The paper discusses the main options for technical protection at the stages of pre-printing and post-printing preparation of products by a printing company using modern cloud technologies. In the study course, insufficient security of the SSL / TLS protocol for transferring data between websites was established, which is confirmed by numerous reports in the press about the theft of personal data and the constant improvement of this protocol. Additionally, it has been established that data security has a dependency on the user's responsibility for personal information protection. In essence, options for protecting documents of a printing company can be supplemented by the introduction of digital signatures or passwords. Based on the theory of planning and processing the results of experiments, the whole factor experiment was prepared and carried out to analyze the password "strength" based on two signs of password strength: length and different types of categories of characters used in passwords. An experiment execution plan has been built based on an orthogonal matrix. According to the matrix plan, the unknown coefficients of the response function were determined; and we determined their significance as well; we have also confirmed the adequacy of the obtained equation. In the paper, we also present a model experiment is, confirming the validity of the hypothesis of the relativity of the importance of the message length concerning the types of categories of symbols used.
The main goal of this paper is to show additional possibilities for the protection of printed products based on the differentiation of access rights to information and the value of protecting information by passwords.
The rest of the paper is organized as follows: the next Section is devoted to a review of the relevant literature and the main achievements taking place in the chosen field; in Section 3, the research problem is formulated; in section 4, the approach for solving it is presented, based on the methods of the theory of planning and processing data from the results of experiments; Section 5 discusses the main results and draws conclusions based on them.
Recently, there has been a sharp leap in the development of the printing industry due to the
widespread introduction of digital content publications into the practice of publishing organizations,
based on the consistent distribution of computer technology in the 90s of the last century [
The advance of computer publishing systems made it possible to transfer an electronic layout of a
publication directly from a computer or to a photographic form, or a photographic plate, and later
directly to a digital printing machine, which determined the prospect of obtaining a personalized
publication of any required circulation. Digital processes (prepress, print, and post-press) at all
manufacturing stages of printed products have created the basis for the transition to full automation of
production of a printing company based on online solutions [
The paper [
To evaluate the security of printing depending on its cost, the authors of [
The emergence of cloud solutions along with several advantages, namely: an unlimited amount of data storage, independence from the operating system when working with documents, the possibility of constant and shared access to this one, the rational use of resources, reduction in software costs, the ability to regularly update it; there was a strict need to protect deleted data.
So, it is possible to intercept confidential and private data when one's working with the "cloud"; and the internet provider can view the client's data if they are not protected by a password; this data can also become the property of hackers who have managed to break into the provider's security systems.
The reliability, timeliness, and availability of data in the "cloud" strongly depend on the intermediate parameters, which include data transmission channels on the way from the client to the "cloud"; the reliability of the last mile, the quality of the client's Internet provider, the availability of the "cloud" itself in the given moment. When the online storage company is liquidated, a computer customer can lose all their papers.
Some papers [
The paper [
The authors of the paper [
The paper [24] proposes group methods for estimating password strength using the attention mechanism (AM) in a neural network model. The long-short-term memory model (LSTM) is used for password processing, and a more accurate estimate of password strength is obtained.
The authors [25] propose a password-generation algorithm. It is based on information provided by users. The authors tested the reliability of the generated passwords when exposed to the dictionary and brute force password cracking attacks.
Based on prototyping methods, the architecture and main functions of the user interface [26] are proposed for developing a strong password.
Authors [27] propose protection against targeted attacks using personalized password strength meters.
The purpose of this study is to establish an effective system for protecting printed products at all stages of their preparation.
The preparation process of a digital layout of products by some printing companies using some publishing system is considered. A feature of the preparation process is its multistage nature (character), the essential component of which is prepress preparation. An electronic version of the final document is prepared in the prepress process. The electronic layout development of a printed document involves participation in the cloud storage of various staff members that provides collective access. 3.1.
As you know, the problem of storing data in the "cloud" is the data protection in the case of interception during transmission over a communication channel; there is also a problem associated with devices of the "last mile"; in addition, there is a problem with data integrity during remote storage.
The most common technical solutions for data protection are data encryption, closing documents with a password, and using a digital signature.
Usually, data transmission performs by the SSL/TLS protocol. It is worth noting that despite the similarities between SSL and TLS, a series of technical documents (for example, RFC 8446) have recently been promoting TLS 1.3 for browser use. Google, Facebook, and Cloudflare have provided the TLS 1.3 protocol support for the web space since July 2019, in addition, to the main branches of the Chrome and Firefox browsers. The protocol supports three services: authentication, encryption, and message integrity checking. The safety experts consider the suggested protective measures sufficient. Nevertheless, the message interception problem is relevant, as evidenced by the numerous confirmations of theft of personal data. Thus, the user himself should be primarily concerned about his data protection.
From the point of view of protecting printed information, one of the most effective measures is to set a password for a printed document. The problem here is the establishment of obvious passwords, which may be available to an attacker, or the creator of the documents does not consider it necessary to use a password here. To secure your information and not use external audit services, it is recommended that you independently acquire a strong password. 3.2.
We must abide by some rules to avoid the negative consequences of data theft due to the introduction
of "weak" passwords. To create a strong password, [
Presently (and, likely, in the near future), the user's password looks like a simple and accessible remedy for user authentication. Therefore, attempts to organize strong authentication based on a password are continuous nowadays. The application of special software and equipment for password generation leads to the creation of hard-to-guess passwords that cannot be remembered by users. Therefore, passwords are stored in a convenient place for the user that is inconsistent with the notion of protecting the integrity of information.
A possible way out in these circumstances is the use of password strength meters, which allow you
to assess the degree of password trust to the user. Users accept or complicate used passwords in a user
feedback system. Building systems for evaluating password strength is currently a hot topic, as
evidenced by recent publications [
According to the analysis of foreign publications [
The study poses and solves the problem of determining an effective password based on the theory of planning and processing the results of experiments.
This analysis of the results obtained allows us to conclude that password efficiency is primarily affected by password duration. The effect of mutual influence, based on the initial conditions of the experiment, practically does not have a significant effect on the listed condition of reliability, which made it possible to exclude this regressor from the equation.
Based on the independence of the factors that affect the quality of the password, we will consider them independent, the combination of the same characters is not allowed, and all of the characters have the same distribution. Given the considerations, we assume that the password security function satisfies the regression equation in the form
… ,
According to the results of testing user passwords, it has been found that the strengths of passwords, which are quantitatively expressed in relative units y, are most significantly influenced by two factors: the length of the password x1, measured by the number of characters in a password, and the number of categories of characters x2, measured by various types of characters. 4.1.
categories of characters. the values of which are presented in Table. 1.
We will assume that at the user's disposal, lowercase and uppercase letters of the Latin alphabet can be used as symbols total of numbers are 26 characters, numbers are the total numbers 10 characters, and special characters are the total number of 33 characters. Thus, we have a total of numbers 4
Based on the experiment planning theory [29], we also introduce the levels of variation by factors, Using formulas (3) and (4), we obtain
The planning matrix looks as shown in Table 2. In this table j is the number of experiments, x1 is the first sign, which means the number of symbols in the password; x2 is the number of categories used in the password; yi is the result of an experiment. In this test, we proposed that for each condition of experiment j we can obtain three results, therefore y j is the average of these results; S y2 is the variance characterizing the set of yjv values under constant experimental conditions (i.e., at one point of the design) is found by the following formula
Based on Table 2 data and using the feature of the orthogonally-planning matrix for the full factorial experiment, we can significantly simplify the calculation of the coefficients of the response equation. For the number of factors k, sample estimates bi are calculated by the formulas ̅ 1
1 х2 + + 1 4 х1х2 + + 1
1
27, 31, yi 35 25 55 36 15, 20, 51, 53, 30, 33,
̅ ̅
̅ 1 4
1 1 Next, we calculate S y2 by using values S j2 (these values are shown in Table 2) Find the variance of the regression coefficients: We choose the level of reliability of calculations α = 0.95 and find from the table value t1 t0.975
Therefore that, less than the critical value F < F0.05; m1 = 1, m2 = 8 = 5.32, and the final formula for the response function is:
Formula (8) allows you to evaluate the effectiveness of the entered password within the framework of the experiment. The analysis of equation (8), where the parameter x1 varies from 4 to 6 symbols, and the parameter x2 varies from 1 to 3 types of symbol categories, is presented in Table 3. Response function values for different types of passwords
The results presented in Table 3 have been derived from the algorithm shown in Figure 1. In this algorithm, the response function has been calculated according to (1); the variance of measurements has been calculated by the formula (4); the variance of the coefficients bi has been calculated by the formula (6); the coefficients ti have been calculated according to (7) to assess the significance; the adequacy of the response function has been determined by the Fisher criterion.
Following the task, the number of significant coefficients of the model is d = 3; and Now we find
3
The model experiment consisted in changing the number of symbols of categories 1 and 2, under the initial data, and establishing the result by the response function (5). The results of the calculation are shown in Figures 2 and 3. Figure 2: Diagram of the influence of factors x1 and x2 on the response function y Figure 3: Graph of the dependence of the influence of the factor x1 on the response function y 4.3.
The article discusses the problem of increasing password strength with personal information use. To solve this problem, we propose a system that uses personal information when the weak strength password has initially been set, the strength of which step-by-step increases based on the results of measurements. Unlike other approaches, the article analyzes the results of our measurements based on the input response function, which is usually used in the theory of planning and processing the results of experiments.
In creating the system model, we build the response function that in the study takes into account not only various sign of factors but also their mutual influence. As variable factors of the response function, the length of the password symbols and the number of symbol categories involved in the formation of the password has been chosen. The algorithm proposed in the article is based on the statistical characteristics of the set used. Apart from, based on these findings, the dispersion of the response function coefficients is calculated, and their homogeneity and significance are checked.
In the course of the study, it has been found that the mutual influence of various categories of symbols on the result of the response function is not significant, which makes it possible to bring the response function to a linear form and use it in further research.
However, the primary analysis regarding the lack of significance of their mutual influence made it possible to discard the need for such an analysis. During the study, we also concluded the satisfactory results of the research; and it was considered feasible to recommend the use proposed approach to the construction of practical password strength meters.
The article proposes the centralization of technical computing resources, IT specialists, and software in the general budget cloud. Access to the cloud via the Internet, individualized access to data, and a set of software functions provided by the bandwidth of network communication channels will be transferred to the sites.
To increase the security of printed products at the stages of pre-print and post-print preparation, it is recommended to use passwords consisting of a large number of characters, including lowercase and uppercase letters of the Latin alphabet, numbers, and auxiliary symbols. Based on a whole-factor experiment, a type of response function has been established that allows you to compare passwords and set the strength of a password.
This analysis of the results obtained allows us to conclude that password efficiency is primarily affected by password duration. The effect of mutual influence, based on the initial conditions of the experiment, practically does not have a significant effect on the put-forward condition of reliability, which made it possible to exclude this regressor from the equation.
The work has been carried out on an initiative basis. The authors thank the anonymous reviewers, whose comments significantly improved the content of the paper.
The authors also thank both the authorities of the Ukrainian Academy of Printing, Lvov State University of Internal Affairs, and National Aviation University the especially leadership of the Faculty of Cybersecurity, Computer and Software Engineering for their support during the preparation of this paper.
[24] D. He, B. Zhou, X. Yang, S. Chan, Y. Cheng and N. Guiana, Group Password Strength Meter Based on Attention Mechanism, IEEE Network 4, (2020): 196-202. doi: 10.1109/MNET.001.1900482. [25] F. Z. Glory, A. U. Aftab, O. Tremblay-Savard, N. Mohammed, Strong Password Generation Based On User Inputs, in: Proceeding of 2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), Vancouver, BC, Canada, 2019, pp. 416-423. doi: 10.1109/IEMCON.2019.8936178. [26] E. Stavrou, A situation-aware user interface to assess users' ability to construct strong passwords: A conceptual architecture, in: Proceeding of 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA), London, UK, 2019, pp. 1-6. doi: 10.1109/CyberSA.2017.8073385. [27] B. Pal, T. Daniel, R. Chatterjee, T. Ristenpart, Beyond Credential Stuffing: Password Similarity Models Using Neural Networks, in: Proceeding of 2019 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2019, pp. 417-434. doi: 10.1109/SP.2019.00056. [28] Passwords – the good ones, the bad ones, and the ugly ones, 2021. URL: https://itglobal.com/ruru/company/blog/paroli-horoshie-plohie-i-uzhasnye [in Russian] [29] A.I. Kobzar, Applied mathematical statistics. For engineers and scientists, Fizmatlit, Moscow, Russia, 2012. URL: https://inlnk.ru/LABao5 [in Russian]