TO THE CONCEPT OF A PROTECTED OPERATION SYSTEM

Information systems and technologies security Pub Date : 1900-01-01 DOI:10.17721/ists.2019.1.42-51

Oleksii Bychkov

{"title":"TO THE CONCEPT OF A PROTECTED OPERATION SYSTEM","authors":"Oleksii Bychkov","doi":"10.17721/ists.2019.1.42-51","DOIUrl":null,"url":null,"abstract":"At the present stage of the use of information technologies in society, the issue of information protection becomes important. Operating systems play a major role in this. They are assigned the role of protectors of all user data and access rights. The authors of the article were tasked with proposing a classification of the use of operating systems and with the requirements for mechanisms of protection of information under this classification. In the article: - the existing security standards that are implemented in modern operating systems are analyzed. Existing security standards are outlined (Trusted Computer System Evaluation Criteria «Orange Book», TCSEC, ISO 17799). In the Orange Book, a trusted system is defined as \"a system that uses sufficient hardware and software to provide simultaneous processing of information of varying secrecy by a group of users without violating access rights.\" Security mechanisms and security classes of modern operating systems and BS 7799 security management model are also considered; this standard contains a systematic, complete, universal list of safety regulators, useful for the organization of almost any size, structure and scope information security management system. The standard Information Security Management System (ISMS) refers to the proportion of the overall risk-based management system designed to design, implement, control, maintain and improve information security activities. This system consists of organizational structures, policies, planning actions, responsibilities, procedures, processes and resources; - the analysis of the mechanisms of the complex system of information security (CSIS) and security, which are implemented in modern operating systems; - classification of operating system usage variants in information and telecommunication systems is offered. Requirements for information security mechanisms for operating systems according to the proposed classification are defined; - requirements for operating system information security standard and requirements for OS security mechanisms within the usage class are proposed","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information systems and technologies security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.17721/ists.2019.1.42-51","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

At the present stage of the use of information technologies in society, the issue of information protection becomes important. Operating systems play a major role in this. They are assigned the role of protectors of all user data and access rights. The authors of the article were tasked with proposing a classification of the use of operating systems and with the requirements for mechanisms of protection of information under this classification. In the article: - the existing security standards that are implemented in modern operating systems are analyzed. Existing security standards are outlined (Trusted Computer System Evaluation Criteria «Orange Book», TCSEC, ISO 17799). In the Orange Book, a trusted system is defined as "a system that uses sufficient hardware and software to provide simultaneous processing of information of varying secrecy by a group of users without violating access rights." Security mechanisms and security classes of modern operating systems and BS 7799 security management model are also considered; this standard contains a systematic, complete, universal list of safety regulators, useful for the organization of almost any size, structure and scope information security management system. The standard Information Security Management System (ISMS) refers to the proportion of the overall risk-based management system designed to design, implement, control, maintain and improve information security activities. This system consists of organizational structures, policies, planning actions, responsibilities, procedures, processes and resources; - the analysis of the mechanisms of the complex system of information security (CSIS) and security, which are implemented in modern operating systems; - classification of operating system usage variants in information and telecommunication systems is offered. Requirements for information security mechanisms for operating systems according to the proposed classification are defined; - requirements for operating system information security standard and requirements for OS security mechanisms within the usage class are proposed

查看原文本刊更多论文

到受保护操作系统的概念

在信息技术应用于社会的现阶段，信息保护问题变得十分重要。操作系统在其中扮演着重要的角色。他们被赋予保护所有用户数据和访问权限的角色。本文作者的任务是提出操作系统使用的分类，并提出在这种分类下保护信息的机制要求。本文分析了在现代操作系统中实现的现有安全标准。现有的安全标准概述(可信计算机系统评估标准«橙皮书»，TCSEC, ISO 17799)。在橙皮书中，可信系统被定义为“一个系统，它使用足够的硬件和软件，在不侵犯访问权限的情况下，为一组用户提供不同保密信息的同时处理。”还考虑了现代操作系统的安全机制和安全等级以及BS 7799安全管理模型;本标准包含了一个系统的、完整的、通用的安全法规清单，适用于几乎任何规模、结构和范围的信息安全管理体系的组织。标准的信息安全管理体系(ISMS)是指为设计、实施、控制、维护和改进信息安全活动而设计的基于风险的整体管理体系所占的比例。该系统包括组织结构、政策、计划行动、职责、程序、过程和资源;-分析在现代操作系统中实施的复杂信息安全系统(CSIS)和安全机制;-提供了信息和电信系统中操作系统使用变体的分类。根据建议的分类定义了操作系统信息安全机制的要求;-建议操作系统资讯安全标准的要求，以及在使用类别内操作系统安全机制的要求

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Information systems and technologies security

自引率

0.00%

发文量