|
G.P. Akimova, A.Yu. Danilenko, E.V. Pashkina, M.A. Pashkin, A.A. Podrabinovich, I.V. Tumanova An Approach to Ensuring Data Security in an Information System by Means of OS and DBMS |
|
Abstract.
The article describes an approach to the creation of secure information systems, data security in which is ensured by means of OS and DBMS, and there are no built-in information security tools. The possibility of using the proposed development method is due to the peculiarities of both the business logic of the operating organization and the construction of an array of processed information. The proposed approach can significantly reduce the development and implementation time of information systems in a secure design.
Keywords:
automated information systems; Information Security; information security means; OS; database management systems; objects of protection; digitalization.
PP. 33-39.
DOI 10.14357/20718632220104 References
1. Programma "Tsifrovaya ekonomika Rossiyskoy Federatsii" [Program "Digital Economy of the Russian Federation"]. http://static.government.ru/media/files/9gFM4FHj4PsB79I5v7yLVuPgu4bvR7M0.pdf. 2. Federal'nyy zakon "O personal'nykh dannykh" ot 27.07.2006 N 152-FZ. [Federal Law "On Personal Data" of July 27, 2006 N 152-FZ]. http://www.consultant.ru/document/cons_doc_LAW_61801 3. Ob utverzhdenii trebovaniy k zashchite personal'nykh dannykh pri ikh obrabotke v informatsionnykh sistemakh personal'nykh dannykh. Postanovleniye Pravitel'stva Rossiyskoy Federatsii ot 1 noyabrya 2012 g. N 1119. [On the approval of requirements for the protection of personal data during their processing in personal data information systems. Resolution of the Government of the Russian Federation of November 1, 2012 N 1119]. 4. Ob utverzhdenii sostava i soderzhaniya organizatsionnykh i tekhnicheskikh mer po obespecheniyu bezopasnosti personal'nykh dannykh pri ikh obrabotke v informatsionnykh sistemakh personal'nykh dannykh. Prikaz FSTEK Rossii ot 18 fevralya 2013 g. N 21. [On the approval of the composition and content of organizational and technical measures to ensure the safety of personal data during their processing in personal data information systems. Order of the FSTEC of Russia dated February 18, 2013 N 21]. 5. Ob utverzhdenii trebovaniy o zashchite informatsii, ne sostavlyayushchey gosudarstvennuyu taynu, soderzhashcheysya v gosudarstvennykh informatsionnykh sistemakh. Prikaz FSTEK Rossii ot 11 fevralya 2013 g. N 17. [On the approval of requirements for the protection of information that does not constitute a state secret con-tained in state information systems. Order of the FSTEC of Russia dated February 11, 2013 N 17]. 6. Polozheniye o sisteme sertifikatsii sredstv zashchity informatsii. Utverzhdeno prikazom FSTEK Rossii ot 03 aprelya 2018 g. N 55. [Regulations on the certification system for information security means. Approved by order of the FSTEC of Russia dated April 03, 2018 N 55]. 7. Danilenko A.YU. Bezopasnost' sistem elektronnogo dokumentooborota: Tekhnologiya zashchity elektronnykh dokumentov. S prilozheniyem: Vozmozhnosti primeneniya tekhnologii blokcheyn v SEDO-ZI. Izd. 2-ye, dopolnennoye. / M: URSS. 2021. 240 s. ISBN 978-5-9519-2056-0. (Osnovy zashchity informatsii. № 13). [Danilenko A.Yu. Security of electronic document man-agement systems: Electronic document protection tech-nology. With the attachment: Possibilities of using blockchain technology in SEDO-ZI. Ed. 2nd, supplemented. / M: URSS. 2021.240 s. ISBN 978-5-9519-2056-0. (Fundamentals of information security. No. 13)]. 8. O gosudarstvennoy tayne. Zakon Rossiyskoy Federatsii ot 21 iyunya 1993 g. № 5485-I. [About state secrets. Law of the Russian Federation dated June 21, 1993 No. 5485-I]. 9. Secret Net Studio. Zashchita dannykh i infrastruktury serverov i rabochikh stantsiy. [Secret Net Studio. Protection of data and infrastructure of servers and work-stations]. https://www.securitycode.ru/products/secret-net-studio/. 10. Astra Linux Special Edition — operatsionnaya sistema spetsial'nogo naznacheniya. [Astra Linux Special Edition — a special purpose operating system]. https://astralinux.ru/products/astra-linux-special-edition/. 11. Operatsionnaya sistema QP OS. [Operating System QP OS]. https://cryptosoft.ru/qpos.html
|