January 3,

2020

Modern bases of the

state information
security.
Concepts and
conditions
Module 1
Lecture 15. Basic
requirements for the
organization of ICS protection
Zaritskyi Oleh, Doctor of engineering
1 science
 2 January 3, 2020

Principles of information
relations
 guarantee of the right to get information;
 openness, accessibility of information,
freedom of information exchange;
 accuracy and completeness of information;
 freedom of expression and belief;
 the lawfulness of receiving, using,
disseminating, storing and protecting
information;
 protection of a person from interference with
his or her personal and family life.
Zaritskyi Oleh, Doctor of engineering science
 3 January 3, 2020

Areas of state information

policy
 ensuring everyone's access to information;
 ensuring equal opportunities for the creation,
collection, receipt, storage, use, dissemination
and protection of information;
 creating conditions for the formation of an
information society in Ukraine;
 ensuring the openness and transparency of
the authorities activities;

Zaritskyi Oleh, Doctor of engineering science

 4 January 3, 2020

Areas of state information

policy
 creation of IS and information networks,
development of e-governance;
 continuous updating, enrichment and
storage of national information resources;
 ensuring information security of Ukraine;
 promoting international cooperation in
the information field and Ukraine's entry
into the global information space.

Zaritskyi Oleh, Doctor of engineering science

 5 January 3, 2020

The solution to the information

security problem
 creation of a fully functional information
infrastructure of the state and ensuring
protection of its critical elements;
 increasing the level of coordination of
public authorities activities in identifying,
assessing and forecasting threats to
information security, preventing such
threats and ensuring elimination of their
consequences, implementation of
international cooperation on these issues
Zaritskyi Oleh, Doctor of engineering science
 6 January 3, 2020

The solution to the information

security problem
 improving the legal framework of information
security, including protection of information
resources, combating cybercrime, protection
of personal data, and law enforcement
activities in the information field;
 the deployment and development of the
National Confidential Communication System
as a modern secure transport framework
capable to integrate territorially distributed ISs
in which confidential information is processed.

Zaritskyi Oleh, Doctor of engineering science

 7 January 3, 2020

Requirements for the

characteristics of ICS
 ways to build a security system or its individual
components (software and hardware);
 IS architecture (to the class and minimum
configuration of workstations, operating
environment, targeting specific software and
hardware platforms, interface architectures);
 the application of a specific protection strategy;
 the cost of security resources (up to the amount of
disk storage for the software version and RAM for
its resident part, the cost of the performance of
the computer system to solve all security tasks)

Zaritskyi Oleh, Doctor of engineering science

 8 January 3, 2020

Requirements for the

characteristics of ICS
 reliability of protection systems functioning (up to
quantitative values of reliability indicators in all
modes of IS functioning and during the influence of
external destructive factors, to failure criteria, etc.);
 modes of access to restricted information circulating
in ICS;
 speed of information exchange in ICS, including
taking into account used cryptographic (or other)
transformations;
 the number of authority levels maintained by the
security system;
 system capabilities to serve a certain number of users

Zaritskyi Oleh, Doctor of engineering science

 9 January 3, 2020

Requirements for the

characteristics of ICS
 the duration of the procedure for generating the software
version of the information security system;
 the duration of the procedure of the protection system
preparation to work after power supply to the ICS
components;
 the ability of the security system to respond to not
authorized actions (NAA) attempts or other incidents;
 availability and provision of an automated workplace for
an information security administrator at ICS;
 the composition of the software used, its compatibility with
other software platforms, the possibility of modification,
etc.;
 security components used (license, certificate, etc.)

Zaritskyi Oleh, Doctor of engineering science

 10 January 3, 2020

Requirements for ICS protection

system components
I. The access control subsystem should provide:
 identification, authentication and access
control of users (processes) to the system,
terminals, network nodes, communication
channels, external devices, applications,
directories, files, records, etc .;
 information flow management;
 clearing up free memory and external
storage.

Zaritskyi Oleh, Doctor of engineering science

 11 January 3, 2020

Requirements for ICS protection

system components
II. The registration and accounting subsystem
performs:
 registration and accounting: access to IS,
issuance of source documents, launch of
programs and processes, access to protected
files; data transmission through ICS lines and
channels;
 registration of access authority changes,
creation of access objects to be protected;
 accounting of information carriers;
 notification of attempted security breaches.

Zaritskyi Oleh, Doctor of engineering science

 12 January 3, 2020

Requirements for ICS protection

system components
III. The cryptographic subsystem provides:

 encryption of confidential information (or

other categories of restricted information);
 encryption of information belonging to
different access entities (groups of entities)
using different keys;
 the use of certified cryptographic information
security tools.

Zaritskyi Oleh, Doctor of engineering science

 13 January 3, 2020

Requirements for ICS protection

system components
IV. The integrity assurance subsystem provides:

 ensuring the integrity of the software and the

information being processed;
 physical protection of computer facilities and
storage media;
 presence of an administrator (service) of
information security in ICS;
 periodic testing of ICS protection and
recovery systems;
 the use of certified protection means and
licensed software;
Zaritskyi Oleh, Doctor of engineering science
 14 January 3, 2020

Principles of ICS protection

organization
The basic ideas and the most important
recommendations on the organization
and implementation of works for the
effective protection of information
resources of ICS are divided into two
groups:
1. Legal.
2. Organizational.

Zaritskyi Oleh, Doctor of engineering science

 15 January 3, 2020

Legal principles of information

protection
are based on the provisions of basic
constitutional norms, consolidate information
rights and freedoms, and guarantee their
implementation. In addition, the basic legal
principles of information security are based on
the peculiarities and legal properties of
information as a complete legal entity.
 legitimacy (legality);
 the priority of international law over the
domestic;
 economic feasibility etc.

Zaritskyi Oleh, Doctor of engineering science

 16 January 3, 2020

Organizational principles of
information security
 The role of organizational protection of
information in the system of security measures
is determined by the timeliness and
correctness of management decisions,
methods and methods of information
protection based on the current regulatory
and methodological documents.

 Organizational methods of protection provide

for organizational, technical and
organizational legal measures.

Zaritskyi Oleh, Doctor of engineering science

 17 January 3, 2020

Organizational principles of
information security
 scientific approach to information security
organization;
 security planning;
 security system management;
 continuity of information protection process;
 minimum sufficiency of protection means;
 systematic approach to the organization and
design of information security systems and
methods;
 a comprehensive approach to the
organization of information security;
Zaritskyi Oleh, Doctor of engineering science
 18 January 3, 2020

Organizational principles of
information security
 Compliance with the protection level (as well
as the value of the assets) of the value
information;
 flexibility of protection systems;
 multi-zone and multifaceted information
protection;
 limitation of the number of persons having
access to the protected information;
 personal responsibility of the staff for the
preservation of the information entrusted to
them.

Zaritskyi Oleh, Doctor of engineering science

 19 January 3, 2020

Thank you for attention