Methods of information protection
The information sphere plays an increasing role in thesupport for the safety of all objects of the life of society, which explains the fact that protection from information leakage is considered to be the most important direction of the state.
Fundamentals of Information Security
All existing information is presented in various forms and on different physical media:
• documentary form;
• acoustic or speech form;
• telecommunications, etc.
Information is documented inalphanumeric and graphical form on paper, as well as on magnetic media. Its peculiarity is the content of information that is subject to protection, in a condensed form.
Speech information is born in the course of negotiations in the premises, as well as with the operation of a sound reinforcement system or sound reproduction.
Carriers of this form are acoustic oscillations, which are mechanical and propagate from the source to the outer space.
Circulation of telecommunication informationoccurs in the technical means of storing and processing data during their transmission through communication channels. The information carrier in this case is an electric current, and if it is transmitted through a radio channel and an optical channel, then electromagnetic waves.
Methods of information protection depending on the object
Main objects:
• information resources that contain information relating to confidential data and state secrets;
• systems and means of informatization(information and computer systems, systems and networks), software (DBMS, operating systems, other types of system-wide and application software), ACS, communication systems. That is, these are the systems and tools that directly handle "private" information. Such means and systems are considered technical means of receiving, processing, storing and transmitting data or information (TSPI);
• technical systems and facilities that do notbelong to the systems and means of informatization (TSPI), but are located in the premises where confidential and secret information is processed. These technical systems and means are called auxiliary technical systems and means (VTSS).
Common methods of information protection:
1) an obstacle is a method of physically limiting the path to protected information (media, equipment, etc.);
2) the method of access control is the protection of information resources by controlling the use of each of them. These include database elements, software and hardware.
Information security methods that restrict access:
- identification of users, computer system resources, personnel (assignment of personal identifier to objects);
- the method of identification (authenticity) of an object or subject according to the login identifier specified by it;
- control of authority, i.e. analysis of the correspondence of the day, time of day, requested procedures and resources in accordance with the established regulations;
- Establishment of regulations for the resolution of the working time range;
- registration of each appeal to the protected resources;
- Restriction reaction when attempting unauthorized access (alarm activation, disabling, denial of request);
3) masking is the protection of information through its cryptographic closure. This is the only reliable method for transferring data over long channels;
4) regulation - is the protection of information, in which the probability of unauthorized access becomes minimal;
5) coercion is such protection of information, whenwhich users and employees of the system are compelled to comply with the rules for dealing with protected information - processing, transmission and their use, otherwise they are subject to material or administrative liability;
6) motivation - these are methods of protectioninformation, under which the user and staff are urged not to violate the prescribed order, observing the established moral and ethical norms (regulated and unwritten).
Methods of protecting information are diverse. But one thing is certain - it is necessary to use them in all spheres of life.