Обучение устной речи и чтению литературы на английском языке по специальности «Защита информации». Часть 1

Московский государственный технический университет  
имени Н.Э. Баумана 
 
 
 
 
 
 
О.И. Комарова, Е.И. Румянцева  
 
 
ОБУЧЕНИЕ УСТНОЙ РЕЧИ  
И ЧТЕНИЮ ЛИТЕРАТУРЫ  
НА АНГЛИЙСКОМ ЯЗЫКЕ  
ПО СПЕЦИАЛЬНОСТИ  
«ЗАЩИТА ИНФОРМАЦИИ» 

В   трех частях 

Часть 1 
 
Учебно-методическое пособие 
 
 
 
 
 
 
 
 
 
Москва 
Издательство МГТУ им. Н.Э. Баумана 
2010 

УДК 802.0 
ББК 81.2 Англ-923 
         К63 
 
Рецензент И.Ф. Беликова 
 
Комарова О.И. 
Обучение устной речи и чтению литературы на английском языке по специальности «Защита информации» : учеб.метод. пособие: в 3 ч. – Ч. 1 / О.И. Комарова, Е.И. Румян- 
цева. – М. : Изд-во МГТУ им. Н. Э. Баумана, 2010.  – 30, [2] с. 
 
Пособие состоит из трех тематических разделов: первый вклю
чает тексты об основных принципах информационной защиты, второй – о компьютерных вирусах, третий – о способах защиты (ключах и криптографии). Предлагаются тексты для ознакомительного 
чтения и краткого изложения содержания прочитанного. Тексты 
представляют собой статьи или извлечения из статей англоязычных 
авторов. Представлены также упражнения на понимание текста, отработку и закрепление лексико-грамматических конструкций, развитие навыков устной речи. Для студентов 3-го курса, обучающихся 
по специальности «Защита информации».  
                                                                                                        
                                                                                              УДК 802.0  
 ББК 81.2 Англ-923  
Учебное издание 

Комарова Ольга Ивановна 
Румянцева Елена Ивановна 

Обучение устной речи и чтению литературы на английском языке  
по специальности «Защита информации» 

Часть 1 
 
Корректор Р.В. Царева 
Компьютерная верстка О.В. Беляевой 
 
Подписано в печать 18.11.2010.  Формат 60×84/16.  
Усл. печ. л. 1,86. Тираж 200 экз. Изд. № 31. 
 Заказ   

Издательство МГТУ им. Н.Э. Баумана. 
Типография МГТУ им. Н.Э. Баумана. 
105005, Москва, 2-я Бауманская ул., 5. 
 
© МГТУ им. Н.Э. Баумана, 2010 

К63 

ПРЕДИСЛОВИЕ 

Настоящее пособие предназначено для студентов 3-го курса 
(пятый семестр), обучающихся по специальности «Защита информации» (кафедра ИУ-10). 
Авторы пособия имеют целью формирование у студентов профессионально-ориентированной коммуникативной компетенции. 
В пособии представлены оригинальные тексты, степень трудности которых соответствует уровню подготовки студентов 3-го 
курса (пятый семестр). 
Состоит пособие из трех разделов (units). Их тематика соответствует тематике изучаемой специальности. 
В каждый раздел включены текст для чтения и перевода, послетекстовые упражнения на закрепление, отработку и использование в речи лексико-грамматических конструкций. Помимо этого в 
каждом разделе даны дополнительные тексты для устного изложения и обсуждения. 
В конце каждого раздела даны упражнения на повторение 
грамматического материала, лексическое наполнение которого не 
основано на специальной тематике.  
Содержание пособия позволяет студентам охватить широкий 
спектр информации по изучаемой специальности, активизировать 
пройденный ранее материал, сформировать компетенцию специализированной коммуникации. 
 

UNIT 1 

   
 Read and translate the text. 

Text A     
     Basic Principles of Information Protection.  
Considerations Surrounding the Study of Protection 

Many examples of systems requiring protection of information are 
encountered every day: airline seat reservation systems, credit bureau 
data banks; law enforcement information systems; time-sharing service 
bureaus; on-line medical information systems; and government social 
service data processing systems. These examples span a wide range of 
needs for organizational and personal privacy. All have in common 
controlled sharing of information among multiple users. All, therefore, 
require some plan to ensure that the computer system helps implement 
the correct authority structure. Of course, in some applications no special provisions in the computer system are necessary. It may be, for instance, that an externally administered code of ethics or a lack of 
knowledge about computers adequately protects the stored information. 
Although there are situations in which the computer need provide no 
aids to ensure protection of information, often it is appropriate to have 
the computer enforce a desired authority structure. 
The words ‘privacy’, ‘security’, and ‘protection’ are frequently 
used in connection with information-storing systems. Not all authors 
use these terms in the same way. Here are the definitions commonly 
encountered in computer science literature. The term ‘privacy’ denotes 
a socially defined ability of an individual (or organization) to determine 
whether, when, and to whom personal (or organizational) information is 
to be released. 
The term ‘security’ describes techniques that control who may use 
or modify the computer or the information contained in it. 
Security specialists have found it useful to place potential security 
violations in three categories. 

1. Unauthorized information release: an unauthorized person is able 
to read and take advantage of information stored in the computer. This 
category of concern sometimes extends to ‘traffic analysis’, in which 
the intruder observes only the patterns of information use and from 
those patterns can infer some information content. It also includes unauthorized use of a proprietary program. 
2. Unauthorized information modification: an unauthorized person 
is able to make changes in stored information – a form of sabotage. 
Note that this kind of violation does not require that the intruder see the 
information he has changed. 
3. Unauthorized denial of use: an intruder can prevent an authorized 
user from referring to or modifying information, even though the intruder may not be able to refer to or modify the information. Causing a 
system ‘crash’, disrupting a scheduling algorithm, or firing a bullet into 
a computer are examples of denial of use. This is another form of sabotage. 
The term ‘unauthorized’ in the three categories listed above means 
that release, modification, or denial of use occurs contrary to the desire 
of the person who controls the information, possibly even contrary to 
the constraints supposedly enforced by the system. The biggest complication in a general-purpose remote-accessed computer system is that 
the ‘intruder’ in these definitions may be an otherwise legitimate user 
of the computer system. 
Examples of security techniques sometimes applied to computer 
systems are the following: 
1) labeling files with lists of authorized users; 
2) verifying the identity of a prospective user by demanding a password; 
3) shielding the computer to prevent interception and subsequent interpretation of electromagnetic radiation; 
4) enciphering information sent over telephone lines; 
5) locking the room containing the computer; 
6) controlling who is allowed to make changes to the computer system (both its hardware and software); 
7) using redundant circuits or programmed cross-checks that maintain security in the face of hardware or software failures; 
8) certifying that the hardware and software are actually implemented as intended. 
It is apparent that a wide range of considerations are pertinent to the 
engineering of security of information. Historically, the literature of 
computer systems has more narrowly defined the term protection to be 

just those security techniques that control the access of executing programs to stored information. An example of a protection technique is 
labeling of computer-stored files with lists of authorized users. Similarly, the term authentication is used for those security techniques that 
verify the identity of a person (or other external agent) making a request of a computer system. An example of an authentication technique 
is demanding a password. This paper concentrates on protection and 
authentication mechanisms, with only occasional reference to the other 
equally necessary security mechanisms. One should recognize that concentration on protection and authentication mechanisms provides a narrow view of information security, and that a narrow view is dangerous. 
The objective of a secure system is to prevent all unauthorized use of 
information, a negative kind of requirement. It is hard to prove that this 
negative requirement has been achieved, for one must demonstrate that 
every possible threat has been anticipated. 

COMPREHENSION CHECK 

1. Give the Russian equivalents to the following words and 
word combinations:   
to encounter; to span a wide range of needs for; multiple users; special provisions; to ensure protection; to enforce smth; techniques; potential security violations; to take advantage of; to disrupt a scheduling 
algorithm; the intruder; legitimate user; shielding; to encipher information; redundant circuits; to certify; possible threat; to anticipate. 
2. Provide definitions in the context of protecting information in 
computers: 
Access  
Authenticate  
Authorize  
Certify  
Encipherment  
Password 
Privacy  
Protection  
Security 
Check them with the Glossary given at the end. 
 
3. Answer the questions to the text and perform the tasks. 

1. Give your own examples of systems requiring protection of information. 
2. What is the main difference between the notions protection and 
security? 
3. Span the needs for organizational and personal privacy.  
4. What are the three categories of the potential security violations? 
Describe them. 
5. Why can release, modification, or denial of use occur contrary to 
the desire of the person? 
6. Give examples of security techniques sometimes applied to computer systems. 
7. What are the other definitions of the terms protection and authentication? 
8. Why are these terms considered to provide a narrow view of information security? 
 
4. Discuss the basic principles of information protection. 
 

GRAMMAR REVISION 

1. Use the correct tense form.  
This story happened to Mr. Brown who (was living, lived, had 

lived) in the suburbs of one of the towns in England. One evening he 
(walked, was being walked, was walking) home from the railway station. The road (had been, was, being) dark and lonely. Suddenly he 
heard someone (was approaching, approached, approaching) him from 
behind and thought he (being followed, was being followed, was followed). Mr. Brown (was, had been, being) terribly frightened and 
started (run, ran, running). The footsteps still followed him. The man 
ran into an old cemetery and threw himself on the grass near one of the 
graves. 

Lying there Mr. Brown thought, ‘If he (came, was coming, comes) 

here there (will be, is, was) no doubt he (wanted, wants, will want) to 
rob me’. 

The man behind really came there too. Mr. Brown wondered what 

he (wants, wanted, will want) and why he (is following, had followed, 
was following) him. 

The stranger said that he (was going, went, had gone) to Mr. 

Robertson's and he had been told that Mr. Brown (was living, lived, had 

lived) next door to the Robertsons. That's why he decided to follow 
him. And the stranger thought it was a sort of exercise Mr. Brown (was 
using, used, is using) to do in the evenings. 

 
2. Put the questions to the following sentences. 
1. The weather was stormy yesterday. (What?) 
2. A lot of hamburgers are eaten in the USA. (How many?) 
3. Ann has just come back from London. (When?) 
4. He had to borrow some money. (Why?) 
5. They have been quarrelling since morning. (How long?)  
6. Stephen and Paul lead an adventurous life. (Who?) 
7. We used to go to the theatre on Friday nights. (Where?) 
8. Dick won't be able to join us tomorrow. (Why?) 
9. She speaks English very well. (How?) 
 
3. Andrea is giving a talk to her class at the language school 

about her first few weeks in Britain. Complete what she says. Put 
the verbs in brackets into the correct tense. 

I (arrive) about eight weeks ago. I (not be) to Britain before, so  

I (not know) what to expect. My friends Vince and Sue (meet) me at the 
airport. They (wait) for me when I (come) out of the arrivals gate. I (be) 
very pleased to see them. You see, my cousin Carmen (come) to stay 
with Sue the summer before last, but there (not be) anyone to meet her 
at the airport, because Sue (have) an accident. Anyway, as I said, I (be) 
here for about two months now. I (learn) a lot of English in that time 
and I (do) a lot of things. I (be) to London a Few times and last weekend I (go) to Oxford to see Sue. While Sue (show) me some of the colleges. I (see) some people from my town in. Argentina. They (arrive) in 
England the day before. We (be) all so surprised. We (can't) believe it. 

4. Supply some, any, no for the following sentences. 
1. If you have ... news, call me back. 2. She helped borrow ... more 
money. 3. There is hardly ... place in this house where we can talk 
alone. 4. ... boy at the school had ever taken a scholarship to the university. 5. It meant real hardship to my mother unless I earned ... money at 
once. 6. My mother hoped that perhaps the school had ... funds to give 
me a grant. 7. It was unlikely that ... of the guests would take particular 
notice of it. 8. They understood each other without ... words. 9. ‘Let's 
go back home. It's already late’. ‘I'd rather stay out a little longer’.  

‘I suppose we've got to go home ... time’. 10. There isn't ... boot-polish 
in this tin. 11. You have ... fine flowers in your garden. 12. Go and ask 
him for ... more paper, I haven't ... in my desk. 13. Later we had ... tea. 
14. He wants ... more pudding. You can take it away. 15. There are ... 
matches left. We must buy ... .16. I wouldn't go to his concert. He is ... 
pianist. 17. ... time ago I read his story in a magazine. 18. I don't think 
there is ... milk left in the jug. 19. ... student can answer the question.  
  
Summarize the text. 

Text B 

Functional Levels of Information Protection 

Many different designs have been proposed and mechanisms implemented for protecting information in computer systems. One reason 
for differences among protection schemes is their different functional 
properties – the kinds of access control that can be expressed naturally 
and enforced. It is convenient to divide protection schemes according to 
their functional properties. A rough categorization is the following.  
a) Unprotected systems: Some systems have no provision for preventing a determined user from having access to every piece of information stored in the system.  
b) All-or-nothing systems: These are systems that provide isolation 
of users, sometimes moderated by total sharing of some pieces of information. If only isolation is provided, the user of such a system might 
just as well be using his own private computer, as far as protection and 
sharing of information are concerned. More commonly, such systems 
also have public libraries to which every user may have access. In some 
cases the public library mechanism may be extended to accept user contributions, but still on the basis that all users have equal access.  
c) Controlled sharing: Significantly more complex machinery is required to control explicitly who may access each data item stored in the 
system. For example, such a system might provide each file with a list 
of authorized users and allow an owner to distinguish several common 
patterns of use, such as reading, writing, or executing the contents of 
the file as a program.  
d) User-programmed sharing controls: A user may want to restrict 
access to a file in a way not provided in the standard facilities for con

trolling sharing. For such cases, and a myriad of others, a general escape is to provide for user-defined protected objects and subsystems. A 
protected subsystem is a collection of programs and data with the property that only the programs of the subsystem have direct access to the 
data (that is, the protected objects). Access to those programs is limited 
to calling specified entry points. Thus the programs of the subsystem 
completely control the operations performed on the data.  
e) Putting strings on information: The foregoing three levels have 
been concerned with establishing conditions for the release of information to an executing program. The fourth level of capability is to maintain some control over the user of the information even after it has been 
released. Such control is desired, for example, in releasing income information to a tax advisor; constraints should prevent him from passing 
the information on to a firm which prepares mailing lists. The printed 
labels on classified military information declaring a document to be 
‘Top Secret’ are another example of a constraint on information after its 
release to a person authorized to receive it. There is a consideration that 
cuts across all levels of functional capability: the dynamics of use. This 
term refers to how one establishes and changes the specification of who 
may access what. At any of the levels it is relatively easy to envision 
(and design) systems that statically express a particular protection intent. But the need to change access authorization dynamically and the 
need for such changes to be requested by executing programs introduces much complexity into protection systems.  
In many cases, it is not necessary to meet the protection needs of 
the person responsible for the information stored in the computer entirely through computer-aided enforcement. External mechanisms such 
as contracts, ignorance, or barbed wire fences may provide some of the 
required functional capability. This discussion, however, is focused on 
the internal mechanisms. 

Supplementary reading. 

Text C 
Design Principles 

Whatever the level of functionality provided, the usefulness of a set 
of protection mechanisms depends upon the ability of a system to prevent security violations. Design and construction techniques that sys