Fundamentals of information security in the internal affairs bodies. Ovd activities to ensure information security in the context of media activities Information security ovd
|
Ministry of Internal Affairs of the Russian Federation University of Moscow Faculty of correspondence and evening studies Small Ivanovsky per. House. 2 |
|||||
|
Department of "Jurisprudence" |
|||||
|
Residence address: |
F. Gorbatov |
||||
|
Moscow region |
|||||
|
Istra district |
O. Sergeevich |
||||
|
p. Kostrovo st. Central |
Course 2 (set) 2009 (6 years) |
||||
|
d. 15 sq. 39 |
Group no. 2 |
||||
|
Gradebook No. 7029 |
|||||
|
Test work "Fundamentals of information security in ATS" |
|||||
|
(name of the discipline) |
|||||
|
Theme option number 29 |
|||||
|
Date of receipt of the job by the secretariat |
Date of receipt of work by the department |
||||
|
Date of submission of the work by the secretariat |
Completion date of work check |
||||
|
teacher |
|||||
Modern hardware and software for network protection of computer information.
In general, the means of ensuring the protection of information in terms of preventing deliberate actions, depending on the method of implementation, can be divided into groups:
Technical (hardware) means... These are devices of various types (mechanical, electromechanical, electronic, etc.) that solve information security problems with hardware. They either prevent physical penetration, or, if the penetration did take place, access to information, including by masking it. The first part of the problem is solved by locks, grilles on windows, security alarms, etc. The second - the above-mentioned noise generators, power filters, scanning radios and many other devices that "block" potential channels of information leakage or allow them to be detected. The advantages of technical means are associated with their reliability, independence from subjective factors, and high resistance to modification. Weaknesses - lack of flexibility, relatively large volume and weight, high cost.
Software include programs for user identification, access control, information encryption, removal of residual (working) information such as temporary files, test control of the protection system, etc. The advantages of software tools are versatility, flexibility, reliability, ease of installation, ability to modify and develop. Disadvantages - limited network functionality, the use of some of the resources of the file server and workstations, high sensitivity to accidental or deliberate changes, possible dependence on the types of computers (their hardware).
Mixed hardware and software implement the same functionality as hardware and software separately, and have intermediate properties.
Organizational means consist of organizational and technical (preparation of rooms with computers, laying a cable system, taking into account the requirements of restricting access to it, etc.) and organizational and legal (national legislation and work rules established by the management of a particular enterprise). The advantages of organizational tools are that they allow you to solve many diverse problems, are easy to implement, quickly react to unwanted actions in the network, and have unlimited possibilities for modification and development. Disadvantages - high dependence on subjective factors, including the general organization of work in a particular department.
According to the degree of distribution and availability, software tools are allocated, therefore, they are considered in more detail below. Other tools are used in cases where an additional level of information protection is required.
Data encryption is a kind of information security software and is of particular importance in practice as the only reliable protection of information transmitted over long serial lines from leakage. Encryption forms the last, almost insurmountable "line" of protection against unauthorized attacks. Encryption is often used in conjunction with the more general concept of cryptography. Cryptography includes methods and means of ensuring the confidentiality of information (including using encryption) and authentication. Confidentiality - protection of information from familiarization with its content by persons who do not have the right to access it. In turn, authentication is the establishment of the authenticity of various aspects of information interaction: communication session, parties (identification), content (imitation protection) and source (attribution using a digital signature).
The number of encryption programs used is limited, and some of them are de facto or de jure standards. However, even if the encryption algorithm is not a secret, it is extremely difficult to decrypt (decrypt) without knowing the private key. This property in modern encryption programs is provided in the process of multi-stage transformation of the original open information (plain text in the English language literature) using a key (or two keys - one for encryption and decryption). Ultimately, any complex encryption method (algorithm) is a combination of relatively simple methods.
Classic data encryption algorithms
The following "classic" encryption methods are available:
substitution (simple - one-alphabetic, multi-alphabetic one-loop, multi-alphabetic multi-loop);
permutation (simple, complicated);
gamma (mixing with short, long or unlimited mask).
The resistance of each of the listed methods to decryption without knowing the key is quantified using the Sk index, which is the minimum amount of ciphertext that can be decrypted by means of statistical analysis.
Substitution assumes the use of an alternative alphabet (or several) instead of the original one. In the case of a simple substitution for the characters of the English alphabet, one can propose, for example, the following replacement (see Table 1).
Table 1. An example of substitution of characters for substitution
Original alphabet
A B C D E F G H I J… X Y Z
Alternative alphabet
S O U H K T L X N W… A P J
Permutation potentially provides greater resistance to decryption than substitution, and is performed using a digital key or an equivalent keyword, as shown in the following example. A numeric key consists of non-repeating digits, and its corresponding keyword consists of non-repeating characters. The original text (plain text) is written under the key line by line. The encrypted message (cipher text) is written out column by column in the order as prescribed by the key digits or in the order in which the individual characters of the keyword are located.
Gumming (mixing with a mask) is based on modulo 2 bitwise addition (in accordance with the EXCLUSIVE OR logic) of the original message with a preselected binary sequence (mask). The compact representation of the mask can be numbers in the decimal notation system or some text (in this case, internal character codes are considered - for English text, the ASCII table). In fig. 9.2 shows how the original character "A", when added to the mask 0110 10012, is transformed into the character "(" in the encrypted message.
The operation of summation modulo 2 (EXCLUSIVE OR) is reversible, so that when the encrypted message is added with the same mask (key), the original text is obtained (decryption occurs). Constants of type or e can be used as a mask (key). The greatest resistance to decryption can be provided by using a mask with an infinite length, which is formed by a generator of random (more precisely, pseudo-random) sequences. Such a generator can be easily implemented in hardware or software, for example, using a shift register with feedback, which is used to calculate the error-correcting cyclic code. Accurate reproduction of the pseudo-random sequence in the generator at the receiving end of the line is ensured by setting the same initial state (contents of the shift register) and the same feedback structure as in the generator at the transmitting end.
The listed "classical" encryption methods (substitution, permutation, and gamming) are linear in the sense that the length of the encrypted message is equal to the length of the original text. A non-linear transformation of the substitution type is possible instead of the original characters (or whole words, phrases, sentences) of pre-selected combinations of characters of a different length. Protection of information by the dissection-diversity method is also effective, when the original data is divided into blocks, each of which does not carry useful information, and these blocks are stored and transmitted independently of each other. For text information, the selection of data for such blocks can be performed in groups that include a fixed number of bits, less than the number of bits per character in the encoding table. Recently, the so-called computer steganography (from the Greek words steganos - secret, secret and graphy - recording) has become popular, which is the hiding of a message or file in another message or file. For example, you can hide an encrypted audio or video file in a large information or graphic file. File size - the container must be at least eight times larger than the original file. Examples of common programs that implement computer steganography are S - Tools (for Windows 95 / NT). and Steganos for Windows'95. The actual encryption of information is carried out using standard or non-standard algorithms.
Information security software
Built-in information security tools in network operating systems are available, but they cannot always completely solve problems that arise in practice. For example, network operating systems NetWare 3.x, 4.x provide reliable "layered" data protection from hardware failures and damage. Novell's SFT (System Fault Tolerance) system has three main layers:
SFT Level I provides, in particular, the creation of additional copies of FAT and Directory Entries Tables, immediate verification of each newly written data block to the file server, as well as backing up on each hard disk about 2% of the disk space. If a failure is detected, the data is redirected to the reserved area of the disk, and the bad block is marked as "bad" and is not used in the future.
SFT Level II includes additional options for creating mirrored drives, as well as duplicating disk controllers, power supplies, and interface cables.
SFT Level III allows you to use duplicated servers in a local network, one of which is the "master", and the second, containing a copy of all information, comes into operation in the event of a "master" server failure.
The system for controlling and limiting access rights in NetWare networks (protection against unauthorized access) also contains several levels:
initial access level (includes username and password, system of accounting restrictions - such as explicit permission or denial of work, allowed time on the network, hard disk space occupied by personal files of a given user, etc.);
the level of user rights (restrictions on the performance of certain operations and / or on the work of a given user, as a member of a department, in certain parts of the network file system);
the level of attributes of directories and files (restrictions on performing certain operations, including deleting, editing or creating, coming from the file system and affecting all users trying to work with these directories or files);
the file server console level (blocking the file server keyboard during the absence of the network administrator before entering a special password).
However, it is not always possible to rely on this part of the information security system in NetWare. This is evidenced by numerous instructions on the Internet and ready-made available programs that allow you to hack certain elements of protection against unauthorized access.
The same remark is true for later versions of NetWare OS (up to the latest 6th version) and other "powerful" network operating systems with built-in information security tools (Windows NT, UNIX). The fact is that information protection is only part of the many tasks that are solved by network operating systems. Improvement of one of the functions to the detriment of others (with understandable reasonable restrictions on the volume occupied by a given OS on a hard disk) cannot be the main direction of development of such general-purpose software products, which are network operating systems. At the same time, due to the severity of the information security problem, there is a tendency to integrate (embed) separate, well-proven and become standard tools in network operating systems, or to develop their own "proprietary" analogs to well-known information security programs. For example, the NetWare 4.1 network operating system provides the ability to encode data according to the "public key" principle (RSA algorithm) with the formation of an electronic signature for packets transmitted over the network.
Specialized software tools for protecting information from unauthorized access have, on the whole, better capabilities and characteristics than the built-in tools of a network operating system. In addition to encryption programs and cryptographic systems, there are many other external information security tools available. Of the most frequently mentioned solutions, the following two systems should be noted, which allow limiting and controlling information flows.
Firewalls - firewalls (literally firewall - wall of fire). Between the LAN and WAN, special intermediate servers are created that inspect and filter all network / transport layer traffic passing through them. This can dramatically reduce the threat of unauthorized access from outside to corporate networks, but does not eliminate this danger completely. A more secure version of the method is masquerading, when all traffic originating from the local network is sent on behalf of the firewall server, making the local network almost invisible.
Proxy-servers (proxy - power of attorney, trusted person). All network / transport layer traffic between the local and global networks is completely prohibited - there is no routing as such, and calls from the local network to the global network occur through special intermediary servers. Obviously, in this case, calls from the global network to the local one become impossible in principle. This method does not provide sufficient protection against attacks at higher levels - for example, at the application level (viruses, Java code, and JavaScript).
Unauthorized copying of programs as a type of unauthorized access. Legal aspects of unauthorized copying of programs. Copy protection methods.
Unauthorized copying of confidential information - in the process of work of each company, cases of leakage of confidential information are inevitable. Despite the fact that the security systems responsible for storing and accessing internal information are constantly being improved, the problem continues to exist. Organizations suffer huge losses due to the unauthorized distribution of confidential information. Unauthorized copying can be carried out by means of confiscation of computer equipment; interception of information; unauthorized access to equipment, as well as manipulation of data and control commands.
Information and information legal relations are increasingly becoming a new subject of criminal encroachment. Crimes of this category of the Criminal Code of the Russian Federation include: unlawful access to computer information (Art. 272); creation, use and distribution of malicious programs for computers (Article 273); violation of the rules for the operation of computers, computer systems or their networks (Art. 274).
The general object of these crimes is public relations to ensure information security, and the direct objects of criminal encroachment are: databases and data banks, individual files of specific computer systems and networks, as well as computer technologies and software tools, including those that protect computer information from unauthorized access ...
Information is understood as information about persons, objects, facts, events, phenomena and processes, regardless of the form of their presentation. Documented information is information recorded on a material carrier with details that allow them to be identified. Computer information is considered documented, but stored in a computer or controlling it in accordance with the program and (or) instructions of the user.
Computer storage media include computer memory blocks, its peripheral systems, computer communication facilities, network devices and telecommunication networks.
Responsibility under Art. 272 of the Criminal Code of the Russian Federation occurs if illegal access to computer information has led to such dangerous consequences as destruction, blocking, modification, copying of information or disruption of the operation of computers, their systems or networks.
Destruction is such a change in information that deprives it of its original quality, as a result of which it ceases to meet its intended purpose. Blocking means a temporary or permanent impossibility of access to information by a legitimate user, and modification means its modification with the emergence of new, undesirable properties. Copying is a reproduction of an exact or relatively accurate analogue of the original; and disruption of the operation of computers, their systems or networks, deceleration, looping, termination of the program, violation of the order of execution of commands, refusal to issue information, disconnection of elements of a computer system, other abnormal situations. In this case, a system is considered to be an interconnected set of computers with their unified organizational and technical support, and a network is an association of computer systems operating in a certain territory.
Software products and computer databases are the subject of the intellectual work of highly qualified specialists. The process of designing and implementing software products is characterized by significant material and labor costs, is based on the use of science-intensive technologies and tools, and requires the use of an appropriate level of expensive computing equipment. This necessitates taking measures to protect the interests of the software developer and the creators of computer databases from their unauthorized use.
Software is also subject to protection due to the complexity and laboriousness of restoring its operability, the importance of software for the operation of the information system.
Software protection aims at:
Restriction of unauthorized access to programs or their deliberate destruction and theft;
Elimination of unauthorized copying (duplication) of programs.
The software product and databases must be protected in several ways from exposure:
1) human - theft of machine media and software documentation; malfunction of the software product, etc.;
2) hardware - connecting hardware to a computer for reading programs and data or their physical destruction;
3) specialized programs - making a software product or database inoperable (for example, virus infection), unauthorized copying of programs and databases, etc.
The easiest and most affordable way to protect software products and databases is to restrict access. Access control to the software product and the database is built by:
Password protection of programs when they are launched;
Using a key diskette to run programs;
Restrictions on programs or data, processing functions available to users, etc.
Cryptographic methods of protecting database information or head program modules can also be used.
Software systems for protection against unauthorized copying.
These systems prevent unlicensed use of software products and databases. The program is executed only upon recognition of some unique non-copyable key element.
Such key elements can be:
A floppy disk containing a non-copyable key;
Specific characteristics of the computer hardware;
A special device (electronic key) connected to a computer and designed to issue an identification code.
Software systems for protection against copying of software products:
identify the environment from which the program will be launched;
establish the correspondence of the environment from which the program is launched to the one for which
authorized launch allowed;
develop a reaction to launch from an unauthorized environment;
authorized copying is registered;
counteract the study of algorithms and programs of the system.
The following methods are used to identify startup floppies:
1) damage to the surface of the floppy disk ("laser hole"), which can hardly be reproduced in an unauthorized copy of the floppy disk;
2) non-standard formatting of the startup diskette.
Identification of the computer environment is ensured by:
1) fixing the location of programs on a hard magnetic disk (so-called non-relocatable programs);
2) binding to the BIOS number (calculation and memorization with subsequent verification when starting the system checksum);
3) binding to a hardware (electronic) key inserted into the I / O port, etc.
In the West, the most popular methods of legal protection of software products and databases.
Legal methods of protection of software products and databases
Legal methods of protecting software include:
Patent protection;
Trade Secrets Act;
License agreements and contracts;
Economic rights that give their owners the right to obtain economic benefits from the sale or use of software products and databases;
Moral rights that protect the identity of the author in his work.
In many civilized countries, unauthorized copying of programs for sale or free distribution is considered a state crime, punishable by a fine or imprisonment. But, unfortunately, copyright itself does not provide protection for a new idea, concept, methodology and technology of software development, so additional protection measures are required.
Patent protection sets the priority in the development and use of a new approach or method used in the development of programs, certifies their originality.
The status of a trade secret for a program limits the circle of persons familiar or allowed to operate it, and also determines the extent of their responsibility for disclosing secrets. For example, password access to a software product or a database is used, up to passwords for individual modes (reading, writing, correcting, etc.). Programs, like any material object of great value, must be protected from theft and deliberate destruction.
License agreements cover all aspects of legal protection of software products, including copyright, patent protection, trade secrets. The most commonly used copyright licensing agreements.
License - an agreement for the transfer by one person (licensor) to another person (licensee) of the right to use a name, product, technology or service. The licensor increases its income by collecting royalties, expands the scope of distribution of the software product or database; the licensee derives revenues from their use.
The license agreement stipulates all conditions for the use of programs, including the creation of copies. Each copy of the program should have the same marks as on the original:
Patent protection mark or trade secret;
Trademarks corresponding to other software products used in the program (usually the name of the company that developed the software product);
The symbol for the registered distribution of a software product (usually ®).
There are several types of software licenses
Exclusive license - sale of all property rights to a software product or database, the buyer of the license is granted the exclusive right to use them, and the author or patent owner refuses to independently use them or provide them to others.
This is the most expensive type of license; it is used for monopoly ownership in order to generate additional profit or to terminate the existence of a software product on the software market.
Simple license - the licensor grants the licensee the right to use the software product or database, reserving the right to use them and provide them on similar terms to an unlimited number of persons (the licensee cannot issue sublicenses himself, he can only sell copies of the purchased software product or database).
This type of license is acquired by a dealer (trader) or manufacturing firms that use the purchased licenses as an accompanying product to the main activity. For example, many manufacturers and firms selling computer equipment sell computers with licensed software installed (operating system, word processor, spreadsheet, graphics packages, etc.).
Label License - A license for one copy of a software product or database. This license type applies to retail sales. Each official buyer enters into a licensing agreement with the seller for their use, but the copyright of the developer remains.
The economic relationship between the licensor and the licensee can be built in different ways. A one-time fee (lump-sum payment) is paid for the right to use a software product or database, which is the actual price of the license. Periodic payments to the licensor for the right to use in the form of royalties are also possible - a flat rate at certain intervals during the validity of the license agreement, as a rule, a percentage of the cost of software products or databases.
Bibliography:
Security regional children's center Constellation
Abstract >> Life Safety... security... V basis her ... Organs ATS have a clear ... Informational collection "Regional Children's Center" Constellation "REGULATIONS ON STATE INSPECTION SAFETY ... on fire department security carried out as part of the initial briefing on technique security ...
The severity of personal characteristics in female employees ATS Ministry of Internal Affairs of Russia
Thesis >> PsychologyFemale employees ATS Methodological and theoretical basis studies were ... more often as a result of exposure information pressure), with more ... security, maturity, social culture, spirituality (Fig. 4). Fig. 4. Distribution of female employees ATS on ...
Social protection of employees in the internal affairs bodies (for example, ATC on Amur region)
Thesis >> SociologyEmployees ATS 1.1 Legal basics staff activities ATS 1.2 ... planned on the following directions: informational security: ... ATS are representatives of the authorities and carry out activities on providing personal and public security, on ...
Law of the Russian Federation of July 27, 2006 No. 149-FZ "On Information, Information Technologies and Information Protection".
Beloglazov E.G. and etc. Fundamentals of Information Security of Internal Affairs Bodies: Textbook. - M .: MosU of the Ministry of Internal Affairs of Russia, 2005.
H I. Zhuravlenko, V. E. Kadulin, K. K. Borzunov. Fundamentals of Information Security: A Tutorial. - M .: MosU of the Ministry of Internal Affairs of Russia. 2007.
V.I. Yarochkin Information Security: A Textbook for University Students. - M .: Academic Project; Gaudeamus, 2007.
Zegzhda D.P., Ivashko A.M. Fundamentals of information systems security. - M .: Hot line-Telecom, 2000.
E. Bot, K. Sichert. Windows Security. - SPb .: Peter, 2006.
A.N. Ensuring internet security. Workshop: Textbook for universities. - M .: Hot line-Telecom, 2007.
A.A. Torokin Engineering and technical information security: Textbook. - M .: "Helios ARV", 2005. Department of Internal Affairs on to the Koptevo district of ... The basics automation control in ATS ed. Minaeva V.A., Polezhaeva V.P. - M .: Academy of the Ministry of Internal Affairs of Russia, 1993. Information ...
480 RUB | UAH 150 | $ 7.5 ", MOUSEOFF, FGCOLOR," #FFFFCC ", BGCOLOR," # 393939 ");" onMouseOut = "return nd ();"> Dissertation - 480 rubles, delivery 10 minutes, around the clock, seven days a week
240 RUB | UAH 75 | $ 3.75 ", MOUSEOFF, FGCOLOR," #FFFFCC ", BGCOLOR," # 393939 ");" onMouseOut = "return nd ();"> Abstract - 240 rubles, delivery 1-3 hours, from 10-19 (Moscow time), except Sunday
Fisun Yulia Alexandrovna. State and legal foundations of information security in the internal affairs bodies: Dis. ... Cand. jurid. Sciences: 12.00.02: Moscow, 2001 213 p. RSL OD, 61: 01-12 / 635-2
Introduction
Chapter I. The concept and legal basis of information security . 14
1. Concept and essence of information security 14
2. The main directions of the state's activities to ensure information security 35
3. The main directions of the formation of legislation in the field of information security 55
Chapter II. Organizational foundations of information security in internal affairs bodies 89
1. Organization of activities of internal affairs bodies to ensure information security 89
2. Forms and methods of ensuring information security in the internal affairs bodies
Conclusion 161
References 166
Applications 192
Introduction to work
Relevance of the research topic. The informatization of the law enforcement sphere, based on the rapid development of information systems, is accompanied by a significant increase in attacks on information both by foreign states and by criminal structures and citizens. One of the features of the informatization process is the formation and use of information resources with the appropriate properties of reliability, timeliness, relevance, among which their safety is of great importance. This, in turn, presupposes the development of secure information technologies, which should proceed from the priority nature of solving information security problems. It should be noted that the lag in solving these problems can significantly reduce the pace of informatization of the law enforcement sphere.
Thus, one of the primary tasks facing the internal affairs bodies is to resolve the contradictions between the actual and necessary quality of protection of their information interests (needs), i.e., ensuring their information security.
The problem of ensuring information security in the internal affairs bodies is inextricably linked with the activities of the state in the information sphere, including the sphere of information security. Over the last period, a large number of regulatory legal acts on information legislation have been adopted. Only a few of them relate to the field of information security and, at the same time, relate only to general provisions for ensuring security (for example, the Law of the Russian Federation "On Security"). The very definition of "information security" first appeared in the Federal Law "On Participation in International Information Exchange". Information protection is also mentioned in the Federal Law "On Information, Informatization and Information Protection", but without defining the concept of information protection. Due to the lack of concepts of types of information, it is not entirely clear what information should be protected.
The new version of the Concept of National Security, the priority task of which is not only the solution of state security issues, but also its components, is focused primarily on the fight against terrorism. Unfortunately, issues related to information security only affect threats in the information sphere. Nothing is said at all about the role of the Ministry of Internal Affairs as a subject of security.
The relevance of the chosen topic is emphasized by the act of adopting the Doctrine of Information Security of the Russian Federation (RF), which for the first time introduced the definition of information security of the Russian Federation, threats to information security, methods of ensuring information security of the Russian Federation, etc.
As for the issues of information security in the internal affairs bodies, in the legal literature they are mainly reduced to general provisions: the threats to security are listed and some methods of ensuring it that are characteristic of the entire law enforcement sphere are named. The organizational and legal aspects of ensuring the information security of the internal affairs bodies are considered incompletely within the framework of the proposed concept of information security.
Taking into account the above, it is proposed to introduce the concept of information security of internal affairs bodies. Information security of the internal affairs bodies is a state of security of the information environment corresponding to the interests of the internal affairs bodies, in which their formation, use and development opportunities are ensured regardless of the impact of internal and external information threats. At the same time, taking into account the well-known definitions of a threat, an information threat will be understood as a set of conditions and factors that create a threat to the information environment and the interests of the internal affairs bodies.
Thus, the relevance of the legal regulation of information security in the activities of the internal affairs bodies is beyond doubt. To achieve the proper level of normative and legal support for information security, it is required to determine its subject areas, regulate the relations between the subjects of support, taking into account the peculiarities of the main objects of information security. Therefore, according to the dissertation candidate, it is necessary to conduct a comprehensive study of not only the legal regulation of information security at the level of ministries and departments, but also a study of the state and development of the regulatory legal framework in the field of information security.
The degree of elaboration of the research topic. The author's analysis of the research results of scientists allows us to state that the problems of legal regulation of information relations, ensuring information security and its components are relevant for legal science and practice and require further development. " in the field of information security, ensuring the security of information, which presupposes its protection against theft, loss, unauthorized access, copying, modification, blocking, etc., considered within the framework of the legal institution of secrecy being formed. A. B. Agapov, V. I. Bulavin, Yu. M. Baturin, S. A. Volkov, V. A. Gerasimenko, V. Yu. Gaikovich, I. N. Glebov, G. V. Grachev, S. N. Grinyaev, G. V. Emelyanov, V. A. Kopylov, A. P. Kurilo, V. N. Lopatin, A. A. Malyuk, A. S. Prudnikov, S. V. Rybak, A. A. Streltsov, A. A. Fatyanov, A. P. Fisun, V. D. Tsigankov, D. S. Chereshkin, A. A. Shiversky and others1.
In the course of the dissertation research, the latest achievements of natural, socio-economic and technical sciences, historical and modern experience in ensuring information security of an individual, society and state were widely used; materials of various scientific periodicals, scientific, scientific and practical conferences and seminars, works of scientists in the field of the theory of law and state, monographic research in the field of law, information legislation, comprehensive information protection and information security.
Object and subject of research. The object of the research is the current and emerging system of public relations that have developed in the information sphere and the sphere of information security.
The subject of the research is international legal acts, the content of the Constitution of the Russian Federation, the norms of domestic legislation regulating relations in the field of ensuring information security of the individual, society and the state, as well as the content of legal norms regulating the activities of internal affairs bodies to ensure information security.
Goals and objectives of the study. Based on the analysis and systematization of the current legislation in the information sphere, information security, the dissertation student developed the foundations and introduced scientific and methodological recommendations on the use of legal and organizational tools for ensuring information security both in the activities of the internal affairs bodies and in the educational process.
Within the framework of achieving this goal, the following theoretical and scientific-practical tasks were set and solved: basic concepts, types, content of information as an object of ensuring information security and legal relations were analyzed and refined;
2) systematized the existing directions and proposals for the formation of the legal and organizational foundations of information security, identified and clarified the directions for improving the legislative framework in the field of information security, including in the internal affairs bodies;
3) normative legal acts have been systematized and the structure of the current legislation in the information sphere has been formed;
4) the content of the organizational foundations of the activities of the internal affairs bodies to ensure information security has been determined;
5) identified the organizational and legal aspects of the information security system and its structure in the activities of the internal affairs bodies;
6) analyzed and selected the forms and methods of ensuring information security in the internal affairs bodies within the framework of the legal regulation of their application and development.
The methodological basis of the dissertation research is formed by general philosophical methods and principles of materialist dialectics; general scientific methods of comparison, generalization, induction; private scientific methods: system-structural, system-activity, formal-legal, comparative-legal and other research methods.
The normative base of the research is the Constitution of the Russian Federation, the normative legal acts of the Russian Federation, including international legislation, norms of various branches of law, departmental regulations.
The scientific novelty of dissertation research is:
In the study of the problem of the development of the legal and organizational foundations for ensuring information security in the internal affairs bodies from the standpoint of the advanced development of the needs of practice and the formation of the information sphere in the context of the widespread introduction of new information technologies and the growth of information threats;
Comprehension of the place and role of constitutional law in the life of Russian society, as well as the further prospects for its development, within the framework of the state policy of ensuring information security;
Clarification of the system of state legislation in the field of information security;
Implementation of the systematization of regulatory legal acts in the field of information security and the formation of the structure of legislation in the field of information security of the individual, society, state, including internal affairs bodies;
Development of proposals for improving legislation in the field of information security;
Development of organizational and legal components of the information security system in the internal affairs bodies;
Development of scientific and methodological recommendations on the use of legal and organizational training tools for information security in the internal affairs bodies and in the educational process in the preparation of specialists on the legal basis of information security.
The main provisions for the defense:
1. Definition of the conceptual apparatus on the legal basis of the current legislation in the field of information security, including the concept of information security, which makes it possible to form an idea of information as an object of ensuring information security and legal relations, as well as to formulate security threats.
Information security of the internal affairs bodies is a state of security of the information environment corresponding to the interests of the internal affairs bodies, in which their formation, use and development opportunities are ensured, regardless of the impact of internal and external threats.
2. The problem of ensuring information security at the state level presupposes a deeper theoretical and practical understanding of the place and role of constitutional law in the life of Russian society, as well as the further prospects for its development in the following areas:
Improvement of the constitutional legislation "On state conditions and regimes", in particular in the field of information security, and on this basis the improvement of the legislation of the constituent entities of the Russian Federation in this area;
Priority implementation of the constitutional rights of citizens in the information sphere;
Implementation of a unified state policy in the field of information security, which ensures an optimal balance of interests of subjects in the information sphere and eliminates gaps in constitutional legislation.
3. Proposals to clarify the main directions of the state's activities in the formation of legislation in the information sphere, including the sphere of information security, which are ways to improve the regulatory framework of information legislation and allow to determine the legal basis for the activities of internal affairs bodies in the field of information security. They proceed from the totality of balanced interests of the individual, society and the state in the field of economics, social, domestic political, international, informational and other spheres. The following areas are highlighted as priorities:
Compliance with the interests of the individual in the information sphere;
Improvement of legal mechanisms for regulating public relations in the information sphere;
Protection of national spiritual values, moral norms and public morality.
4. It is proposed to improve the structure of legislation in the field of information security, which is a system of interrelated elements, including a set of normative and departmental acts, allowing to visualize a variety of relations in the information sphere and the sphere of information security, the complexity of their regulation.
5. Organizational and legal components of the information security system in the internal affairs bodies, including the content of the organization of their activities (from the standpoint of its legal regulation), represented by the structure of necessary and interrelated elements and including:
Security entities of the Russian Federation;
Objects of information security of internal affairs bodies;
Organization of the activities of the internal affairs bodies;
Forms, methods and means of ensuring information security.
6. The content of the organization of the activities of internal affairs bodies to ensure information security (from the standpoint of its legal regulation), which is a purposeful continuous process in terms of analysis, development, implementation of legal, organizational, technical and other measures related to the field of information security, and also ensuring the rights and legitimate interests of citizens.
The practical significance of the dissertation research is:
In the use of proposals in the development of new regulations and the improvement of the current legislation in the information sphere of the activities of state authorities of the constituent entities of the Russian Federation, departments, ministries;
Increasing the efficiency of the activities of internal affairs bodies to ensure information security;
Improving the training of specialists in the system of higher professional education, improving the qualifications of specialists in the field of comprehensive information protection and legal regulation of information security in the interests of various ministries and departments on the basis of developing a variant of educational and methodological support;
Development of scientific and methodological recommendations on the use of legal and organizational training tools to ensure information security in the educational process, allowing to ensure the necessary level of training of specialists in the legal framework of information security.
Approbation, implementation of research results and publications.
The theoretical provisions, conclusions, proposals and practical recommendations outlined in this study were reported and discussed at the 8th and 9th International conferences at the Academy of Management of the Ministry of Internal Affairs
Russia "Informatization of law enforcement systems" (Moscow, 1999-2000), Interuniversity regional conference "Universal Declaration of Human Rights: Problems of Improving Russian Legislation and Practice of Its Application" at the Academy of Management of the Ministry of Internal Affairs of Russia (Moscow, 1999) , the scientific seminar "Problems of federalism in the development of Russian statehood" and the International scientific-practical conference "Law enforcement in transport: results and prospects", held on the basis of the Oryol Law Institute of the Ministry of Internal Affairs of Russia (Orel, 1999). According to the results of the study, eight scientific papers with a total volume of 8 printed sheets were published.
The structure and volume of the dissertation are determined by the logic of the research and consist of an introduction, two chapters, a conclusion of a list of references and an appendix.
The concept and essence of information security
An integral part of the subject of science and scientific research, including the developing scientific direction of information protection and legal regulation of information security, is its conceptual apparatus. Naturally, one of the central concepts in this subject area is the concept of "information" 1, which can be attributed to abstract categories and primary concepts. An analysis of the above concept gives an idea of its understanding in the general systemic, philosophical sense (information is a reflection of the material world) And to the narrowest, technocratic and pragmatic sense (information is all information that is an object of storage, transmission and transformation).
In a number of works, information is understood as certain properties of matter perceived by the control system both from the surrounding external material world and from the processes taking place in the system itself. There is a view of the identifying concepts of "information" and "message", in which information is defined as an essential part of the message for the recipient, and the message is defined as a material carrier of information, one of the specific elements of a finite or infinite set, transmitted through the communication channel and perceived at the receiving end of the system communication with some recipient.
You can to some extent refer to the well-known content of the concept of "information", defined by R. Shannon, where information is called the amount of unpredictable contained in a message. Quantity is a measure of the new that a given message brings into the sphere surrounding the recipient.
The Federal Law "On Information, Informatization and Information Protection" provides a fairly generalized definition of this concept and its derivatives. So, information is presented as information about objects, objects, phenomena, processes, regardless of the form of their presentation. This generic concept of information is also used to form its derivative definitions used in other regulatory legal acts1. Let's consider some of them in more detail.
Documented information (documents) - information recorded on a material medium with details that allow it to be identified.
Confidential information - documented information, access to which is limited in accordance with the law.
Mass information - printed, audio messages, audiovisual and other messages and materials intended for an unlimited number of persons.
Information resources - individual documents and separate arrays of documents, documents and arrays of documents in information systems (libraries, archives, funds, databanks, other types of information systems).
Information products (products) - documented information prepared in accordance with the needs of users and intended or used to meet the needs of users.
State secret - information protected by the state in the field of its military, foreign policy, economic, intelligence, counterintelligence and operational-search activities, the dissemination of which may harm the security of the Russian Federation.
Computer information - information on a machine medium, in a computer, a computer system or their network. "
Article 128 of the Civil Code defines information as an object of civil legal relations. Analyzing information from these positions, it is necessary to pay attention to the aspect related to the legal protection of information as an object of property rights5. This approach to information is explained by the fact that, on the one hand, the historical and traditional object of property rights is a material object, on the other hand, information, not being a material object of the surrounding world, is inextricably linked with a material carrier: it is a human brain or material carriers alienated from a person. (book, diskette, etc.)
Considering information as a reflection of reality by an object of the surrounding world, we can speak of information as an abstract substance that exists by itself, but for us, neither storage nor transmission of information is possible without a material medium. It is known that information, on the one hand, as an object of ownership is copied (replicated) at the expense of a material carrier1, on the other hand, as an object of ownership it easily moves from one to the next subject of ownership without an obvious (noticeable) violation of ownership of information. But the movement of the material object of the property right is inevitable and, as a rule, entails the loss of this object by the original subject of the property right. At the same time, a violation of his property rights is obvious. It should be noted that violation of this right takes place only in case of illegal movement of a material object1. The danger of copying and moving information is aggravated by the fact that it is usually alienated from the owner, that is, it is stored and processed in the area of accessibility of a large number of subjects who are not subjects of ownership of this information. This includes, for example, automated systems, including networks. A complex system of relationships between the subjects of property rights arises, which determines the ways of their implementation, and, consequently, the directions of the formation of a system of legal protection, which ensure the prevention of violations of property rights to information.
Having analyzed the features of information as an object of property rights, we can conclude that the rest of the information is no different from traditional objects of property rights. The analysis of the content of information, including as an object of law, made it possible to identify its main types subject to legal protection (Appendix 1): - information classified as a state secret by authorized bodies on the basis of the RF Law "On state secrets"; - Confidential documented information - the owner of information resources or an authorized person on the basis of the Federal Law "On Information, Informatization and Information Protection"; - Personal Information.
The main directions of the state's activities to ensure information security
The tendencies of constitutional development are such that they focus on the problem of the nature of constitutional legislation. Along with the currently topical issues of the priority of human rights and freedoms of civil society, the government and its organization, the problem of "state regimes and states" - security (information security as an integral part), defense, state of emergency, etc., comes to the fore. 1
The need for constitutional regulation of information security is obvious. After all, the information security of an individual is nothing more than the protection of constitutional human rights and freedoms. And one of the directions of state policy in the field of information security is the observance and implementation of constitutional human and civil rights in this area. First, according to the RF Law "On Security", security is achieved by pursuing a unified state policy in the field of security. It is obvious that information security is also achieved by pursuing the state policy in the field of ensuring information security of the Russian Federation. The named policy, in turn, determines the main directions of the state's activities in the area under discussion and deserves some attention.
Secondly, the relevance of the study of the main directions of the state's activities in the area under consideration is due to the following: - the need to develop and improve constitutional legislation that provides an optimal combination of priorities of the interests of the individual, departments and the state as a whole within one of the areas of information security; - improving the activities of the state to implement its functions of ensuring the security of all subjects of information relations; - the need of citizens to protect their interests in the information sphere; - the need to form a unified legal field in the field of information relations. The development of state policy in the field of information security is reflected in the consistent development and development of the National Security Concept of the Russian Federation. Its features are the following provisions: - not a single sphere of life of modern society can function without a developed information structure; - the national information resource is currently one of the main sources of the state's economic and military power; - penetrating into all spheres of state activity, information acquires specific political, material and value expressions; - the issues of ensuring the information security of the Russian Federation as an integral element of its national security are becoming more and more urgent, and the protection of information is turning into one of the priority state tasks; - the system of national interests of Russia in the field of economy, social, domestic political, international, information spheres, in the field of military, border and environmental security is determined by the totality of balanced interests of the individual, society and the state; - the state policy of ensuring the information security of the Russian Federation determines the main directions of the activities of the federal bodies of state power and bodies of state power of the constituent entities of the Russian Federation in this area. The Concept also defines the national interests of Russia in the information sphere1, which are aimed at concentrating the efforts of society and the state in solving the following tasks: - observance of constitutional rights and freedoms of citizens in the field of obtaining information and exchanging it; - protection of national spiritual values, promotion of national cultural heritage, morality and public ethics; - ensuring the right of citizens to receive reliable information; - development of modern telecommunication technologies.
The planned activities of the state to implement these tasks will allow the Russian Federation to become one of the centers of world development and the formation of an information society that meets the needs of the individual, society, the state in the information sphere, including their protection from the destructive effects of information to manipulate the mass consciousness, as well as the necessary protection state information resource from the leakage of important political, economic, scientific, technical and military information.
Taking into account the listed provisions, the following principles can be distinguished on which the state policy of ensuring information security of the Russian Federation should be based:
Compliance with the Constitution of the Russian Federation, the legislation of the Russian Federation, generally recognized norms of international law in the implementation of activities to ensure the information security of the country;
Legal equality of all participants in the information interaction process, regardless of their political, social and economic status, based on the constitutional right of citizens to freely search, receive, transfer, produce and disseminate information in any legal way;
Openness, providing for the implementation of the functions of federal bodies of state power and bodies of state power of the constituent entities of the Russian Federation, public associations, including informing the public about their activities, taking into account the restrictions established by the legislation of the Russian Federation;
The priority of the development of domestic modern information and telecommunication technologies, the production of hardware and software that can ensure the improvement of national telecommunication networks, their connection to global information networks in order to comply with the vital interests of the Russian Federation.
Organization of activities of internal affairs bodies to ensure information security
To ensure information security, it is necessary to have appropriate bodies, organizations, departments and ensure their effective functioning. The combination of these bodies constitutes a security system. To identify the features of the organization and activities of internal affairs bodies to ensure information security, we will consider the security system as a whole.
According to the Law of the Russian Federation "On Security", the security system, and therefore information security, is formed by: - legislative, executive and judicial authorities; state, public and other organizations and associations; citizens taking part in ensuring security; - legislation regulating relations in the field of security. The specified law fixes only the organizational structure of the security system. The security system itself is much broader. Its consideration is not possible, since it goes beyond the scope of the dissertation research. Therefore, we will consider only the organizational structure of the security system. The analysis of the current regulatory legal acts made it possible to single out the following components as subjects of security, representing the organizational structure of the information security system1: - federal government bodies; government bodies of the constituent entities of the Russian Federation; local government bodies solving problems in the field of information security within their competence; - state and interdepartmental commissions and councils specializing in solving information security problems; - structural and intersectoral divisions for the protection of confidential information of state authorities of the Russian Federation, as well as structural divisions of enterprises that carry out work using information classified as state secret, or specialize in work in the field of information protection; - research, design and engineering organizations performing work to ensure information security; - educational institutions that train and retrain personnel to work in the information security system; - citizens, public and other organizations that have the rights and obligations to ensure information security in the manner prescribed by law;
The main functions of the considered information security system of the Russian Federation are1: - development and implementation of a strategy for ensuring information security; - creation of conditions for the realization of the rights of citizens and organizations to legally permitted activities in the information sphere; - assessment of the state of information security in the country; identification of sources of internal and external threats to information security; determination of priority directions of prevention, parrying and neutralization of these threats; - coordination and control of the information security system; - organization of the development of federal and departmental programs for information security and coordination of work on their implementation; - pursuing a unified technical policy in the field of information security; - organization of fundamental, search and applied scientific research in the field of information security; - ensuring control over the creation and use of information security means through compulsory licensing of activities in the field of information security and certification of information security means; - implementation of international cooperation in the field of information security, representation of the interests of the Russian Federation in the relevant international organizations.
Analysis of the structure and functions of the information security system, taking into account the existing system of separation of powers, revealed the following: 1) the main purpose of the information security system is to protect the constitutional rights and freedoms of citizens; 2) the state is the main and main subject of information security; 3) the general management of the subjects of information security within the framework of certain powers is carried out by the President of the Russian Federation. Its powers in the field of information security include: - exercising leadership and interaction between government bodies; - control and coordination of the activities of information security bodies; - determination of the vital interests of the Russian Federation in the information sphere; - identification of internal and external threats to these interests; - determination of the main directions of the information security strategy. 4) the Federal Assembly of the Russian Federation forms, on the basis of the Constitution of the Russian Federation, a legislative framework in the field of information security; 5) The Government of the Russian Federation, within the limits of its powers, provides guidance to state bodies for ensuring information security, organizes and controls the development and implementation of measures to ensure information security by ministries and other bodies subordinate to it; 6) judicial authorities are also subjects of information security. They provide judicial protection to citizens whose rights have been violated in connection with information security activities, administer justice in cases of crimes in the information sphere; 7) a special role in ensuring the security of the state, including information security, belongs to the Security Council of the Russian Federation. It is a constitutional body that does not have the status of a federal executive body, but is endowed with sufficient powers in the field of ensuring security. The Security Council is the only advisory body under the President of the Russian Federation, the creation of which is provided for by the current Constitution.
Forms and methods of ensuring information security in internal affairs bodies
The issues of the organization of the protection system considered in the previous paragraph, including the directions of ensuring information security, imply the clarification of the content of the tasks of ensuring information security, methods, means and forms of their solution.
Forms, methods and means are considered through the prism of legal regulation of information security activities, which is inextricably linked with them, and therefore requires clarification and definition of the legal boundaries of their use. In addition, the solution of any theoretical or practical problem is impossible without certain methods - methods and means.
The choice of appropriate methods and means of ensuring information security is proposed to be undertaken within the framework of creating such an information protection system that would guarantee the recognition and protection of the fundamental rights and freedoms of citizens; formation and development of the rule of law, political, economic, social stability of society; preservation of national values and traditions.
At the same time, such a system should ensure the protection of information, including information constituting state, commercial, official and other secrets protected by law, taking into account the peculiarities of the protected information in the field of regulation, organization and implementation of protection. Within the framework of this variety of types of protected information, according to the author, the following are the most common features of protection of any type of protected information1: - information protection is organized and carried out by the owner or owner of the information or persons authorized by him (legal or physical); - the organization of effective protection of information allows the owner to protect their rights to possess and dispose of information, to strive to protect it from illegal possession and use to the detriment of his interests; - information protection is carried out by carrying out a set of measures to restrict access to protected information and create conditions that exclude or significantly impede unauthorized, illegal access to protected information and its carriers.
To exclude access to the protected information by unauthorized persons, the owner of the information who protects it, including its classification, establishes a certain regime, rules for its protection, determines the forms and methods of protection. Thus, the protection of information is the proper provision of the circulation of the protected information in a special sphere limited by regime measures. This is confirmed by a number of approaches of well-known scientists2, who consider information protection as "the regular use of means and methods, the adoption of measures and the implementation of measures in order to systematically ensure the required reliability of information
Taking into account the content of this definition, as well as other definitions of the concept of information protection and the main objectives of information protection highlighted in them, including the prevention of destruction or distortion of information; prevention of unauthorized receipt and reproduction of information, it is possible to highlight the main task of protecting information in the internal affairs bodies. This is the preservation of the secrecy of the protected information.
In the system of complex information protection, the solution to this problem is carried out in relation to the levels of protection and destabilizing factors. And the formation of a relatively complete set of tasks for these groups is carried out on the basis of an analysis of the objective possibilities for the implementation of the set protection goals, ensuring the required degree of information security. Taking into account the considered provisions, the tasks can be divided into two main groups:
1) timely and complete satisfaction of information needs arising in the process of managerial and other activities, that is, providing specialists of internal affairs bodies with confidential information;
2) protection of classified information from unauthorized access to it by other subjects.
When solving the first group of tasks - providing specialists with information - it is necessary to take into account that specialists can use both open and confidential information. The provision of open information is not limited by anything other than its actual availability. When providing secret information, there are restrictions that provide for the availability of access to information of the appropriate degree of secrecy and permission to access specific information. An analysis of the current practice and regulatory legal acts that determine the procedure for a specialist's access to relevant information made it possible to highlight a number of contradictions. On the one hand, the maximum restriction of access to classified information reduces the likelihood of leakage of this information, on the other hand, for a reasonable and effective solution of official tasks, it is necessary to fully satisfy the needs of a specialist in information. Under normal, non-regime conditions, a specialist has the ability to use a variety of information in order to solve the problem facing him. When providing him with classified information, the possibilities of access to it are limited by two factors: his official position and the problem currently being solved by the specialist.
The second group of tasks involves the protection of confidential information from unauthorized access to it by unauthorized persons. It is common both for the internal affairs bodies and for all public authorities and includes:
1) protection of the country's information sovereignty and expanding the state's ability to strengthen its power through the formation and management of the development of its information potential;
2) creation of conditions for the effective use of information resources of society and the state;
3) ensuring the security of protected information: preventing theft, loss, unauthorized destruction, modification, blocking of information;
4) maintaining the confidentiality of information in accordance with the established rules for its protection, including preventing leakage and unauthorized access to its media, preventing its copying, modification, etc .;
5) preservation of the completeness, reliability, integrity of information and its arrays and processing programs established by the owner of the information or persons authorized by him.
D.V. Peregudov,
Department of Internal Affairs for the Lipetsk region
LEGAL ASPECTS OF INFORMATION PROTECTION IN THE ACTIVITIES OF ECONOMIC SECURITY UNITS OF THE INTERNAL AFFAIRS
Ensuring information security within the system of internal affairs bodies is an organizational combination of forces and means, mechanisms, methods and methods functioning under the control of strict observance of the current regulatory legal acts in the field of information protection. At the same time, the problem of ensuring information security is closely connected not only with the solution of scientific and technical problems, but also with the issues of legal regulation of informatization relations, the development of the legislative base. In this regard, it can be concluded that information protection is a complex of legal, organizational, and engineering-technical measures (measures) aimed at preventing leakage of protected information, unauthorized access to it. In turn, the legal aspects of information protection are of paramount importance in the block of protection measures. This is due to the fact that the legal regulation of relations in the field of economic security predetermines the existence of all other measures as a fundamental basis dividing the behavior of subjects (users, owners and other persons) of information relations into “possible (permitted)” and “prohibited” in relation to the object - information. Organizational and technical measures are only streamlined and legalized by the legal framework.
In the internal affairs bodies, the legal support of information security is based on the federal legislation of the Russian Federation. The legal and regulatory framework at the departmental level is the successor to the Law of the Russian Federation "On State Secrets", the Law of the Russian Federation "On Information, Information Technologies and the Protection of Information", Decree of the President of the Russian Federation dated 03.04.1995 No. the development, production, sale and operation of information tools, as well as the provision of services in the field of information encryption ", decrees of the Government of the Russian Federation dated April 15, 1995 No. 333" On licensing the activities of enterprises and organizations to carry out work related to the use of information constituting state secrets, the creation of information protection means, as well as with the implementation of measures and (or) the provision of services for the protection of state secrets ", from
06/26/1995, No. 608 "On certification of information security means", dated 09/15/1993, No. 912-51 "On the state system of information protection of the Russian Federation from foreign intelligence services and from its leakage through technical channels", dated 01/05/2004 . № 3-1 "On approval of the Instruction on ensuring secrecy in the Russian Federation", as well as on the basis of "Special requirements and recommendations for the protection of information constituting a state secret from leakage through technical channels", approved by the Decision of the State Technical Commission of Russia dated 23.05.1997 No. 55, Decision of the State Technical Commission of Russia dated 03.10.1995, No. 42 "On standard requirements for the content and procedure for developing guidelines for protecting information from technical intelligence and from its leakage through technical channels at the facility", dated 16.07.1996, No. 49 "Model of foreign technical intelligence for the period up to 2010" ("Model ITR-2010") and other
their legislative and other normative legal acts in the field of information security governing the procedure and rules for the technical protection of information in the Russian Federation.
The peculiarity of information support in the internal affairs bodies, in particular in the economic security divisions, is that the employees of these divisions carry out their activities within the framework of the work and handling of information constituting a state secret.
State secrets are information protected by the state in the field of its military, foreign policy, economic, intelligence, counterintelligence and operational-search activities, the dissemination of which may harm the security of the Russian Federation. Subdivisions of the economic security of the internal affairs bodies work with information in the field of operational investigative activities, ie, based on the Law of the Russian Federation of 12.08.1995, No. 144-FZ "On operational and investigative activities." The classification of information constituting a state secret is carried out in accordance with the List of information classified as a state secret, approved by the Decree of the President of the Russian Federation dated
30.11.1995, No. 1203, and in accordance with the rules for classifying information constituting a state secret to various degrees of secrecy, approved by the Government of the Russian Federation dated 04.09.1995, No. 870, as well as on the basis of the list of information to be classified in the system Ministry of Internal Affairs of Russia, determined by the Minister of Internal Affairs of the Russian Federation. At the same time, the admission of persons to information constituting a state secret is carried out in accordance with the instructions on the procedure for admitting officials and citizens of the Russian Federation to state secrets, approved by the Government of the Russian Federation dated October 28, 1995, No. 1050. In the internal affairs bodies, by order of the Ministry of Internal Affairs of Russia dated 02.03.2002, No. 200 DSP stipulates a detailed list of information to be classified.
In turn, the BEP divisions also work with information constituting an official secret. These include information of limited distribution, access to which is limited by state authorities in order to avoid damage to both the internal affairs bodies and the security of the state authorities of the Russian Federation. The classification of information as official information of limited distribution is made on the basis of the Approximate list of official information of limited distribution and documents containing them, generated in the course of the activities of the internal affairs bodies, determined by the Minister of Internal Affairs of the Russian Federation. In accordance with the Decree of the President of the Russian Federation dated 06.03.1997 No. 188 "On Approval of the List of Confidential Information", official information of limited distribution circulating in the BEP divisions refers to information of a confidential nature (confidential information).
The fundamental departmental regulations in the activities of units for combating economic crimes in the field of information security are the order of the Ministry of Internal Affairs of Russia dated 05.07.2001 No. 029 "On approval of the Temporary Manual on the technical protection of information in the internal affairs bodies of the Russian Federation and the internal troops of the Ministry of Internal Affairs Of the Russian Federation "and the order of the Ministry of Internal Affairs of Russia dated March 15, 2005 No. 015" On approval of the Instruction on ensuring secrecy in the internal affairs bodies ". The first regulatory document characterizes the requirements of an organizational and technical plan for the protection of information protected by law in the activities of BEP units, in particular, it defines uniform technical and mathematical protection measures
information in all divisions of the internal affairs bodies, carrying out their work with information classified as state and official secrets. Order of the Ministry of Internal Affairs of Russia No. 029:
Defines objects of technical protection of information, possible threats to these objects;
Establishes a unified and integral (mandatory) procedure for the implementation of measures for the technical protection of information;
Establishes a uniform form of documents drawn up for an information protection object, on the basis of which a technical protection regime is established during their processing;
Determines the procedure for monitoring technical protection and licensing in this area.
Despite the fact that this normative document was developed back in 2001, at present in the economic security units of the Internal Affairs Directorate for the Lipetsk region at the district level, the conditions for information activities do not fully comply with the requirements of this order. First of all, this concerns the material support of the objects at which information processing is carried out (electronic computers, technical means of receiving, transmitting and processing information: sound recording, sound reproduction, intercom and television devices, means of replicating documents and others), in accordance with the established norms of provision ... Even if such facilities are available in the BEP subdivisions, they - in single copies and in moral and technical terms - lag behind modern and advanced tools and technologies in this area. In turn, as a shortcoming, it should also be noted about the poor knowledge of employees of BEP units operating objects of technical protection of information, regulatory legislation on technical protection of information upon taking office and during the entire period of performance of their official functional tasks. At the same time, the constant turnover of personnel in these divisions also affects.
The order of the Ministry of Internal Affairs of Russia No. 029-2001 is mainly related to the technical support of information protection facilities, which includes:
Establishing their compliance with the technical protection requirements and documenting the technical measures taken to protect information, categorizing objects;
Drawing up technical passports for these objects;
Development of instructions for ensuring organizational (security) and
technical measures to protect information;
Conducting special studies, special checks and examinations of these objects;
Registration of a prescription for the operation of the facility;
Attestation of the facility and measures to control the technical
information protection.
As practice shows, in the regional departments of internal affairs, due to the small number of information protection objects, the work on the technical protection of protected information is carried out formally and is reduced only to the execution of monotonous documents, the semantic meaning of which is unaware of the employees operating the objects in relation to which the technical information protection measures in accordance with the order of the Ministry of Internal Affairs of Russia No. 029-2001
A more substantive and responsible step in the legal field was the development of Order No. 015-2005, which included organizational and technical measures of information protection. The requirements set forth in this order are
The protection of information constituting a state secret and secret service information relating to the current activities of subdivisions of the internal affairs body are eliminated. This departmental act establishes a clear and strict procedure for handling and using objects of information protection - a regime that is mandatory for all subjects of information relations under the threat of the onset of liability provided for by the current legislation. Order of the Ministry of Internal Affairs of Russia No. 015-2005 regulates relations related to the reception, processing, storage, use, transmission of significant and legally protected information in the BEP divisions, monitoring compliance with prescribed norms, determining measures of responsibility for their violation, establishes a unified procedure in relations with subjects of other internal affairs bodies - external subjects. Thus, the legal protection of information protection objects is the basis for the development and definition of organizational and technical measures for the protection of information in the BEP divisions.
An important area in the field of information security legislation in the internal affairs bodies is the determination of legal responsibility for committing an unlawful act in relation to the object of protection.
In legal science and current legislation, legal liability can appear in four variations:
Civil;
Administrative;
Disciplinary;
Criminal.
Considering that the BEP employees working with information constituting a state secret are officials of the executive power body, they bear the burden of strict responsibility for the disclosure of this information or its loss. In such cases, there can be only two types of liability:
1) disciplinary;
2) criminal.
Their distinction depends only on the nature of the offense committed, and the difference lies in the specific penalties and the special procedure for their application.
Disciplinary responsibility consists in imposing a disciplinary sanction on a BEP employee by the powers of the head of the internal affairs body. Disciplinary punishments are: warning, reprimand, severe reprimand, dismissal from the internal affairs bodies. However, the internal affairs bodies provide for strict disciplinary liability for violation of the order of the Ministry of Internal Affairs of Russia No. 015-2005, which is expressed in the imposition of the last three of the above types of penalties on an employee.
Disciplinary liability can be applied to an economic security employee in case of negligence in the performance of his official duties, expressed in violation of the secrecy regime, the rules for handling information related to official secrets - confidential information, without having any unlawful intent.
The most severe measures of influence are characterized by criminal liability, which is applied in court to a person guilty of a crime, i.e. guilty, socially dangerous act provided for by the Criminal Code of the Russian Federation. The main types of crimes in the field of information security are shown in the table.
Types of crimes in the field of information protection
Article of the Criminal Code of the Russian Federation
Disposition of the article of the Criminal Code of the Russian Federation
Penalty (sanction)
Article 272. Illegal access to computer information 1. Illegal access to legally protected computer information, that is, information on a machine carrier, in an electronic computing machine (computer), a computer system or their network, if this act entailed the destruction, blocking, modification or copying of information , malfunction of a computer, computer system or their network; Shall be punished with a fine in the amount of up to two hundred thousand rubles or in the amount of the salary or other income of the convicted person for a period of up to eighteen months, or correctional labor for a term of six months to one year, or imprisonment for a term of up to two years;
The same act committed by a group of persons by prior conspiracy or by an organized group or by a person using his official position, as well as having access to a computer, computer system or their network is punishable by a fine in the amount of one hundred thousand to three hundred thousand rubles or in the amount of wages, or other income of the convicted person for a period of one to two years, or correctional labor for a term of one to two years, or arrest for a term of three to six months, or imprisonment for a term of up to five years
Article 273. Creation, use and distribution of malicious programs for computers 1. Creation of computer programs or making changes to existing programs, knowingly leading to unauthorized destruction, blocking, modification or copying of information, disruption of the operation of computers, computer systems or their network, as well as use or distribution of such programs or machine media with such programs; Shall be punished with imprisonment for a term of up to three years with a fine in the amount of up to two hundred thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to eighteen months;
the same acts that negligently entailed grave consequences are punishable by imprisonment for a term of three to seven years
Article 274. Violation of the rules for the operation of a computer, a computer system or their network 1. A violation of the rules for the operation of a computer, a computer system or their network by a person having access to a computer, a computer system or their network, resulting in the destruction, blocking or modification of computer information protected by law, if the act caused substantial harm; Shall be punishable by deprivation of the right to hold certain positions or engage in certain activities for a period of up to five years, or compulsory labor for a period of one hundred and eighty to two hundred and forty hours, or restraint of liberty for a period of up to two years;
the same act, which negligently entailed grave consequences, is punishable by deprivation of liberty for a term of up to four years
Article 275. State treason High treason, that is, espionage, issuance of state secrets or other assistance to a foreign state, foreign organization or their representatives in carrying out hostile activities to the detriment of the external security of the Russian Federation, committed by a citizen of the Russian Federation. Punished with imprisonment for a term of twelve up to twenty years with or without a fine in the amount of up to five hundred thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to three years.
Article 276. Espionage Transfer, as well as collection, theft or storage for the purpose of transferring to a foreign state, foreign organization or their representatives information constituting a state secret, as well as transfer or collection of other information on behalf of foreign intelligence for their use to the detriment of the external security of the Russian Federation if these acts were committed by a foreign citizen or stateless person Punished with imprisonment for a term of ten to twenty years
Article 283. Disclosure of state secrets 1. Disclosure of information constituting a state secret by a person to whom it was entrusted or became known in service or work, if this information became the property of other persons, in the absence of signs of high treason; Shall be punishable by arrest for a term of four to six months, or imprisonment for a term of up to four years, with or without deprivation of the right to hold certain positions or engage in certain activities for a term of up to three years;
the same act that negligently entailed grave consequences is punishable by imprisonment for a term of three to seven years with the deprivation of the right to hold certain positions or engage in certain activities for a term of up to three years
Article 284. Loss of documents containing state secrets Violation by a person who has access to state secrets of the established rules for handling documents containing state secrets, as well as with objects, information about which constitutes a state secret. term from four to six months, or imprisonment for up to three years with imprisonment
state secrets, if this entailed by negligence their loss and the onset of grave consequences
the right to hold certain positions or engage in certain activities for up to three years or without
From the analysis of the table it can be seen that acts related to violation of the procedure for using information constituting a state secret can be recognized as a crime. In the internal affairs bodies, such facts can take place only in case of violation of the secrecy regime. And for each fact of such misconduct, an official check is carried out.
A violation of the secrecy regime in the internal affairs bodies is the disclosure of information constituting a state secret, that is, the disclosure of information by the employee to whom this information was entrusted in the service, as a result of which it became the property of unauthorized persons; or the loss of carriers of information constituting a state secret, that is, the release (including temporary) of carriers of information from the possession of the employee to whom they were entrusted in the service, as a result of which they became or could become the property of unauthorized persons.
If these facts are revealed, the head of the department of internal affairs is obliged to inform the higher management, the security body (a subdivision of the FSB) and organize an official check and search for carriers of information constituting a state secret, as well as take all measures to localize possible damage. To conduct an official audit, the head must create a commission, which, within a month, must:
1) establish the circumstances of the disclosure of information constituting a state secret, or the loss of media containing such information;
2) search for lost media;
3) to establish the persons guilty of disclosing this information or loss of media;
4) establish the reasons and conditions that contributed to the disclosure of information constituting a state secret, leakage of media containing such information, and develop recommendations for their elimination.
Based on the results of the work of this commission, the conclusion of an official audit is drawn up with the adoption of specific measures against persons guilty of violating the secrecy regime.
As practical experience shows, cases of crimes related to disclosure of state secrets committed by operational officers are extremely rare. Most often, there are cases of disciplinary misconduct committed by employees in the negligent and improper performance of their official duties to comply with the requirements of the secrecy regime.
Thus, analyzing the legal framework designed to ensure legal protection of the legally protected interests of the state, society, legal entities and individuals in the field of information relations, we can conclude that it is extremely weak in the internal affairs bodies. In its semantic presentation, there is no substantive approach to the acute and serious problem of protecting state and official secrets, although there are requirements for mandatory compliance with regime information protection measures, but in practical terms, especially in regional divisions, control over the implementation of the binding instructions of departmental regulations of the Ministry of Internal Affairs of Russia , there are practically no territorial internal affairs bodies, work on the technical security of information protection objects is carried out formally without taking into account the specific characteristics of the object, material support with technical means of protection
information does not meet the needs and conditions of the BEP operational units. 95% of all violations related to non-compliance with regulations on information security in internal affairs bodies are detected during inspections by higher authorities.
The foregoing allows us to conclude that it is necessary to improve the legal support for the protection of information in the activities of both the internal affairs bodies in general and their units of economic security in particular.
BBK73
Lapin, V.V.
Fundamentals of information security in ATS: a course of lectures / V. V. Lapin. - M.: Moscow University of the Ministry of Internal Affairs of Russia, 2009 .-- 164 p. - ISBN 978-5-9694-0267-6.
The course of lectures on the discipline "Fundamentals of Information Security" contains basic definitions and concepts, classification and description of technical channels of information leakage and methods of preventing leakage, ways to combat unauthorized access, methods of protecting information from network threats and some other issues on the stated topic.
Designed for cadets, students and trainees of the Moscow University of the Ministry of Internal Affairs of Russia.
BBK 73ISBN 978-5-9694-0267-6
© Moscow University of the Ministry of Internal Affairs of Russia, 2009 V. V. Lapin, 2009
INTRODUCTION
The course of lectures "Fundamentals of information security of internal affairs bodies" was prepared at the Moscow University of the Ministry of Internal Affairs of Russia for conducting classes on the same academic discipline in the specialties: 030501.65 - "Jurisprudence", 030502.65 - "Forensic examination" and 030505.65 - "Law enforcement". The course of lectures is written in accordance with the exemplary and working curriculum.
Lecture 1 is devoted to the basic concepts of information security, classification of threats and sources of threats to information security. The fundamentals of the state policy in the field of information security are considered. The national interests of Russia in the information sphere are formulated, its structure is shown. Particular attention is paid to the classification of information security issues in nationwide information and telecommunication systems (including ATS). The most important components of interests in the information sphere and the main threats to information security of internal affairs bodies are considered.
Lecture 2 provides general information security provisions. Information subject to special protection is classified. An integrated approach to information protection is considered. The article analyzes the articles of the Criminal Code of the Russian Federation and the Code of the Russian Federation on Administrative Offenses, which provide for punishment for information and computer crimes. Special attention is paid to the issues of ensuring information security in the conditions of carrying out operational-search activities by the police officers.
Lecture 3 is devoted to the issues of information leakage and the study of technical channels of information leakage, in which the basic concepts, classification of technical channels and methods of preventing information leakage through electromagnetic, acoustic, visual-optical, electrical and material-material channels are considered. The general characteristic of technical means of unauthorized obtaining of information and technologies of their application is given. The main directions of engineering and technical protection of information from leakage are given.
Lecture 4 is devoted to the protection of information processes in computer systems, which explains the basic concepts and provisions of information protection in computer systems (CS). The main threats to the security of information in the CS are given, the main methods and means of unauthorized access to information are considered. The ways of protecting information in the COP are discussed. Methods of cryptographic protection are analyzed. Malicious programs and methods of dealing with them are classified.
Information protection in telecommunication systems is described in Lecture 5. It examines the security threats of modern computer networks. The concepts, definitions and issues of risk management are analyzed. Research materials on hackers are presented. Summed up the results of five lectures on information security. Firewalls and intrusion detection systems are considered.
DEFINITION OF INFORMATION SECURITY OF ATS
We have already dwelled on the concept of information security, which in its most general form can be defined as the state of protection of the needs of the individual, society and the state in information, in which their existence and progressive development are ensured, regardless of the presence of internal and external information threats... Let us concretize this concept in relation to the goals and objectives that law enforcement agencies face at the present stage. For this, first of all, let us turn to the generic concept - the concept of "safety".
Currently, security is an integral characteristic of progress, and the concept of security is one of the key ones in the study of optimization of human activities, including activities to combat crime.
Over the centuries, the concept of security has been repeatedly filled with different content and, accordingly, an understanding of its meaning. So in ancient times, the understanding of security did not go beyond the ordinary concept and was interpreted as the absence of danger or evil for a person. In this everyday sense, the term "security" was used, for example, by the ancient Greek philosopher Plato.
In the Middle Ages, security was understood as a calm state of mind of a person who considered himself protected from any danger. However, in this sense, this term did not firmly enter the vocabulary of the peoples of Europe until the 17th century. rarely used.
The concept of "security" is becoming widespread in scientific and political circles of Western European states thanks to the philosophical concepts of T. Hobbes, D. Locke, J.J. Rousseau, B. Spinoza and other thinkers of the 17th-18th centuries, meaning a state, a situation of calmness that appears as a result of the absence of real danger (both physical and moral).
It was during this period that the first attempts were made to theoretically develop this concept. The most interesting is the version proposed by Sonnenfels, who believed that security is a state in which no one has anything to fear. For a particular person, such a position meant private, personal security, and the state of the state, in which there was nothing to fear, was public security.
At present, security is traditionally understood as a state in which the vital interests of a person, society, state and international system are protected from any internal or external threat. From this point of view security can be defined as the impossibility of causing harm to someone or something due to the manifestation of threats, i.e. their security against threats.
It should be noted that this approach has found the greatest recognition both in the scientific community and in the field of lawmaking.
In general methodological terms, in the structure of the concept of "security" there are:
q security object;
q threats to the security object;
q ensuring the safety of the facility against manifestations of threats.
The key element in defining the content of the concept of "security" is the security object, i.e. something that defends itself against threats. Choosing as an object of security information circulating in the internal affairs bodies, as well as the activities of police units related to the production and consumption of information, we can talk about their information security - the security of their "information dimension".
In the current Russian legislation, information security means "The state of protection of national interests in the information sphere, determined by the totality of balanced interests of the individual, society and the state"(Doctrine of information security of the Russian Federation). Moreover, under the information sphere of society is understood as the totality of information, information infrastructure, entities that collect, form, disseminate and use information, as well as the system of regulation of the resulting public relations.
Based on the noted, information security of internal affairs bodies means the state of security of information, information resources and information systems of internal affairs bodies, which ensures the protection of information (data) from leakage, theft, graft, unauthorized access, destruction, distortion, modification, forgery, copying, blocking (The concept of ensuring information security of the internal affairs bodies of the Russian Federation until 2020, approved by order of the Ministry of Internal Affairs of Russia dated March 14, 2012 No. 169). The structure of this concept is shown in Fig. 4. Let's consider it in more detail.
Rice. 4. The structure of the concept of "information security of ATS"
ATS information security facility. As we have already noted, the following are the objects of information security:
q informational resources internal affairs bodies used in solving official tasks, including those containing information of limited access, as well as special information and operational data of an official nature.
The information used in the internal affairs bodies contains information about the state of crime and public order in the serviced territory, about the bodies and units themselves, their forces and means. In the duty units, operatives, district police inspectors, investigators, employees of forensic departments, the migration service, and other divisions, on primary accounting documents, and accounting journals and on other media, data arrays of operational search and operational reference purposes are accumulated, in which contains information about:
- offenders and criminals;
- owners of motor vehicles;
- owners of firearms;
- events and facts of a criminal nature, offenses;
- stolen and confiscated things, antiques, as well as other information to be stored.
Services and divisions of the internal affairs bodies are characterized by the data:
- about the forces and means at the disposal of the body;
- on the results of their activities.
The above information is used when organizing the work of units, when taking practical measures to combat crime and delinquency.
In addition to the specified information, scientific and technical information is widely used, which is necessary to improve the activities of the internal affairs bodies.
Special attention should be paid to the information used by the internal affairs bodies in the disclosure and investigation of crimes. This kind of information includes, including:
All types of evidence in a criminal case;
Materials of the criminal case;
Information about the course of the investigation of the criminal case (i.e., a set of operational and procedural information about the event being investigated, plans for conducting operational-search and procedural actions);
Information about law enforcement officers involved in the investigation of the crime;
Information about the persons suspected and accused in the case;
Information about the victims, witnesses and other persons assisting in the investigation of the crime, etc.
In addition to those mentioned, information with limited access by individuals and legal entities is also subject to protection, to which police officers have access in the performance of their official duties, in particular, in the disclosure and investigation of crimes;
q information infrastructure bodies of internal affairs, which is understood a set of methods, means and technologies for the implementation of information processes (i.e. processes of creation, collection, processing, accumulation, storage, search, distribution and consumption of information), which must be carried out in the police department when performing the tasks assigned to them by law.
The information infrastructure of the ATS includes primarily those used in the practical activities of law enforcement agencies Information Systems, the network and communication networks(including general use).
The information infrastructure of the internal affairs bodies should certainly include those used in the practical activities of the internal affairs bodies information Technology- processes using a set of means and methods for collecting, processing and transmitting data (primary information) to obtain information of a new quality about the state of an object, process or phenomenon (information product).
Information infrastructure objects include premises, in which information processes take place, carried out in the course of performing official activities, processing information on a computer, etc.
Threats to an information security object. The organization of information security of internal affairs bodies should be comprehensive and based on a deep analysis of possible negative consequences. In doing so, it is important not to overlook any significant aspects. Analysis of negative consequences implies the mandatory identification of possible sources of threats, factors contributing to their manifestation and, as a result, the identification of actual threats to information security.
Proceeding from this principle, modeling and classification of sources of threats to information resources and information infrastructure of ATS should be carried out on the basis of an analysis of the interaction of the logical chain:
Sources of threats . In the theory of information security under sources of threat confidential information understand potential carriers of information security threats , which, depending on the nature, are subdivided into anthropogenic(caused by human activity), technogenic or spontaneous... In relation to the security object itself, the sources of threats are divided into external and internal.
Analysis of the provisions of the Doctrine of Information Security of the Russian Federation, as well as other normative legal documents in the field of information security, makes it possible to identify the following main sources of threats to the information security of internal affairs bodies.
The main external sources of threats to the information security of internal affairs bodies include:
Intelligence activities of special services of foreign states, international criminal communities, organizations and groups related to the collection of information revealing tasks, plans of activities, technical equipment, working methods and locations of special units and internal affairs bodies of the Russian Federation;
Activities of foreign state and private commercial structures, as well as domestic criminal groups and commercial organizations seeking to gain unauthorized access to information resources of law enforcement agencies;
Natural disasters and natural phenomena (fires, earthquakes, floods and other unforeseen circumstances);
Various kinds of man-made accidents;
Failures and malfunctions, failures in the operation of information infrastructure elements caused by errors in their design and / or manufacture.
The main internal sources of threats to the information security of internal affairs bodies include:
Violation of the established regulations for the collection, processing, storage and transmission of information used in the practical activities of the internal affairs bodies, including those contained in file cabinets and automated data banks and used to investigate crimes;
Failure of hardware and software failures in information and telecommunication systems;
Use of uncertified software that disrupts the normal functioning of information and information and telecommunication systems, including information security systems;
Intentional actions, as well as errors of personnel directly involved in the maintenance of information systems used in internal affairs bodies, including those involved in the formation and maintenance of card files and automated data banks;
Inability or unwillingness of service personnel and / or users of ATS information systems to fulfill their duties (civil unrest, transport accidents, terrorist act or its threat, strike, etc.).
Vulnerabilities . Under vulnerability in the context of the issue under consideration, we believe it is necessary to understand reasons leading to a violation of the established regime of information protection in the internal affairs bodies ... These reasons include, for example:
Unfavorable crime situation, accompanied by tendencies of merging state and criminal structures in the information sphere, gaining access to confidential information by criminal structures, increasing the influence of organized crime on the life of society, reducing the degree of protection of the legitimate interests of citizens, society and the state in the information sphere;
Lack of legislative and regulatory regulation of information exchange in the law enforcement sphere;
Insufficient coordination of the activities of the internal affairs bodies and their divisions for the implementation of a unified policy in the field of information security;
Insufficient activity in informing the public about the activities of the internal affairs bodies in explaining the decisions made, in the formation of open state resources and the development of a system of access to them for citizens;
Insufficient funding of measures to ensure information security of internal affairs bodies;
Decrease in the efficiency of the education and training system, insufficient number of qualified personnel in the field of information security;
Lack of a unified methodology for collecting, processing and storing information of an operational-search, reference, forensic and statistical nature, etc.
The presence of such design features and technical characteristics of information infrastructure elements that can lead to a violation of the integrity, availability and confidentiality of security objects. So, for example, the TCP / IP protocol used in the global electronic network Internet was originally developed without taking into account the requirements of information security, and most of the software used in the practice of ATS contains a lot of errors and undocumented features.
Threats . The listed vulnerabilities give rise to corresponding threats to the security of information and information infrastructure of the internal affairs bodies. Wherein by threats to an information security object we mean a set of conditions and factors that create a potential or real danger of leakage, theft, loss, destruction, distortion, modification, forgery, copying, blocking of information and unauthorized access to it .
However, and this must be emphasized, a threat to a security object is not something that exists on its own. It is either a manifestation of the interaction of a security object with other objects, which can harm its functioning and properties, or a similar manifestation of the interaction of subsystems and elements of the security object itself.
The security of information resources and information infrastructure of internal affairs bodies is manifested through the security of their most important properties, which include:
q integrity - property of information and information infrastructure, characterized by the ability to resist unauthorized or unintentional destruction and distortion of information;
q availability - property of information and information infrastructure, characterized by the ability to provide unimpeded access to information for subjects having the proper authority to do so;
q confidentiality - property of information and information infrastructure, characterized by the ability of information to be kept secret from subjects who do not have the authority to familiarize themselves with it.
Violation of the specified properties of the information security objects of the internal affairs bodies is also a threat to the information security of the internal affairs bodies. The manifestation of these threats is carried out by:
q violation of the integrity of information as a result of it:
- loss (theft). It consists in the "removal" of information and / or its carriers from the information sphere of the internal affairs bodies, leading to the impossibility of further use of this information in the activities of the Internal Affairs Department;
- destruction. Destruction is such an impact on the information circulating in the internal affairs bodies and / or its carriers, as a result of which they cease to exist or are brought into such a state that makes it impossible to further use them in the practical activities of the internal affairs bodies;
- distortion (modifications, fakes), i.e. as a result of such an impact on information, which leads to a change in its (information) semantic content, the creation and / or imposition of false carriers of information;
q violation of the availability of information as a result of it:
- blocking, those. termination or obstruction of access to information by authorized persons;
- loss;
q violation of confidentiality of information as a result of:
- unauthorized disclosure of information. Represents intentional or unintentional actions of persons who have access to undisclosed information, contributing to the unauthorized acquaintance with this information of third parties .;
- unauthorized acquaintance with information. Represents the intentional or unintentional actions of persons who do not have the right to access information to familiarize themselves with it.
Information security. We have already noted that the information security of the internal affairs bodies is the protection of information resources and the supporting information infrastructure of the internal affairs bodies from threats, i.e. impossibility of any damage or harm to them. Since both the information resources and the information infrastructure of the Internal Affairs Directorate do not exist on their own, outside the practical activities of the internal affairs bodies, but in fact are one of the means of this activity, it is quite obvious that their security can be ensured only by creating such conditions for the activities of the internal cases in which potentially dangerous impacts for safety objects were either prevented or reduced to such a level at which they are not capable of causing damage to them.
Thus, ensuring the information security of the internal affairs bodies is the process of creating such conditions for the implementation of the activities of the internal affairs bodies, in which the impacts on them, potentially dangerous to information resources and information infrastructure of the internal affairs bodies, were either prevented or reduced to a level that did not interfere with the solution of the tasks facing the internal affairs bodies.
It is clear from this definition that ensuring information security is of an auxiliary nature in the system of activities of the internal affairs bodies, since it is aimed at creating conditions for achieving the main goals of the internal affairs bodies - first of all, an effective fight against crime.
Ensuring the information security of the ATS has its own external and internal focus. External focus This kind of activity is due to the need to ensure the legitimate rights and interests of the copyright holders of information protected by law, involved in the field of activities of the internal affairs bodies.
Internal focus activities to ensure the information security of the internal affairs bodies is due to the need to implement the tasks and achieve the goals facing the internal affairs bodies - first of all, the detection, disclosure, investigation and prevention of crimes. In other words, it creates the preconditions for the successful fulfillment of the tasks facing the internal affairs bodies.
Information security activities are carried out on the basis of a set of the most important, key ideas and provisions, called principles. These fundamental principles include the following:
Humanism;
Objectivity;
Concreteness;
Efficiency;
Combination of publicity and official secrecy;
Legality and constitutionality;
Compliance of the selected means and methods with the goal of counteraction;
Complexity.
Principle humanism is to ensure the rights and freedoms of a person and a citizen in countering threats to information security, in preventing unlawful encroachments on his personality, humiliation of a person's honor and dignity, arbitrary interference in his private life, personal and family secrets, restricting the freedom of his information activities, as well as in minimizing damage to these rights and freedoms when their restriction is carried out on legal grounds.
Principle objectivity is to take into account, in the implementation of counteraction, the objective laws of social development, the interaction of society with the environment, the real capabilities of the subjects of information security to eliminate the threat or minimize the consequences of its implementation. This principle requires an integrated, systematic approach to determining ways to achieve the goals of the activity with the least expenditure of manpower and resources.
Principle concreteness is to ensure security in relation to specific life circumstances, taking into account the various forms of manifestation of objective laws on the basis of reliable information both about internal and external threats, and about the possibilities to counter them. Reliable information makes it possible to establish specific forms of manifestation of threats, to determine in accordance with this the goals and actions to ensure security, to concretize the methods of countering threats, the forces and means necessary for their implementation.
Principle efficiency is to achieve the goals of counteraction with the least expenditure of manpower and resources. Ensuring information security in any social community requires certain material, financial and human resources. Proceeding from this, ensuring security, like any socially useful activity of people, must be carried out rationally and efficiently. Usually, the efficiency criteria that are applied in practice include the ratio of the amount of prevented damage from the implementation of threats to the costs of countering these threats.
Principle combination of publicity and secrecy is to find and maintain the necessary balance between the openness of information security activities, which makes it possible to gain public trust and support, and, on the other hand, in the protection of internal police information, the disclosure of which can reduce the effectiveness of countering security threats.
Principle legality and constitutionality means the implementation of all functions inherent in state organizations and officials in strict accordance with the current constitution, laws and by-laws, in accordance with the competence established by law. Strict and unswerving observance of legality and constitutionality should be an indispensable requirement, a principle of activity of not only state, but also non-state bodies, institutions and organizations.
Principle the correspondence of the selected means and methods to the goal of counteraction means that these means and methods should, on the one hand, be sufficient to achieve the goal, and on the other, not lead to undesirable consequences for society.
Principle complexity the use of the available forces and means consists in the coordinated activity of the subjects of countering threats to information security and the coordinated use of the resources available for this.
As a type of security, information security has a complex structure, including goals, means and subjects of this activity.
The following can be singled out as the goals of activities to ensure the information security of internal affairs bodies:
q elimination (prevention) of security threats;
q minimization of damage from the manifestation of threats.
Elimination (prevention) of threats as the goal of ensuring information security, this is the nature of the interaction between the security object and the source of threats, in which these sources cease to have the property of generating a threat.
Minimizing the consequences implementation of a threat as the goal of information security activities arises when the elimination (prevention) of threats is not possible. This goal is such a nature of the interaction between the security object and the source of threats, in which emerging threats are promptly identified, the reasons contributing to this process are identified and eliminated, as well as the elimination of the consequences of the manifestation of threats.
Information security tools – it is a set of legal, organizational and technical means designed to ensure information security.
All information security tools can be divided into two groups:
q formal;
q informal.
TO formal includes such means that perform their functions to protect information formally, that is, mainly without human participation. TO informal means the basis of which is the purposeful activity of people.
Formal means are divided into physical, hardware and programmatic.
Physical means - mechanical, electrical, electromechanical, electronic, electronic-mechanical and similar devices and systems that function autonomously, creating various kinds of obstacles to destabilizing factors.
Hardware - various electronic, electronic-mechanical and similar devices, which are built in circuitry into the equipment of the data processing system or coupled with it specifically to solve information security problems. For example, noise generators are used to protect against leakage through technical channels.
Physical and hardware are combined into a class technical means of information protection.
Software- special software packages or individual programs included in the software of automated systems in order to solve information security problems. These can be various programs for cryptographic data conversion, access control, virus protection, etc.
Informal means are divided into organizational, legal and moral and ethical.
Organizational means - organizational and technical measures specially provided for in the technology of functioning of the object to solve problems of protecting information, carried out in the form of purposeful activities of people.
Legal means - existing in the country or specially issued regulatory legal acts, with the help of which the rights and obligations related to ensuring the protection of information, of all persons and divisions related to the functioning of the system are regulated, as well as liability is established for violation of the rules for processing information, which may result in violation of information security.
Moral and ethical standards - moral norms or ethical rules that have developed in society or a given collective, the observance of which contributes to the protection of information, and violation of them is equivalent to non-compliance with the rules of conduct in society or a collective.
Moral and ethical methods of protecting information can be attributed to the group of those methods that, based on the popular expression that "the secret is kept not by locks, but by people", play a very important role in protecting information. It is a person, an employee of an enterprise or institution, who is admitted to secrets and accumulates in his memory colossal amounts of information, including secret, that often becomes a source of leakage of this information, or through his fault a rival gets the possibility of unauthorized access to protected information carriers.
Moral and ethical methods of protecting information presuppose, first of all, the education of an employee admitted to secrets, that is, carrying out special work aimed at forming in him a system of certain qualities, views and beliefs (patriotism, understanding the importance and usefulness of protecting information and for him personally), and training an employee who is aware of the information constituting a protected secret, the rules and methods of protecting information, instilling in him the skills of working with carriers of classified and confidential information.
Information security entities are bodies, organizations and persons authorized by law to carry out relevant activities... These include, first of all, the heads of the internal affairs bodies, employees of the relevant ATS units dealing with information security issues (for example, employees of technical departments carrying out technical protection of ATS facilities), federal executive bodies exercising supervisory functions within their competence (for example , FSB in terms of ensuring the safety of information constituting a state secret), etc.
Conclusion
In the internal affairs bodies, serious attention is paid to the issues of preserving secret information, instilling high vigilance among employees. One of them is often underestimated the danger of such information leakage. They show carelessness bordering on criminal negligence when handling secret documents, which often leads to the disclosure of information constituting a state secret, and even to the loss of classified items and documents. At the same time, some employees of the internal affairs bodies establish and maintain dubious undesirable connections, disclose information about the methods and forms of work of the internal affairs bodies to unauthorized persons. Low professional qualities of individual employees often lead to a violation of the secrecy of the events being held. The purpose of this course is to understand what information security is, how and by what means it can be ensured and to avoid the negative consequences that may occur for you if confidential information is leaked.