Russian Federation
The problem of harmonization of approaches to the definition of information security objects is becoming increasingly relevant due to the growth of information arrays, the complexity of information technologies, technical and cryptographic means of information protection, and the increasing number of computer attacks, including on critical information infrastructure. Historically, the concept of objects of protection in Russia is associated with the requirements of state regulators, so it has different interpretations. The purpose of the study is to develop an infological model of information security objects. The goal of infological modeling may be to provide the most natural ways for a person to collect and present information about objects of protection for its consideration when creating protection systems and storing in a database. The author based on the analysis of the requirements of the main regulators of the Federal service according to the technical and export control of Russia and the Federal security service of Russia and the modeling method, an infological model of information security objects has been developed. This model is most consistent with the concept of object-oriented design, which is the basis for the development of complex software systems, the development of technology for designing databases of information security objects based on the ER-model. The entity-relationship model (ER-model) has several basic concepts, from which more complex objects are built according to predefined rules.
infological model, information, protection, protection objects, confidential information
1. Gajdamakin N.A. Razgranichenie dostupa k informacii v komp'yuternyh sistemah. Ekaterinburg: Izd-vo Ural. un-ta, 2003. 328 s.
2. Devyanin P.N. Obzornye lekcii po modelyam bezopasnosti komp'yuternyh sistem // PDM. Prilozhenie. 2009. № 2. S. 151–190.
3. Bell D.E., LaPadula L.J. Secure computer system: Unified exposition and multics interpretation. MITRE CORP BEDFORD MA, 1976.
4. Harrison M.A., Ruzzo W.L., Ullman J.D. Protection in operating systems // Commun. ACM. 1976. № 19. S. 461–471.
5. Averchenkov V.I., Rytov M.Yu., Gajnulin T.R. Optimizaciya vybora sostava sredstv inzhenerno-tekhnicheskoj zashchity informacii na osnove modeli Klementsa-Hoffmana: nauchnoe izdanie // Vestn. Bryansk. gos. tekhn. un-ta. 2008. № 1. S. 61–66.
6. GOST R 50922–2006. Zashchita informacii. Osnovnye terminy i opredeleniya. M.: Standartinform, 2008.
7. Konceptual'naya skhema obespecheniya informacionnoj bezopasnosti v tipovom ob"ekte zashchity / G.A. Popov [i dr.] // Vestnik AGTU. Ser.: Upravlenie, vychislitel'naya tekhnika i informatika. 2017. № 4. S. 45–53.
8. Zavgorodnij V.I. Kompleksnaya zashchita informacii v komp'yuternyh sistemah: ucheb. posobie. M.: Logos; PBOYUL N.A. Egorov, 2001. 264 s.
9. Suhostat V.V., Vasil'eva I.N. Osnovy informacionnoj bezopasnosti: ucheb. posobie. SPb.: Izd-vo SPbGEU, 2019. 103 s.
10. Konyavskaya S.V. K voprosu o klassifikacii ob"ektov zashchity informacii k voprosu o klassifikacii ob"ektov zashchity informacii // Bezopasnost' informacionnyh tekhnologij. 2013. T. 20. № 3. S. 14–18.
11. Komp'yuternaya ekspertiza. Terminy i opredeleniya: Standart STO.FSB.KK 1-2018 (utv. Direktorom FSB Rossii 12 noyab. 2018 g. № 33) // FSB Rossii. URL: http://www.fsb.ru/fsb/npd/more.htm%21id%3D10437602%40fsbNpa.html (data obrashcheniya: 05.04.2024).
12. Cambridge Dictionary. URL: https://dictionary.cambridge.org/dictionary/english/computer (data obrashcheniya: 27.12.2023).
13. Ob informacii, informacionnyh tekhnologiyah i o zashchite informacii: Feder. zakon ot 27 iyulya 2006 g. № 149-FZ (v red. ot 12 dek. 2023 g.) // Sobr. zakonodatel'stva Ros. Federacii. 2006. № 31 (Ch. I). St. 3448.
14. Koncepcii zashchity sredstv vychislitel'noj tekhniki i avtomatizirovannyh sistem ot nesankcionirovannogo dostupa k informacii (utv. resheniem Gosudarstvennoj tekhnicheskoj komissii pri Prezidente Ros. Federacii ot 30 marta 1992 g.). URL: https://fstec.ru/dokumenty/vse-dokumenty/spetsialnye-normativnye-dokumenty/rukovodyashchij-dokument-ot-30-marta-1992-g-2 (data obrashcheniya: 28.12.2023).
15. Kotuhov M.M., Markov A.S. Zakonodatel'no-pravovoe i organizacionno-tekhnicheskoe obespechenie informacionnoj bezopasnosti avtomatizirovannyh sistem. 1998. 158 s.
16. Isenko A.I. Ponyatiya modeli i modelirovaniya v chelovecheskoj deyatel'nosti // Koncept. 2015. № 4. S. 31–35.
17. Zvonarev S.V. Osnovy matematicheskogo modelirovaniya: ucheb. posobie. Ekaterinburg: Izd-vo Ural. un-ta, 2019. 112 s.
18. Fiban V. Modelirovanie v biologii / otv. red. G. Gyorc, M.E. Omel'yanovskij // Eksperiment. Model'. Teoriya: sb. Statej. M.; Berlin: Nauka, 1982. 333 s.
