The Model of Information Security Control in State Information Systems

The control of information protection in state information systems is relevant due to the requirements of the legislation of the Russian Federation, to the value of the information processed in them, to its increasing role in the formation of the modern information society in the Russian Federation, as well as the increasing need for procedures for combining information flows of organizations and enterprises. The article deals with the issues related to the control of information security in state information systems. The analysis of works on this subject reveals a solution to particular problems. Therefore, an integrated formalized approach to solving the problem of protecting information in state information systems, taking into account their specifics, threats and requirements of regulators, is relevant. The information leaks, leakage channels in such systems, as well as threats to information security breaches in state information systems have been analyzed. The most likely threats are cyber-attacks, natural disasters, structural failures and human errors. A formalized model for managing information security in state information systems has been developed, which defines an effective set of protection tools in accordance with the requirements of technical protection measures that can be used to automate the process of monitoring. The formal model aimed at solving the problem of optimizing the used protection mechanisms in relation to the overlapping threats has been proposed. The prospects for the development of this study have been determined.