The main threats to information security of internal affairs bodies. The main threats to information security that arise during the activities of operational units of internal affairs bodies. methods used in CS functions
480 rub. | 150 UAH | $7.5 ", MOUSEOFF, FGCOLOR, "#FFFFCC",BGCOLOR, "#393939");" onMouseOut="return nd();"> Dissertation - 480 RUR, delivery 10 minutes, around the clock, seven days a week and holidays
240 rub. | 75 UAH | $3.75 ", MOUSEOFF, FGCOLOR, "#FFFFCC",BGCOLOR, "#393939");" onMouseOut="return nd();"> Abstract - 240 rubles, delivery 1-3 hours, from 10-19 (Moscow time), except Sunday
Fisun Yulia Alexandrovna. State legal foundations of information security in internal affairs bodies: Dis. ...cand. legal Sciences: 12.00.02: Moscow, 2001 213 p. RSL OD, 61:01-12/635-2
Introduction
Chapter I. Concept and legal basis of information security . 14
1. The concept and essence of information security 14
2. Main directions of the state’s activities to ensure information security 35
3. Main directions of formation of legislation in the field of information security 55
Chapter II. Organizational foundations of information security in internal affairs bodies 89
1. Organization of activities of internal affairs bodies to ensure information security 89
2. Forms and methods of ensuring information security in internal affairs bodies
Conclusion 161
References 166
Applications 192
Introduction to the work
Relevance of the research topic. Informatization of law enforcement, based on rapid development information systems, is accompanied by a significant increase in attacks on information both from foreign states and from criminal structures and citizens. One of the features of the informatization process is the formation and use information resources, having the appropriate properties of reliability, timeliness, relevance, among which their safety is important. This, in turn, involves the development of secure information technologies, which should be based on the priority nature of solving problems of ensuring information security. It should be noted that the lag in solving these problems can significantly reduce the pace of informatization of the law enforcement sphere.
Thus, one of the primary tasks facing internal affairs bodies is to resolve the contradictions between the actually existing and necessary quality of protecting their information interests (needs), i.e., ensuring their information security.
The problem of ensuring information security in internal affairs bodies is inextricably linked with the activities of the state in the information sphere, which also includes the field of information security. Over the last period, a large number of regulatory legal acts on information legislation have been adopted. Only a few of them relate to the field of information security and at the same time relate only to general security provisions (for example, the Law of the Russian Federation “On Security”). The very definition of “information security” first appeared in the Federal Law “On Participation in International Information Exchange”. The Federal Law “On Information, Informatization and Information Protection” also speaks about the protection of information, but without defining the concept of information protection. Due to the lack of concepts of types of information, it is not entirely clear what information should be protected.
The National Security Concept adopted in the new edition, the priority task of which is not only the solution of issues of state security, but also its components, is focused primarily on the fight against terrorism. Unfortunately, issues related to information security only affect threats in the information sphere. Nothing is said at all about the role of the Ministry of Internal Affairs as a security entity.
The relevance of the chosen topic is emphasized by the act of adoption of the Information Security Doctrine Russian Federation(RF), which for the first time introduced the definition of information security of the Russian Federation, threats to information security, methods of ensuring information security of the Russian Federation, etc.
As for the issues of information security in internal affairs bodies, in the legal literature they are mainly reduced to general provisions: threats to security are listed and some methods of ensuring it are named that are characteristic of the entire law enforcement sphere. Organizational legal aspects ensuring information security of internal affairs bodies within the framework of the proposed concept of information security are considered incompletely.
Taking into account the above, it is proposed to introduce the concept of information security of internal affairs bodies. Information security of internal affairs bodies is a state of security of the information environment that corresponds to the interests of internal affairs bodies, which ensures their formation, use and development opportunities, regardless of the impact of internal and external information threats. At the same time, taking into account the well-known definitions of a threat, an information threat will be understood as a set of conditions and factors that create a danger to the information environment and the interests of internal affairs bodies.
Thus, the relevance of legal regulation of information security in the activities of internal affairs bodies is beyond doubt. To achieve the proper level of regulatory support for information security, it is necessary to determine its subject areas, regulate the relations of the subjects of support, taking into account the characteristics of the main objects of information security. Therefore, according to the dissertation author, a comprehensive study is needed not only of the legal regulation of information security at the level of ministries and departments, but also a study of the state and development of the regulatory framework in the field of information security.
The degree of development of the research topic. The author's analysis of the research results of scientists allows us to state that the problems of legal regulation of information relations, ensuring information security and its components are relevant for legal science and practice and require further development." A significant number of publications are devoted to particular problems and issues of legal regulation of relations in the information sphere, in the field of information security, ensuring the security of information, which involves its protection from theft, loss, unauthorized access, copying, modification, blocking, etc., considered within the framework of the emerging legal institution of secrecy. A great contribution to the development of this area was made by domestic scientists and specialists: A. B. Agapov, V. I. Bulavin, Yu. M. Baturin, S. A. Volkov, V. A. Gerasimenko, V. Yu. Gaikovich, I. N. Glebov, G. V. Grachev, S. N. Grinyaev, G. V. Emelyanov, V. A. Kopylov, A. P. Kurilo, V. N. Lopatin, A. A. Malyuk, A. S. Prudnikov, S. V. Rybak, A. A. Streltsov, A. A. Fatyanov, A. P. Fisun, V. D. Tsigankov, D. S. Chereshkin, A. A. Shiversky and others1.
During the dissertation research, the latest achievements of natural, socio-economic and technical sciences, historical and modern experience in ensuring information security of the individual, society and state were widely used; materials of various scientific periodicals, scientific, scientific and practical conferences and seminars, works of scientists in the field of theory of law and state, monographic studies in the field of law, information legislation, comprehensive information protection and information security.
Object and subject of research. The object of the study is the current and emerging systems of social relations that have developed in the information sphere and the field of information security.
The subject of the research is international legal acts, the content of the Constitution of the Russian Federation, the norms of domestic legislation regulating relations in the field of ensuring information security of the individual, society and the state, as well as the content of legal norms regulating the activities of internal affairs bodies to ensure information security.
Goals and objectives of the study. Based on the analysis and systematization of current legislation in the information sphere, information security, the dissertation author developed the fundamentals and implemented scientifically guidelines on the use of legal and organizational tools for ensuring information security both in the activities of internal affairs bodies and in the educational process.
As part of achieving this goal, the following theoretical and scientific-practical tasks were set and solved: basic concepts, types, content of information as an object of ensuring information security and legal relations were analyzed and clarified;
2) existing directions and proposals for the formation of the legal and organizational foundations of information security were systematized, directions for improving the legislative framework in the field of ensuring information security, including in internal affairs bodies, were identified and clarified;
3) regulatory legal acts have been systematized and the structure of the current legislation in the information sphere has been formed;
4) the content of the organizational basis for the activities of internal affairs bodies to ensure information security has been determined;
5) organizational and legal aspects of the information security system and its structure in the activities of internal affairs bodies have been identified;
6) analyzed and selected forms and methods of ensuring information security in internal affairs bodies within the framework of legal regulation of their application and development.
The methodological basis of the dissertation research is made up of universal philosophical methods and principles of materialist dialectics; general scientific methods of comparison, generalization, induction; private scientific methods: system-structural, system-activity, formal-legal, comparative-legal and other research methods.
The regulatory framework for the study is the Constitution of the Russian Federation, regulatory legal acts of the Russian Federation, including international legislation, norms of various branches of law, departmental regulations.
The scientific novelty of dissertation research is:
In the study of the problem of development of the legal and organizational foundations for ensuring information security in internal affairs bodies from the standpoint of the advanced development of the needs of practice and the formation of the information sphere in the context of the widespread introduction of new information technologies and increasing information threats;
Understanding the place and role of constitutional law in the life of Russian society, as well as the further prospects for its development, within the framework of state policy to ensure information security;
Clarifying the system of state legislation in the field of information security;
Implementation of systematization of regulatory legal acts in the field of information security and formation of the structure of legislation in the field of information security of the individual, society, state, including internal affairs bodies;
Development of proposals for improving legislation in the field of information security;
Development of organizational and legal components of the information security system in internal affairs bodies;
Development of scientific and methodological recommendations for the use of legal and organizational training tools for ensuring information security in internal affairs bodies and in the educational process when training specialists in the legal foundations of information security.
Main provisions submitted for defense:
1. Definition of the conceptual apparatus on the legal basis of the current legislation in the field of information security, including the concept of information security, which allows us to form an idea of information as an object of ensuring information security and legal relations, as well as to formulate security threats.
Information security of internal affairs bodies is a state of security of the information environment that corresponds to the interests of internal affairs bodies, which ensures their formation, use and development opportunities, regardless of the impact of internal and external threats.
2. The problem of ensuring information security at the state level requires a deeper theoretical and practical understanding of the place and role of constitutional law in the life of Russian society, as well as the further prospects for its development within the following areas:
Improving the constitutional legislation "On state states and regimes", in particular in the field of information security, and improving on this basis the legislation of the constituent entities of the Russian Federation in this area;
Priority implementation of the constitutional rights of citizens in the information sphere;
Implementation of a unified state policy in the field of information security, ensuring an optimal balance of interests of subjects in the information sphere and eliminating gaps in constitutional legislation.
3. Proposals to clarify the main directions of the state’s activities in the formation of legislation in the information sphere, including the field of information security, which represent ways to improve the regulatory framework of information legislation and make it possible to determine the legal basis for the activities of internal affairs bodies in the field of information security. They come from a set of balanced interests of the individual, society and the state in the economic, social, domestic political, international, information and other spheres. The following areas are prioritized:
To respect the interests of the individual in the information sphere;
Improving legal mechanisms for regulating public relations in the information sphere;
Protection of national spiritual values, moral standards and public morality.
4. It is proposed to improve the structure of legislation in the field of information security, which is a system of interconnected elements, including a set of regulatory and departmental acts, which makes it possible to visualize the many relations in the information sphere and the field of information security, and the complexity of their regulation.
5. Organizational and legal components of the system for ensuring information security in internal affairs bodies, including the content of the organization of their activities (from the perspective of its legal regulation), represented by the structure of necessary and interrelated elements and including:
Subjects of ensuring the security of the Russian Federation;
Information security objects of internal affairs bodies;
Organization of activities of internal affairs bodies;
Forms, methods and means of ensuring information security.
6. The content of organizing the activities of internal affairs bodies to ensure information security (from the point of view of its legal regulation), which is a purposeful continuous process in terms of analysis, development, implementation of legal, organizational, technical and other activities related to the field of information security, and also ensuring the rights and legitimate interests of citizens.
The practical significance of the dissertation research is:
In the use of proposals in the development of new regulations and improvement of current legislation in the information sphere of activity of public authorities of the constituent entities of the Russian Federation, departments, ministries;
Increasing the efficiency of the activities of internal affairs bodies to ensure information security;
Improving the training of specialists in the system of higher professional education, improving the qualifications of specialists in the field of integrated information security and legal regulation of information security in the interests of various ministries and departments based on the development of a version of educational and methodological support;
Development of scientific and methodological recommendations for the use of legal and organizational training tools for information security in the educational process, allowing to ensure the necessary level of training of specialists in the legal foundations of information security.
Approbation, implementation of research results and publications.
Theoretical principles, conclusions, suggestions and practical recommendations outlined in this study were reported and discussed at 8 and 9 International conferences at the Academy of Management of the Ministry of Internal Affairs
Russia "Informatization of law enforcement systems" (Moscow, 1999-2000), Interuniversity regional conference "University Declaration of Human Rights: problems of improving Russian legislation and the practice of its application" at the Academy of Management of the Ministry of Internal Affairs of Russia (Moscow, 1999) , scientific seminar "Problems of federalism in the development of Russian statehood" and the International scientific and practical conference "Law enforcement in transport: results and prospects", held on the basis of the Orel Law Institute of the Ministry of Internal Affairs of Russia (Orel, 1999). Eight studies were published based on the results of the study. scientific works with a total volume of 8 printed sheets.
The structure and volume of the dissertation are determined by the logic of the research and consist of an introduction, two chapters, a conclusion, a list of references and an appendix.
The concept and essence of information security
An integral part of the subject of science and scientific research, including the developing scientific direction of information protection and legal regulation of information security, is its conceptual apparatus. Naturally, one of the central concepts in this subject area is the concept of “information”1, which can be classified as abstract categories and primary concepts. Analysis of the above concept gives an idea of its understanding in a system-wide, philosophical sense (information is a reflection of the material world) and to the narrowest, technocratic and pragmatic sense (information is all information that is the object of storage, transmission and transformation).
In a number of works, information is understood as certain properties of matter perceived control system both from the surrounding external material world, and from the processes occurring in the system itself. There is a view that identifies the concepts of “information” and “message”, in which information is defined as an essential part of the message for the recipient, and the message is defined as a material carrier of information, one of the specific elements of a finite or infinite set transmitted over a communication channel and perceived at the receiving end of the system communication with some recipient.
We can to some extent turn to the well-known content of the concept of “information”, defined by R. Shannon, where information is the amount of the unpredictable contained in a message. Quantity is a measure of the newness that a given message introduces into the sphere surrounding the recipient.
The Federal Law “On Information, Informatization and Information Protection” provides a fairly generalized definition of this concept and its derivatives. Thus, information is presented as information about objects, objects, phenomena, processes, regardless of the form of their presentation. This generic concept of information is also used to form its derivative definitions used in other regulatory legal acts1. Let's look at some of them in more detail.
Documented information (documents) is information recorded on a tangible medium with details that allow it to be identified.
Confidential information is documented information, access to which is limited in accordance with the law.
Mass information - printed, audio messages, audiovisual and other messages and materials intended for an unlimited number of people.
Information resources - individual documents and individual arrays of documents, documents and arrays of documents in information systems (libraries, archives, funds, data banks, other types of information systems).
Information products (products) - documented information prepared in accordance with user needs and intended or used to meet user needs.
State secret is information protected by the state in the field of its military, foreign policy, economic, intelligence, counterintelligence and operational investigative activities, the dissemination of which could harm the security of the Russian Federation.
Computer information is information on a machine medium, in a computer, a computer system or their network."
Article 128 of the Civil Code defines information as an object of civil legal relations. When analyzing information from these positions, it is necessary to pay attention to the aspect related to the legal protection of information as an object of property rights5. This approach to information is explained by the fact that, on the one hand, the historical and traditional object of property rights is a material object, on the other hand, information, not being a material object of the surrounding world, is inextricably linked with a material carrier: this is the human brain or material carriers alienated from humans (book, floppy disk, etc.)
Considering information as a reflection of reality by an object in the surrounding world, we can talk about information as an abstract substance that exists on its own, but for us neither storage nor transmission of information without a material carrier is possible. It is known that information, on the one hand, as an object of property rights, can be copied (replicated) using a material medium1, on the other hand, as an object of property rights, it is easily moved from one to the next subject of property rights without an obvious (noticeable) violation of the property rights to information. But the movement of a material object of property rights is inevitable and, as a rule, entails the loss of this object by the original subject of property rights. In this case, there is an obvious violation of his property rights. It should be noted that a violation of this right occurs only in the case of unlawful movement of a particular material object1. The danger of copying and moving information is aggravated by the fact that it is usually alienated from the owner, i.e., it is stored and processed within the reach of a large number of entities that are not subjects of ownership of this information. This includes, for example, automated systems, including networks. A complex system of relationships between subjects of property rights arises, which determines the methods of their implementation, and, consequently, the directions for the formation of a system of legal protection that ensure the prevention of violations of property rights to information.
Having analyzed the features of information as an object of property rights, we can conclude that otherwise information is no different from traditional objects of property rights. The analysis of the content of information, including as an object of law, made it possible to identify its main types that are subject to legal protection(Appendix 1): - information classified as state secret by authorized bodies on the basis of the Law of the Russian Federation “On State Secrets”; - confidential documented information - of the owner of information resources or an authorized person on the basis of the Federal Law "On Information, Informatization and Information Protection"; - Personal Information.
The main directions of government activity to ensure information security
The trends in constitutional development are such that they focus attention on the problem of the nature of constitutional legislation. Along with the currently pressing issues of the priority of human rights and freedoms of civil society, government and its organization, the problem of “state regimes and states” comes to the forefront - ensuring security (information security as an integral part), defense, state of emergency, etc. 1
The need for constitutional regulation of information security is obvious. After all, information security of an individual is nothing more than the protection of constitutional rights and freedoms of a person. And one of the directions of state policy in the field of information security is the observance and implementation of the constitutional rights of man and citizen in the area under consideration. Firstly, according to the Law of the Russian Federation “On Security”, security is achieved by pursuing a unified state policy in the field of security. It is obvious that information security is achieved by implementing state policy in the field of ensuring information security of the Russian Federation. This policy, in turn, determines the main directions of state activity in the area under discussion and deserves some attention.
Secondly, the relevance of the study of the main directions of state activity in the area under consideration is determined by the following: - the need to develop and improve constitutional legislation, ensuring an optimal combination of the priorities of the interests of the individual, departments and the state as a whole within the framework of one of the areas of ensuring information security; - improving the state’s activities in implementing its functions of ensuring the security of all subjects of information relations; - the need of citizens to protect their interests in the information sphere; - the need to form a unified legal field in the field of information relations. The development of state policy in the field of information security is reflected in the consistent development and development of the National Security Concept of the Russian Federation. Its features are the following provisions: - not a single sphere of life in modern society can function without a developed information structure; - the national information resource is currently one of the main sources of economic and military power of the state; - penetrating into all spheres of state activity, information acquires specific political, material and cost expressions; - issues of ensuring information security of the Russian Federation as an integral element of its national security are becoming increasingly relevant, and information protection is becoming one of the priority government tasks; - the system of national interests of Russia in the field of economics, social, domestic political, international, information spheres, in the field of military, border and environmental security is determined by the totality of balanced interests of the individual, society and the state; - the state policy of ensuring information security of the Russian Federation determines the main directions of activity of federal government bodies and government bodies of constituent entities of the Russian Federation in this area. The concept also defines Russia's national interests in the information sphere1, which are aimed at concentrating the efforts of society and the state in solving the following tasks: - respect for the constitutional rights and freedoms of citizens in the field of obtaining information and exchanging it; - protection of national spiritual values, promotion of national cultural heritage, moral standards and public morality; - ensuring the right of citizens to receive reliable information; - development of modern telecommunication technologies.
The systematic activities of the state to implement these tasks will allow the Russian Federation to become one of the centers of global development and formation information society, providing the needs of the individual, society, and the state in the information sphere, including their protection from the destructive effects of information for manipulating mass consciousness, as well as the necessary protection of the state information resource from the leakage of important political, economic, scientific, technical and military information.
Taking into account the above provisions, the following principles can be identified on which the state policy of ensuring information security of the Russian Federation should be based:
Compliance with the Constitution of the Russian Federation, the legislation of the Russian Federation, generally recognized norms of international law when carrying out activities to ensure the information security of the country;
Legal equality of all participants in the process information interaction regardless of their political, social and economic status, based on the constitutional right of citizens to freely search, receive, transmit, produce and disseminate information in any legal way;
Openness, which provides for the implementation of the functions of federal government bodies and government bodies of constituent entities of the Russian Federation, public associations, including informing the public about their activities, taking into account the restrictions established by the legislation of the Russian Federation;
Priority for the development of domestic modern information and telecommunication technologies, the production of hardware and software capable of ensuring the improvement of national telecommunication networks and their connection to global ones information networks in order to comply with the vital interests of the Russian Federation.
Organization of activities of internal affairs bodies to ensure information security
To ensure information security, it is necessary to have relevant bodies, organizations, departments and ensure their effective functioning. The combination of these organs constitutes a security system. To identify the features of the organization and activities of internal affairs bodies to ensure information security, we will consider the security system as a whole.
According to the Law of the Russian Federation “On Security”, the security system, and therefore information security, is formed by: - bodies of the legislative, executive and judicial authorities; state, public and other organizations and associations; citizens taking part in ensuring security; - legislation regulating relations in the field of security. This law establishes only the organizational structure of the security system. The security system itself is much broader. Its consideration is not possible, since it is beyond the scope of the dissertation research. Therefore, we will consider only the organizational structure of the security system. Analysis of current regulatory legal acts made it possible to identify the following components as security subjects representing the organizational structure of the information security system1: - federal authorities state power; state authorities of the constituent entities of the Russian Federation; local government bodies, problem solvers in the field of ensuring information security within its competence; - state and interdepartmental commissions and councils specializing in solving information security problems; - structural and cross-industry divisions for the protection of confidential information of government bodies of the Russian Federation, as well as structural divisions of enterprises carrying out work using information classified as state secrets, or specializing in work in the field of information protection; - research, design and engineering organizations performing work to ensure information security; - educational institutions that provide training and retraining of personnel to work in the information security system; - citizens, public and other organizations with rights and responsibilities to ensure information security in the manner prescribed by law;
The main functions of the considered information security system of the Russian Federation are1: - development and implementation of an information security strategy; - creating conditions for the implementation of the rights of citizens and organizations to activities permitted by law in the information sphere; - assessment of the state of information security in the country; identifying sources of internal and external threats to information security; identifying priority areas for preventing, countering and neutralizing these threats; - coordination and control of the information security system; - organizing the development of federal and departmental information security programs and coordinating work on their implementation; - implementation of a unified technical policy in the field of information security; - organization of fundamental, exploratory and applied scientific research in the field of information security; - ensuring control over the creation and use of information security tools through mandatory licensing of activities in the field of information security and certification of information security tools; - implementation of international cooperation in the field of information security, representation of the interests of the Russian Federation in relevant international organizations.
Analysis of the structure and functions of the information security system, taking into account the existing system of separation of powers, revealed the following: 1) the main goal of the information security system is to protect the constitutional rights and freedoms of citizens; 2) the state is the main and main subject of ensuring information security; 3) general management of the subjects of information security, within the framework of certain powers, is exercised by the President of the Russian Federation. His powers in the field of ensuring information security include: - management and interaction of public authorities; - control and coordination of the activities of information security authorities; - determination of the vital interests of the Russian Federation in the information sphere; - identification of internal and external threats to these interests; - determination of the main directions of the information security strategy. 4) The Federal Assembly of the Russian Federation forms the legislative framework in the field of information security on the basis of the Constitution of the Russian Federation; 5) The Government of the Russian Federation, within the limits of its powers, provides leadership to state bodies ensuring information security, organizes and controls the development and implementation of measures to ensure information security by ministries and other bodies subordinate to it; 6) judicial authorities are also subjects of information security. They provide judicial protection to citizens whose rights have been violated in connection with activities to ensure information security, administer justice in cases of crimes in the information sphere; 7) a special role in ensuring state security, including information security, belongs to the Security Council of the Russian Federation. This is a constitutional body that does not have the status of a federal executive body, but is endowed with sufficient powers in the field of security. The Security Council is the only advisory body under the President of the Russian Federation, the creation of which is provided for by the current Constitution.
Forms and methods of ensuring information security in internal affairs bodies
The issues of organizing a security system, including the areas of ensuring information security, discussed in the previous paragraph, require clarification of the content of the tasks of ensuring information security, methods, means and forms of their solution.
Forms, methods and means are considered through the prism of legal regulation of activities to ensure information security, which is inextricably linked with them, and therefore requires clarification and determination of the legal boundaries of their use. In addition, solving any theoretical or practical problem is impossible without certain methods - methods and means.
The choice of appropriate methods and means of ensuring information security is proposed to be undertaken as part of the creation of an information protection system that would guarantee recognition and protection of the fundamental rights and freedoms of citizens; formation and development of the rule of law, political, economic, social stability of society; preservation of national values and traditions.
At the same time, such a system must ensure the protection of information, including information constituting state, commercial, official and other secrets protected by law, taking into account the peculiarities of the protected information in the field of regulation, organization and implementation of protection. Within the framework of this variety of types of protected information, in the author’s opinion, the following most general features of the protection of any type of protected information can be identified: - information protection is organized and carried out by the owner or owner of the information or persons authorized by him (legal or natural); - organizing effective information protection allows the owner to protect his rights to own and dispose of information, to strive to protect it from illegal possession and use to the detriment of his interests; - information protection is carried out through a set of measures to limit access to protected information and create conditions that exclude or significantly complicate unauthorized, illegal access to protected information and its media.
To exclude access to protected information by unauthorized persons, the owner of the information, who protects it, including its classification, establishes a certain regime, rules for its protection, determines forms and methods of protection. Thus, information protection is the proper provision of circulation of protected information in a special area limited by security measures. This is confirmed by a number of approaches of famous scientists2, who consider information protection as “the regular use of means and methods, the adoption of measures and the implementation of activities in order to systematically ensure the required reliability of information
Taking into account the content of this definition, as well as other definitions of the concept of information protection and the main purposes of information protection highlighted in them, including preventing the destruction or distortion of information; prevention of unauthorized receipt and reproduction of information, we can highlight the main task of protecting information in internal affairs bodies. This is maintaining the secrecy of protected information.
In a comprehensive information security system, this problem is solved in relation to protection levels and destabilizing factors. And the formation of a relatively complete set of tasks for these groups is carried out on the basis of an analysis of the objective possibilities of achieving the set protection goals, ensuring the required degree of information security. Taking into account the provisions considered, the tasks can be divided into two main groups:
1) timely and complete satisfaction of information needs arising in the process of management and other activities, that is, providing specialists of internal affairs bodies with confidential information;
2) protecting classified information from unauthorized access to it by other entities.
When solving the first group of problems - providing specialists with information - it is necessary to take into account that specialists can use both open and confidential information. The provision of open information is not limited by anything other than its actual availability. When providing classified information, restrictions apply, providing for access to information of the appropriate degree of secrecy and permission to access specific information. An analysis of current practice and regulatory legal acts that determine the procedure for a specialist’s access to relevant information has made it possible to identify a number of contradictions. On the one hand, maximum restriction of access to classified information reduces the likelihood of leakage of this information; on the other hand, in order to meaningfully and effectively solve official problems, it is necessary to most fully satisfy the specialist’s information needs. Under normal, non-routine conditions, a specialist has the opportunity to use a variety of information to solve the problem facing him. When providing him with classified information, his ability to access it is limited by two factors: his official position and the problem the specialist is currently solving.
The second group of tasks involves protecting confidential information from unauthorized access to it by unauthorized persons. It is common both for internal affairs bodies and for all government bodies and includes:
1) protecting the country’s information sovereignty and expanding the state’s ability to strengthen its power through the formation and management of the development of its information potential;
2) creating conditions for the effective use of information resources of society and the state;
3) ensuring the security of protected information: preventing theft, loss, unauthorized destruction, modification, blocking of information;
4) maintaining the confidentiality of information in accordance with the established rules for its protection, including preventing leaks and unauthorized access to its media, preventing its copying, modification, etc.;
5) maintaining the completeness, reliability, integrity of information and its arrays and processing programs established by the owner of the information or his authorized persons.
- Application. Instructions for organizing the protection of personal data contained in information systems of internal affairs bodies of the Russian Federation
Order of the Ministry of Internal Affairs of the Russian Federation of July 6, 2012 N 678
"On approval of the Instructions for organizing the protection of personal data contained in the information systems of internal affairs bodies of the Russian Federation"
With changes and additions from:
In order to ensure the implementation of the requirements of the legislation of the Russian Federation in the field of protection of personal data during their automated processing, I order:
2. Heads of divisions of the central apparatus of the Ministry of Internal Affairs of Russia, heads (chiefs) of territorial bodies of the Ministry of Internal Affairs of Russia, educational, scientific, medical, sanitary and sanatorium organizations of the system of the Ministry of Internal Affairs of Russia, district departments of logistics of the system of the Ministry of Internal Affairs of Russia, as well as other organizations and divisions created to carry out the tasks and exercise powers assigned to the internal affairs bodies of the Russian Federation:
2.1. Organize the study by employees, federal state civil servants and employees of internal affairs bodies of the Russian Federation * (2) of the requirements of this Instruction as they relate to them.
2.3. Approve the list of officials authorized to process personal data contained in the information systems of internal affairs bodies *(3) .
2.4. Carry out during 2012-2013 measures to organize the protection of personal data contained in personal data information systems, in accordance with the requirements of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data" * (4) and taking into account the volume appropriations allocated by the Russian Ministry of Internal Affairs under the state defense order.
2.5. To ensure, by November 30, 2012, the collection and submission in the prescribed manner to the Department of Internal Affairs of the Ministry of Internal Affairs of Russia of the information specified in Part 3 of Article 22 of Federal Law No. 152-FZ.
2.6. Take measures to further submit to the DITSiZI of the Ministry of Internal Affairs of Russia the information specified in subclause 2.5 of this order, in the event of its change, as well as the termination of the processing of personal data, no later than two calendar days from the date of such changes or from the date of termination of the processing of personal data.
3. DITSiZI of the Ministry of Internal Affairs of Russia (S.N. Lyashenko) ensure:
3.1. Maintaining a list of personal data information systems.
3.2. Presentation in Federal service for supervision in the field of communications, information technology and mass communications information about the operator in the manner established by the Ministry of Communications and Mass Media of the Russian Federation.
4. DGSK of the Ministry of Internal Affairs of Russia (V.L. Kubyshko) together with DITSiZI of the Ministry of Internal Affairs of Russia (S.N. Lyashenko) to ensure the preparation of advanced training courses for employees, federal civil servants and employees of internal affairs bodies in the field of personal data protection on the basis of the federal state state educational institution of higher professional education "Voronezh Institute of the Ministry of Internal Affairs of the Russian Federation".
Registration No. 25488
Instructions have been approved for organizing the protection of personal data contained in the information systems of the Department of Internal Affairs of Russia.
To ensure their safety, a protection system is being created. It must ensure the confidentiality, integrity and availability of data during processing. The named system includes organizational and technical measures, means of preventing unauthorized access, information leakage technical channels and etc.
The selection and implementation of methods and methods for protecting information are carried out based on the threat model and depending on the class of personal data information systems. Classification is carried out by the operating unit. A special commission is being created for this purpose.
Threat models are developed for each information system at the stage of its creation (modernization).
Personal data is processed only after the creation of a security system and commissioning of the information system.
THE CONCEPT OF INFORMATION SECURITY OF ATS
We have already dwelled on the concept of information security, which in its most general form can be defined as a state of protection of the information needs of the individual, society and the state, which ensures their existence and progressive development regardless of the presence of internal and external information threats. Let us specify this concept in relation to the goals and objectives that law enforcement agencies face at the present stage. To do this, first of all, let’s turn to the generic concept – the concept of “security”.
Currently, security is an integral characteristic of progress, and the concept of security is one of the key ones when studying issues of optimizing human activity, including activities to combat crime.
Over the centuries, the concept of security has been repeatedly filled with different content and, accordingly, an understanding of its meaning. Thus, in ancient times, the understanding of security did not go beyond the ordinary concept and was interpreted as the absence of danger or evil for a person. In this everyday meaning, the term “security” was used, for example, by the ancient Greek philosopher Plato.
In the Middle Ages, security was understood as the calm state of mind of a person who considered himself protected from any danger. However, in this meaning, this term did not firmly enter the vocabulary of the peoples of Europe until the 17th century. rarely used.
The concept of “security” is becoming widespread in scientific and political circles of Western European countries thanks to the philosophical concepts of T. Hobbes, D. Locke, J.J. Rousseau, B. Spinoza and other thinkers of the 17th-18th centuries, meaning a state, a situation of calm that appears as a result of the absence of real danger (both physical and moral).
It was during this period that the first attempts to theoretically develop this concept were made. The most interesting version is that proposed by Sonnenfels, who believed that security is a state in which no one has anything to fear. For a specific person, this situation meant private, personal security, and the state of the state, in which there was nothing to fear, constituted public security.
Currently, security is traditionally understood as a state in which the vital interests of an individual, society, state and the international system are protected from any internal or external threat. From this point of view safety can be defined as the impossibility of causing harm to someone or something due to the manifestation of threats, i.e. their protection from threats.
It should be noted that this approach has found the greatest recognition both in the scientific community and in the field of legislative activity.
In general methodological terms, the structure of the concept of “security” includes:
q security object;
q threats to the security object;
q ensuring the security of the facility from threats.
The key element in determining the content of the concept of “security” is the security object, i.e. something that protects itself from threats. By choosing as an object of security information circulating in the internal affairs bodies, as well as the activities of police units related to the production and consumption of information, we can talk about their information security – the security of their “information dimension”.
In current Russian legislation, information security is understood as “the state of protection of national interests in the information sphere, determined by the totality of balanced interests of the individual, society and state”(Doctrine of Information Security of the Russian Federation). At the same time, under The information sphere of society is understood as the totality of information, information infrastructure, entities collecting, generating, distributing and using information, as well as systems for regulating the social relations that arise in this case.
Based on what has been noted, Information security of internal affairs bodies is understood as the state of security of information, information resources and information systems of internal affairs bodies, which ensures the protection of information (data) from leakage, theft, unauthorized access, destruction, distortion, modification, forgery, copying, blocking (Concept for ensuring information security of the internal affairs bodies of the Russian Federation until 2020, approved by order of the Ministry of Internal Affairs of Russia dated March 14, 2012 No. 169). The structure of this concept is shown in Fig. 4. Let's look at it in more detail.
Rice. 4. Structure of the concept “information security of internal affairs bodies”
ATS Information Security Object. As we have already noted, the objects of information security are:
q informational resources internal affairs bodies, used in solving official tasks, including containing information limited access, as well as special information and operational data of an official nature.
Information used by internal affairs bodies contains information about the state of crime and public order in the territory served, about the bodies and units themselves, their forces and means. In duty stations, detectives, local police inspectors, investigators, employees of forensic units, the migration service, and other units, primary accounting documents, log books, and other media accumulate arrays of data for operational-search and operational-reference purposes, in which contains information about:
– offenders and criminals;
– owners of motor vehicles;
– owners of firearms;
– events and facts of a criminal nature, offenses;
– stolen and confiscated items, antiques, as well as other information subject to storage.
Services and divisions of internal affairs bodies are characterized by the following data:
– about the forces and means at the disposal of the body;
– about the results of their activities.
The information listed above is used when organizing the work of departments and when taking practical measures to combat crime and delinquency.
In addition to the above information, scientific and Technical information necessary to improve the activities of internal affairs bodies.
Particular attention should be paid to the information used by internal affairs bodies in solving and investigating crimes. This type of information may include, but is not limited to:
All types of evidence in a criminal case;
Materials of the criminal case;
Information about the progress of the criminal investigation (i.e., a set of operational and procedural information about the event under investigation, plans for conducting operational investigative and procedural actions);
Information about law enforcement officers taking part in the investigation of the crime;
Information about suspects and accused persons in the case;
Information about victims, witnesses and other persons assisting in the investigation of the crime, etc.
In addition to those noted, information of limited access to individuals and legal entities, to which officials of police departments gain access in the performance of official duties, in particular, when solving and investigating crimes;
q information infrastructure internal affairs bodies, which means a set of methods, means and technologies for the implementation of information processes (i.e. processes of creation, collection, processing, accumulation, storage, search, distribution and consumption of information), necessary to be carried out in the internal affairs department when performing the tasks assigned to them by law.
The information infrastructure of internal affairs bodies primarily includes those used in the practical activities of law enforcement agencies. Information Systems, networks And communication networks(including public use).
The information infrastructure of internal affairs bodies should certainly include those used in the practical activities of internal affairs bodies. information Technology– processes that use a set of means and methods for collecting, processing and transmitting data (primary information) to obtain new quality information about the state of an object, process or phenomenon (information product).
Information infrastructure objects include: premises, in which information processes take place during official activities, information processing on a computer, etc.
Threats to an information security object. The organization of ensuring information security of internal affairs bodies should be comprehensive and based on an in-depth analysis of possible negative consequences. It is important not to miss any important aspects. Analysis of negative consequences involves the mandatory identification of possible sources of threats, factors contributing to their manifestation and, as a consequence, determination current threats information security.
Based on this principle, it is advisable to model and classify sources of threats to information resources and information infrastructure of internal affairs bodies based on an analysis of the interaction of the logical chain:
Sources of threats . In the theory of information security under sources of threat confidential information is understood potential carriers of information security threats , which, depending on their nature, are divided into anthropogenic(caused by human activities), man-made or spontaneous. In relation to the security object itself, sources of threats are divided into external And internal.
An analysis of the provisions of the Information Security Doctrine of the Russian Federation, as well as other regulatory documents in the field of information security, allows us to identify the following main sources of threats to the information security of internal affairs bodies.
The main external sources of threats to the information security of internal affairs bodies include:
Intelligence activities of special services of foreign states, international criminal communities, organizations and groups related to the collection of information revealing the tasks, plans of activity, technical equipment, methods of work and locations of special units and internal affairs bodies of the Russian Federation;
Activities of foreign public and private commercial structures, as well as domestic criminal groups and commercial organizations seeking to gain unauthorized access to information resources of law enforcement agencies;
Natural disasters and natural phenomena (fires, earthquakes, floods and other unforeseen circumstances);
Various types of man-made accidents;
Failures and malfunctions, malfunctions in the operation of information infrastructure elements caused by errors in their design and/or manufacturing.
To the main internal sources threats to the information security of internal affairs bodies include:
Violation of the established regulations for the collection, processing, storage and transmission of information used in the practical activities of the internal affairs department, including those contained in file cabinets and automated data banks and used for the investigation of crimes;
Failure of technical equipment and failures software in information and telecommunication systems;
Use of uncertified software that violates normal functioning information and information-telecommunication systems, including information security systems;
Intentional actions, as well as errors of personnel directly involved in maintaining information systems used in internal affairs bodies, including those involved in the formation and maintenance of file cabinets and automated data banks;
The inability or unwillingness of service personnel and/or users of ATS information systems to fulfill their duties (civil unrest, transport accidents, a terrorist attack or its threat, a strike, etc.).
Vulnerabilities . Under vulnerability in the context of the issue under consideration, we believe it is necessary to understand reasons leading to violation of the established information protection regime in internal affairs bodies . Such reasons include, for example:
An unfavorable crime situation, accompanied by trends in the merging of state and criminal structures in the information sphere, criminal structures gaining access to confidential information, increasing the influence of organized crime on the life of society, reducing the degree of protection of the legitimate interests of citizens, society and the state in the information sphere;
Insufficient legislative and regulatory regulation of information exchange in law enforcement;
Insufficient coordination of the activities of internal affairs bodies and their divisions to implement a unified policy in the field of information security;
Insufficient activity in informing the public about the activities of internal affairs bodies, explaining the decisions made, creating open government resources and developing a system for citizens to access them;
Insufficient funding for measures to ensure information security of internal affairs bodies;
Reduced efficiency of the education and training system, insufficient number of qualified personnel in the field of information security;
Lack of a unified methodology for collecting, processing and storing information of an operational-search, reference, forensic and statistical nature, etc.;
The presence of such design features and technical characteristics elements of information infrastructure that can lead to a violation of the integrity, availability and confidentiality of security objects. For example, the TCP/IP protocol used in the global electronic network Internet was initially developed without taking into account information security requirements, and most of the software used in practical ATS activities contains a lot of errors and undocumented capabilities.
Threats . The listed vulnerabilities give rise to corresponding threats to the security of information and the information infrastructure of internal affairs bodies. Wherein By threats to an information security object we mean a set of conditions and factors that create a potential or real danger of leakage, theft, loss, destruction, distortion, modification, forgery, copying, blocking of information and unauthorized access to it .
However, and this must be emphasized, a threat to a security object is not something that exists independently. It is either a manifestation of the interaction of a security object with other objects, which can harm its functioning and properties, or a similar manifestation of the interaction of subsystems and elements of the security object itself.
The security of information resources and information infrastructure of internal affairs bodies is manifested through the security of their most important properties, which include:
q integrity – a property of information and information infrastructure, characterized by the ability to withstand unauthorized or unintentional destruction and distortion of information;
q availability – a property of information and information infrastructure, characterized by the ability to provide unimpeded access to information to subjects who have the appropriate authority to do so;
q confidentiality – a property of information and information infrastructure, characterized by the ability of information to be kept secret from subjects who do not have the authority to become familiar with it.
Violation of the specified properties of information security objects of internal affairs bodies constitutes a threat to the information security of internal affairs bodies. These threats are manifested by:
q violation of the integrity of information as a result of:
- loss (theft). It consists of “removing” information and/or its carriers from the information sphere of internal affairs bodies, leading to the impossibility of further use of this information in the activities of the internal affairs bodies;
- destruction. Destruction is an impact on information and/or its media circulating in internal affairs bodies, as a result of which they cease to exist or are brought into a state that makes it impossible for them to be further used in the practical activities of the internal affairs bodies;
- distortions (modifications, fakes), i.e. as a result of such an impact on information, which leads to a change in its (information) semantic content, the creation and/or imposition of false media of information;
q disruption of information availability as a result of:
- blocking, those. termination or obstruction of access to information by authorized persons;
- loss;
q violation of confidentiality of information as a result of:
- unauthorized disclosure of information. Represents intentional or unintentional actions of persons with access to non-disclosure information, facilitating unauthorized access to this information by third parties.;
- unauthorized access to information. It represents intentional or unintentional actions of persons who do not have the right to access information to become familiar with it.
Ensuring information security. We have already noted that information security of internal affairs bodies is the protection of information resources and the supporting information infrastructure of internal affairs bodies from threats, i.e. impossibility of any damage or harm to them. Since both information resources and the information infrastructure of the internal affairs bodies do not exist on their own, outside the practical activities of internal affairs bodies, but in fact are one of the means of this activity, it is quite obvious that their security can be ensured only by creating such conditions for the activities of internal affairs bodies cases in which potentially hazardous impacts on safety objects were either prevented or reduced to a level at which they were not capable of causing damage to them.
Thus, Ensuring information security of internal affairs bodies is the process of creating such conditions for the activities of internal affairs bodies in which potentially dangerous impacts on information resources and information infrastructure of internal affairs bodies were either prevented or reduced to a level that does not interfere with the solution of tasks facing internal affairs bodies..
From this definition it is clearly seen that ensuring information security is of an auxiliary nature in the system of activities of internal affairs bodies, since it is aimed at creating conditions for achieving the main goals of internal affairs bodies - first of all, the effective fight against crime.
Ensuring information security of internal affairs bodies has its own external And internal focus. External focus This type of activity is determined by the need to ensure the legal rights and interests of copyright holders of legally protected information involved in the activities of internal affairs bodies.
Internal focus activities to ensure information security of internal affairs bodies are determined by the need to implement the tasks and achieve the goals facing the internal affairs bodies - first of all, identifying, solving, investigating and preventing crimes. In other words, it creates the prerequisites for the successful implementation of the tasks facing the internal affairs bodies.
Activities to ensure information security are carried out on the basis of a certain set of the most important, key ideas and provisions, called principles. These fundamental principles include the following:
Humanism;
Objectivity;
Specificity;
Efficiency;
A combination of publicity and official secrets;
Legality and constitutionality;
Compliance of the selected means and methods with the purpose of counteraction;
Complexity.
Principle humanism is to ensure the rights and freedoms of man and citizen in countering threats to information security, preventing unlawful attacks on his person, humiliating the honor and dignity of a person, arbitrary interference in his private life, personal and family secrets, restricting the freedom of his information activities, as well as in minimizing damage to these rights and freedoms when their restriction is carried out on legal grounds.
Principle objectivity is to take into account, when implementing countermeasures, the objective laws of social development, the interaction of society with the environment, and the real capabilities of information security entities to eliminate the threat or minimize the consequences of its implementation. This principle requires an integrated, systematic approach to determining ways to achieve activity goals with the least expenditure of effort and resources.
Principle specificity is to ensure security in relation to specific life circumstances, taking into account the various forms of manifestation of objective laws on the basis of reliable information about both internal and external threats, and the capabilities to counter them. Reliable information makes it possible to establish specific forms of manifestation of threats, determine, in accordance with this, goals and actions to ensure security, specify methods of countering threats, and the forces and means necessary for their implementation.
Principle efficiency is to achieve counteraction goals with the least expenditure of effort and resources. Ensuring information security in any social community requires certain material, financial and human resources. Based on this, ensuring security, like any socially useful activity of people, must be carried out rationally and effectively. Typically, efficiency criteria that are used in practice include the ratio of the amount of damage prevented from the implementation of threats to the costs of countering these threats.
Principle combination of publicity and secrecy is to find and maintain the necessary balance between the openness of information security activities, which makes it possible to achieve public trust and support, and, on the other hand, to protect proprietary information of the internal affairs department, the disclosure of which may reduce the effectiveness of countering security threats.
Principle legality and constitutionality means the implementation of all functions inherent in state organizations and officials in strict accordance with the current constitution, laws and regulations, in accordance with the competence established by law. Strict and strict adherence to the rule of law and constitutionality must be an indispensable requirement and principle of activity not only of state, but also of non-state bodies, institutions and organizations.
Principle compliance of the selected means and methods with the goal of counteraction means that these means and methods must, on the one hand, be sufficient to achieve the goal, and on the other hand, not lead to undesirable consequences for society.
Principle complexity the use of available forces and means lies in the coordinated activities of the subjects of countering threats to information security and the coordinated use of resources available for this.
As a type of security, information security has a complex structure, including goals, means and subjects of this activity.
The following can be identified as the goals of activities to ensure information security of internal affairs bodies:
q elimination (prevention) of security threats;
q minimizing damage from threats.
Elimination (prevention) of threats as the goal of ensuring information security is such a nature of interaction between a security object and a source of threats in which these sources cease to have the property of generating a threat.
Minimizing Consequences the implementation of a threat as a goal of information security activities occurs when the elimination (prevention) of threats is not possible. This goal represents such a nature of interaction between a security object and a source of threats in which emerging threats are promptly identified, the causes contributing to this process are identified and eliminated, as well as the consequences of the manifestation of threats are eliminated.
Information Security Tools – This is a set of legal, organizational and technical means designed to ensure information security.
All information security tools can be divided into two groups:
q formal;
q informal.
TO formal These include such means that perform their functions of protecting information formally, that is, mainly without human participation. TO informal refers to means that are based on the purposeful activities of people.
Formal means are divided into physical, hardware And software.
Physical means – mechanical, electrical, electromechanical, electronic, electronic-mechanical and similar devices and systems that operate autonomously, creating various kinds of obstacles in the way of destabilizing factors.
Hardware – various electronic, electronic-mechanical and similar devices that are circuit-built into the equipment of a data processing system or interfaced with it specifically to solve information security problems. For example, noise generators are used to protect against leakage through technical channels.
Physical and hardware are combined into a class technical means of information security.
Software– special software packages or individual programs, included in the software of automated systems in order to solve information security problems. It can be various programs on cryptographic data conversion, access control, virus protection, etc.
Informal means are divided into organizational, legal and moral-ethical.
Organizational means – organizational and technical measures specifically provided for in the technology of operation of an object to solve problems of information protection, carried out in the form of targeted human activity.
Legal means – existing in the country or specially issued regulations, which regulate the rights and obligations related to ensuring the protection of information of all persons and departments related to the operation of the system, and also establish liability for violation of the rules for processing information, which may result in violation of information security.
Moral and ethical standards – moral norms or ethical rules established in a society or a given group, compliance with which contributes to the protection of information, and violation of them is equated to non-compliance with the rules of conduct in a society or group.
Moral and ethical methods of protecting information can be classified as a group of methods that, based on the common expression that “it’s not locks that keep secrets, but people,” play a very important role in protecting information. It is a person, an employee of an enterprise or institution, who has access to secrets and accumulates colossal amounts of information in his memory, including secret information, who often becomes a source of leakage of this information, or through his fault, an opponent gets the opportunity to gain unauthorized access to the media of protected information.
Moral and ethical methods of protecting information involve, first of all, the education of an employee who has access to secrets, that is, carrying out special work aimed at developing in him a system of certain qualities, views and beliefs (patriotism, understanding of the importance and usefulness of protecting information for him personally), and training an employee aware of information constituting a protected secret, the rules and methods of protecting information, instilling in him the skills to work with carriers of secret and confidential information.
Subjects of information security are bodies, organizations and persons authorized by law to carry out relevant activities. These include, first of all, heads of internal affairs bodies, employees of relevant departments of internal affairs bodies dealing with information security issues (for example, employees of technical departments carrying out technical protection of internal affairs bodies), federal executive authorities exercising supervisory functions within their competence (for example , FSB in terms of ensuring the safety of information constituting state secrets), etc.
Conclusion
The internal affairs bodies pay serious attention to the issues of maintaining secret information and instilling high vigilance among employees. One of them often underestimates the danger of leakage of such information. They show carelessness bordering on criminal negligence when handling secret documents, which often leads to the disclosure of information constituting state secrets, and even to the loss of secret items and documents. At the same time, some employees of the internal affairs bodies establish and maintain dubious unwanted connections, and disclose information about the methods and forms of work of the internal affairs bodies to outsiders. Low professional qualities of individual employees often lead to a violation of the secrecy of ongoing events. The purpose of this course is to understand what information security is, how and by what means it can be ensured and avoid the negative consequences that may occur for you if confidential information leaks.
Department of Informatics and Mathematics
Test
“Fundamentals of information security in internal affairs bodies”
Performed:
Bychkova Elena Nikolaevna
2nd year student, 2nd group
Moscow – 2009
Plan
1. The concept and goals of conducting special inspections of informatization objects; main stages of the audit
2. Vulnerability computer systems. The concept of unauthorized access (UNA). Classes and types of NSD
2.1 Vulnerability of the main structural and functional elements of distributed AS
2.2 Threats to the security of information, AS and subjects of information relations
2.3 Main types of threats to the security of subjects of information relations
List of used literature
1. The concept and goals of conducting special inspections of informatization objects; main stages of the audit
Informatization object - a set of informatization tools together with the premises in which they are installed, intended for processing and transmission of protected information, as well as dedicated premises.
Information means - means computer technology and communications, office equipment designed for collecting, accumulating, storing, searching, processing data and distributing information to the consumer.
Computer equipment - electronic computers and complexes, personal electronic computers, including software, peripheral equipment, teleprocessing devices.
A computer object (CT) is a stationary or mobile object, which is a complex of computer equipment designed to perform certain information processing functions. Computer facilities include automated systems (AS), automated workstations (AWS), information and computing centers (ICC) and other complexes of computer equipment.
Computer facilities can also include individual computer facilities that perform independent information processing functions.
Dedicated premises (VP)- a special room intended for holding meetings, conferences, conversations and other events of a speech nature on secret or confidential issues.
Activities of a speech nature can be carried out in dedicated premises with or without the use of technical means of speech information processing (TSIP).
Technical Information Processing Tool (ITI)- a technical device designed to receive, store, search, transform, display and/or transmit information via communication channels.
ICT includes computer equipment, communication tools and systems, means of recording, amplifying and reproducing sound, intercom and television devices, means of producing and reproducing documents, film projection equipment and other technical means associated with reception, accumulation, storage, search, transformation, display and/or transmission of information via communication channels.
Automated system (AC)- a set of software and hardware designed to automate various processes related to human activity. At the same time, a person is a link in the system.
Special check This is a check of a technical means of information processing carried out for the purpose of searching and seizing special electronic embedded devices (hardware embedded).
Certificate of the object of protection- a document issued by a certification body or other specially authorized body confirming the presence at the protection facility of necessary and sufficient conditions to fulfill the established requirements and standards for the effectiveness of information protection.
Certificate of allocated premises- a document issued by the certification (certification) body or other specially authorized body, confirming the presence of the necessary conditions that ensure reliable acoustic protection of the allocated premises in accordance with established norms and rules.
Instructions for use- a document containing requirements for ensuring the security of a technical means of information processing during its operation.
Certification test program- a mandatory organizational and methodological document establishing the object and goals of the test, the types, sequence and volume of experiments performed, the procedure, conditions, place and timing of the tests, provision and reporting on them, as well as responsibility for the provision and conduct of tests.
Methodology of certification tests- mandatory organizational and methodological document, including test method, means and test conditions, sampling, algorithm for performing operations. By determining one or more interrelated characteristics of the security of an object, a form for presenting data and assessing the accuracy and reliability of the results.
Certification test report- a document containing the necessary information about the test object, the methods used, means and test conditions, as well as a conclusion on the test results, drawn up in the prescribed manner.
Main technical means and systems (OTSS)- technical means and systems, as well as their communications, used for processing, storing and transmitting confidential (secret) information.
OTSS may include information technology tools and systems (computer technology, automated systems of various levels and purposes based on computer technology, including information and computing complexes, networks and systems, communication and data transmission tools and systems), technical means of receiving, transmission and processing of information (telephony, sound recording, sound amplification, sound reproduction, intercom and television devices, means of production, replication of documents and other technical means of processing speech, graphic video, semantic and alphanumeric information) used for processing confidential (secret) information.
Auxiliary technical means and systems (ATSS)- technical means and systems not intended for the transmission, processing and storage of confidential information, installed together with the OTSS or in dedicated premises.
These include:
Various types of telephone facilities and systems;
Means and systems for data transmission in the radio communication system;
Security and safety equipment and systems fire alarm;
Means and systems of warning and alarm;
Control and measuring equipment;
Air conditioning products and systems;
Tools and systems for wired radio broadcasting networks and reception of radio and television programs (subscriber loudspeakers, radio broadcasting systems, televisions and radios, etc.);
Electronic office equipment.
Preparation of documents based on the results of certification tests:
Based on the results of certification tests in various areas and components, test reports are drawn up. Based on the protocols, a Conclusion is adopted based on the certification results with a brief assessment of the compliance of the informatization object with information security requirements, a conclusion about the possibility of issuing a “Certificate of Conformity” and the necessary recommendations. If the information object meets the established requirements for information security, a Certificate of Compliance is issued for it.
Re-certification of an informatization object is carried out in the case when changes have been made to a recently certified object. Such changes may include:
Changing the location of the OTSS or VTSS;
Replacing OTSS or VTSS with others;
Replacement of technical means of information security;
Changes in the installation and laying of low-current and solo cable lines;
Unauthorized opening of sealed OTSS or VTSS cases;
Carrying out repair and construction work in designated premises, etc.
If it is necessary to re-certify an informatization object, re-certification is carried out according to a simplified program. Simplifications consist in the fact that only elements that have undergone changes are tested.
2. Vulnerability of computer systems. The concept of unauthorized access (UNA). Classes and types of NSD
As the analysis shows, most modern automated information processing systems (AS) in the general case are geographically distributed systems intensively interacting (synchronizing) with each other according to data (resources) and management (events) of local computer networks(LAN) and individual computers.
In distributed systems, all the “traditional” methods for locally located (centralized) computing systems of unauthorized interference in their operation and access to information are possible. In addition, they are characterized by new specific channels for penetration into the system and unauthorized access to information.
Let us list the main features of distributed speakers:
· territorial separation of system components and the presence of intensive information exchange between them;
· a wide range of used methods for presenting, storing and transmitting information;
· integration of data for various purposes belonging to various subjects within unified databases and, conversely, placement of data required by some subjects in various remote network nodes;
D.V. Peregudov,
ATC for the Lipetsk region
LEGAL ASPECTS OF INFORMATION PROTECTION IN THE ACTIVITIES OF ECONOMIC SECURITY DIVISIONS OF INTERNAL AFFAIRS BODIES
Ensuring information security within the framework of the system of internal affairs bodies is an organizational unification of forces and means, mechanisms, methods and methods, operating under the control of strict compliance with current regulations in the field of information protection. At the same time, the problem of ensuring information security is closely connected not only with the solution of scientific and technical problems, but also with issues of legal regulation of informatization relations and the development of the legislative framework. In this regard, we can conclude that information protection is a set of legal, organizational and engineering measures (measures) aimed at preventing leakage of protected information and unauthorized access to it. In turn, the legal aspects of information protection acquire paramount importance in the block of protection measures. This is due to the fact that the legal regulation of relations in the field of economic security predetermines the existence of all other measures as a fundamental basis dividing the behavior of subjects (users, owners and other persons) of information relations into “possible (allowed)” and “prohibited” in relation to the object - information. Organizational and technical measures are only streamlined and legitimized by the legal framework.
In internal affairs bodies, legal support for information security is based on the federal legislation of the Russian Federation. The regulatory framework at the departmental level is the successor to the Law of the Russian Federation “On State Secrets”, the Law of the Russian Federation “On Information, information technology and on the protection of information”, Decree of the President of the Russian Federation dated April 3, 1995 No. 334 “On measures to comply with the law in the field of development, production, sales and operation information media, as well as the provision of services in the field of information encryption”, Resolutions of the Government of the Russian Federation dated April 15, 1995 No. 333 “On licensing the activities of enterprises and organizations carrying out work related to the use of information constituting state secrets, the creation of information security means, as well as with the implementation of measures and (or) provision of services to protect state secrets”, from
06.26.1995 No. 608 “On certification of information security means”, dated 09.15.1993 No. 912-51 “On state system protection of information of the Russian Federation from foreign intelligence services and from its leakage through technical channels”, dated 01/05/2004 No. 3-1 “On approval of the Instructions for ensuring the secrecy regime in the Russian Federation”, as well as on the basis of “Special requirements and recommendations for the protection information constituting a state secret from leakage through technical channels”, approved by the Decision of the State Technical Commission of Russia dated May 23, 1997 No. 55, the Decision of the State Technical Commission of Russia dated October 3, 1995 No. 42 “On standard requirements for the content and procedure for developing guidelines for information protection from technical intelligence and from its leakage through technical channels at the site,” dated July 16, 1996, No. 49 “Model of foreign technical intelligence for the period until 2010” (“ITR-2010 Model”) and others
and other legislative and other regulatory legal acts in the field of information security that regulate the procedure and rules for technical protection of information in the Russian Federation.
Peculiarity information support in internal affairs bodies, in particular in economic security units, is that employees of these units carry out their activities within the framework of working and handling information that constitutes a state secret.
State secret is information protected by the state in the field of its military, foreign policy, economic, intelligence, counterintelligence and operational investigative activities, the dissemination of which could harm the security of the Russian Federation. The economic security units of the internal affairs bodies work with information in the field of operational-investigative activities, i.e., based on the Law of the Russian Federation of August 12, 1995 No. 144-FZ “On operational-investigative activities.” Classification as information constituting a state secret is made in accordance with the List of information classified as state secrets, approved by the Decree of the President of the Russian Federation dated
11/30/1995 No. 1203, and in accordance with the rules for classifying information constituting state secrets to various degrees of secrecy, approved by Decree of the Government of the Russian Federation dated 09/04/1995 No. 870, as well as on the basis of the list of information subject to classification in the system Ministry of Internal Affairs of Russia, determined by the Minister of Internal Affairs of the Russian Federation. At the same time, access of persons to information constituting a state secret is carried out in accordance with the instructions on the procedure for accessing officials and citizens of the Russian Federation to state secrets, approved by Decree of the Government of the Russian Federation of October 28, 1995 No. 1050. In the internal affairs bodies by order of the Ministry of Internal Affairs of Russia dated 03/02/2002 No. 200 DSP stipulates a detailed list of information subject to classification.
In turn, BEP units also work with information that constitutes official secrets. This includes information of limited distribution, access to which is limited by government authorities in order to avoid causing damage to both internal affairs bodies and the security of government authorities of the Russian Federation. Classification of information as official information of limited distribution is carried out on the basis of a sample list of official information of limited distribution and documents containing them, generated in the process of the activities of internal affairs bodies, determined by the Minister of Internal Affairs of the Russian Federation. In accordance with Decree of the President of the Russian Federation dated March 6, 1997 No. 188 “On approval of the list of information of a confidential nature,” official information of limited distribution circulating in the divisions of the BEP refers to information of a confidential nature (confidential information).
The fundamental departmental regulations in the activities of units for combating economic crimes in the field of ensuring information security are the order of the Ministry of Internal Affairs of Russia dated July 5, 2001 No. 029 “On approval of the Temporary Manual on technical protection information in the internal affairs bodies of the Russian Federation and internal troops of the Ministry of Internal Affairs of the Russian Federation" and order of the Ministry of Internal Affairs of Russia dated March 15, 2005 No. 015 "On approval of the Instructions for ensuring secrecy in internal affairs bodies." First normative document characterizes the requirements of the organizational and technical plan for the protection of information protected by law in the activities of BEP divisions, in particular, it determines uniform technical and mathematical protection measures
information in all departments of internal affairs bodies that carry out their work with information classified as state and official secrets. Order of the Ministry of Internal Affairs of Russia No. 029:
Identifies objects of technical information protection, possible threats to these objects;
Establishes a unified and integral (mandatory) procedure for the implementation of technical information protection measures;
Establishes a uniform form of documents drawn up for the facility information security, on the basis of which a technical protection regime is established during their processing;
Determines the procedure for monitoring technical protection and licensing in this area.
Despite the fact that this regulatory document was developed back in 2001, at present, in the economic security units of the Internal Affairs Directorate for the Lipetsk Region at the district level, the conditions for information activities do not fully comply with the requirements of this order. First of all, this concerns the material provision of facilities where information is processed (electronic computers, technical means of receiving, transmitting and processing information: sound recording, sound reproduction, intercom and television devices, means of reproducing documents and others), in accordance with established regulations . Even if such objects are available in the BEP units, they are in single copies and, morally and technically, lag behind modern and advanced means and technologies in this area. In turn, as a shortcoming, it should also be noted that employees of BEP units operating technical information security facilities have poor knowledge of the regulatory legislation on technical information security upon taking office and during the entire period of performing their official functional tasks. At the same time, the constant turnover of personnel in these departments also affects.
Order of the Ministry of Internal Affairs of Russia No. 029-2001 is largely related to the technical support of information security facilities, which includes:
Establishing their compliance with the requirements of technical protection and documenting the technical measures taken to protect information, categorizing objects;
Drawing up technical passports for these objects;
Development of instructions for ensuring organizational (regime) and
technical measures to protect information;
Conducting special studies, special checks and surveys of these objects;
Drawing up an order for the operation of the facility;
Carrying out certification of the facility and measures to control technical
information protection.
As practice shows, in the regional departments of internal affairs, due to the small number of information protection objects, work on the technical protection of protected information is carried out formally and is reduced only to the execution of monotonous documents, the semantic meaning of which is not understood by the employees operating the objects in respect of which technical requirements must apply. information protection measures in accordance with Order of the Ministry of Internal Affairs of Russia No. 029-2001.
A more substantive and responsible step in the legal field was the development of Order No. 015-2005, which included organizational and technical nature information protection. The requirements set forth in this order
are responsible for protecting information constituting state secrets and secret official information relating to the current activities of departments of the internal affairs body. This departmental act establishes a clear and strict procedure for the handling and use of information protection objects - a regime that is mandatory for all subjects of information relations under the threat of liability provided for by current legislation. Order of the Ministry of Internal Affairs of Russia No. 015-2005 regulates relations related to the reception, processing, storage, use, transfer of significant and legally protected information in BEP units, monitoring compliance with prescribed standards, determining penalties for their violation, establishing a uniform procedure in relations with subjects of other internal affairs bodies - external subjects. Thus, the legal protection of information protection objects is the basis for the development and determination of organizational and technical measures for information protection in BEP divisions.
An important area of legislation on information security issues in internal affairs bodies is the determination of legal liability for committing an unlawful act in relation to the object of protection.
In legal science and current legislation, legal liability can appear in four variations:
Civil;
Administrative;
Disciplinary;
Criminal.
Considering that BEP employees working with information constituting state secrets are officials of an executive authority, they bear the burden of strict liability for the disclosure of this information or its loss. In such cases there can be only two types of liability:
1) disciplinary;
2) criminal.
Their distinction depends only on the nature of the offense committed, and the difference lies in the specific penalties and the special procedure for their application.
Disciplinary liability consists of imposing a disciplinary sanction on a BEP employee with the authority of the head of the internal affairs agency. Disciplinary sanctions are: warning, reprimand, severe reprimand, dismissal from the internal affairs bodies. However, the internal affairs bodies for violation of the order of the Ministry of Internal Affairs of Russia No. 015-2005 provide for strict disciplinary liability, expressed in the imposition on the employee of the last three of the above types of penalties.
Disciplinary liability may be applied to an economic security employee in the event of a negligent attitude to the performance of his official duties, expressed in violation of the secrecy regime, the rules for handling information related to official secrets - confidential information, without any unlawful intent.
The most severe measures of influence are characterized by criminal liability, which is applied in court to the person guilty of committing a crime, i.e. guilty, socially dangerous act provided for by the Criminal Code of the Russian Federation. The main types of crimes in the field of information security are shown in the table.
Types of crimes in the field of information security
Article of the Criminal Code of the Russian Federation
Disposition of the article of the Criminal Code of the Russian Federation
Punishment (sanction)
Article 272. Unlawful access to computer information 1. Unlawful access to computer information protected by law, that is, information on computer media, in an electronic computer (computer), a computer system or their network, if this act entailed the destruction, blocking, modification or copying of information , disruption of the operation of a computer, computer system or their network; Punishable by a fine in the amount of up to two hundred thousand rubles or in the amount wages or other income of the convicted person for a period of up to eighteen months, or correctional labor for a term of six months to one year, or imprisonment for a term of up to two years;
the same act committed by a group of persons by prior conspiracy or by an organized group or by a person using their official position, as well as by those who have access to a computer, a computer system or their network, is punishable by a fine in the amount of one hundred thousand to three hundred thousand rubles or in the amount of wages or other income of the convicted person for a period of one to two years, or correctional labor for a period of one to two years, or arrest for a term of three to six months, or imprisonment for a term of up to five years
Article 273. Creation, use and distribution malware for computers 1. Creating computer programs or making changes to existing programs, knowingly leading to unauthorized destruction, blocking, modification or copying of information, disruption of the operation of a computer, computer system or their network, as well as the use or distribution of such programs or computer media with such programs; Punishable by imprisonment for a term of up to three years with a fine in the amount of up to two hundred thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to eighteen months;
the same acts resulting in grave consequences through negligence are punishable by imprisonment for a term of three to seven years
Article 274. Violation of the rules of operation of a computer, computer system or their network 1. Violation of the rules of operation of a computer, computer system or their network by a person who has access to the computer, computer system or their network, resulting in the destruction, blocking or modification of legally protected computer information, if the act caused significant harm; Punishable by deprivation of the right to hold certain positions or engage in certain activities for a term of up to five years, or by compulsory work for a term of one hundred eighty to two hundred and forty hours, or by restriction of freedom for a term of up to two years;
the same act, which through negligence entailed grave consequences, is punishable by imprisonment for a term of up to four years
Article 275. High treason High treason, that is, espionage, giving out state secrets or otherwise providing assistance to a foreign state, foreign organization or their representatives in carrying out hostile activities to the detriment of the external security of the Russian Federation, committed by a citizen of the Russian Federation Punishable by imprisonment for a term of twelve or more up to twenty years with a fine in the amount of up to five hundred thousand rubles or in the amount of wages or other income of the convicted person for a period of up to three years, or without it.
Article 276. Espionage Transfer, as well as collection, theft or storage for the purpose of transfer to a foreign state, foreign organization or their representatives of information constituting a state secret, as well as transfer or collection on instructions from foreign intelligence of other information for use to the detriment of the external security of the Russian Federation if these acts were committed by a foreign citizen or a stateless person, Punishable by imprisonment for a term of ten to twenty years
Article 283. Disclosure of state secrets 1. Disclosure of information constituting a state secret by a person to whom it was entrusted or became known through service or work, if this information became available to other persons, in the absence of signs of treason; Punishable by arrest for a term of four to six months or imprisonment for a term of up to four years with or without deprivation of the right to hold certain positions or engage in certain activities for a term of up to three years;
the same act, resulting through negligence in grave consequences, is punishable by imprisonment for a term of three to seven years with deprivation of the right to hold certain positions or engage in certain activities for a term of up to three years
Article 284. Loss of documents containing state secrets. Violation by a person who has access to state secrets of the established rules for handling documents containing state secrets, as well as objects, information about which constitutes state secrets. Punishable by restriction of freedom for a term of up to three years, or by arrest for a term of up to three years. for a term of four to six months, or imprisonment for a term of up to three years with deprivation
state secrets, if this resulted in their loss through negligence and the onset of grave consequences
the right to hold certain positions or engage in certain activities for a period of up to three years or without it
From the analysis of the table it is clear that acts related to violation of the procedure for using information constituting state secrets can be recognized as a crime. In internal affairs bodies, such facts can only occur if the secrecy regime is violated. And for each fact of such misconduct an internal investigation is carried out.
A violation of the secrecy regime in internal affairs bodies is considered to be the disclosure of information constituting a state secret, i.e., making it public by an employee to whom this information was entrusted through his service, as a result of which it became the property of unauthorized persons; or the loss of carriers of information constituting a state secret, that is, the release (including temporary) of carriers of information from the possession of the employee to whom they were entrusted in the service, as a result of which they became or could become the property of unauthorized persons.
If these facts are revealed, the head of the internal affairs department is obliged to inform senior management, the security agency (FSB unit) and organize an internal audit and search for carriers of information constituting state secrets, as well as take all measures to localize possible damage. To conduct an internal audit, the manager must create a commission, which within a month must:
1) establish the circumstances of the disclosure of information constituting a state secret, or the loss of media containing such information;
2) search for lost media;
3) identify the persons responsible for the disclosure of this information or the loss of media;
4) establish the reasons and conditions that contributed to the disclosure of information constituting state secrets, the leakage of media containing such information, and develop recommendations for their elimination.
Based on the results of the work of this commission, a conclusion of an internal audit is drawn up with the adoption of specific measures against persons guilty of violating the secrecy regime.
As practical experience shows, cases of operational officers committing crimes related to the disclosure of state secrets are extremely rare. Most often, there are cases of disciplinary offenses committed by employees in the negligent and improper performance of their official duties in compliance with the requirements of the secrecy regime.
Thus, analyzing the legal framework designed to ensure legal protection of the legally protected interests of the state, society, legal entities and individuals in the field of information relations, we can conclude that it is extremely weak in the internal affairs bodies. In its semantic presentation there is no substantive approach to the acute and serious problem of protecting state and official secrets, although there are requirements for mandatory compliance with security measures of information protection, however, in practical terms, especially in district divisions, control over the implementation of binding regulations of departmental regulations of the Ministry of Internal Affairs of Russia , there are practically no territorial internal affairs bodies, work on the technical security of information security objects is carried out formally without taking into account the specific characteristics of the object, material support technical means protection
information does not satisfy the needs and conditions of activity of the operational units of the BEP. 95% of all violations related to non-compliance with regulations on ensuring information security in internal affairs bodies are detected during inspections by higher authorities.
The foregoing allows us to conclude that it is necessary to improve the legal support for information protection in the activities of both internal affairs bodies in general and their economic security units in particular.
