The Modeling of Processes of Design of Information Protection Systems in Financial Information Systems
- Авторлар: Prokushev Y.E.1, Ponomarenko S.V.2, Maksimov R.R.2
-
Мекемелер:
- Plekhanov Russian University of Economics
- Belgorod University of Cooperation, Economics and Law
- Шығарылым: Том 10, № 4 (2023)
- Беттер: 23-38
- Бөлім: METHODS AND SYSTEMS OF INFORMATION PROTECTION, INFORMATION SECURITY
- URL: https://journals.eco-vector.com/2313-223X/article/view/626621
- DOI: https://doi.org/10.33693/2313-223Х-2023-10-4-23-38
- ID: 626621
Дәйексөз келтіру
Аннотация
The relevance and necessity of implementing measures to protect information in banks, as well as in other organizations of the financial and credit sphere of activity is due to a number of reasons. Firstly, these are the requirements of regulators in the field of information security. For systems of this type, there are also requirements for information security measures, which are set out in GOST R 57580.1–2017. Secondly, it is the objective presence of threats of various nature that require mandatory neutralization and exist in many modern information systems. In order to ensure information security, the security mechanisms used in the banking sector should take into account such factors as a significant amount of processed information, the need to ensure correct, stable and trouble-free operation, the multi-user nature of access to information resources, and ensuring the security of managed equipment. It is particularly worth highlighting the fact that failures and errors in the operation of banking information systems can entail not only economic damage or negative social consequences. In general, ensuring the information security of banking facilities is one of the most important tasks currently being solved at the state level, since they directly affect the stability of its economy. These circumstances determine the relevance of writing the article. The purpose of writing this paper is to develop a set of models describing the features of organizational, legal and technical processes that must be performed in banking information systems. As a methodological basis for writing the work, GOST R 57580.1–2017, as well as regulatory legal acts of the FSTEC of Russia, which are in the public domain, were used. To describe the ongoing work that must be performed to ensure the protection of information in banking information systems, the methodology of functional graphical modeling IDEF0 was used. The result of the research presented in this paper is a set of graphical and symbolic models describing the processes performed at the stages of designing and functioning of the information security system in critical information infrastructures.
Толық мәтін
Авторлар туралы
Yaroslav Prokushev
Plekhanov Russian University of Economics
Хат алмасуға жауапты Автор.
Email: prokye@list.ru
ORCID iD: 0000-0002-7219-7581
Cand. Sci. (Econ.), Associate Professor; associate professor at the Department of Applied Informatics and Information Security
Ресей, MoscowSergei Ponomarenko
Belgorod University of Cooperation, Economics and Law
Email: kaf-otzi-spec@bukep.ru
Cand. Sci. (Econ.), Associate Professor; Professor at the Department of Information Security Organization and Technology
Ресей, BelgorodRiyan Maksimov
Belgorod University of Cooperation, Economics and Law
Email: maksimov.riyan@mail.ru
postgraduate student at the Department of Information Security
Ресей, BelgorodӘдебиет тізімі
- Ponomarenko S.V., Prokushev Ya.Е., Ponomarenko S.A. Information security of critical information infrastructure systems. Monography. Belgorod: BUKEP, 2021. 133 p.
- Prokushev Ya.Е., Ponomarenko S.V., Ponomarenko S.A. The modeling of information security system design processes in state information systems. Computational Nanotechnology. 2021. Vol. 8. No. 1. Pp. 26–37. (In Rus.)
- Prokushev Ya.E., Ponomarenko S.V. Comparative analysis of software and hardware protection of information used in information systems of personal data. Information and Security. 2012. Vol. 15. No. 1. Pp. 31–36. (In Rus.)
- Prokushev Ya.Е., Ponomarenko S.V., Shishov N.V. The modeling of processes of design of information protection systems in critical information infrastructures. Computational Nanotechnology. 2022. Vol. 9. No. 2. Pp. 45–55. (In Rus.)
- Prokusheva A.P., Prokushev Ya.E. Modeling and optimization of the choice of software and hardware protection of information from the point of view of economic and technical expediency. Information and Security. 2012. Vol. 15. No. 1. Pp. 55–60. (In Rus.)
- Mattord H., Whitman M. Management of information security. 6th ed. Cengage Learning, 2019. 752 p.
- Rohit Tanwar. Information security and optimization. CRC Press, 2021. 224 p.
- Whitman M.E. et al. PRSCIiples of information security. 6th ed. Cengage Learning, 2017. 656 p.