This document discusses certification of IT security solutions for compliance with Russian security standards. Certification is mandatory for personal data protection systems and systems containing state-owned information, or is generally recommended for major corporations and financial structures. Certification involves black box testing of functionality and testing source code for vulnerabilities and non-declared functions. Choosing a reliable certification laboratory is key, as it will handle the entire certification process, including finding a local representative, obtaining necessary licenses, and providing all required testing. Echelon certification laboratory is experienced in certifying foreign products for the Russian market and can guide companies through the certification process.
The Russian information security market is valued between $500 million to $1.5 billion annually. The largest sectors include network security, antivirus software, and PKI. Main customers are government agencies, large companies, and banks. People working in information security in Russia include former military and security officers as well as new graduates. Key regulators include the Ministry of Defense, FSB, and Central Bank of Russia. Compliance is a major driver of the market. Software certification is important for vendors to access the market.
The document discusses exploiting a weakness in the SHA1 hashing algorithm to optimize password cracking. Specifically, it describes how the SHA1 word expansion step, which uses XOR operations, can be precomputed to speed up password guessing by holding some values fixed and applying other guessed values using XOR. This works because XORing a value with itself results in zero, allowing some operations to be ignored. An automated script is provided to help optimize the number of operations needed.
This document discusses certification of IT security solutions for compliance with Russian security standards. Certification is mandatory for personal data protection systems and systems containing state-owned information, or is generally recommended for major corporations and financial structures. Certification involves black box testing of functionality and testing source code for vulnerabilities and non-declared functions. Choosing a reliable certification laboratory is key, as it will handle the entire certification process, including finding a local representative, obtaining necessary licenses, and providing all required testing. Echelon certification laboratory is experienced in certifying foreign products for the Russian market and can guide companies through the certification process.
The Russian information security market is valued between $500 million to $1.5 billion annually. The largest sectors include network security, antivirus software, and PKI. Main customers are government agencies, large companies, and banks. People working in information security in Russia include former military and security officers as well as new graduates. Key regulators include the Ministry of Defense, FSB, and Central Bank of Russia. Compliance is a major driver of the market. Software certification is important for vendors to access the market.
The document discusses exploiting a weakness in the SHA1 hashing algorithm to optimize password cracking. Specifically, it describes how the SHA1 word expansion step, which uses XOR operations, can be precomputed to speed up password guessing by holding some values fixed and applying other guessed values using XOR. This works because XORing a value with itself results in zero, allowing some operations to be ignored. An automated script is provided to help optimize the number of operations needed.
2. NetGRAPH предназначен для отображения сущностей
реального мира через графическое представление объектов и их
взаимосвязей. NetGRAPH может применяться для решения задач
информационной обработки данных, где требуется отображать
большое количество разнотипных объектов в графическом виде, и
параллельно анализировать отношения между ними.
Наиболее популярной сферой применения NetGRAPH стало
отображение объектов социальных сетей и графов, информации
по организациям, сообществам по интересам, персоналиям,
предметам интеллектуальной собственности и другим
разнотипным объектам.
NetGRAPH позволяет отображать кроме графических
объектов текстовые объекты, это позволяет его применять в
задачах ранжирования Интернет сайтов, выводе результатов
работы систем классификации текста, в аналитических системах,
требующих поиска коррелирующей информации.
Назначение
3. Особенности использования
NetGRAPH создан в виде динамически подключаемой
библиотеки и предназначается для внедрения в приложения
разрабатываемые на языках С++, С#, VB и Pascal, поддерживает
базовые типы данных технологии .NET и объектно-
ориентированного программирования.
Для удобного управления отображаемой информацией в
NetGRAPH присуствует множество свойств, полей и событий,
соответствующих узлам и ребрам графических элементов.
NetGRAPH позволяет импортировать и экспортировать граф
ориентированные XML структуры, описывающие взаимосвязи
объектов, привязывать к ним графические изображения,
добавлять пользовательские обработчики событий.