Molo emva kwemini, mfundi othandekayo!
Kudala ndilandela uhlaziyo kunye neendaba zenkqubo yeDigital Economy. Ngokombono womqeshwa wangaphakathi wenkqubo ye-EGAIS, ngokuqinisekileyo, inkqubo iya kuhlala amashumi eminyaka. Zombini ukusuka kwindawo yokujonga uphuhliso, kwaye ukusuka kwindawo yokujonga uvavanyo, ukubuyisela umva kunye nokuphunyezwa okuqhubekayo, kulandelwa uhlengahlengiso olungenakuphepheka kunye nobuhlungu bazo zonke iintlobo zeebhugi. Nangona kunjalo, umcimbi uyimfuneko, ubalulekile kwaye ungxamisekile. Umthengi oyintloko kunye nomqhubi walo lonke olu lonwabo, ngokuqinisekileyo, ngumbuso. Enyanisweni, njengawo wonke umhlaba.
Zonke iinkqubo kudala zafudukela kwidijithali okanye zisendleleni eya kuyo. Oku kusemnandi. Nangona kunjalo, kukho ukuhla kwiimedali zokugqwesa. Ndingumntu osebenza rhoqo ngeesignesha zedijithali. Ndingumxhasi mhlawumbi "izolo", kodwa "ixesha elidala" elithembekileyo kunye neendlela zokuphumelela zokukhusela iisignesha zombane usebenzisa amathokheni. Kodwa i-digitalization isibonisa ukuba yonke into ibe "emafini" ixesha elide kwaye i-CEP nayo iyadingeka apho kwaye ifuneka ngokukhawuleza.
Ndazama ukufumanisa, kwinqanaba lomthetho kunye nesakhelo sobugcisa, apho kunokwenzeka, ukuba izinto zimi njani kunye neesignesha ze-elektroniki zefu apha naseYurophu. Ngapha koko, ngaphezulu kwe-dissertation enye yesayensi esele ipapashiwe ngalo mba. Ngoko ke, sikhuthaza iingcali kulo mbandela ukuba zijoyine ukuphuhliswa kwesihloko.
Kutheni i-CEP efini inomtsalane? Enyanisweni, kukho iingenelo. Kukho okwaneleyo kwezi nzuzo. Iyakhawuleza kwaye ifanelekile. Kuvakala ngathi sisilogeni sentengiso, uya kuvuma, kodwa ezi ziimpawu zenjongo yesiginitsha yedijithali yelifu.
Isantya silele ekukwazini ukusayina amaxwebhu ngaphandle kokubotshelelwa kwiithokheni okanye amakhadi ahlakaniphile. Ayisinyanzeli ukuba sisebenzise idesktop kuphela. Ikhulu leepesenti ibali le-cross-platform yayo nayiphi na i-OS kunye nabakhangeli. Oku kuyinyani ngakumbi kubalandeli beemveliso ze-Apple, kubo kukho ubunzima obuthile ekuxhaseni utyikityo lwe-elektroniki kwinkqubo ye-MAC. Phuma naphi na kwihlabathi, inkululeko yokuzikhethela kwii-CAs (nokuba zingezona zaseRashiya). Ngokungafaniyo nezixhobo ze-CEP, itekhnoloji yelifu ikuvumela ukuba uphephe ubunzima ngokuhambelana kwesoftware kunye nehardware. Yiyiphi, ewe, efanelekileyo, kwaye, ewe, ngokukhawuleza.
Yaye umntu akanakuhendwa njani bubuhle obunjalo? Umtyholi ukwiinkcukacha. Masithethe ngokhuseleko.
"Ilifu" CEP eRashiya
Ukhuseleko lwezisombululo zamafu, kwaye ngokukodwa iisignesha zedijithali, yenye yezona ngongoma zibuhlungu kwiingcali zokhuseleko. Yintoni kanye endingayithandiyo, umfundi uya kundibuza, kuba wonke umntu usebenzisa iinkonzo zefu ixesha elide, kwaye nge-SMS inokwethenjelwa ngakumbi ukwenza ukudluliselwa kwebhanki.
Ngokwenene, kwakhona, masibuyele kwiinkcukacha. Utyikityo lwedijithali lwamafu likamva ekunzima ukuxoxa ngalo. Kodwa hayi ngoku. Ukwenza oku, utshintsho lolawulo kufuneka lwenzeke oluya kukhusela umnini wesignesha yedijithali yefu.
Yintoni esinayo namhlanje? Kukho inani lamaxwebhu achaza ingcamango yesiginitsha yedijithali, ulawulo loxwebhu lwe-elektroniki (EDF), kunye nemithetho yokhuseleko lolwazi kunye nokujikeleziswa kwedatha. Ngokukodwa, kufuneka uthathele ingqalelo iKhowudi yoLuntu (iKhowudi yoLuntu yeRussian Federation), elawula ukusetyenziswa kweesignesha zombane kumaxwebhu.
Umthetho we-Federal No. 63-FZ "KwiMisayino ye-Electronic" yomhla we-06.04.2011/XNUMX/XNUMX. Umthetho osisiseko kunye nesakhelo esichaza intsingiselo eqhelekileyo yokusebenzisa iisignesha zedijithali xa usenza ukuthengiselana kweentlobo ezahlukeneyo kunye nokubonelela ngeenkonzo.
Umthetho we-Federal No. 149-FZ "Kwingcaciso, iteknoloji yolwazi kunye nokukhuselwa kolwazi ngomhla we-27.07.2006 kaJulayi, i-XNUMX. Olu xwebhu luchaza ingqikelelo yoxwebhu lwe-elektroniki kunye nawo onke amacandelo anxulumeneyo.
Kukho izenzo ezongezelelweyo zomthetho ezibandakanyekayo kulawulo lwe-EDI
Umthetho we-Federal 402-FZ "Kwi-Akhawuntingi" ngomhla we-06.12.2011 kaDisemba, i-XNUMX. Umthetho wowiso-mthetho ubonelela ngolungelelwaniso lweemfuno zobalo-mali kunye namaxwebhu ocwangciso-mali ngendlela ye-elektroniki.
Iquka. Unokuthatha ingqalelo kwiKhowudi yeNkqubo yeArbitration yeRussian Federation, evumela ukuba amaxwebhu asayinwe ngesiginitsha yombane njengobungqina enkundleni.
Kwaye kwakulapha ukuba kwenzeka ukuba ndingene nzulu kumbandela wokhuseleko, kuba imigangatho yethu ye-crypto-protection means inikezelwa yi-FSB kwaye iqinisekisa ukukhutshwa kweziqinisekiso zokuthobela. Ngomhla we-18 kaFebruwari, imigangatho emitsha ye-GOST yaziswa. Ke, izitshixo ezigcinwe efini azikhuselwanga ngokuthe ngqo zisatifikethi zeFSTEC. Ukukhusela izitshixo ngokwazo kunye nokungena ngokukhuselekileyo "kwilifu" ngamatye eembombo esingekasombululi. Okulandelayo, ndiya kujonga umzekelo wolawulo kwi-European Union, eya kubonisa ngokucacileyo inkqubo yokhuseleko oluphezulu.
Amava aseYurophu ekusebenziseni iisignesha zedijithali zamafu
Masiqale ngento ephambili - itekhnoloji yefu, kungekhona kuphela iisignesha zedijithali ezinomgangatho ocacileyo. Isiseko liqela le-Cloud Standard Coordination (CSC) ye-European Telecommunications Standards Institute (ETSI). Nangona kunjalo, kusekho iyantlukwano kwimigangatho yokhuseleko lwedatha kumazwe ahlukeneyo.
Isiseko sokhuseleko olubanzi lwedatha sisiqinisekiso esisinyanzelo sababoneleli ngokwe-ISO 27001:2013 kwiinkqubo zolawulo lokhuseleko lolwazi (i-Russian GOST R ISO/IEC 27001-2006 ehambelanayo isekelwe kwinguqulelo ka-2006 yalo mgangatho).
I-ISO 27017 ibonelela ngezinto ezongezelelweyo zokhuseleko kwilifu elingekhoyo kwi-ISO 27002. Igama elisemthethweni elipheleleyo lalo mgangatho "Ikhowudi yokusebenza yolawulo lokhuseleko lolwazi olusekelwe kwi-ISO/IEC 27002 yeenkonzo zefu." ISO/IEC 27002 yeenkonzo zelifu. ").
Ehlotyeni le-2014, i-ISO yapapasha umgangatho we-ISO 27018: i-2015 ekukhuseleni idatha yomntu efini, kwaye ekupheleni kwe-2015, i-ISO 27017: i-2015 yolawulo lokhuseleko lolwazi lwezisombululo zamafu.
Ekwindla ye-2014, iSigqibo esitsha sePalamente yaseYurophu enguNombolo 910/2014, ebizwa ngokuba yi-eIDAS, yaqala ukusebenza. Imithetho emitsha ivumela abasebenzisi ukuba bagcine kwaye basebenzise isitshixo se-EPC kumncedisi womboneleli wenkonzo othembekileyo oqinisekisiweyo, obizwa ngokuba yi-TSP (i-Trust Service Provider).
Ngo-Oktobha 2013, iKomiti yaseYurophu yokuMisela (i-CEN) yamkela inkcazo yobugcisa CEN / TS 419241 "IiMfuno zoKhuseleko kwiiNkqubo ezithembekileyo ezixhasa ukusayinwa kweseva", ezinikezelwe kulawulo lwesignesha yedijithali yefu. Olu xwebhu luchaza amanqanaba amaninzi okuthotyelwa kokhuseleko. Ngokomzekelo, ukuthotyelwa kwe-"level 2" efunekayo ukuvelisa utyikityo lwe-elektroniki olufanelekileyo lufuna inkxaso kwiinketho zokuqinisekiswa komsebenzisi. Ngokweemfuno zale nqanaba, ukuqinisekiswa komsebenzisi kwenzeka ngokuthe ngqo kwiseva yesiginitsha, ngokuchaseneyo, umzekelo, ukuqinisekiswa okuvunyelwe "kwinqanaba 1" kwisicelo esifikelela kwiseva yesiginitsha egameni layo. Kwakhona, ngokuhambelana nale nkcazo, izitshixo zesignesha zomsebenzisi zokuvelisa utyikityo lwe-elektroniki olufanelekileyo kufuneka lugcinwe kwimemori yesixhobo esikhethekileyo esikhuselekileyo (imodyuli yokhuseleko lwe-hardware, i-HSM).
Ukuqinisekiswa komsebenzisi kwinkonzo yelifu kufuneka ubuncinane kube zizinto ezimbini. Njengomthetho, eyona ndlela ifikelelekayo kwaye kulula ukuyisebenzisa kukuqinisekisa ukungena ngemvume ngekhowudi efunyenwe kumyalezo weSMS. Ngokomzekelo, uninzi lwee-akhawunti ze-RBS zobuqu zeebhanki zaseRashiya ziphunyeziwe. Ukongeza kwiimpawu eziqhelekileyo ze-cryptographic, isicelo kwi-smartphone kunye neejeneretha zephasiwedi yexesha elilodwa (iimpawu ze-OTP) nazo zingasetyenziswa njengendlela yokuqinisekisa.
Okwangoku, ndingafikelela kwisigqibo sethutyana malunga nento yokuba ii-CEPs zamafu zisasekwa kwaye kuselithuba kakhulu ukuba umke kwi-hardware. Ngokomgaqo, le yinkqubo yendalo, eyathi naseYurophu (oh, enkulu!) Yahlala malunga ne-13-14 iminyaka de kwada kwaphuhliswa imigangatho echanekileyo okanye engaphantsi.
Kuze kube siphuhlisa imigangatho emihle ye-GOST elawula iinkonzo zethu zefu, kusesekuseni kakhulu ukuthetha malunga nokulahlwa ngokupheleleyo kwezisombululo ze-hardware. Kunoko, ngoku, ngokuchaseneyo, baya kuqala ukuya kwi "hybrids", oko kukuthi, ukusebenza kunye neesignesha zamafu. Eminye imizekelo ehlangabezana nemigangatho yaseYurophu yokusebenza kunye nefu sele iphunyeziwe. Kodwa siza kuthetha ngale nto kwiinkcukacha ezincinci kwizinto ezintsha.
umthombo: www.habr.com