scholarly journals ASSESSMENT OF COMPLIANCE OF INFORMATION SECURITY MEANS ON SIGNIFICANT OBJECTS OF CRITICAL INFORMATION INFRASTRUCTURES OF THE RUSSIAN FEDERATION

2020 ◽  
Vol 6 (1) ◽  
pp. 155-160
Author(s):  
Julia A. Isaeva ◽  
Anastasiya S. Goldobina ◽  
Dmitry M. Nikulin
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Assessment Process ◽  
Functional Requirements ◽  
Critical Information ◽  
Compliance Assessment ◽  
Information Infrastructures ◽  
Important Means ◽  
The Russian Federation ◽  
Assessment Of Compliance

The need to assess the compliance of information security means depends on the importance of the information, processed at the enterprise. The lack of specific requirements and criteria for conducting an assessment will cause the protection tools to function incorrectly this, in turn, will lead to unpredictable consequences, as well as to the disruption of the functioning of significant objects. Even with the changes made to the legislation of the Russian Federation, there is no specific algorithm for assessment the compliance of certain classes of security tools, such as DLP systems. This article describes the changes made to the legislation and how they will affect the compliance assessment process. The selected security profile, along with GOST 15408-2012, reveals such concepts as functional requirements of trust and security functions. Taking these regulations into account, it is possible to develop a method for conducting compliance assessment for DLP systems, which are an extremely important means of protecting against leaks of confidential information on significant objects of critical information infrastructures.

scholarly journals CONFORMITY ASSESSMENT OF INFORMATION PROTECTION TOOLS IN CRITICAL INFORMATION INFRASTRUCTURES OF THE RUSSIAN FEDERATION

2019 ◽  
Vol 6 (1) ◽  
pp. 203-208
Author(s):  
Julia Isaeva ◽  
Valentin Selifanov
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Russian Federation ◽  
Conformity Assessment ◽  
Information Protection ◽  
Critical Information ◽  
Information Infrastructures ◽  
The Russian Federation

The need for conformity assessment of information security tools at significant objects of critical information infrastructures is demonstrated. In the absence of necessary criteria description for information systems, a possibility of threats implementation appears, which will lead to disruption of functioning of significant objects.

Ensuring the security of critical information infrastructure: the powers of the federal government bodies of the Russian Federation

2019 ◽  
Author(s):  
Ilia Pavlovich Mikhnev ◽  
Svetlana Vladimirovna Mikhneva
Keyword(s):  
Information Security ◽  
Federal Government ◽  
Russian Federation ◽  
Legal Status ◽  
Information Infrastructure ◽  
Critical Information ◽  
Security Service ◽  
Presidential Decree ◽  
Computer Attacks ◽  
The Russian Federation

The article discusses the competences and powers of the state authorities of the Russian Federation within their legal status in the field of ensuring the security of critical information infrastructure. Some functions and authorities in the field of information security have changed in a number of federal executive bodies. In particular, the Federal Security Service, on the basis of a presidential decree, is authorized to create a state system for detecting, preventing and eliminating the consequences of computer attacks on information resources of the Russian Federation. However, not all rights and obligations are enshrined; a number of powers cause the duality of the legal status of certain federal bodies of state power. The clarity and unambiguity of securing the rights and obligations of state bodies authorized in the field of information security are guarantees for effectively ensuring the security of important information infrastructure facilities.

scholarly journals ON THE FORMATION OF LEGAL AND SCIENTIFIC BASES OF ENSURING THE SAFETY OF CRITICAL INFORMATION INFRASTRUCTURE OF THE RUSSIAN FEDERATION

2019 ◽  
Vol 29 (5) ◽  
pp. 644-654
Author(s):  
N.M. Kurbatov
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Critical Infrastructure ◽  
Information Infrastructure ◽  
Significant Information ◽  
Critical Information ◽  
Foreign Countries ◽  
History Of ◽  
The Russian Federation ◽  
Definition Of

The concept of critical information infrastructure is analyzed. The history of its formation and consolidation in the legal space of Russian legislation is considered. The article studies the experience of foreign countries in the field of ensuring information security in general and protecting critical infrastructure in particular. The relevance of the chosen topic is due to the course taken by the Russian Federation for the development of the information society in the country, as well as the need to protect significant information systems and resources of state authorities. The author of the article reveals the terms included in the definition of critical information infrastructure, enshrined in the legislation of the Russian Federation. In conclusion, the main problems of the considered regulatory legal acts are highlighted, recommendations are given on the further development of the information security system of critical infrastructure.

scholarly journals FEATURES OF INTELLIGENT INFORMATION SECURITY MANAGEMENT SYSTEMS FOR CRITICAL INFORMATION INFRASTRUCTURE OBJECTS

2020 ◽  
Vol 6 (2) ◽  
pp. 99-104
Author(s):  
Valeria A. Tabakaeva ◽  
Igor N. Karmanov ◽  
Vladimir R. An
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Intelligent Systems ◽  
Information Technologies ◽  
Information Infrastructure ◽  
Management Systems ◽  
Information Security Management ◽  
Critical Information ◽  
The Russian Federation ◽  
Intelligent Information

The article discusses the problem of using intelligent systems in managing information security of critical information infrastructure objects. Currently, the development of information technologies reached the point of transition to widespread use of various intelligent systems. At the same time, their application is also noted in the sphere of ensuring the security of significant objects of critical information infrastructure of the Russian Federation. Cybersecurity parameter management systems have a special place as fundamental elements for ensuring security during operation, as well as responding to external and internal incidents with the required efficiency and speed. In the course of the research, we select ways to solve such problems as choosing a threat model and protection system architecture for an object of critical information infrastructure of the Russian Federation.

INTERSUBJECTIVE INTERACTION AS A SOURCE OF DESTRUCTIVE INFLUENCES ON THE SUBJECT OF CRITICAL INFORMATION INFRASTRUCTURE

2021 ◽  
Vol 54 (2) ◽  
pp. 71-80
Author(s):  
MAKSIMOVA ELENA A. ◽  
◽  
SADOVNIKOVA NATALYA P. ◽  
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Information Infrastructure ◽  
Destructive Effect ◽  
Methodological Basis ◽  
Critical Information ◽  
The Subject ◽  
The Russian Federation ◽  
Methodological Assessment ◽  
The Stability

With the introduction of No. 187-FL in 2017, new priorities have been identified in the Russian Federation at the level of ensuring the stability and information security of society and the state as a whole. The issues of the security of the functioning of the subjects of the critical information infrastructure (CII) are identified as priorities. However, regulatory legal acts introduced on this issue are considered without a methodological assessment of intersubjective interaction at the level of the CII. At the same time, not taking this factor into account when building a security system at CII facilities reduces its effectiveness, brings a destructive effect to the system and can be considered as a vulnerability at the infrastructure level. In this article, the elements of the methodological basis for considering intersubjective interaction as a source of destructive influence on the subject of critical information infrastructure are proposed. The result of the analysis of the types of intersubjective relationships within the areas of functioning of the CII.

ALGORITHM FOR DETERMINING THE DEGREE VALUES OF CONFIDENTIAL DOCUMENTS OF THE ORGANIZATION

2017 ◽  
pp. 80-88
Author(s):  
Sergey Valerevich Belov ◽  
Irina Mikhalovna Kosmacheva ◽  
Irina Vyacheslavovna Sibikina
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Value Of Information ◽  
Weighting Factor ◽  
State Regulation ◽  
The State ◽  
Information Security Management ◽  
Pair Comparison ◽  
The Russian Federation ◽  
Properties Of Information

To solve the problem of information security management the method was proposed that allows determining the degree of importance of confidential documents of the organization. The urgency of the proposed algorithm was substantiated taking into account the requirements of the legislation of the Russian Federation in the sphere of information security. The stages prior to the formation of the list of confidential documents of the organization were described. A review of the main documents of the legal and regulatory framework was carried out including documents relating to the state regulation of relations in the sphere of information security. The classes of protected information for the accessing categories were considered. The criteria changes of the value of information in the process of time were represented. The algorithm of formation of the list of confidential documents of the organization based on the properties of information was offered. The algorithm is based on an expert method of pair comparison of alternatives. The result of the use of this method is a number of confidential documents, ranked in descending order of importance. For each document the weighting factor of importance can be calculated. The verification stage of the degree of expert consistency was included in the methodology to eliminate the use of erroneous expert data. The application of the methodology is illustrated by a calculated example.

scholarly journals Legal and criminological analysis of the implementation of the «digital biography» of the student

2021 ◽  
pp. 90-100
Author(s):  
М.Ф. Гареев
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Digital Technology ◽  
Digital Technologies ◽  
Ministry Of Education ◽  
The Russian Federation ◽  
Criminological Analysis

В настоящей статье рассматривается инициатива Министерства просвещения Российской Федерации о введении «цифровой биографии студента». Дается правовой и криминологический анализ данной инициативы, анализируются последствия введения цифровой технологии. Специальное внимание уделяется прогнозу о росте детской преступности и возможности использования цифровых технологий в области образования криминальными элементами. Утверждается, что эти проблемы затрагивают вопросы информационной безопасности страны. This article examines the initiative of the Ministry of Education of the Russian Federation to introduce a “digital student biography”. A legal and criminological analysis of this initiative is given, the consequences of the introduction of digital technology are analyzed. Special attention is paid to the forecast of the growth of child crime and the possibility of using digital technologies in the field of education by criminals. These issues are said to affect the country's information security.

scholarly journals Communication regimes of the Central Asian states in the context of the national security interests of the Russian Federation

2021 ◽  
Vol 1 (2) ◽  
pp. 80-95
Author(s):  
N. P. Gribin
Keyword(s):  
Information Security ◽  
National Security ◽  
Russian Federation ◽  
Positive Impact ◽  
Legal Framework ◽  
Information Structures ◽  
Role Of The State ◽  
Central Asian ◽  
The Russian Federation

The article reveals the content of the destructive influence of Western countries on the communication regimes and information space of the friendly Central Asian states, which poses a threat to their national security and contradicts the national interests of the Russian Federation. The importance of joint efforts with the states of the Central Asian region, including those in the format of the SCO and CSTO regional organizations, to ensure information security and a positive impact on the communication regimes of this region is noted. Attention is drawn to the role of national mass media in the arsenal of tools for influencing the minds and psychology of the population of Central Asian countries and in this regard gives a description of Western information structures that exercise such influence, the mechanisms of their functioning and the way to neutralize their activities. The dynamism of the matter under study and its subjection to changes in the balance of power in the international arena are noted. The role of the state in ensuring information security and protecting citizens from distorted information and communication influence is analyzed separately. The paper suggests considerations regarding the organization of a systematic counteraction to the destructive actions of individual states in the information field of countries in Central Asia, in particular, it suggests the need to create a comprehensive system, together with the Russian Federation, to block and neutralize malicious information and propaganda materials, and also a proposal regarding the creation of a global communication order based on the formation of an international legal framework for rational civilized regulation of country communication regimes at the global and regional levels.

Sign in / Sign up

Export Citation Format

Share Document