Ensuring the information security of personal data when submitting electronic appeals to the public authorities

Abstract

The article is devoted to the actual problem of information security of personal data, circulating on the internet portals of State government body and municipal government. Scientific development of technical aspects of the mechanism of electronic application of the public to the authority organs agrees with priority policy of creation of information society and electronic government, and personal data security is one of the tasks of integrated support of the state information security and this determines the relevance of the article topic. Basing on the analysis of legislation, content-analysis of portal centres of provision of state and municipal services, by carrying out experiments the problems have been found out and the proposals on technical information security of personal data while applying to the government body electronically have been developed.As a result of the content-analysis of regional portals of Multifunctional centres of provision of state and municipal services, it has been revealed that in most regional portals of Multifunctional centres personal data are sent in open, unencrypted form, which threatens their security. To study the possibility of interception of people personal data two experiments have been fulfilled. As a consequence of the experiment all the sent people’s personal data have been got. On the basis of the received information the model of threats has been developed for information systems of personal data of Multifunctional centre, for this system values of initial system security, probability of threats realization have been defined, assessment of the possibility of threat realization and danger has been done. The solution to the problem of probable data loss while filling in electronic application can be obligatory usage of data encryption protocol HTTPS on the internet portals of public authority, this protocol is intended to provide the three most important security aspects: encryption, authentication (of users), integrity. To get authentication of users Multifunctional centres will have to give people their own digital signature, with the help of which applicant’s personal data will be certified; data should be signed with the help of the privacy key of a Multifunctional centre.The results of the study are a software package aimed at secure data transfer, the layout of the site of a Multifunctional centre, recommended as a standard, proposals how to improve the legislation in the sphere of personal data security – will help to solve the problems of the society and state.