Ustinov, D. Essence of information security / D. Ustinov. // International Journal of Humanities and Natural Sciences. - 2017. - 12. - S. 146-151.
The essence of information security
D . Ustinov, master student
Siberian Institute of Management,Russian branch oh academy and national owner stva and public service
(Russia, Novosibirsk)
Annotation. The article deals with the essence of information security O sti. The legal definition of this category was analyzed. The main aspects of security have been studied, as a goal of information security. Suggested understand A information security content based on the formation of active security A shields of critical interests and passive protection, as creating conditions for the development of society and the economy. Differences in the methods of providing information without O safety in these areas.
Keywords : and information security, state of security, critical e sky infrastructure, critical interests, active protection, passive protection, b social and economic development.
The development of modern society is largely based on the use of information resources. Information has ceased to be only one of the factors of production, and information management is no longer the prerogative of only corporate structures. Information in s also acts as a special kind of social asset, and its peculiarity is the following at does not consider the formation of simultaneous positions of representatives of society as O consumers of information and as participants in its creation. The development of the role of information in society is promoted not only by the creation of new environments dstv sv ide and algorithms arr A bots of information embodied in pr O gram products. The main driving force behind the growth in the importance of information for society and the economy should be considered a change in attitudes towards information. WITH e current information becomes a product, at the same time determines the conditions of general e natural development. Therefore, the consistent implementation of the concept of information security acquires unconditional significance.
Currently info r concept mation safety are created at the state at donation level in many countries of the world. The reason is quite obvious, I zana with practical needs in prevention of negative consequences impact on the economic and b public infrastructure is malicious O th software ( PO ), as well as others factors that threaten the development of the information sphere about b creatures. However, to date, the boundaries of the concept of information security are not fully defined. e us, although this concept is presented, including at the level of Russian law about giving.
It is quite obvious that, in the absence of a clear understanding of information security, in particular, the demarcation of the boundaries in which the policy of information And security must be carried out, it is impossible and it is impossible to develop truly effective measures to ensure T the absence of threats of critical impact on information infrastructure facilities To tours, as well as community life. By men b at least, in the absence of an unambiguous p O understanding the essence of information without O security, including its boundaries, cannot be created at reasonable cost With topics of information security (SZI - str To tours, technical facilities and Software for ensuring information security O sti), as well as the elements are distributed according to the levels of responsibility.
Rice. 1 . Elements of a legal definition of information security
In particular, the legal definition of information security has formed about wano in p. 2 Information Security Doctrines . For clarity, the element n you legal definition of information n security are shown in fig. n ke 1. The information presented on it showsthat the elements of the legal about P The definitions contain indications of the list of objects in respect of which the "protected state" must be implemented. O sti”, as well as on the target parameters of these objects. Essentially, formed n conceptual list of objects and conditions O viy, which should be guided by the alignment of information without O the safety of the state. However, in l e a gallant definition follows, first of all e th, note the absence of a clearly marked n new concept of security. protection n ness can be interpreted from the point of view of the absence of threats, the ability of the information security system to act V but counter threats, or sp about the ability to prevent the impact of threats on protected objects.
X security characteristics, pr And suitable for local information security facilities created, as a rule, in large companies, either in the authorities are not fully suitablefor a global understanding of information And onnoy security, because, taking into account paragraph.8 Doctrines, informational without O safety should mean, in essence, the protection of all the most significant aspects of public life and the state T vein management. On a similar scale A bang, the very essence of information security is changing, since we are talking about building social relations, moreover, about the formation of principles b but different, in comparison with the existing approach to understanding security.
The property of security as a key characteristic of the essence of information n security cannot be understood as control over every byte of information exchanged between fields b callers, and every gadget that O potentially hackable R sky attack. This is practically impossible to achieve at reasonable economic costs. Another important factor is the social T venous efficiency since it provides e protection values in any case about h starts certain costs to the society, the restrictions that it may face in the implementation of measures info R mation safety. Therefore, the general e essential costs of providing information R mational safety must be at least acceptable. From here, oh e it can be seen that an expanded understanding of information security can be formulated as the presence of active protection And aimed at preventing damage to critical infrastructure, n A equal to creating conditions for normal b activities of the company, including the h development of the economy.
The component of creating normal conditions for social development is defined e is of particular importance O understanding of information at the level of society, its role in economic development, especially n but when it comes to industrial relations. As a rule, the use of the concept of information security based on information security leads to restrictions in terms of the free circulation of information, which corresponds to an active level of security. A shields in information security. On the contrary, creating conditions for social development means T the absence of passive threats to information n noah sphere of development of society. In private O However, it is obvious that the active development of smartphone platforms is determined by public interests, but it is possible and the possibility of limiting the functionality of these platforms by third-party users l And by third states is, of course, a threat of information without O pasture. At the same time, it is a threat With strong character.Therefore, probably b O it is preferable not to block the threat O PS (in the case of platforms for smart phones O new to do this is unrealistic), and to develop the software industry at the national level, sp O to serve the public O information exchange needs.
Then, taking into account the characteristics of the Nazi O nal interests in the field of information And information security, its content can be presented in the form of Figure 2. Figure 2 shows that the ways to implement security within the framework of information security differ depending on the priorities. At the same time, the concept of crit And The physical infrastructure can obviously be included in the broader concept of critical interests. In particular, taking into account the security of personal yes n nyh, this also includes safety h information. At the same time, this I tie is wider than only the concept of personal data, established by Art.7 of the Law "On Personal Data", And includes, security issues of personal financial and personal information. Therefore, it would be more reasonable to understand personal data as social values indicated in h. 1 st. 24 Const and regulations of the Russian Federation and other confidential information. In this sense, information And Ongoing safety in the order of active protection should be directed to e warning of unauthorized With dumb to this information. In addition, it should be included in the list of objects a To active protection normal operating conditions With operation of information means without O security and critical infrastructure. In contrast to the protection of critical infra A structures, there is in view of the creation such mechanisms, which in combination at prevent the impact on these objects, and in their relationship(Fig. 2.).
Rice . 2. Information security content
The issue of attributing international and n interests to critical interests at is sufficiently debatable, however, the creation of conditions for the general e economic and economic development, in addition to international cooperation, refers to the field of information security within the country.
At the same time, at the international level, the concept of “soft And ly”, which in practice does not exclude h the possibility of pressure on Russian inter e sy from the international community T va. Moreover, since such experience exists, it is obvious that in this respect e there must be some active protection.
The area of passive protection can be defined as all interests, not including n listed as critical, first of all, it is the freedom of circulation of information A tions and conditions for the development of the economy, including individual industries. One of the components of the conditions of socialdevelopment should be considered the creation of real opportunities for participation in b society in the affairs of the state and the creation and n institutions of interaction between the state and society, in particular, within the T military control and public initiatives. R The development of society means the development of culture, and in a broad sense O understanding, including, this is an opportunity for familiarization with cultural life, os O especially in those cases when such communion is impossible in any other way. The most characteristic example is the regions of the Far North, where Internet access is sometimes the only way to contact with civilization, including acquaintance with cultural novelties. Obviously, this aspect of information A rational safety is no less important than others. Implementation of composition data V lyayuschih information security differs in methods and means. In about t a give administrative methods, communication n nye with prohibitions. From an organizational point of view, technical methods of achieving security prevail. With regard to social development, b permission methods should be called, while economic means should prevail e social promotion of social development. First of all, it must be financial And development of these areas in comp e ties with other economic incentives at llamas. Wherein , taking into account the presented boundaries of information security, it is possible to speak more reasonably about the distribution of responsibilities in the field of its provision between different levels of government. In particular, the role of regional authorities in ensuring and n formation security from the point of view e development of society and economy at the level of individual regions. Regional authorities within the limits of their powers should form mechanisms of passive protection And you in relation to public and economic O mic development.
Thus, the essence of information And security, it is proposed to define e pour as the creation of active protection in about T carrying critical interests, for example V lennoy, first of all, on the warning and reducing damage to critical infrastructure at re, as well as the formation of conditions for the normal development of the economy and the general e stva. Security in these areas is implemented in various ways. In about T carrying critical interests predominately A give administrative methods, use b technical protection means yes n nyh. With respect to public and eq O economic development, the method of permission prevails, mainly using at there are means of economic encouragement of the development of society and the economy in terms of their information security.
2. About personal data: Federal Law No. 27.07.2006152-FZ (as amended on July 29, 2017)// SZ RF. - 31.07.2006. – No. 31 (1 hour). - from v. 3451.
3. On the foundations of publiccontrol in the Russian Federation: Federal Law of July 21, 2014 No.212-FZ (as amended on 07/03/2016) // SZ RF. – 07/28/2014. – No. 30 (Part I). - from v. 4213.
4. About consideration of publicinitiatives sent by citizens of the Russian Federation usingInternet resource"Russian Public Initiative": Decree of the President of the Russian Federation dated 04.03.2013 No. 183 (as amended on 06/23/2014) // SZ RF. – 03/11/2013. – No. 10. - Art. 1019.
5. On the Approval of the Doctrineinformation security of the Russian Federation: Decree of the President of the Russian Federation dated 05.12.2016 No. 646 // SZ RF. - 12.12.2016. – No. 50. - Art. 7074.
THE ESSENCE OF INFORMATION SECURITY
D. Ustinov, graduate student
Siberian institution of administration, branch of Russian presidential academy of national economy and public administration
(Russia, Novosibirsk)
abstract. The article covers the questions of the information security's substance. It contains the legal analysis of the one as well as the survey of different aspects concerning the information security. It is suggested to understand information security regarding to the active protection concerning the critical interests, and the passive protection which is the establishment of ci r cumstances for social and economic development. Also the differences of these elements with respect to the methods of information security’s establishment are stipulated in the article
keywords: Information security, protection condition, critical infrastructure, critical inte r ests, active protection, passive protection, social and economic development.