NBI TechnologiesPub Date : 2018-08-01DOI: 10.15688/NBIT.JVOLSU.2018.1.4
T. Zangiev, E. Tarasov, V. Sotnikov, Zalina Tugusheva, Fatima Gunay
{"title":"About One Approach to the Selection of Information Protection Facilities","authors":"T. Zangiev, E. Tarasov, V. Sotnikov, Zalina Tugusheva, Fatima Gunay","doi":"10.15688/NBIT.JVOLSU.2018.1.4","DOIUrl":"https://doi.org/10.15688/NBIT.JVOLSU.2018.1.4","url":null,"abstract":"Much attention in the sphere of information technology is paid to the aspects of information security, due to the growing damage. As a result of damage increase, there is a quantitative and qualitative growth in the market of software and hardware for information security. At the same time, new alternatives to existing information security tools are being developed, as well as means of protection against new vectors of attacks associated, for example, with the spread of the concept of ‘Internet of things’, big data and cloud technologies. At the same time, the analysis of information security incidents at enterprises that actively use information security tools shows that the use of information security systems does not provide the required level of protection for information objects that remain susceptible to attacks. According to recent studies, the share of corporate systems in the Russian Federation containing critical vulnerabilities associated with incorrect configuration of information security systems makes up more than 80 %. At the same time, the costs of Russian companies to ensure information security are increasing by an average of 30 % per year. The article presents current problems related to the conflicting requirements to the design of complex information security systems (CISS). The authors suggest an approach to selection and configuration of the CISS facilities based on the role model of M. Belbin in the interpretation of the CISS as a command that will allow building an integrated information protection circuit. The cases of manifestation of synergism and emergence, which ensure the effective functioning of the system, have been described.","PeriodicalId":205855,"journal":{"name":"NBI Technologies","volume":"233 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124363906","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
NBI TechnologiesPub Date : 1900-01-01DOI: 10.15688/NBIT.JVOLSU.2018.3.5
I. Rybina, A. Kupriyanov, K. Guzhakovskaya
{"title":"Development of the Security Subsystem within the System “The Network City. Education”","authors":"I. Rybina, A. Kupriyanov, K. Guzhakovskaya","doi":"10.15688/NBIT.JVOLSU.2018.3.5","DOIUrl":"https://doi.org/10.15688/NBIT.JVOLSU.2018.3.5","url":null,"abstract":"“The Network City. Education” is a comprehensive information program project that allows educational institutions and municipal authorities to interact with each other at the city or city district level. This information system is designed to automate the educational process and management activities in the field of education, as it allows you to create a common educational space.\u0000To perform the task of automating the control over the educational structure, it is necessary to think over the solution not only for individual schools, but for all educational institutions.\u0000It assumes gradual automation of all educational institutions, with formation of the information environment for these institutions and regional governments on the basis of the coordinated information standards.\u0000The aim of this work is to develop a subsystem of security system “The Network City. Education”. The article analyzes the given information system and formulates a typical architecture of the information system, highlights its components. We also develop a security subsystem “The Network City” within the system “The Safety School”. Actual possible threats have been considered as the components of the developed standard architecture of the information system. Mechanisms of protection against the allocated threats are considered.","PeriodicalId":205855,"journal":{"name":"NBI Technologies","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130903763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
NBI TechnologiesPub Date : 1900-01-01DOI: 10.15688/NBIT.JVOLSU.2018.3.3
Dmitriy Klenin, E. Maksimova
{"title":"The Model of Intrusion into the Information System","authors":"Dmitriy Klenin, E. Maksimova","doi":"10.15688/NBIT.JVOLSU.2018.3.3","DOIUrl":"https://doi.org/10.15688/NBIT.JVOLSU.2018.3.3","url":null,"abstract":"Categories ‘attack’, ‘intrusion’ and ‘incident’ of information security are defined. The types of intrusions into the information system are revealed, and their brief analysis is given. The proposed model of intrusion into the information system will allow to increase its efficiency at almost all stages of the information security system life cycle. The use of the proposed model is associated with the solution of specific practical problems in the field of information security, including the definition of vulnerabilities of the information system. The latter, in turn, is necessary to determine the elements of the protection system. For example, at the design stage of the information security system, when choosing software protection you need to take into account the location of the intruder relative to the attacked object.\u0000When working with functioning systems of information protection, i.e. at the solution of questions of modernization or optimization, changes in the system of information security are resolved in accordance with statistical data for the intrusion into the information system with available results of information security incidents, with the forecast data.\u0000Thus, the proposed model of intrusion into the information system is one of the external conditions when working with the information system of the organization (enterprise) may well determine (set) the level of risk of information security of the enterprise.","PeriodicalId":205855,"journal":{"name":"NBI Technologies","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116863356","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
NBI TechnologiesPub Date : 1900-01-01DOI: 10.15688/nbit.jvolsu.2018.3.1
Dmitry Tershukov
{"title":"Analysis of Modern Information Security Threats","authors":"Dmitry Tershukov","doi":"10.15688/nbit.jvolsu.2018.3.1","DOIUrl":"https://doi.org/10.15688/nbit.jvolsu.2018.3.1","url":null,"abstract":"In the modern world, knowledge and awareness have become the most important products, services have taken the lead, the global information space is rapidly developing, while modern information technologies represent not only new opportunities in solving various problems, but also create fundamentally new challenges and threats. The emergence of new information technologies and systems, the development and expansion of the functions of social networks, the introduction of a variety of services in social networks and their algorithmization have created tools for turning the historical process of human development from uncontrollable to manageable and even projected, there are opportunities to create a reality that does not correspond to reality, to influence the mass consciousness of millions of people around the world.\u0000Currently, specialists in the field of information security require knowledge and skills that are at the intersection of various fields of knowledge: information technology, psychology, political science, law, criminology.\u0000Meanwhile, graduates of technical universities do not always have sufficient knowledge and skills to properly assess the actions of the violator of information security, to understand the political component of the problems of information security. Graduates of humanities universities are not sufficiently versed in the specifics of threats to information security, the physical nature of the channels of information leakage. The way out of this situation can be the use of a system of retraining and advanced training of specialists in information protection.","PeriodicalId":205855,"journal":{"name":"NBI Technologies","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125862670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
NBI TechnologiesPub Date : 1900-01-01DOI: 10.15688/nbit.jvolsu.2018.3.2
R. Romanov
{"title":"The Basic Principles of Information Protection in the Russian Federation in the Transition to a Digital Economy","authors":"R. Romanov","doi":"10.15688/nbit.jvolsu.2018.3.2","DOIUrl":"https://doi.org/10.15688/nbit.jvolsu.2018.3.2","url":null,"abstract":"The modern stage of development of society is characterized by the increasing role of the information sphere. The information sphere is a set of information, information infrastructure, entities engaged in the collection, formation, distribution and use of information, as well as a system of regulation of public relations arising in this process.\u0000The expansion of the areas of application of information technologies, as a factor of economic development and improvement of the functioning of public and state institutions, at the same time generates new information threats. The situation is significantly complicated by the confrontation between the Russian Federation and the West, which directly affects the sphere of national interests of the Russian Federation and poses a direct threat to the national security of the country, the key element of which is information security.\u0000There is a constant growth of computer attacks on Russian information resources, the number of attacks has increased significantly in recent years. At the same time, the methods, means and tactics of such attacks are being improved, and their intensity directly depends on the current international situation.\u0000Terrorist and extremist materials are openly distributed in the global network. The number of crimes committed with the use of information technologies, for example, illegal penetrations into the corporate networks of state and credit and financial institutions, has increased. The article analyzes the requirements for the security of important objects of critical information infrastructure of the Russian Federation. It is shown that they should be performed at all stages of the life cycle during the creation (modernization), operation and decommissioning of a significant object.","PeriodicalId":205855,"journal":{"name":"NBI Technologies","volume":"96 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115896388","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
