Analysis of Modern Methods to Ensure Data Integrity in Cyber-Physical System Management Protocols

封面

如何引用文章

全文:

详细

At present, the problem of creating methodological security of cyberphysical systems, in particular, the design and implementation of information security subsystems is acute. At the same time, the landscape of threats and vulnerabilities typical for a wide range of hardware and software technologies used in cyberphysical systems is extremely wide and complex. In this context, the security of application layer protocols is of paramount importance, as these protocols are the basis for interaction between applications and services running on different devices, as well as in cloud infrastructures. With the constant interaction of the systems under study with the real physical infrastructure, the challenge is to determine effective measures to ensure the integrity of the transferred control commands, as disruption of the performed critical processes can affect human life and health. The paper provides an analytical review of the main methods of data integrity assurance in management protocol of cyberphysical systems, as well as an overview of application layer protocols vulnerabilities widely used in cyberphysical systems of different types. Classical methods of data integrity assurance, new methods, in particular, blockchain, as well as the main directions of increasing the efficiency of data integrity protocols in cyberphysical systems are considered. Analysis of application layer vulnerabilities is carried out on the example of the most popular MQTT, CoAP, AMQP, DDS, XMPP specifications and their implementations. It is established that despite the presence of basic security mechanisms in all these protocols, researchers continue to regularly identify vulnerabilities in popular implementations, that often endangers critical infrastructure services. In the course of preparing the review of the existing methods of data integrity assurance for the examined class of systems, the key problems of these methods integration and ways of their solution were defined.

作者简介

R. Meshcheryakov

V.A. Trapeznikov Institute of Control Sciences of Russian Academy of Sciences (ICS RAS)

Email: mrv@ieee.org
Profsoyuznaya str. 65

A. Iskhakov

V.A. Trapeznikov Institute of Control Sciences of Russian Academy of Sciences (ICS RAS)

Email: iskhakovandrey@gmail.com
Profsoyuznaya str. 65

O. Evsutin

Moscow Institute of Electronics and Mathematics (MIEM HSE)

Email: evsutin.oo@gmail.com
Tallinskaya str. 34

参考

  1. Suastegui Jaramillo L.E. Malware Detection and Mitigation Techniques: Lessons Learned from Mirai DDOS Attack // Journal of Information Systems Engineering & Management. 2018. vol. 3(3). no. 19. pp. 1–6.
  2. Mahbub M. Progressive researches on IoT security: An exhaustive analysis from the perspective of protocols, vulnerabilities, and preemptive architectonics // Journal of Network and Computer Applications. 2020. vol. 168. no. 102761. pp. 1–26.
  3. Luo J.-Z., Shan C., Cai J., Liu Y. IoT Application-Layer Protocol Vulnerability Detec-tion using Reverse Engineering // Symmetry. 2018. vol. 10. no. 561. pp. 1–13.
  4. Johnson D., Ketel M. IoT: Application Protocols and Security // International Journal of Computer Network and Information Security. 2019. vol. no. 11. pp. 1–8.
  5. Nebbione G. Calzarossa M.C. Security of IoT Application Layer Protocols: Challeng-es and Findings // Future Internet. 2020. vol. 12. no. 55. pp. 1–20.
  6. Alghamdi T., Lasebae A., Aiash M. Security Analysis of the Constrained Application Protocol in the Internet of Things // Second International Conference on Future Gen-eration Communication Technologies (FGCT 2013). 2013. pp. 163–168.
  7. Ватаманюк И.В., Яковлев Р.Н. Обобщенные теоретические модели киберфизи-ческих систем // Известия Юго-Западного государственного университета. 2019. № 23(6). С. 161–175.
  8. Korzun D. et al. Ambient Intelligence Services in IoT Environments: Emerging Re-search and Opportunities // IGI Global. 2019.
  9. Zavyalova Y.V., Korzun D.G., Meigal A.Y., Borodin A.V. Towards the Development of Smart Spaces-Based Socio-Cyber-Medicine Systems // International Journal of Em-bedded and Real-Time Communication Systems (IJERTCS). 2017. pp. 45–63
  10. Kayal P. Perros H. A comparison of IoT application layer protocols through a smart parking implementation // 2017 20th Conference on Innovations in Clouds, Internet and Networks. 2017. pp. 331–336.
  11. Dizdarevic J., Carpio F., Jukan A., Masip X. A Survey of Communication Protocols for Internet of Things and Related Challenges of Fog and Cloud Computing Integra-tion // ACM Computing Surveys. 2019. vol. 51. no. 6. pp. 1–29.
  12. Naik N. Choice of effective messaging protocols for IoT systems: MQTT, CoAP, AMQP and HTTP // Proceedings of the 2017 IEEE International Systems Engineering Symposium. 2017. pp. 1–7.
  13. Селезнёв С.П., Яковлев В.В. Архитектура промышленных приложений IoT и протоколы AMQP, MQTT, JMS, REST, COAP, XMPP, DDS // International Journal of Open Information Technologies. 2019. № 5. С. 17–28.
  14. Dinculean D. Vulnerabilities and Limitations of MQTT Protocol Used between IoT Devices // Applied Sciences. 2019. vol. 9. no. 848. pp. 1–10.
  15. Andy S., Rahardjo B., Hanindhito B. Attack scenarios and security analysis of MQTT communication protocol in IoT system // 2017 4th International Conference on Elec-trical Engineering, Computer Science and Informatics. 2017. pp. 1–6.
  16. Firdous S.N., Baig Z., Valli C., Ibrahim A. Modelling and Evaluation of Malicious Attacks against the IoT MQTT Protocol // Proceedings of the 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). 2017. pp. 748–755.
  17. Jarvinen I., Raitahila I., Cao Z., Kojo M. Is CoAP Congestion Safe? // ANRW '18: Proceedings of the Applied Networking Research Workshop. 2018. pp. 43–49.
  18. Roselin A.G. et al. Exploiting the Remote Server Access Support of CoAP Protocol // IEEE Internet of Things Journal. 2019. pp. 9338–9349.
  19. Park C. Security Architecture for Secure Multicast CoAP Applications // IEEE Inter-net of Things Journal. 2020. vol. 7. no. 4. pp. 3441–3452.
  20. Wani S.Y. Internet of Things(IoT) Security and Vulnerability // Research proposal. 2018. pp. 1–9.
  21. White R. et al. Network Reconnaissance and Vulnerability Excavation of Secure DDS Systems // Proceedings of the 2019 IEEE European Symposium on Security and Pri-vacy Workshops. 2019. pp. 57–66.
  22. Michaud M., Dean T., Leblanc S. Attacking OMG Data Distribution Service (DDS) Based Real-Time Mission Critical Distributed Systems // Proceedings of the 2018 13th International Conference on Malicious and Unwanted Software. 2018. pp. 68–77.
  23. Malik I. et al. XMPP architecture and security challenges in an IoT ecosystem // Pro-ceedings of the 16th Australian Information Security Management Conference. 2019. pp. 62–73.
  24. Blahut R.E. Principles and practice of information theory. Part 1 // Addison-Wesley. 1987. 458 p.
  25. Ivanov F., Kabatiansky G., Krouk E., Rumenko N. A New Code-Based Cryptosystem // Code-Based Cryptography Workshop. 2020. pp. 41–49.
  26. Bahl L., Cocke J., Jelinek F., Raviv J. Optimal decoding of linear codes for minimizing symbol error rate (Corresp.) // IEEE Transactions on Information Theory. 1974. vol. 20. no. 2. pp. 284–287.
  27. Ivanov F., Kreshchuk A., Zyablov V. On the Local Erasure Correction Capacity of Convolutional Codes // 2018 International Symposium on Information Theory and Its Applications. 2018. pp. 296–300.
  28. Zyablov V.V., Ivanov F.I., Potapov V.G. Comparison of various constructions of bina-ry LDPC codes based on permutation matrices // Journal of Communications Tech-nology and Electronics. 2012. vol. 57. pp. 932–945.
  29. Berrou C. et al. An overview of turbo codes and their applications // The European Conference on Wireless Technology. 2005. pp. 1–9.
  30. Arikan E. Channel Polarization: A Method for Constructing Capacity-Achieving Codes for Symmetric Binary-Input Memoryless Channels // IEEE Transactions on Information Theory. vol. 55. no. 7. pp. 3051–3073.
  31. Zhilin I., Ivanov F., Zyablov V. Generalized Error Locating Codes with Soft Decoding of Inner Codes // Proceedings of European Wireless 2015; 21th European Wireless Conference. 2015. pp. 1–5.
  32. ГОСТ Р 34.11–2012. Информационная технология. Криптографическая защита информации. Функция хэширования // М.: Госстандарт России. 2012.
  33. ГОСТ Р 34.13–2015. Информационная технология. Криптографическая защита информации. Режимы работы блочных шифров // М.: Госстандарт России. 2015.
  34. ГОСТ Р 34.10–2012. Информационная технология. Криптографическая защита информации. Процессы формирования и проверки электронной цифровой под-писи // М.: Госстандарт России. 2012.
  35. Bali R.S., Jaafar F., Zavarasky P. Lightweight Authentication for MQTT to Improve the Security of IoT Communication // Proceedings of the 3rd International Conference on Cryptography, Security and Privacy. 2019. pp. 6–12.
  36. Malina L. et al. A Secure Publish/Subscribe Protocol for Internet of Things // Pro-ceedings of the 14th International Conference on Availability, Reliability and Securi-ty. 2019. pp. 1–10.
  37. Singh M., Rajan M.A., Shivraj V.L., Balamuralidhar P. Secure MQTT for Internet of Things (IoT) // Proceedings of the 2015 Fifth International Conference on Communi-cation Systems and Network Technologies. 2015. pp. 746–751.
  38. Dinculeana D., Cheng X. Vulnerabilities and Limitations of MQTT Protocol Used between IoT Devices // Applied Sciences. 2019. vol. 9. no. 848. pp. 1–10.
  39. Niruntasukrat A. et al. Authorization mechanism for MQTT-based Internet of Things // Proceedings of the 2016 IEEE International Conference on Communications Workshops. 2016. pp. 290–295.
  40. Calabretta M., Pecori R., Veltri L. A Token-based Protocol for Securing MQTT Communications // Proceedings of the 2018 26th International Conference on Soft-ware, Telecommunications and Computer Networks. 2018. pp. 1–6.
  41. Bisne L., Parmar M. Composite secure MQTT for Internet of Things using ABE and dynamic S-box AES // Proceedings of the 2017 Innovations in Power and Advanced Computing Technologies. 2017. pp. 1–5.
  42. Aumasson J.P., Neves S., Wilcox-O’Hearn Z., Winnerlein C. BLAKE2: Simpler, Smaller, Fast as MD5 // Proceedings of the Applied Cryptography and Network Secu-rity. 2013. pp. 119–135.
  43. Kuchta V., Sharma G. Lattice‐Based Cryptography and Internet of Things // IoT Security: Advances in Authentication. 2020. pp. 101–118.
  44. Porambage P., Braeken A., Schmitt C. Public Key Based Protocols – EC Crypto // IoT Security: Advances in Authentication. 2020. pp. 85–99.
  45. Hardt D. The OAuth 2.0 Authorization Framework. URL: https://tools.ietf.org/html/ rfc6749 (дата обращения: 15.03.2020).
  46. Colombo P., Ferrari E. Access Control Enforcement Within MQTT-based Internet of Things Ecosystems // Proceedings of the 23nd ACM on Symposium on Access Con-trol Models and Technologies. 2018. pp. 223–234.
  47. Guo L., Wu J., Xia Z., Li J. Proposed security mechanism for XMPP-based communi-cations of ISO/IEC/IEEE 21451 sensor networks // IEEE Sensors Journal. vol. 15. no. 5. pp. 2577–2586.
  48. Iglesias-Urkia M., Orive A., Urbieta A., Casado-Mansilla D. Analysis of CoAP im-plementations for industrial Internet of Things: A survey // Procedia Computer Sci-ence. 2017. vol. 109. pp. 188–195.
  49. Hussein A. Elhajj I., Chehab A., Kayssi A. Securing Diameter: Comparing TLS, DTLS, and IPSec // 2016 IEEE International Multidisciplinary Conference on Engineering Technology. 2016. pp. 1–8.
  50. Boo E., Raza S, Höglund J., Ko J. Towards Supporting IoT Device Storage and Net-work Security Using DTLS // MobiSys '19: Proceedings of the 17th Annual Interna-tional Conference on Mobile Systems, Applications, and Services. 2019. pp. 570–571.
  51. Shah V. Exploit DTLS Vulnerabilities & Provide a Novel approach to Protect DTLS in CoAP based IoT // International Journal for Research in Applied Science and Engi-neering Technology. 2020. vol. 8. pp. 216–221.
  52. Albalas F., Al-Soud M., Almomani O., Almomani A. Security-aware CoAP Application Layer Protocol for the Internet of Things using Elliptic-Curve Cryptography // International Arab Journal of Information Technology. 2018. vol. 15. no. 3A. pp. 550–558.
  53. Capossele A., Cervo V., Cicco G.D., Petrioli C. Security as a CoAP resource: An optimized DTLS implementation for the IoT // Proceedings of the 2015 IEEE Interna-tional Conference on Communications. 2015. pp. 549–554.
  54. Banerjee U. et al. An Energy-Efficient Reconfigurable DTLS Cryptographic Engine for Securing Internet-of-Things Applications // IEEE Journal of Solid-State Circuits. 2019. vol. 54. no. 8. pp. 2339–2352.
  55. Nakamoto S. Bitcoin: A Peer-to-Peer Electronic Cash System. URL: https://bitcoin.org/bitcoin.pdf (дата обращения: 15.05.2020).
  56. Fernández-Caramés T.M., Fraga-Lamas P. A review on the application of blockchain to the next generation of cybersecure industry 4.0 smart factories // IEEE Access. 2019. vol. 7. pp. 45201–45218.
  57. Alladi T., Chamola V., Parizi R.M., Choo K.-K.R. Blockchain Applications for Industry 4.0 and Industrial IoT: A Review // IEEE Access. 2019. vol. 7. pp. 176935–176951.
  58. Aceto G., Persico V., Pescapé A. A Survey on Information and Communication Tech-nologies for Industry 4.0: State-of-the-Art, Taxonomies, Perspectives, and Challeng-es // IEEE Communications Surveys & Tutorials. 2019. vol. 21. no. 4. pp. 3467–3501.
  59. Fernández-Caramés T.M., Fraga-Lamas P. A Review on the Use of Blockchain for the Internet of Things // IEEE Access. 2018. vol. 6. pp. 32979–33001.
  60. Zhaofeng M. et al. Blockchain-Enabled Decentralized Trust Management and Secure Usage Control of IoT Big Data // IEEE Internet of Things Journal. 2020. vol. 7. no. 5. pp. 4000–4015.
  61. Baniata H., Kertesz A. A Survey on Blockchain-Fog Integration Approaches // IEEE Access. 2020. vol. 8. pp. 102657–102668.
  62. Bhushan B. et al. Blockchain for smart cities: A review of architectures, integration trends and future research directions // Sustainable Cities and Society. 2020. vol. 61. pp. 1–27.
  63. Saberi S., Kouhizadeh M., Sarkis J., Shen L. Blockchain technology and its relation-ships to sustainable supply chain management // International Journal of Production Research. 2019. vol. 57. no. 7. pp. 2117–2135.
  64. Fu Y., Zhu J. Big production enterprise supply chain endogenous risk management based on blockchain // IEEE Access. 2019. vol. 7. pp. 15310–15319.
  65. Kshetri N. 1 Blockchain’s roles in meeting key supply chain management objectives // International Journal of Information Management. 2018. vol. 39. pp. 80–89.
  66. Yu C., Jiang X., Yu S., Yang C. Blockchain-based shared manufacturing in support of cyber physical systems: concept, framework, and operation // Robotics and Computer-Integrated Manufacturing. 2020. vol. 64. pp. 1–15.
  67. Li M. et al. Blockchain-enabled Secure Energy Trading with Verifiable Fairness in Industrial Internet of Things // IEEE Transactions on Industrial Informatics. 2020. vol. 16. no. 10. pp. 6564–6574.
  68. Han D., Zhang C., Ping J., Yan Z. Smart contract architecture for decentralized energy trading and management based on blockchains // Energy. 2020. vol. 199. pp. 1–14.
  69. Lu H., Huang K., Azimi M., Guo L. Blockchain technology in the oil and gas industry: A review of applications, opportunities, challenges, and risks // IEEE Access. 2019. vol. 7. pp. 41426–41444.
  70. Anwar H., Arasu M., Ahmed Q. Ensuring fuel economy performance of commercial vehicle fleets using blockchain technology // Proceedings of SAE World Congress Experience (WCX 2019). 2019. pp. 1510–1516.
  71. Pan J. et al. EdgeChain: An edge-IoT framework and prototype based on blockchain and smart contracts // IEEE Internet of Things Journal. 2018. vol. 6. no. 3. pp. 4719–4732.
  72. Seitz A. et al. Fog computing as enabler for blockchain-based IIoT app marketplaces-A case study // Proceedings of the 2018 Fifth international conference on internet of things: systems, management and security. 2018. pp. 182–188.
  73. Koshy P., Babu S., Manoj B.S. Sliding Window Blockchain Architecture for Internet of Things // IEEE Internet of Things Journal. 2020. vol. 7. no. 4. pp. 3338–3348.
  74. Luo J., Chen Q., Yu F.R., Tang L. Blockchain-enabled software-defined industrial internet of things with deep reinforcement learning // IEEE Internet of Things Journal. 2020. vol. 7. no. 6. pp. 5466–5480.
  75. Ge C., Liu Z., Fang L. A blockchain based decentralized data security mechanism for the Internet of Things // Journal of Parallel and Distributed Computing. 2020. vol. 141. pp. 1–9.
  76. Chi J. et al. A secure and efficient data sharing scheme based on blockchain in indus-trial Internet of Things // Journal of Network and Computer Applications. 2020. vol. 167. pp. 1–10.
  77. Li D., Hu Y., Lan M. IoT device location information storage system based on block-chain // Future Generation Computer Systems. 2020. vol. 109. pp. 95–102.
  78. Cebe M. et al. Block4Forensic: An Integrated Lightweight Blockchain Framework for Forensics Applications of Connected Vehicles // IEEE Communications Magazine. 2018. vol. 56. no. 10. pp. 50–57.
  79. Rathee G. et al. A blockchain framework for securing connected and autonomous vehicles // Sensors. 2019. vol. 19. no. 14. pp. 1–15.
  80. Qian Y. et al. Blockchain-Based Privacy-Aware Content Caching in Cognitive Inter-net of Vehicles // IEEE Network. 2020. vol. 34. no. 2. pp. 46–51.
  81. Евсютин О.О., Кокурина А.С., Мещеряков Р.В. Обзор методов встраивания ин-формации в цифровые объекты для обеспечения безопасности в «интернете ве-щей» // Компьютерная оптика. 2019. Т. 43. № 1. С. 137–154.
  82. Al-Shayea T.K., Mavromoustakis C.X., Batalla J.M., Mastorakis G. A hybridized methodology of different wavelet transformations targeting medical images in IoT in-frastructure // Measurement. 2019. vol. 148. pp. 1–14.
  83. Prasetyo H., Hsia C.-H., Liu C.-H. Vulnerability attacks of SVD-based video watermarking scheme in an IoT environment // IEEE Access. 2020. vol. 8. pp. 69919–69936.
  84. Liu J. et al. Robust Watermarking Algorithm for Medical Volume Data in Internet of Medical Things // IEEE Access. 2020. vol. 8. pp. 93939–93961.
  85. Peng H., Yang B., Li L., Yang Y. Secure and Traceable Image Transmission Scheme Based on Semitensor Product Compressed Sensing in Telemedicine System // IEEE Internet of Things Journal. 2020. vol. 7. no. 3. pp. 2432–2451.
  86. Pu Y.-F., Zhang N., Wang H. Fractional-Order Spatial Steganography and Blind Ste-ganalysis for Printed Matter: Anti-Counterfeiting for Product External Packing in Internet-of-Things // IEEE Internet of Things Journal. 2019. vol. 6. no. 4. pp. 6368–6383.
  87. Evsutin O. et al. Algorithm for Embedding Digital Watermarks in Wireless Sensor Networks Data with Control of Embedding Distortions // Proceedings of the 2nd In-ternational Conference on Distributed and Computer and Communication Networks (DCCN 2019). 2019. pp. 574–585.
  88. Hoang T.-M., Bui V.-H., Vu N.-L., Hoang D.-H. A Lightweight Mixed Secure Scheme based on the Watermarking Technique for Hierarchy Wireless Sensor Networks // Proceedings of the 34th International Conference on Information Networking (ICOIN 2020). 2020. pp. 649–653.
  89. Xiao X., Gao G. Digital Watermark-Based Independent Individual Certification Scheme in WSNs // EEE Access. 2019. vol. 7. pp. 145516–145523.
  90. Wang B., Kong W., Li W., Xiong N.N. A dual-chaining watermark scheme for data in-tegrity protection in internet of things // Computers, Materials and Continua. 2019. vol. 58. no. 3. pp. 679–695.
  91. Ferdowsi A., Saad W. Deep Learning for Signal Authentication and Security in Mas-sive Internet-of-Things Systems // IEEE Transactions on Communications. 2018. vol. 67. no. 2. pp. 1371–1387.
  92. Hameed K. et al. Towards a for-mally verified zero watermarking scheme for data integrity in the Internet of Things based-wireless sensor networks // Future Generation Computer Systems. 2018. vol. 82. pp. 274–289.
  93. Nguyen V.-T. et al. A lightweight watermark scheme utilizing MAC layer behaviors for wireless sensor networks // Proceedings of the 3rd International Conference on Recent Advances in Signal Processing, Telecommunications and Computing (SigTelCom 2019). 2019. pp. 176–180.
  94. Huang H., Zhang L. Reliable and Secure Constellation Shifting Aided Differential Radio Frequency Watermark Design for NB-IoT Systems // IEEE Communications Letters. 2019. vol. 23. no. 12. pp. 2262–2265.
  95. Rubio-Hernan J., De Cicco L., Garcia-Alfaro J. Adaptive control-theoretic detection of integrity attacks against cyber-physical industrial systems // Transactions on Emerging Telecommunications Technologies. 2018. vol. 29. no. 7. pp. 1–17.
  96. Song Z., Skuric A., Ji K. A Recursive Watermark Method for Hard Real-Time Indus-trial Control System Cyber-Resilience Enhancement // IEEE Transactions on Automation Science and Engineering. 2020. vol. 17. no. 2. pp. 1030–1043.
  97. Zhao B. et al. Y-DWMS: A Digital Watermark Management System Based on Smart Contracts // Sensors. 2019. vol. 19. no. 14. pp. 1–17.
  98. Qian Y. et al. Blockchain-Based Privacy-Aware Content Caching in Cognitive Inter-net of Vehicles // IEEE Network. 2020. vol. 34. no. 2. pp. 46–51.
  99. Zhang C. et al. Blockchain-Enabled Accountability Mechanism Against Information Leakage in Vertical Industry Services // IEEE Transactions on Network Science and Engineering. 2020.
  100. Chen J., Gupta V., Quevedo D., Tesi P. Privacy and security of cyberphysical sys-tems // International Journal of Robust and Nonlinear Control. 2020. vol. 30. pp. 4165–4167.
  101. Lin H., Alemzadeh H., Iyer R. Challenges and Opportunities in the Detection of Safety-Critical Cyberphysical Attacks // Computer. 2020. vol. 53. no. 3. pp. 26–37.
  102. Iskhakov A., Meshcheryakov R. Intelligent System of Environment Monitoring on the Basis of a Set of IOT-Sensors // 2019 International Siberian Conference on Control and Communications. 2019. pp. 1–5.
  103. Iskhakov A., Iskhakova A., Meshcheryakov R. Dynamic Container Virtualization as a Method of IoT Infrastructure Security Provision. Cyber-Physical Systems and Con-trol. Lecture Notes in Networks and Systems. 2020. vol. 95. pp. 482–490.

补充文件

附件文件
动作
1. JATS XML
下载

Согласие на обработку персональных данных с помощью сервиса «Яндекс.Метрика»

1. Я (далее – «Пользователь» или «Субъект персональных данных»), осуществляя использование сайта https://journals.rcsi.science/ (далее – «Сайт»), подтверждая свою полную дееспособность даю согласие на обработку персональных данных с использованием средств автоматизации Оператору - федеральному государственному бюджетному учреждению «Российский центр научной информации» (РЦНИ), далее – «Оператор», расположенному по адресу: 119991, г. Москва, Ленинский просп., д.32А, со следующими условиями.

2. Категории обрабатываемых данных: файлы «cookies» (куки-файлы). Файлы «cookie» – это небольшой текстовый файл, который веб-сервер может хранить в браузере Пользователя. Данные файлы веб-сервер загружает на устройство Пользователя при посещении им Сайта. При каждом следующем посещении Пользователем Сайта «cookie» файлы отправляются на Сайт Оператора. Данные файлы позволяют Сайту распознавать устройство Пользователя. Содержимое такого файла может как относиться, так и не относиться к персональным данным, в зависимости от того, содержит ли такой файл персональные данные или содержит обезличенные технические данные.

3. Цель обработки персональных данных: анализ пользовательской активности с помощью сервиса «Яндекс.Метрика».

4. Категории субъектов персональных данных: все Пользователи Сайта, которые дали согласие на обработку файлов «cookie».

5. Способы обработки: сбор, запись, систематизация, накопление, хранение, уточнение (обновление, изменение), извлечение, использование, передача (доступ, предоставление), блокирование, удаление, уничтожение персональных данных.

6. Срок обработки и хранения: до получения от Субъекта персональных данных требования о прекращении обработки/отзыва согласия.

7. Способ отзыва: заявление об отзыве в письменном виде путём его направления на адрес электронной почты Оператора: info@rcsi.science или путем письменного обращения по юридическому адресу: 119991, г. Москва, Ленинский просп., д.32А

8. Субъект персональных данных вправе запретить своему оборудованию прием этих данных или ограничить прием этих данных. При отказе от получения таких данных или при ограничении приема данных некоторые функции Сайта могут работать некорректно. Субъект персональных данных обязуется сам настроить свое оборудование таким способом, чтобы оно обеспечивало адекватный его желаниям режим работы и уровень защиты данных файлов «cookie», Оператор не предоставляет технологических и правовых консультаций на темы подобного характера.

9. Порядок уничтожения персональных данных при достижении цели их обработки или при наступлении иных законных оснований определяется Оператором в соответствии с законодательством Российской Федерации.

10. Я согласен/согласна квалифицировать в качестве своей простой электронной подписи под настоящим Согласием и под Политикой обработки персональных данных выполнение мною следующего действия на сайте: https://journals.rcsi.science/ нажатие мною на интерфейсе с текстом: «Сайт использует сервис «Яндекс.Метрика» (который использует файлы «cookie») на элемент с текстом «Принять и продолжить».