CYBER PROTECTION OF ENERGOIL ENTERPRISES
DOI:
https://doi.org/10.26906/SUNZ.2022.4.122Keywords:
cyber security, encryption, algorithm, Triple DES, accessAbstract
This article is about providing comprehensive protection of the oil refining and distribution company ENERGOIL. This protection includes components such as encryption, anti-virus software, and user access matrices. Within the access delimitation system, a dispatcher must be used, which performs access delimitation. This dispatcher is an employee of the security department. Access is restricted in accordance with the authority of employees. A request for employee access to a specific computer is sent to the database management and event registration unit. The authority of the employee and the characteristics of the object are analyzed by an employee of the security department. The first basic step for organizing work computers at the enterprise will be the creation of user accounts. For this, we create our own account for each computer A user access matrix was developed for the ENERGOIL enterprise, divided by information departments. It is necessary in order to clearly understand which users have access to which. The Triple DES algorithm was used for encryption. The essence of the algorithm is to use the Data Encryption Standard, or simply DES, published by the US National Bureau of Standards (NBS). First, the data is encrypted with the first key, decrypted back with the second key, and re-encrypted with the third key. Since as many as three keys are used, their total length is actually 3 * 56 = 168 bits. The encryption speed is also lower than that of the DES algorithm, but the reliability leaves no doubt. It takes a billion times more attempts to break this encryption than simple DES. Avast and Microsoft Windows Defender antiviruses were used to protect against malicious software, and an access matrix with user accounts and their permissions was created to limit access on work computers.Downloads
References
Data encryption using the XOR cypher G. Golovko, A. Matyashenko, N. Solopikhin - journal "Control, Navigation and Communication Systems". 2021. 81 p.
Technologies of information protection (UZHNU), URL - https://www.uzhnu.edu.ua/uk/infocentre/get/4186
TripleDES class and its implementation, URL - https://learn.microsoft.com/ruru/ dotnet/api/system.security.cryptography.tripledes?view=net-6.0
Triple data encryption algorithm, URL - https://wikicsu.ru/wiki/triple_des
Cryptography (Encyclopedia of modern Ukraine), URL – https://esu.com.ua/search_articles.php?id=1576
Requirements for information protection services at enterprises, URL - http://pyuv.onua.edu.ua/index.php/pyuv/article/view/607
Analysis of the TDES encryption algorithm, URL - https://instagalleryapp.com/informacijna-bezpeka/shho-take-shifruvannja-3des-i-jak-pracjue-des/
