Состояние и перспективы развития методического обеспечения технической защиты информации в информационных системах

Abstract

The goal of article is determine the main areas for development, composition and structure of prospective methodological support for the organization and maintenance of technical protection of information in information systems.The method of research: is summary and analysis the existing methodological support for organization and maintenance of the technical protection of information from unauthorized access and its development trends in the interests of the conversion from qualitative to quantitative procedures of substantiation requirements and selection process to build information security system in information systems. The result of the research: The factors defining the need to develop methodological support for the organization and maintenance of technical protection of information have been identified, including subject area extension of information protection, the need to move to quantitative research methods, algorithms and procedures for assessment the possibilities of implementing information security threats, the need to justify the requirements for technical protection of information and select protection measures and means. Data volume has increased dramatically and processes of information gathering and analysis are impossible without the use of corresponding special software tools and complexes. The composition and structure of prospective methodological support have been developed, including using modern methods of artificial intelligence theory (machine learning, artificial neural networks (ANNs)), the apparatus of composite Petri-Markov nets, risk theory, etc., for the tasks of categorizing the information systems and the information processed in them, identifying information security threats and vulnerabilities, as well as threat risk assessment considering time factor. It was noted that the introduction of such support into practice is impossible without the creation of software systems that automate categorization processes, quantitative risk assessments of implementing threats and building information protection systems. Scientific novelty: a systematic idea of the composition, structure and prospects of development methodological support has been identified for the organization and maintenance of technical protection of information to solve problems of categorizing the information systems and the information processed in them, forecasting, assessment the possibilities and consequences of implementing information security threats. Author contributions: Soloviev S.V. - assessment of the status and research of the prospects of development methodological support for the categorization the information system and the information processed in them; Tarelkin M.A. - study of methods of threats forecasting for information security and their prospective applications in the management of the Data Bank of information security threats of FSTEC of Russia; V.V. Tekunov - ways to build a promising system for threat forecasting to information security based on the monitoring publications results about them on the Internet; Yazov Yu.K. - general guidance, assessment of the states and prospects of development methodological support for risk assessment of implementing information security threats.