1. Basics of information security 1.1. Basic concepts

Talking about the protection of information must begin with the object of protection. If we talk about the term "information", then there is a mass of definitions for it. For example, according to the Law of Ukraine "On Information", "information is documented or publicly announced information about events and phenomena occurring in society, the state and the environment."

Information has several categories, such as adequacy, reliability, completeness, redundancy, objectivity, relevance. If we proceed from the point of view of information security, then the information should have the following categories:

• confidentiality - a guarantee that specific information is available only to those users who are allowed this access (authorized users);
• integrity - a guarantee of preserving the information for the correct values ​​that are not changed during storage and transmission;
• authenticity - a guarantee that the source of information is the person who is declared as its author;
• Appeal - a guarantee that the information can be tied to its author and, if necessary, prove that the author of the message is the claimed person, and no one else can be;
• availability - a guarantee that authorized users can always access the information.

Thus, the main task of the information system security subsystem is to provide these categories of information. We will understand information security and supporting infrastructure (a set of software and hardware providing storage, processing and transmission of information) from accidental or deliberate effects of a natural or artificial nature that can cause unacceptable damage to information relations actors, including information owners and users. and supporting infrastructure. Information security is a set of measures aimed at ensuring information security.