1.4. Basic methods for ensuring the security of information systems

In order to counter the threats listed in the previous chapter, modern information systems include security subsystems that implement the adopted security policy. The security policy, depending on the goals and conditions of the system’s operation, may determine the subjects ’access rights to resources, regulate the procedure for auditing users’ actions in the system, protecting network communications, formulate ways to restore the system after accidental failures, etc. To implement the adopted security policy, there are legal, organizational, administrative and engineering measures to protect information.

Legal provision of information security is a combination of legislative acts, regulatory documents, regulations, instructions, manuals, the requirements of which are mandatory in the information protection system.

Organizational and administrative provision of information security is the regulation of production activities and relations of executors on a regulatory basis in such a way that disclosure, leakage and unauthorized access to information becomes impossible or significantly hampered by organizational measures. The measures of this class include: selection and training of personnel, determination of job descriptions of employees, organization of access control, protection of premises, organization of information protection with the monitoring of personnel work with information, determination of the order of storage, reservation, destruction of confidential information, etc.

Engineering measures are a set of special bodies, technical means and activities that work together to perform a specific task of protecting information. Engineering means include shielding the premises, organizing an alarm system, and guarding the premises from a PC.

Technical means of protection include hardware, software, cryptographic means of protection, which make it difficult to attack, help to detect the fact of its occurrence, to get rid of the consequences of the attack. This manual is devoted to the consideration of technical information protection tools, more detailed information about other types of protection can be obtained, for example, in [10].

Technical means of security subsystems of modern distributed information systems perform the following main functions:

• authentication of partners in the interaction, allowing to verify the authenticity of the partner when establishing a connection;
• authentication of the source of information, which allows to verify the authenticity of the source of the message;
• access control providing protection against unauthorized use of resources;
• data confidentiality, which provides protection against unauthorized receipt of information;
• data integrity, which allows detecting and, in some cases, preventing information from changing during its storage and transmission;
• affiliation that provides proof of ownership of information to a particular person.

To implement these functions, the following mechanisms are used:

• encryption, which transforms information into a form that cannot be understood by unauthorized users (encryption is discussed in more detail in Chapter 2);
• electronic digital signature transferring the properties of a real signature to electronic documents (for more details, see Chapter 4);
• access control mechanisms that control the process of access to user resources based on information such as access control databases, passwords, security labels, access time, access route, access duration;
• integrity control mechanisms that control the integrity of both the individual message and the message flow and use for this purpose checksums, special labels, message sequence numbers, cryptographic methods;
• authentication mechanisms that, based on user-supplied passwords, authenticating devices or his biometric parameters, decide whether the user is who he is (see Chapter 3);
• traffic enhancement mechanisms that add additional information to the message flow that “masks” useful information from the attacker;
• notarization mechanisms that serve to authenticate the source of information.

Table 1.1 presents the relationship between the security functions of information systems and the mechanisms for their implementation [11].

Table 1.1

Interrelation of safety functions and mechanisms for their implementation

1.5. Conclusion

An important task of modern information systems is to ensure the security of the information stored and processed in them. Protecting information means ensuring the confidentiality, integrity, availability, authenticity and appealability of information.

Information systems are subject to a large number of threats. The main mechanisms for protecting against these threats are encryption, electronic digital signature, access control mechanisms, integrity control, notarization, traffic addition. Algorithmic, software and hardware implementation of these mechanisms will be discussed below.