scholarly journals The Model of Information Security Control in State Information Systems

2019 ◽  
pp. 16-22
Author(s):  
Aleksey Babenko ◽  
Svetlana Kozunova
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Russian Federation ◽  
Formal Model ◽  
Cyber Attacks ◽  
Protection Measures ◽  
State Information ◽  
Security Breaches ◽  
The Russian Federation ◽  
Structural Failures

The control of information protection in state information systems is relevant due to the requirements of the legislation of the Russian Federation, to the value of the information processed in them, to its increasing role in the formation of the modern information society in the Russian Federation, as well as the increasing need for procedures for combining information flows of organizations and enterprises. The article deals with the issues related to the control of information security in state information systems. The analysis of works on this subject reveals a solution to particular problems. Therefore, an integrated formalized approach to solving the problem of protecting information in state information systems, taking into account their specifics, threats and requirements of regulators, is relevant. The information leaks, leakage channels in such systems, as well as threats to information security breaches in state information systems have been analyzed. The most likely threats are cyber-attacks, natural disasters, structural failures and human errors. A formalized model for managing information security in state information systems has been developed, which defines an effective set of protection tools in accordance with the requirements of technical protection measures that can be used to automate the process of monitoring. The formal model aimed at solving the problem of optimizing the used protection mechanisms in relation to the overlapping threats has been proposed. The prospects for the development of this study have been determined.

scholarly journals DIGITAL TRANSFORMATION OF URBAN PLANNING

2021 ◽  
Vol 26 (1) ◽  
pp. 110-121
Author(s):  
Andrey M. Tararin ◽  
Keyword(s):  
Information System ◽  
Information Systems ◽  
Urban Planning ◽  
Russian Federation ◽  
Digital Transformation ◽  
Federal State ◽  
State Information ◽  
State Register ◽  
The Russian Federation ◽  
Capital Construction

The purpose of the study is to reveal the features of the development of information support for urban planning in the context of digital transformation. The article summarizes new material on the topic under study: the latest amendments to the Urban Planning Code of the Russian Federation and relevant by-laws, prospects for the implementation of the national program "Digital Economy of the Russian Federation". The study provides a historical analysis of the development of information sup-port for urban planning. Particular attention is paid to the creation in the subject of the Russian Federa-tion of state information systems for ensuring urban planning with the functions of automated infor-mation and analytical support for the exercise of powers in the field of urban development (GISFUD) and the role of GIS technologies in its implementation. As a result of the study, there was proposed a scheme of information interaction between GISFUD and other information systems, including the Federal State Information System of Territorial Planning, the Federal State Information System for maintaining the Unified State Register of Real Estate, the Federal Information Address System, and the Unified State Register of expert conclusions for design documentation of capital construction facilities and the State Information System for maintaining a Unified Electronic Cartographic Basis for the ex-change of spatial data in order to provide automated support for the exercise of powers in the field of urban planning. The article defines the main trend of the digital transformation of urban planning ac-tivities, characterized by the transition to the provision of integrated services in the construction indus-try and the introduction of super services, as well as by the distribution of information models of capi-tal construction facilities and 3D printing in construction. It gives recommendations for digital trans-formation parameters in urban planning.

Conceptual Conditions of the State Policy in the Field of Digital Transformation of Society

2018 ◽  
pp. 12-17
Keyword(s):  
Russian Federation ◽  
Information Society ◽  
Knowledge Society ◽  
Information Policy ◽  
Cyber Attacks ◽  
The State ◽  
State Information ◽  
Digital Space ◽  
The Russian Federation ◽  
Goals And Objectives

The article discusses the factors and conditions for the development of the information society in the Russian Federation. The new conceptual elements of the state information policy that were established in the Strategy for information society development in the Russian Federation are analyzed. The main characteristics of the knowledge society and the digital economy are revealed. Their importance in transforming of state and public life is emphasized. The author believes that in modern digital space the signifi cance of reliability of information considerably arises. The author also identifi es some problems. First, for many people a digital space of knowledge remains inaccessible. Second, enhancement of the opportunities provided by the Internet increases the number of cyber-attacks against the interests of states, society, and individuals. Third, development of computer technologies has encouraged the shift of peoples’ perception of the world from scientifi c, cultural, and educational information to entertaining and how-to-do information. Implementation of the goals and objectives of the Strategy is intended to adress these challenges

scholarly journals Biometrics in Information Security

2020 ◽  
pp. 30-36
Author(s):  
German Churilin
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Russian Federation ◽  
Point Of View ◽  
Access To Information ◽  
Biometric Recognition ◽  
User Identification ◽  
Biometric Data ◽  
Biometric Systems ◽  
The Russian Federation

To control the access to information systems (IS), user identification and authentication processes play an important role, which allows to identify the user by the identifier and verify its authenticity. In the most common case, these systems are based on a combination of a username and a password, i.e. the user must remember this combination. However, in recent years, the popularity of systems that use human biometric data, which is always with us and can not be forgotten or lost, has increased, which provides certain convenience for users, since they do not need to remember anything or present any identity documents. This article focuses on biometric systems from the point of view of information security. The paper addresses the issues of regulating this area by the legislation of the Russian Federation, the main threats inherent in these systems and ways to minimize them. The article discusses the use of biometric recognition in information systems as part of information security. The authors highlight the risks that may affect security and means to minimize them.

scholarly journals CONFORMITY ASSESSMENT OF INFORMATION PROTECTION TOOLS IN CRITICAL INFORMATION INFRASTRUCTURES OF THE RUSSIAN FEDERATION

2019 ◽  
Vol 6 (1) ◽  
pp. 203-208
Author(s):  
Julia Isaeva ◽  
Valentin Selifanov
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Russian Federation ◽  
Conformity Assessment ◽  
Information Protection ◽  
Critical Information ◽  
Information Infrastructures ◽  
The Russian Federation

The need for conformity assessment of information security tools at significant objects of critical information infrastructures is demonstrated. In the absence of necessary criteria description for information systems, a possibility of threats implementation appears, which will lead to disruption of functioning of significant objects.

scholarly journals INCIDENTS RELATED TO INFORMATION SECURITY AT NUCLEAR INFRASTRUCTURE OBJECTS

2020 ◽  
Vol 20 (1) ◽  
pp. 72-76
Author(s):  
S.V. Mukhachev ◽  
Keyword(s):  
Information Security ◽  
Control Systems ◽  
Russian Federation ◽  
Cyber Attacks ◽  
Federal Law ◽  
The Russian Federation ◽  
And Control ◽  
Infor Mation

The article discusses the chronology and features of incidents related to information secu-rity at nuclear infrastructure facilities. A brief description of incidents in various countries, the motives of the attacks, measures taken to neutralize the measures and consequences are given. The features inherent in each of the cyberattacks are highlighted. It is shown that the problem of the existence of incidents related to information security at nuclear infrastructure facilities arose with the development and implementation of information and control systems usicomputer technology. This is clearly seen in the analysis of the chronology of the described inci-dents. The adoption of the federal law of the Russian Federation “On the security of critical infor-mation infrastructure of the Russian Federation” allows legal means to combat cyber attacks on nuclear infrastructure facilities

scholarly journals DEVELOPMENT OF CYBERSECURITY AUDIT METHODOLOGY FOR STATE INFORMATION SYSTEMS RELATED TO SIGNIFICANT OBJECTS OF CRITICAL INFORMATION INFRASTRUCTURE OPERATING ON THE BASIS OF DATA CENTERS

2020 ◽  
Vol 6 (1) ◽  
pp. 22-30
Author(s):  
Vladimir R. An ◽  
Valeria A. Tabakaeva ◽  
Valentin V. Selifanov
Keyword(s):  
Information Systems ◽  
Russian Federation ◽  
Data Centers ◽  
Information Infrastructure ◽  
State Control ◽  
State Information ◽  
Critical Information ◽  
State Secret ◽  
The Russian Federation ◽  
Support Software

The problem of developing a cybersecurity audit methodology for state information systems related to significant objects (SO) of critical information infrastructure (CII), operating on the basis of data centers is considered. In accordance with the requirements of the legislation, state control is carried out in accordance with the Order of the FSTEC of Russia dated February 11, 2013 №17 “Requirements. Ensuring the protection of information not constituting a state secret.” Currently, there are many international and domestic recommendations and practices to conducting cybersecurity audit of information systems, but they do not meet the existing and emerging requirements in the field of cybersecurity of SO CII of the Russian Federation and cannot be applied without significant improvement. The authors consider the issues that need to be solved in order to develop an audit methodology, analyze existing legislative and regulatory acts of the Russian Federation and Federal Executive bodies authorized in this area, methodological documents (MD) and standards, as well as possible reasons for the current situation. An algorithm of possible actions for conducting a cybersecurity audit in the course of state control is proposed. The algorithm is a result of compiling international practices (standards) and requirements adopted in the Russian Federation, as well as requirements to the necessary tools - vulnerability analysis systems and support software (database management systems).

scholarly journals Developing a Model for Managing the Structure of Information Protection Technical Means in State Information Systems

2019 ◽  
pp. 6-11
Author(s):  
Alexei Babenko
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Formal Model ◽  
Public Information ◽  
Protection System ◽  
Information Protection ◽  
High Demand ◽  
State Information ◽  
Public Information Systems ◽  
The Right

The urgency of the issue of information security in state information systems is justified by the high demand for systems of this class. The effectiveness of public information systems largely depends on the level of their security. Based on this, we formulate the purpose of this study: formalization of the process of managing the composition of the system of information technical protection in state information systems. The paper deals with the problem of managing the composition of the system of information technical protection in state information systems. The author analyzes threats to information security in state information systems. The article defines the criteria of evaluating technical means of information protection in state information systems. The researcher develops a formal model of managing the structure of information technical protection system in state information systems. The developed model of managing the structure of information protection technical means in state information systems allows to determine the most effective structure of the information protection system in state information systems. If the requirements for the analyzed means of information security change, then changing the values in the optimal vector, you can come to the right decision. Consequently, the developed model of managing the structure of information protection technical means in state information systems is universal and effective.

ALGORITHM FOR DETERMINING THE DEGREE VALUES OF CONFIDENTIAL DOCUMENTS OF THE ORGANIZATION

2017 ◽  
pp. 80-88
Author(s):  
Sergey Valerevich Belov ◽  
Irina Mikhalovna Kosmacheva ◽  
Irina Vyacheslavovna Sibikina
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Value Of Information ◽  
Weighting Factor ◽  
State Regulation ◽  
The State ◽  
Information Security Management ◽  
Pair Comparison ◽  
The Russian Federation ◽  
Properties Of Information

To solve the problem of information security management the method was proposed that allows determining the degree of importance of confidential documents of the organization. The urgency of the proposed algorithm was substantiated taking into account the requirements of the legislation of the Russian Federation in the sphere of information security. The stages prior to the formation of the list of confidential documents of the organization were described. A review of the main documents of the legal and regulatory framework was carried out including documents relating to the state regulation of relations in the sphere of information security. The classes of protected information for the accessing categories were considered. The criteria changes of the value of information in the process of time were represented. The algorithm of formation of the list of confidential documents of the organization based on the properties of information was offered. The algorithm is based on an expert method of pair comparison of alternatives. The result of the use of this method is a number of confidential documents, ranked in descending order of importance. For each document the weighting factor of importance can be calculated. The verification stage of the degree of expert consistency was included in the methodology to eliminate the use of erroneous expert data. The application of the methodology is illustrated by a calculated example.

Sign in / Sign up

Export Citation Format

Share Document