The Modeling of Processes of Design of Information Protection Systems in Financial Information Systems

Мұқаба

Дәйексөз келтіру

Толық мәтін

Ашық рұқсат Ашық рұқсат
Рұқсат жабық Рұқсат берілді
Рұқсат жабық Тек жазылушылар үшін

Аннотация

The relevance and necessity of implementing measures to protect information in banks, as well as in other organizations of the financial and credit sphere of activity is due to a number of reasons. Firstly, these are the requirements of regulators in the field of information security. For systems of this type, there are also requirements for information security measures, which are set out in GOST R 57580.1–2017. Secondly, it is the objective presence of threats of various nature that require mandatory neutralization and exist in many modern information systems. In order to ensure information security, the security mechanisms used in the banking sector should take into account such factors as a significant amount of processed information, the need to ensure correct, stable and trouble-free operation, the multi-user nature of access to information resources, and ensuring the security of managed equipment. It is particularly worth highlighting the fact that failures and errors in the operation of banking information systems can entail not only economic damage or negative social consequences. In general, ensuring the information security of banking facilities is one of the most important tasks currently being solved at the state level, since they directly affect the stability of its economy. These circumstances determine the relevance of writing the article. The purpose of writing this paper is to develop a set of models describing the features of organizational, legal and technical processes that must be performed in banking information systems. As a methodological basis for writing the work, GOST R 57580.1–2017, as well as regulatory legal acts of the FSTEC of Russia, which are in the public domain, were used. To describe the ongoing work that must be performed to ensure the protection of information in banking information systems, the methodology of functional graphical modeling IDEF0 was used. The result of the research presented in this paper is a set of graphical and symbolic models describing the processes performed at the stages of designing and functioning of the information security system in critical information infrastructures.

Толық мәтін

Рұқсат жабық

Авторлар туралы

Yaroslav Prokushev

Plekhanov Russian University of Economics

Хат алмасуға жауапты Автор.
Email: prokye@list.ru
ORCID iD: 0000-0002-7219-7581

Cand. Sci. (Econ.), Associate Professor; associate professor at the Department of Applied Informatics and Information Security

Ресей, Moscow

Sergei Ponomarenko

Belgorod University of Cooperation, Economics and Law

Email: kaf-otzi-spec@bukep.ru

Cand. Sci. (Econ.), Associate Professor; Professor at the Department of Information Security Organization and Technology

Ресей, Belgorod

Riyan Maksimov

Belgorod University of Cooperation, Economics and Law

Email: maksimov.riyan@mail.ru

postgraduate student at the Department of Information Security

Ресей, Belgorod

Әдебиет тізімі

  1. Ponomarenko S.V., Prokushev Ya.Е., Ponomarenko S.A. Information security of critical information infrastructure systems. Monography. Belgorod: BUKEP, 2021. 133 p.
  2. Prokushev Ya.Е., Ponomarenko S.V., Ponomarenko S.A. The modeling of information security system design processes in state information systems. Computational Nanotechnology. 2021. Vol. 8. No. 1. Pp. 26–37. (In Rus.)
  3. Prokushev Ya.E., Ponomarenko S.V. Comparative analysis of software and hardware protection of information used in information systems of personal data. Information and Security. 2012. Vol. 15. No. 1. Pp. 31–36. (In Rus.)
  4. Prokushev Ya.Е., Ponomarenko S.V., Shishov N.V. The modeling of processes of design of information protection systems in critical information infrastructures. Computational Nanotechnology. 2022. Vol. 9. No. 2. Pp. 45–55. (In Rus.)
  5. Prokusheva A.P., Prokushev Ya.E. Modeling and optimization of the choice of software and hardware protection of information from the point of view of economic and technical expediency. Information and Security. 2012. Vol. 15. No. 1. Pp. 55–60. (In Rus.)
  6. Mattord H., Whitman M. Management of information security. 6th ed. Cengage Learning, 2019. 752 p.
  7. Rohit Tanwar. Information security and optimization. CRC Press, 2021. 224 p.
  8. Whitman M.E. et al. PRSCIiples of information security. 6th ed. Cengage Learning, 2017. 656 p.

Қосымша файлдар

Қосымша файлдар
Әрекет
1. JATS XML
Жүктеу
2. Fig-1. The choice of information protection measures in financial organizations

Жүктеу (354KB)
Метадеректер
3. Fig. 2. Detailing the process of applying the information security system

Жүктеу (296KB)
Метадеректер
4. Fig. 3. The Ensuring of the protection of information during access control

Жүктеу (333KB)
Метадеректер
5. Fig. 4. Ensuring the protection of the computer network

Жүктеу (319KB)
Метадеректер
6. Fig. 5. То ensure the control of the integrity of the information infrastructure

Жүктеу (290KB)
Метадеректер
7. Fig. 6. То provide the layered protection against the viruses and malware

Жүктеу (307KB)
Метадеректер
8. Fig. 7. Modeling the process of preventing information leakage

Жүктеу (277KB)
Метадеректер
9. Fig. 8. The model of control of permitted information exchange channels

Жүктеу (362KB)
Метадеректер
10. Fig. 9. The simulation of the process of ensuring the protection of virtualization systems

Жүктеу (287KB)
Метадеректер
11. Fig. 10. Providing protection when using mobile devices

Жүктеу (206KB)
Метадеректер
12. Fig. 11. Detailed process of ensuring accounting and secure storage of events

Жүктеу (236KB)
Метадеректер


Осы сайт cookie-файлдарды пайдаланады

Біздің сайтты пайдалануды жалғастыра отырып, сіз сайттың дұрыс жұмыс істеуін қамтамасыз ететін cookie файлдарын өңдеуге келісім бересіз.< / br>< / br>cookie файлдары туралы< / a>