Conceptual model of choice of hardware and software protection


Cite item

Full Text

Open Access Open Access
Restricted Access Access granted
Restricted Access Subscription Access

Abstract

The need to protect information in organizations of any level is absolutely obvious today. The development of new information technologies and universal computerization have led to the fact that information protection and information security become one of the main tasks of the organization and characteristics of the information system. With the development and complexity of technical means, methods and forms of automation of information processing processes, the vulnerability of information protection increases. The main factors contributing to this are: high growth in the volume of processed information using various automation tools; expansion of the circle of users who have direct access to the resources of the computer system and the data stored in it; complication of the modes of operation of technical means [Schneier, 2003].Software and hardware protection measures are based on the use of modern technical electronic devices and special programs that are part of the organization’s automated system and are performed independently or in conjunction with other security features [Schneier, 2003; Mitnick, Simon, 2005; Konheim, 2007].This article deals with the problem of choosing information security tools when developing an information security system and the formulated model can be used in most systems of hardware and software protection of information in a local computer system.The comparative analysis reveals some significant operational features from the authors point of view of the two information security systems, each of which has its own strengths and, if applied correctly, can provide a high level of information security.

Full Text

Restricted Access

About the authors

Yaroslav E. Prokushev

Plekhanov Russian University of Economics

Email: 1985nk@list.ru
PhD in economics, Associate Professor; associate professor of the Department of Applied Information Technology and Information Security Moscow, Russian Federation

Julia V. Maliy

Belgorod University of Cooperation, Economics and Law

Email: lazarevaipk@yandex.ru
PhD in economics; associate professor of the Department of Organization and Technology of Information Security Belgorod, Russian Federation

References

  1. Приказ № 21 «Об утверждении состава и содержания организационных и технических мер по обеспечению безопасности персональных данных при их обработке в информационных системах персональных данных». Утв. ФСТЭК России 18.02.2013.
  2. Приказ № 17 «Об утверждении требований о защите информации, не составляющей государственную тайну, содержащейся в государственных информационных системах». Утв. ФСТЭК России 11.02.2013.
  3. Методические рекомендации по выполнению законодательных требований при обработке персональных данных в организациях банковской системы Российской Федерации (утв. Банком России, АРБ, Ассоциацией региональных банков России (Ассоциация «Россия»).
  4. ГОСТ Р 51624-2000 «Защита информации. Автоматизированные системы в защищенном исполнении. Общие требования».
  5. Прокушев Я.Е. Программно-аппаратные средства защиты информации. Средства антивирусной защиты: учеб. пособие. Белгород: Изд-во БУКЭП, 2014. 110 с.
  6. Малий Ю.В., Шатохин Р.А., Прокушев Я.Е. Актуальные проблемы обеспечения информационной безопасности в банковской сфере: монография. Белгород: Изд-во БУКЭП, 2018. 185 с.
  7. Schneier B. Beyond fear: Thinking sensibly about security in an uncertain world. 2003. P. 263.
  8. Mitnick K., Simon W.L. The art of deception: Controlling the human element of security. 2003. P. 330.
  9. Mitnick K., Simon W.L. The art of intrusion. 2005. P. 288.
  10. Konheim A.G. Computer security and cryptography. USA: Wiley, 2007. P. 544.

Supplementary files

Supplementary Files
Action
1. JATS XML
Download


This website uses cookies

You consent to our cookies if you continue to use our website.

About Cookies