scholarly journals Improvement of the Regulatory Framework of Information Security for Terminal Access Devices of the State Information System

2020 ◽  
Vol 24 (2) ◽  
pp. 73-79
Author(s):  
V. A. Sizov ◽  
D. M. Malinichev ◽  
V. V. Mochalov
Keyword(s):  
Information System ◽  
Information Systems ◽  
Information Security ◽  
Operating Systems ◽  
Personal Data ◽  
The State ◽  
Regulatory Framework ◽  
File Server ◽  
State Information ◽  
Computer Equipment

The aim of the study is to increase the effectiveness of information security management for state information systems (SIS) with terminal access devices by improving regulatory legal acts that should be logically interconnected and not contradict each other, as well as use a single professional thesaurus that allows understanding and describe information security processes.Currently, state information systems with terminal access devices are used to ensure the realization of the legitimate interests of citizens in information interaction with public authorities [1].One of the types of such systems are public systems [2]. They are designed to provide electronic services to citizens, such as paying taxes, obtaining certificates, filing of applications and other information. The processed personal data may belong to special, biometric, publicly available and other categories [3]. Various categories of personal data, concentrated in a large volume about a large number of citizens, can lead to significant damage as a result of their leakage, which means that this creates information risks.There are several basic types of architectures of state information systems: systems based on the “thin clientpeer-to-peer network systems; file server systems; data processing centers; systems with remote user access; the use of different types of operating systems (heterogeneity of the environment); use of applications independent of operating systems; use of dedicated communication channels [4]. Such diversity and heterogeneity of state information systems, on the one hand, and the need for high-quality state regulation in the field of information security in these systems, on the other hand, require the study and development of legal acts that take into account primarily the features of systems that have a typical modern architecture of “thin customer". Materials and research methods. The protection of the state information system is regulated by a large number of legal acts that are constantly being improved with changes and additions to the content. At the substantive level, it includes many stages, such as the formation of SIS requirements, the development of a security system, its implementation, and certification. The protected information is processed in order to enforce the law and ensure the functioning of the authorities. The need to protect confidential information is determined by the legislation of the Russian Federation [5, 6]. Therefore, to assess the quality of the regulatory framework of information security for terminal access devices of the state information system, the analysis of the main regulatory legal acts is carried out and on the basis of it, proposals are developed by analogy to improve existing regulatory documents in the field of information security.Results. The paper has developed proposals for improving the regulatory framework of information security for terminal access devices of the state information system- for uniformity and unification, the terms with corresponding definitions are justified for their establishment in the documents of the Federal Service for Technical and Export Control (FSTEC) or Rosstandart;- rules for the formation of requirements for terminals, which should be equivalent requirements for computer equipment in the “Concept for the protection of computer equipment and automated systems from unauthorized access to information ".Conclusion. General recommendations on information protection in state information systems using the “thin client" architecture are proposed, specific threats that are absent in the FSTEC threat bank are justified, and directions for further information security for the class of state information systems under consideration are identified. Due to the large number of stakeholders involved in the coordination and development of unified solutions, a more specific consideration of the problems and issues raised is possible only with the participation of representatives of authorized federal executive bodies and business representatives for discussion.

scholarly journals CHOICE OF MEANS OF INFORMATION SECURITY FOR GOVERNMENT INFORMATION SYSTEMS

2019 ◽  
Vol 9 ◽  
pp. 54-60
Author(s):  
Alina Zhumaeva ◽  
Valentina Yalbaeva ◽  
Polina Zviagintcheva ◽  
Valentin Selifanov
Keyword(s):  
Information System ◽  
Information Systems ◽  
Information Security ◽  
Intrusion Detection ◽  
The State ◽  
Government Information ◽  
State Information

The article deals with the problem of choosing the means of information security in the state information system, namely firewalls and intrusion detection. Thе problem is relevant since information security is in demand more than ever.

scholarly journals SECURITY SYSTEMS USED WITH VIRTUALIZATION TECHNOLOGY

2019 ◽  
Vol 6 (2) ◽  
pp. 150-158
Author(s):  
Angelika Pechyonkina ◽  
Valentin Selifanov
Keyword(s):  
Information System ◽  
Information Systems ◽  
Personal Data ◽  
Security Systems ◽  
State Information ◽  
Security Service ◽  
Virtualization Technology ◽  
Network Equipment ◽  
Modern Information ◽  
A Company

It’s impossible to imagine a modern information system without virtualized components – servers, remote workstations (VDI), network equipment. The competent approach is necessary to protect these environments. If information system of a company processes information that is subjected to mandatory protection in accordance with requirements of Russian legislation (for example, personal data or information processed in state information systems), then only certified security devices that have passed the procedure of compliance assessment by regulators – the Federal Security Service of Russia and the FSTEC of Russia. The use of these protection means will ensure the required level of information security.

scholarly journals EFFICIENCY EVALUATION OF PROTECTION TOOLS OF STATE INFORMATION SYSTEMS

2019 ◽  
Vol 6 (1) ◽  
pp. 115-121
Author(s):  
Anastasiya Goldobina ◽  
Valentin Selifanov
Keyword(s):  
Information System ◽  
Information Systems ◽  
Information Security ◽  
Public Information ◽  
Information Leakage ◽  
Security System ◽  
Efficiency Evaluation ◽  
Confidential Information ◽  
State Information ◽  
Public Information Systems

Protection components of state information system represent the uniform mechanism capable to protect confidential information. If one of protection elements does not work effectively, it will become a problem for the entire information security system. Public information systems need to take into account all available ways to prevent information leakage, for this, operators should evaluate the efficiency. This article proposes possible solutions of the problem.

scholarly journals State information system “AITS”: features of formation and directions of development

2021 ◽  
Vol 59 (3) ◽  
pp. 340-349
Author(s):  
I. V. Bryula
Keyword(s):  
Information System ◽  
Information Systems ◽  
Animal Husbandry ◽  
The State ◽  
Farm Animals ◽  
Accounting System ◽  
The European Union ◽  
State Information ◽  
Is Implementation ◽  
The Republic

Animal breeding is a strategic branch of agri-business in the Republic of Belarus, focused on solving social and economic issues and ensuring national food security. Currently, its development is innovations based, forming a high level of the country’s production and export potential. In the world ranking by the end of 2020, the Republic of Belarus took the 5th place in terms of milk exports (4.8 million tons). As world experience shows, the key direction is implementation of electronic identification of animals as an accounting system in agriculture, including assigning identification number to an animal by tagging, registering information about it in a database and issuing an appropriate passport. The paper summarizes and systematizes legal, organizational and financial conditions for creation and functioning of national information systems in Australia, Argentina, Brazil, Great Britain, the European Union, Canada, the Netherlands, the USA, Switzerland, and Japan. It has been determined that absence of a system for identifying the registration of farm animals leads to distortion of data on the number of livestock, and also creates obstacles for selection work and livestock breeding, decreases efficiency of antiepizootic measures, and inhibits international trade in animals and animal products. In development of this, the necessity of this process in the Republic of Belarus, feasibility of creating the state information system “AITS” (SIS AITS) and corresponding management structure – SI “Center for information systems in animal husbandry” are substantiated. With Gomel region as an example, peculiarities of planning and implementation of process of identification and registration of farm animals are disclosed, the main indicators of the efficiency of SIS AITS for 2013–2020 are analyzed. The advantages of commodity producers of the Republic of Belarus in the context of strengthening production and marketing and export potential and reducing risks in the domestic and foreign markets are substantiated. The issues presented in the article are of interest in determining measures for implementation of the State Program “Agrarian Business” for 2021-2025 and a strategy for the export of agricultural products and food products for the period up to 2025.

MONITORING OF GOODS TURNOVER AS A SPECIAL FORM OF STATE CONTROL

2021 ◽  
pp. 108-113
Author(s):  
E. G. Kovalenko
Keyword(s):  
Information System ◽  
Special Form ◽  
The State ◽  
State Control ◽  
Information Function ◽  
State Information ◽  
Control Functions ◽  
And Control

The article studies the features of monitoring of goods turnover, including marking of goods, as well as turnover in the state information system of monitoring over turnover of goods involved in the relations of the operator issuing the codes, marking, collecting information, its storage and provision. The marking functions are defined: the function of analysis of wholesale and retail turnover, information function, identifying and control functions

scholarly journals PRACTICAL IMPLEMENTATION OF THE MODEL OF FORMATION OF CADETS' READINESS TO ENSURE INFORMATION SECURITY IN PROFESSIONAL ACTIVITIES

2021 ◽  
Vol 1 ◽  
pp. 119-129
Author(s):  
Dmitry Dvoretsky ◽  
Natalia Kolesnikova ◽  
Oksana Makarkina ◽  
Kira Lagvilava
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Information Technologies ◽  
The State ◽  
Practical Implementation ◽  
Positive Trend ◽  
Pedagogical Tools ◽  
Professional Activities ◽  
Security Issues ◽  
The Stability

The mass introduction of information technologies in the activities of state structures has made it possible to transfer the efficiency of their functioning to a qualitatively new level. Unfortunately, as a means of action, they have characteristic vulnerabilities and can be used not only for good, but also for harm. For the state, as a guarantor of the stability of a civilized society, the issue of ensuring the security of information processing is particularly important. Despite the automation of many information processes, the most vulnerable link in the work of information systems remains a person. A person acts as an operator of information systems and a consumer of information. The entire service process depends on the competence of the operator and the quality of his perception. There are areas of government activity where the cost of error is particularly high. These include ensuring the life and health of citizens, protecting public order and the state system, and ensuring territorial integrity. The specifics of the spheres must be taken into account when ensuring the security of information. This study concerns official activities that are provided by paramilitary groups. Currently, there is a discrepancy in the level of competence of new personnel in the first months of service. The author traces the shortcomings of general and special professional qualities in the field of information security. The purpose of the study is to substantiate certain pedagogical means of forming cadets ' readiness to ensure information security. As forms of theoretical knowledge, we will use the traditional hypothesis and model, as well as functionally distinguishable judgments – problem, assumption, idea and principle. Empirical forms of knowledge will be observation (experimental method) and fixation of facts. To evaluate the effectiveness of the developed pedagogical tools, we use statistical methods: observation (documented and interrogated) and calculation of generalizing indicators. To formulate conclusions, we will use logical methods: building conclusions and argumentation. The approbation of certain pedagogical tools described in this article showed a significant positive trend in terms of competence in information security issues.

scholarly journals Using XML schemas to structure information models of capital construction facilities

Vestnik MGSU ◽  
2020 ◽  
pp. 1570-1583
Author(s):  
Sergey A. Volkov ◽  
Tatiana V. Khripko
Keyword(s):  
Information System ◽  
Life Cycle ◽  
Information Systems ◽  
Management Information System ◽  
Information Model ◽  
Management Information ◽  
State Information ◽  
Building Information ◽  
Capital Construction ◽  
Urban Planning Management

Introduction. Building Information Modeling (BIM) is an auspicious approach that supports management and exchange of semantically rich 3D models across design disciplines. Recently, BIM has gained widespread acceptance in the AEC industry, and it improves the efficiency and quality of the process by facilitating the early exchange of 3D building models. At different stages of the life cycle, a building information model is gradually refined from rough conceptual design to detailed individual components. The task is to develop mechanisms for machine verification (authentication) of data transmitted to/from different systems (for example, from a customer to an expert evaluation authority, from a contractor to the urban planning management information system or any other state information system) in the form of an information model of capital construction facilities or certain components of an information model. Materials and methods. To substantiate the choice of the language employed to describe machine-readable documents, various use cases of XML schemas were analyzed, including the use of the Google Trends tool. Information systems, implemented in the Russian Federation, were also considered. Most of them use the W3C XML Schema language to describe XSD schemas. Results. A consolidated list of XML schemas, necessary and sufficient to maintain stages of the life cycle of a capital construction facility in terms of interaction with the Urban Planning Management Information System is presented. To ensure interaction between the life cycle participants and state information systems, it is necessary to have the list of XML schemas approved at the federal level. The paper presents matrixes of scenarios for the application of XML schemas in the following coordinates: participants, life cycle stages. Conclusions. XML schemas can be supplemented in respect of various stages of a life cycle of a capital construction faci-lity to be verified with due regard for further methodological approaches and changes in regulatory and technical acts; new approaches and the need for this supplementation must be substantiated.

scholarly journals Model and Technique for Abonent Address Masking in Cyberspace

2020 ◽  
pp. 2-13
Author(s):  
Vadim Kuchurov ◽  
◽  
Roman Maximov ◽  
Roman Sherstobitov ◽  
◽  
...  
Keyword(s):  
Information System ◽  
Information Systems ◽  
Information Security ◽  
Information Exchange ◽  
Information Technologies ◽  
System Structure ◽  
Security Requirements ◽  
Kolmogorov Equation ◽  
Basic Set ◽  
Technical Solutions

Regulators charge to counter information security threats against the structural and functional characteristics of the information system to ensure the information security requirements. These requirements include information system structure and composition, information technologies and functioning characteristics, physical and logical, functional and technological interconnections between information system segments. They order false components of information system emulation as a basic step of protection, as well as information technologies hiding, information system configuration management and its switching to predetermined configuration that provides a protection. However that steps are not included into basic set and they protection aims are reached with compensative assets, formalizing and implementing inhibitory orders and set of organizational and technical measures on threat source. The purpose of research – to disclose and to state main ways of search of new technical solutions for structure masking of distributed information systems in cyberspace implementing masking traffic taking into account the requirements for the timeliness of information exchange. The method of research – operations research in the face of uncertainty, the application of the theory of Markov processes and Kolmogorov equation for solving the problem of increasing the efficiency of masking exchange. The result of research – finding the probabilistic and temporal characteristics of the functioning process of the data transmission network when applying technical solutions for information systems masking in cyberspace. The results obtained make it possible to explicitly implement protection measures aimed at forming persistent false stereotypes among violators about information systems and control processes implemented with their help.

scholarly journals THE CONCEPT OF IMPLEMENTATION OF THE STATE INFORMATION POLICY AND ENSURING INFORMATION SECURITY OF UKRAINE (IN THE CONDITIONS OF THE CONFLICT WITH THE RUSSIAN FEDERATION)

2021 ◽  
Author(s):  
O. Voitko ◽  
V. Onishchuk
Keyword(s):  
Information Security ◽  
Information Policy ◽  
The State ◽  
Armed Conflicts ◽  
State Information ◽  
World Information ◽  
Psychological Operations ◽  
Definition Of ◽  
Internal And External Factors ◽  
Political Governance

The events analysis since the beginning of the aggravation of relations between Ukraine and Russia evidences about the inefficiency of information policy, incoordination of activity of different subjects of ensuring the information security of the state, the weak presence of Ukraine in the world information space etc. At the same time, the problems of ensuring the information security of the state and realization of effective set of counter-propaganda measures, realization of information policy, aimed at consolidating Ukrainian society and the international community for the purpose of suppression of armed aggression are identified by the higher military-political governance of Ukraine as the most priority. Various internal and external factors negatively affect at the ability of Ukraine to adequately respond to challenges and risks in the military sphere. The insufficient and unprofessional efforts of Ukraine’s state authorities in the field of counteraction to the Russian Federation’s propaganda and information-psychological operations are the most important ones. That’s why there’s necessity of development the system of opinions and determination of the plan of the higher military-political governance’s of Ukraine actions regarding the implementation of state information policy and providing of information security of Ukraine and legislative definition of a conceptual document. Besides the importance of this fact consist in that after the restoration of the territorial integrity of Ukraine the main aims of military policy will be prevention the emergence of new armed conflicts, systematic strengthen the state's defense capability and increasing the role and authority of Ukraine in the international area.

USING BLOCKCHAIN TECHNOLOGY TO DEVELOP A CORPORATE INFORMATION SYSTEM IN A PROTECTION PERFORMANCE

2020 ◽  
pp. 399-408
Author(s):  
Петр Юрьевич Филяк ◽  
Максим Константинович Постников ◽  
Семен Евгеньевич Федоров ◽  
Александр Григорьевич Остапенко ◽  
Андрей Петрович Преображенский
Keyword(s):  
Information System ◽  
Information Systems ◽  
Information Security ◽  
Business Processes ◽  
Corporate Information System ◽  
Blockchain Technology ◽  
Block Chain ◽  
Corporate Information Systems ◽  
Corporate Information

В условиях развития информационного общества (Knowledgeable society - KS) информационные системы стали неотъемлемой частью любой организации, даже самой малой, независимо от реализуемых ими бизнес-процессов. Такие информационные системы принято называть корпоративными информационными системами (КИС), или Corporate Information System (CIS). Особые требования при разработке КИС предъявляются к обеспечению их информационной безопасности, что может быть реализовано путем разработки КИС в защищенном исполнении. Технологии blockchain являются очень перспективными не только при применении их в традиционных сферах - производстве, сервисе, на транспорте, но и для решения проблем безопасности и информационной, в частности. Анализу данной проблемы и подходам к ее решению и посвящена данная статья. At present, in the context of the development of Knowledgeable society, information systems are at now an integral part of any organization, even the smallest, regardless of the business processes they implement. Such information systems are commonly referred to as Corporate Information Systems (CIS). Special requirements for the development of CIS are made to ensure their information security, which can be achieved by developing a protected version of the CIS. In this article is considered the analysis of this problem and approaches to its solution. Block Chain technologies are very promising not only when applying them in traditional spheres - manufacturing, service, transport, but also to solve security and information problems, in particular.

Sign in / Sign up

Export Citation Format

Share Document