КОНЦЕПТУАЛЬНАЯ СХЕМА ОБЕСПЕЧЕНИЯ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ В ТИПОВОМ ОБЪЕКТЕ ЗАЩИТЫ

Abstract

This paper proposes a conceptual scheme of information security (IS) which comprises most existing IS systems. There are shown seven components describing IS process in the object protection model: requirements to IS support; the data protected; threats to the protected data; countermeasures to the threats; information system for the protected data processing; conditions facilitating or impeding IS process; object of protection. The diagram showing interrelations of the listed components has been given. The meanings of the entities "requirements", "Information system", "conditions", "object of protection" have been clarified; mechanisms for influencing IS process of such entities as "information system", "conditions", "object of protection" have been revealed. For the entity "requirements" there have been allocated seven classes of requirements to ensure information security; the main legislative and normative documents that define the content of these requirements for each class of requirements have been given. The approaches to measurability and assessment of the rate of requirements implementation have been described. It is stated that a number of elements in a wealth of elementary requirements are rather high, therefore, instead of the list of elementary requirements there are usually developed several generalized factors (probabilistic factor, time factor, expenses factor). IS systems oriented to these factors help to realize a more flexible IS technique, when cases of IS violation not leading to a substantial damage could be even neglected, and IS system will mainly focus on preventing most dangerous attempts to break IS.