from another.
An integrated approach is protection, which is implemented in the operating system together with the architecture and is an integral part of the system. Therefore, this approach is very important.
Protection of the operating system must be provided by appropriate application devices.
Basic means of administrative protection:
1. The operating system must always work properly
2. Have adequate policies and support for protection. This will protect the system from malevolent personalities. And it protects the operating system from violations.
3. The user must observe the precautionary measures to monitor this process.
4. Regular creation and updating of backup applications of operating systems
5. Configuration control in both protection and operating system
It should be noted and other means of protection.
Identification, authentication and authorization. In a secure operating system, each user must first perform authentication, authentication, and then authorization before work. This system is called an authentication information system. The work of the system begins only after these processes. Authorization of the subject is not connected, directly with a specific system. During the authorization, technical tasks related to the authorized and authenticated users are solved by the subject.7
Prohibition of use. Each system has its own prohibitions and permission to access. A user object is a specific restriction in the use. Under the equipment resources (processor, segments) of the operating system, printer, disks, etc., and software characters is understood as a user object. For example, the processor performs the task task, the segments of the operating system can be read and written. A system consisting of magnetic cards can only be read, and files are written, read and added at the end of the file, an information system and similar tasks can be added.
Under the user's subject, the actions performed on the object are changed. But the logical name of the task is to consider the user performing the user subject. The prohibition in the movement of use is established by the security policy of the operating system.
Audit. In the use of audit in the operating system, a log is kept in which all violations are noted. The user who has the right to read this magazine is called auditors. Cases that create dangerous situations in operating systems:
1) input or output from the system;
2) Actions on files (opening, hiding, renaming, deleting);
3) access to a remote system;
4) change of privileges and other security attributes (custom).
If all violations are noted in the audit log, the amount of information is growing. Therefore, users and cases are elected.
In the information system, the security policy should always be in an adequate state.
Cryptographic functions. In the protection of the information system, the role of cryptography is very important.
System functions. Modern operating systems often work in local and global computer networks. In order to meet modern security standards, modern operating systems must have the above parameters.
The most dangerous for today is the unauthorized use of a computer, so all modern computers are equipped with partially protected operating systems. The
7 Мирзахолов Х. Т. АКТУАЛЬНЫЕ ПРОБЛЕМЫ ИННОВАЦИОННОГО СОДЕРЖАНИЯ КАЧЕСТВА ВЫСШЕГО ОБРАЗОВАНИЯ //Теория и практика современной науки. - 2017. - №. 4. - С. 622-625.
user must take care of himself to protect personal information using appropriate software.
References:
1. Шаньгин В.Ф. Информационная безопасность. М: ДМК Пресс, 2014.
2. Платонов В.В. Программно-аппаратные средства защиты информации: учебник для студ. Учреждений выс. Образования/ - М.: Издательский центр «Академия», 2014.
3. Мельников Д.А. Информационная безопасность открытых систем: учебник / -М.: Флинта: Наука, 2013.
4. Stamp, Mark. Information security: principles and practice / Mark Stamp/ -2nd ed. ISBN 978-0-4-470-62639-9(hardback)/ QA76.9.A25S69, USA, 2011.
5. Мирзахолов Х. Т. АКТУАЛЬНЫЕ ПРОБЛЕМЫ ИННОВАЦИОННОГО СОДЕРЖАНИЯ КАЧЕСТВА ВЫСШЕГО ОБРАЗОВАНИЯ //Теория и практика современной науки. - 2017. - №. 4. - С. 622-625.
УДК 378.11
Botirova Sh.I.
Teacher of Chirchik Vocational college of Industry and Service
Uzbekistan, Tashkent city METHODOLOGY AND TECHNOLOGY OF SOCIAL AND PEDAGOGICAL ACTIVITY
Аннотация: В этой статье посвящена метододлогии и технологии социальной и педагогической деятельности.
Ключевые слова: педагогика, психология, тренинг, метод Abstract: This article provides an overview of the methodology and technology of social and pedagogical activity.
Keywords: pedagogy, psychology, training, method
The idea of technological development (more precisely, mechanization of the pedagogical case) belongs to AS Makarenko. In the foreign ped. science is the concept of ped. technology appears in the 50-60's. In the national scientific and pedagogical literature this term appears in the 70s. To the first publications on ped. technologies include works by V.P. Bespalko.
The expression «soc. Technology» appeared in the 70-80-ies in connection with the need to develop social problems in society. Socio-educational technology - a set of techniques and methods used by social. services, soc. teachers to ensure the effectiveness of the process of socialization of the younger generation, and, secondly, the method of implementing social, ped. activities specific to soc. pedagogue on the basis of its rational division into procedures and operations in order to select the best means and methods for their implementation.
Let's consider the basic concepts necessary for a correct understanding of the process of the technological social. ped. activities.
Method - (from methodos - the path of research, theory, teaching) the way to achieve any goal, the totality of techniques and operations of cognition of
