With the development and complication of computer systems and software
frameworks increase, the volume and vulnerability of the data stored in them increases. Therefore, information security problems are gaining more and more weight. Three aspects of information vulnerability can be distinguished:
1. Exposure to physical destruction.
2. Possibility of unauthorized (accidental or malicious) modification (change)
3. It is pertinent to note that there is a danger of unauthorized (accidental or deliberate) obtaining of information by persons for whom it is not intended.
Today, information security systems are being developed in two directions:
1. Ensuring the reliability and integrity of information transfer. The methods of noise-immune coding (Gray, Shannon, etc.) and noise-immune reception methods are used.
2. Protection of information from unauthorized access, deliberate distortion or destruction.
Domestic and foreign experience of information protection shows that an extremely complex protection system that combines the following measures can be effective:
1. Physical.
2. Administrative (organizational)
3. Note that technical.
4. Cryptographic.
5. Software.
Physical measures involve obstructing access to equipment and information. They are often used to protect equipment and information carriers from direct theft or destruction. These are locks on doors, bars on windows, various mechanical, electromechanical and electronic devices for building security and burglar alarms, etc. Physical protection measures are traditionally used in conjunction with administrative measures, which include measures for organizing a security regime, access and internal control, etc.
The technical protection measures include the use of a variety of
various mechanical, electromechanical, electronic, optical, radar and other devices and systems that are capable of independently or in combination with other means to perform information security functions. These include, for example, technical means of protection against collateral electromagnetic radiation, protective noise, security lighting, detection, surveillance, signaling, etc. It is worth noting that they complement physical and administrative measures and can significantly increase its effectiveness.
In cryptographic security measures, information encryption methods can be used, which encode information in such a way that its content would be available only upon presentation of some specific information (key)
It is worth noting that encryption can be carried out either manually (which is a complex and painstaking procedure), or automatically, using special hardware (encryptors) or special software. Experts consider the cryptographic closure of information to be the most effective and reliable means of protecting information.
Software measures will be a means of protecting information on a computer. Computer protection systems should allow the user, under control, to gain access to computer equipment and information stored in it. It should be said that in order to protect against intrusion, measures should be taken to directly protect computing devices and information from unauthorized access.
It is worth noting that the main functions that the means of protection should carry out will be:
Identification of subjects and objects;
Delimitation (sometimes complete isolation) of access to computing resources and information;
Registration of actions in the system.
The identification and authentication procedure involves checking whether the subject providing access (or the object being accessed) will be who he claims to be. In the process of identification, various methods can be used: simple, complex or one-time passwords, exchange of questions and answers with the administrator or through a program using
the use of various identification elements (key, code card, identity card, token, photograph of the face), methods of biometric identification of a person (by fingerprints, palm size and print, retina), etc.
Differentiation of access to computing resources and information is carried out at three levels:
Instruments;
Software;
Protection at the hardware and software levels provides for the control of access to such computing resources as individual devices, RAM, operating system, special service and personal programs of the user.
Information protection at the data level is aimed at:
Protection of information during transmission through channels between different computers;
Providing access only to authorized data stored in a computer, and performing only permissible operations on them.
To protect information during transmission, it will be advisable to encrypt data before entering it into the communication channel and decrypting it at the output and into it.
Information access control allows you to answer the questions: who can perform what operations and on what data. The object, access to which is controlled, can be a file, a record in a file, or a separate field of a file record, and as factors influencing the decision on access - an external event, data value, system state, user authority, etc.
Event-driven access provides for blocking user access, for example, at specific intervals or when accessing from a specific terminal. State-dependent access is based on the current state of the computing system, control programs, and the security system. For example, access to a file may be denied if the disk is not in read-only state. Access controlled
value, opens a path to the data based on its current value.
With regard to access, depending on the authority, it provides for the user's access to programs, data, equipment, depending on the provided mode. For example, a subject might be allowed Read Only. "Read and write", "Execution only", etc.
Another approach to building access protection tools is based on controlling information flows and dividing subjects and objects of access into privacy classes. Controls shall permit the flow of information for reading if the level of the source information object exceeds or does not exceed the category of the receiving subject, and for writing if the category of the source subject exceeds or exceeds the secrecy level of the information object.
Registration tools, like access control tools, are among the effective measures to counter unauthorized actions. At the same time, if access control tools are designed to prevent such actions, then the registration task is to detect already performed actions or their attempts.
As can be seen from the above, information protection methods have a wide range of action. When choosing a set of measures to protect information, one should proceed from their reliability, efficiency, cost and ease of use.
Terms of use:
Intellectual property rights - COMPUTER CRIME AND INFORMATION PROTECTION - V.A. DULENKO. belong to its author. This manual / book is posted solely for informational purposes without involvement in commercial turnover. All information (including "3. MODERN METHODS OF PROTECTING INFORMATION IN THE INTERNAL AFFAIRS") is collected from open sources, or added by users at no cost.
For the full use of the information posted, the Project Administration strongly recommends purchasing the book / manual COMPUTER CRIME AND INFORMATION PROTECTION - V.A. DULENKO. at any online store.
Tag block: COMPUTER CRIME AND INFORMATION PROTECTION - V.A. DULENKO., 2015. 3. MODERN METHODS OF INFORMATION PROTECTION IN INTERNAL AFFAIRS.
(C) Legal repository site 2011-2016
Information Security Fundamentals
Introduction
National security is the state of protection of the vital interests of the individual, society and the state from internal and external threats.
Vital interests are a set of needs, the satisfaction of which reliably ensures the existence and opportunities for the progressive development of the individual, society and the state.
Security threat - a set of conditions and factors that create a threat to the vital interests of the individual, society and the state.
Ensuring security is a unified state policy, a system of measures of an economic, political, law-making (other) nature, adequate to the threats to the vital interests of the individual, society and the state.
Security protection - direct impact on the object of protection.
Security protection - a set of ensuring and protecting security measures.
Information security is the state of protection of the country's national interests (the country's national interests are vital interests based on a balanced basis) in the information sphere from internal and external threats.
That is why information security issues are relevant especially recently.
The purpose and objectives of the work is a detailed study of individual aspects of information security.
1 Types and content of threats to information security
Sources of threats to the information security of the Russian Federation are divided into external and internal. External sources include:
- activities of foreign political, economic, military, intelligence and information structures directed against the interests of the Russian Federation in the information sphere;
- the desire of a number of countries to dominate and infringe on Russia's interests in the global information space, to oust it from the external and internal information markets;
- aggravation of international competition for the possession of information technologies and resources;
- activities of international terrorist organizations;
- increasing the technological gap between the world's leading powers and building up their capabilities to counter the creation of competitive Russian information technologies;
- activities of space, air, sea and ground technical and other means (types) of reconnaissance of foreign states;
- the development by a number of states of concepts of information wars, providing for the creation of means of dangerous impact on the information spheres of other countries of the world, disruption of the normal functioning of information and telecommunication systems, the safety of information resources, obtaining unauthorized access to them 1 .
Internal sources include:
- the critical state of domestic industries;
- an unfavorable crime situation, accompanied by tendencies for the merging of state and criminal structures in the information sphere, for criminal structures to gain access to confidential information, increase the influence of organized crime on the life of society, reduce the degree of protection of the legitimate interests of citizens, society and the state in the information sphere;
- insufficient coordination of the activities of federal state authorities, state authorities of the constituent entities of the Russian Federation in the formation and implementation of a unified state policy in the field of ensuring information security of the Russian Federation;
- insufficient elaboration of the regulatory legal framework governing relations in the information sphere, as well as insufficient law enforcement practice;
- underdevelopment of civil society institutions and insufficient state control over the development of the information market in Russia;
- insufficient funding of measures to ensure the information security of the Russian Federation;
- insufficient economic power of the state;
- decrease in the efficiency of the education and training system, insufficient number of qualified personnel in the field of information security;
- insufficient activity of federal bodies of state power, bodies of state power of the constituent entities of the Russian Federation in informing society about their activities, in explaining decisions made, in the formation of open state resources and the development of a system of citizens' access to them;
- Russia's lag behind the leading countries in the world in terms of informatization of federal government bodies, government bodies of constituent entities of the Russian Federation and local governments, credit and finance, industry, agriculture, education, healthcare, services and everyday life of citizens 2 .
2 Technical implementation of the ATS information security concept
The information used in the internal affairs bodies contains information about the state of crime and public order in the serviced territory, about the bodies and divisions themselves, their forces and means. In the duty units, operatives, district police inspectors, investigators, employees of forensic departments, passport and visa apparatuses, and other divisions, on primary registration documents, in accounting books and on other media, arrays of data for operational search and operational reference purposes are accumulated, which contain information:
- about offenders and criminals;
- about the owners of motor vehicles;
- about the owners of firearms;
- about events and facts of a criminal character, offenses;
- about stolen and confiscated things, antiques;
- as well as other information to be stored.
Services and divisions of the internal affairs bodies are characterized by the data:
- about the forces and means at the disposal of the body;
- on the results of their activities.
The above information is used when organizing the work of units and taking practical measures to combat crime and delinquency.
In the information support of the internal affairs bodies, the central place is occupied by the accounts, which are used to register primary information about crimes and the persons who committed them.
Accounting Is a system for registering and storing information about persons who have committed crimes, about the crimes themselves and related facts and objects.
Accounting for crimes subordinate to the Ministry of Internal Affairs of Russia covers 95% of criminal manifestations and gives a fairly complete picture of the operational situation in the country and its regions.
In Russia as a whole, in recent years, with the help of the information contained in the records, from 19 to 23% of crimes committed, or almost every fourth of the total, have been disclosed through the criminal investigation.
In the USSR, in 1961, the Instructions for registration in the internal affairs bodies were introduced. Under the USSR Ministry of Internal Affairs in 1971, the Main Scientific Information Center for Information Management (GNITSUI) was created, later renamed into the Main Information Center (GIC), and information centers (IC) were created in the Ministry of Internal Affairs and the Internal Affairs Directorate.
The main information center is the largest bank of operational reference and search information in the system of the Ministry of Internal Affairs of Russia. It is entrusted with the task of providing bodies and institutions of internal affairs with various information - statistical, search, operational reference, forensic, production and economic, scientific and technical, archival. These are unique, multidisciplinary centralized arrays of information, with a total of about 50 million accounting documents.
In the surname operational reference card file for convicted persons, over 25 million accounting documents are concentrated, and in the fingerprint card index - 17 million GIC has a unique database on computer media containing statistical reports of the Ministry of Internal Affairs, the Central Internal Affairs Directorate, the Internal Affairs Directorate, the Internal Affairs Directorate for 50 forms for the period from 1981 to 1992 and in retrospect until 1974 3 .
Information centers of the Ministry of Internal Affairs, ATC are the most important link in the information support system of the internal affairs bodies of the Russian Federation. They bear the main burden in providing information support to the internal affairs bodies in the disclosure and investigation of crimes, and the search for criminals.
Information centers are the head units in the system of the Ministry of Internal Affairs, the Internal Affairs Directorate, the Internal Affairs Directorate in the field of informatization: providing statistical, operational reference, operational investigative, forensic, archival and other information, as well as computerization and construction of regional information and computer networks and integrated data banks. Information centers carry out their duties in close cooperation with the departments of the Ministry of Internal Affairs, the Internal Affairs Directorate, the Department of Internal Affairs and the city railing authorities, as well as the Main Information Center of the Ministry of Internal Affairs of Russia.
With the help of the accounts, information is obtained that helps in the disclosure, investigation and prevention of crimes, the search for criminals, the identification of unknown citizens and the ownership of the seized property. They are formed in the municipal authorities, the IC of the Ministry of Internal Affairs, the Central Internal Affairs Directorate, the Internal Affairs Directorate according to the territorial (regional) principle and form the federal records of the Main Information Center of the Ministry of Internal Affairs of Russia. In addition, registrations are available in passport machines.
Along with the records in the internal affairs bodies, forensic centralized collections and card indexes are kept, which are created and stored in the forensic centers (ECC) of the Ministry of Internal Affairs of Russia (federal) and forensic departments (ECU) of the Ministry of Internal Affairs, GUVD, ATC (regional). The EKU and EKC collections and filing cabinets are focused primarily on ensuring the detection and investigation of crimes.
The operational reference, search and forensic information accumulated in records, collections and card files is called criminal information.
Accounting is classified according to functional and object characteristics.
Functionally, the accounts are divided into three groups: operational reference, search, forensic.
On the basis of the object, the accounts are divided into persons, crimes (offenses), objects.
The main operational reference and search information is formed in the city railing authorities. Part of it settles on the spot, and the other is sent to the IC and GIC to form a single data bank.
The information base of the Ministry of Internal Affairs system is built on the principle of centralized accounting. It is made up of operational reference, search and forensic records and card indexes, concentrated in the Main Information Center of the Ministry of Internal Affairs of Russia and the Information Center of the Ministry of Internal Affairs, ATC, UVDT, and local records of city railing authorities. In general, their arrays are estimated at about 250-300 million accounting documents.
Centralized operational reference, forensic and search records have the following information about Russian citizens, foreigners and stateless persons:
- conviction, place and time of serving the sentence, date and grounds for release;
- movement of convicts;
- death in places of imprisonment, change of sentence, amnesty, number of the criminal case;
- place of residence and place of work prior to conviction;
- detention for vagrancy;
- blood group and fingerprint formula of convicts.
Fingerprint registration makes it possible to establish the identity of criminals, arrested, detained, as well as unknown sick and unidentified corpses. Fingerprint card indexes have 18 million fingerprint cards. They receive over 600 thousand requests, for which about 100 thousand recommendations are issued. The information in the files contributed to the disclosure of crimes or the identification of a person in 10 thousand cases. Currently, these are mainly hand-held filing cabinets. 4 .
The accounts of the internal affairs bodies, depending on the method of information processing, are divided into three types: manual, mechanized, automated.
Automated records consist of a number of automated information retrieval systems (AIPS). The accumulation and processing of criminal information with the help of AIPS is carried out in regional banks of criminal information (RBKI).
In accordance with the new tasks, the GIC of the Ministry of Internal Affairs of Russia in November 2004 was transformed into the Main Information and Analytical Center of the Ministry of Internal Affairs of Russia. In the system of internal affairs bodies, the Main Information and Analytical Center (GIAC) of the Ministry of Internal Affairs of Russia is the head organization in the following areas:
- information support with statistical, operational reference, investigative, forensic, archival and scientific and technical information;
- operational-analytical and information support of operational-search activity, as well as information interaction for the exchange of operational information with other subjects of operational-search activity;
- planning, coordination and control of the processes of creation, implementation, use, development in the system of the Ministry of Internal Affairs of Russia of modern information technologies, automated information systems of general use and operational-investigative nature, integrated public data banks, computer equipment and system software for them;
- maintenance and development of the Unified system of classification and coding of technical, economic and social information.
The main tasks of the GIAC of the Ministry of Internal Affairs of Russia are:
- providing the leadership of the Ministry, subdivisions of the system of the Ministry of Internal Affairs of Russia, government bodies of the Russian Federation, law enforcement agencies of other states with statistical information on the state of crime and the results of operational and service activities of internal affairs bodies, as well as operational reference, search, forensic, archival, scientific technical and other information;
- the formation in the internal affairs bodies of a unified system of statistical, operational reference, investigative, forensic accounting, automated data banks of centralized accounting, all-Russian and industry classifiers of technical, economic and social information;
- creation, implementation and development of modern information technologies in the system of the Ministry of Internal Affairs of Russia in order to increase the efficiency of using the accounts by the internal affairs bodies;
- control over the activities of the Ministry of Internal Affairs, the Central Internal Affairs Directorate, the Internal Affairs Directorate of the constituent entities of the Russian Federation, UVDT in terms of the timeliness of the submission, completeness and reliability of informationin statistical, operational reference, search, forensic, operational and other records, the maintenance of which is attributed to the competence of information departments of the internal affairs bodies;
- pursuing a unified scientific and technical policy within the framework of the development of the information and computing system of the Ministry of Internal Affairs of Russia;
- coordination and support of activities for the implementation in the internal affairs bodies and internal troops of the Ministry of Internal Affairs of Russia of the legislation of the Russian Federation on archival affairs and on the rehabilitation of citizens subjected to political repression in the administrative order;
- organizational and methodological guidance and provision of practical assistance to subdivisions of the system of the Ministry of Internal Affairs of Russia, the Ministry of Internal Affairs, the Central Internal Affairs Directorate, the Internal Affairs Directorate of the constituent entities of the Russian Federation on issues related to the competence of the GIAC.
To implement the assigned tasks, the GIAC of the Ministry of Internal Affairs of Russia carries out:
- formation and maintenance of centralized operational reference, investigative and forensic records, automated data banks of centralized records, the Interstate Information Bank - within the framework of agreements concluded between law enforcement agencies; databases of statistical information on the state of crime and the results of the fight against it;
- collection, accounting and analysis of operational information; information and analytical support of the operational-search activities of the operational divisions of the Ministry of Internal Affairs of Russia. Providing operational and analytical materials to the leadership of the Ministry and operational units of the Ministry of Internal Affairs of Russia;
- formation and maintenance of records of persons declared on the federal and interstate wanted list, preparation and distribution to the internal affairs bodies of the Russian Federation and other states in accordance with the established procedure of materials on the announcement and termination of the search, bulletins of operational-search information and collections of orientations;
- the establishment, at the request of the NCB of Interpol under the Ministry of Internal Affairs of Russia, the Ministry of Foreign Affairs of Russia, the Central Committee of the Russian Red Cross Society, of the location (fate) of foreign citizens (subjects) and stateless persons arrested and convicted on the territory of Russia and the states of the former USSR;
- formation and maintenance of a data bank of the system of scientific and technical information of the Ministry of Internal Affairs of Russia on the experience of the internal affairs bodies of the Russian Federation and law enforcement agencies of other states; issuance of this information in accordance with the established procedure at the request of subdivisions of the system of the Ministry of Internal Affairs of Russia;
- the formation and maintenance of a fund of all-Russian classifiers of technical and economic information in the part related to the Ministry of Internal Affairs of Russia, the development and registration of sectoral and intra-system classifiers operating in the internal affairs bodies;
- reception, registration, preservation and use in the prescribed manner of archival documents of units of the Ministry of Internal Affairs of Russia and internal affairs bodies;
- analysis of the processes of formation and use of statistical, operational reference, investigative, forensic records of internal affairs bodies, the creation, implementation, development of modern information technologies in the system of the Ministry of Internal Affairs of Russia, provision of information and analytical materials to the leadership of the Ministry and departments of the Ministry of Internal Affairs of Russia.
The structure of the Main Information and Analytical Center of the Ministry of Internal Affairs of Russia includes:
- Center for Statistical Information;
- Criminal Information Center;
- Operational information center;
- Center for Operational Investigative Information;
- Center for Information Technologies and Systems of Internal Affairs;
- Computing Center;
- Center for Rehabilitation of Victims of Political Repression and Archival Information;
- Department of Scientific and Technical Information;
- Department of Documentation and Security Regime;
- Organizational and Methodological Department;
- Human Resources Department;
- Financial and economic department;
- Second department (special communications);
- Fifth department (information interaction with the CIS FSO of Russia);
- Logistics Department;
- Legal group.
All operational and preventive measures and the overwhelming majority of operational and search activities carried out in the internal affairs bodies are provided with information support carried out by the GIAC and the IC.
The role of information departments increases from year to year, as evidenced by the following facts. If in 1976 with the help of our records 4% of the total number of solved crimes were solved, in 1996 - 25%, in 1999 - 43%, in 2002 - 60%, then in 2009 - over 70% 5 .
Today, GIAC carries out fully automated collection and generalization of statistical information. The information is summarized as a whole for Russia, for federal districts and subjects of the Russian Federation. The automated database of statistical indicators of the GIAC contains information since 1970.
Public data banks have been deployed in the GIAC and information centers of the Ministry of Internal Affairs, the Central Internal Affairs Directorate, the Internal Affairs Directorate, and a standard integrated data bank of the regional level has been introduced.
At the regional and federal levels, a set of measures was carried out to equip all information centers of the Ministry of Internal Affairs, the Central Internal Affairs Directorate, the Internal Affairs Directorate and the State Information and Analytical Center with standard software and hardware complexes.
The centralized equipping of the regions with modern information processing complexes made it possible to purposefully carry out measures to integrate open information resources at the regional and federal levels.
Completed work on the creation of an integrated data bank of the federal level. It combined the resources of 9 existing systems ("Kartoteka", "ABD-Center", "ASV-RIF" and "Crime-Foreigners", "Antiques", "FR-Notification", "Weapons", "Autosearch" and "Dossier- scammer"). This made it possible, by one request of operational workers, investigators and interrogators, to receive the information available in the automated records of the GIAC in the form of a "dossier" and to increase the effectiveness of assistance in solving crimes.
The integrated bank of the federal level systematizes information about issued, lost, stolen passports (passport blanks) of citizens of the Russian Federation; about foreign citizens staying and residing (temporarily and permanently) in the Russian Federation; about registered vehicles.
A step-by-step interaction of the Federal Automated Fingerprint System "AFIS-GIC" with similar interregional systems of federal districts, regional systems of information centers and NCB of Interpol is being carried out. The possibility of obtaining fingerprint information in electronic form allows in the shortest possible time to identify the identity of suspects, to increase the efficiency of disclosing and investigating crimes.
On the basis of the GIAC of the Ministry of Internal Affairs of Russia, an interdepartmental automated system for maintaining the Register of the Federal Integrated Information Fund was created, providing for the integration of information resources and information interaction between ministries and departments (Ministry of Internal Affairs, FSB, Ministry of Finance, Ministry of Justice, Prosecutor General's Office, Supreme Court of the Russian Federation, etc.).
Using the mode of direct access to the data bank (within 7-10 minutes without breaking the communication line) and the mode of deferred request (within 1 hour using e-mail) will greatly facilitate the work of employees of operational services, investigation and inquiry units, and other law enforcement agencies.
The total number of users who are provided with access to the automated centralized accounting of the vertical "Main information and analytical center - information centers of the Ministry of Internal Affairs, Central Internal Affairs Directorate, ATC" is more than 30 thousand. More than a third of them are users of the GROVD level and police departments (divisions).
For information support of the operational activities of bodies, divisions and institutions of internal affairs, the educational process and scientific activities of research and higher educational institutions of the Ministry of Internal Affairs of Russia, the Databank of the Scientific and Technical Information System (DB SNTI) of the Ministry of Internal Affairs of Russia was created in the GIAC. DB STTI contains materials about the experience of the internal affairs bodies of Russia, the activities of law enforcement agencies of foreign countries, as well as information about the results of research and development work and dissertation research carried out in the system of the Ministry of Internal Affairs of Russia.
The most effective means of increasing the availability and ease of obtaining information, bringing it to the consumer is the data bank of the scientific and technical information system (DB STTI) of the Ministry of Internal Affairs of Russia.
The data bank of the STTI of the Ministry of Internal Affairs of the Russian Federation is designed to provide information to employees of bodies and institutions of the Ministry of Internal Affairs of Russia with information about the experience of the internal affairs bodies of Russia, the activities of law enforcement agencies of foreign countries and the results of scientific research carried out in the system of the Ministry of Internal Affairs of Russia.
Structurally, the databank consists of three sections:
- domestic experience - express information, bulletins, guidelines, analytical reviews, criminological forecasts;
- foreign experience - information publications, translations of articles from foreign magazines, reports on foreign business trips and other materials on the activities of law enforcement agencies of foreign countries;
- scientific research - reporting documents on research and development work, abstracts of defended theses prepared by employees of research and higher educational institutions of the Ministry of Internal Affairs of Russia.
As of January 1, 2010, the STTI database contains over 5 thousand materials, of which 30% are about the experience of the Russian Internal Affairs Department, 38% of foreign law enforcement activities, and 32% of scientific research.
The databank is installed on the communication node of the GIAC as part of the data transmission backbone (MRTD) of the Ministry of Internal Affairs of Russia. All employees of the Ministry of Internal Affairs of Russia, the Ministry of Internal Affairs, the Central Internal Affairs Directorate, the Internal Affairs Directorate of the constituent entities of the Russian Federation, UVDT, research and educational institutions who are subscribers of the GIAC node can directly contact the DB STTI.
It also provides an opportunity to select materials in the deferred request mode for all subscribers of the MRTD of the Ministry of Internal Affairs of Russia.
Along with the growth in the use of the STTI DB at the GIAC communication node in 65 regions of the Russian Federation, regional data banks of scientific and technical information have been created and are being formed on the basis of information arrays of the STTI DB. 6 .
Access to regional data banks of NTI is provided by services, divisions and city district agencies. In a number of regions (the Republic of Sakha (Yakutia), Krasnodar Territory, Magadan Region, etc.), which occupy a significant territory, subregional STI data banks are organized in remote cities. Information arrays for them are regularly replicated and sent out on CD-ROMs.
The creation and development of regional data banks NTI is one of the promising ways to solve the problem of bringing information to the practitioners of the territorial bodies of internal affairs.
Together with the interested departments and divisions of the Ministry of Internal Affairs of Russia, work is underway to create a Central Data Bank for registering foreign citizens and stateless persons temporarily staying and residing in the Russian Federation.
conclusions
The main directions of protection of the information sphere.
1. Protection of the interests of the individual, society and the state from the effects of harmful, poor-quality information. Such protection is provided by institutions: mass media, documented and other information.
2. Protection of information, information resources and information system from unlawful influence in various situations. Such protection is provided by:
Institute of State Secrets;
Personal data.
3. Protection of information rights and freedoms (Institute of Intellectual Property).
The main task of information security is to balance the interests of society, the state and the individual. This balance must be adequate to the security objectives of the country as a whole. Ensuring information security should be focused on the specifics of the information environment, determined by the social structure.
The focus of information security should be on the information environment of public authorities.
In the context of the globalization process, it is necessary to ensure a constant analysis of changes in policies and legislation in other countries.
The last task is to take into account the fulfillment of factors in the process of expanding the legal attention of the Russian Federation in the peaceful information space, including cooperation within the CIS, and the practice of using the Internet.
List of used literature
Constitution of the Russian Federation. - 1993
The concept of national security of the Russian Federation (as amended by the Decree of the President of the Russian Federation of January 10, 2000 No. 24).
Information security doctrine of the Russian Federation (approved by the President of the Russian Federation on September 9, 2000, No. Pr-1895).
Law of the Russian Federation of July 27, 2006 No. 149-FZ "On Information, Information Technologies and Information Protection".
Bot E., Sichert K .. Windows Security. - SPb .: Peter, 2006.
Dvoryankin S.V. Information confrontation in the law enforcement sphere / In collection: "Russia, XXI century - anti-terror ". - M .: "BIZON-95ST", 2000.
Karetnikov M.K. On the content of the concept "Information security of internal affairs bodies" / In collection: "International conference" Informatization of law enforcement systems ". - M .: Academy of Management of the Ministry of Internal Affairs of Russia, 1998.
Nikiforov S.V. An introduction to networking technologies. - M .: Finance and statistics, 2005 .-- 224c.
A.A. Torokin Engineering and technical information security: Textbook. - M .: "Helios ARV", 2005.
1 Beloglazov E.G. and other Fundamentals of information security of internal affairs bodies: Textbook. - M .: MosU of the Ministry of Internal Affairs of Russia, 2005.
2 V.I. Yarochkin Information Security: A Textbook for University Students. - M .: Academic Project; Gaudeamus, 2007.
3 Karetnikov M.K. On the content of the concept "Information security of internal affairs bodies" / In collection: "International conference" Informatization of law enforcement systems ". - M .: Academy of Management of the Ministry of Internal Affairs of Russia, 1998.
4 Dvoryankin S.V. Information confrontation in the law enforcement sphere / In collection: "Russia, XXI century - anti-terror." - M .: "BIZON-95ST", 2000.
5 Zhuravlenko N.I., Kadulin V.E., Borzunov K.K .. Fundamentals of information security: a textbook. - M .: MosU of the Ministry of Internal Affairs of Russia. 2007.
6 Zhuravlenko N.I., Kadulin V.E., Borzunov K.K .. Fundamentals of information security: a textbook. - M .: MosU of the Ministry of Internal Affairs of Russia. 2007.
DEFINITION OF INFORMATION SECURITY OF ATS
We have already dwelled on the concept of information security, which in its most general form can be defined as the state of protection of the needs of the individual, society and the state in information, in which their existence and progressive development are ensured, regardless of the presence of internal and external information threats... Let us concretize this concept in relation to the goals and objectives that law enforcement agencies face at the present stage. For this, first of all, let us turn to the generic concept - the concept of "safety".
Currently, security is an integral characteristic of progress, and the concept of security is one of the key ones in the study of optimization of human activities, including activities to combat crime.
Over the centuries, the concept of security has been repeatedly filled with different content and, accordingly, an understanding of its meaning. So in ancient times, the understanding of security did not go beyond the ordinary concept and was interpreted as the absence of danger or evil for a person. In this everyday sense, the term "security" was used, for example, by the ancient Greek philosopher Plato.
In the Middle Ages, security was understood as a calm state of mind of a person who considered himself protected from any danger. However, in this sense, this term did not firmly enter the vocabulary of the peoples of Europe until the 17th century. rarely used.
The concept of "security" is becoming widespread in scientific and political circles of Western European states thanks to the philosophical concepts of T. Hobbes, D. Locke, J.J. Rousseau, B. Spinoza and other thinkers of the 17th-18th centuries, meaning a state, a situation of calmness that appears as a result of the absence of real danger (both physical and moral).
It was during this period that the first attempts were made to theoretically develop this concept. The most interesting is the version proposed by Sonnenfels, who believed that security is such a state in which no one has anything to fear. For a particular person, such a position meant private, personal security, and the state of the state, in which there was nothing to fear, was public safety.
At present, security is traditionally understood as a state in which the vital interests of a person, society, state and international system are protected from any internal or external threat. From this point of view security can be defined as the impossibility of causing harm to someone or something due to the manifestation of threats, i.e. their security against threats.
It should be noted that this approach has found the greatest recognition both in the scientific community and in the field of lawmaking.
In general methodological terms, in the structure of the concept of "security" there are:
q security object;
q threats to the security object;
q ensuring the security of the facility against manifestations of threats.
The key element in defining the content of the concept of "security" is the security object, i.e. something that defends itself against threats. Choosing as an object of security information circulating in the internal affairs bodies, as well as the activities of police units related to the production and consumption of information, we can talk about their information security - the security of their "information dimension".
In the current Russian legislation, information security means "The state of protection of national interests in the information sphere, determined by the totality of balanced interests of the individual, society and the state"(Doctrine of information security of the Russian Federation). Moreover, under the information sphere of society is understood as the totality of information, information infrastructure, entities collecting, forming, disseminating and using information, as well as the system of regulation of the resulting public relations.
Based on the noted, information security of internal affairs bodies means the state of security of information, information resources and information systems of internal affairs bodies, which ensures the protection of information (data) from leakage, theft, graft, unauthorized access, destruction, distortion, modification, forgery, copying, blocking (The concept of ensuring information security of the internal affairs bodies of the Russian Federation until 2020, approved by order of the Ministry of Internal Affairs of Russia dated March 14, 2012 No. 169). The structure of this concept is shown in Fig. 4. Let's consider it in more detail.
Rice. 4. The structure of the concept of "information security of ATS"
ATS information security facility. As we have already noted, the following are the objects of information security:
q informational resources internal affairs bodies used in solving official tasks, including those containing information of limited access, as well as special information and operational data of an official nature.
The information used in the internal affairs bodies contains information about the state of crime and public order in the serviced territory, about the bodies and divisions themselves, their forces and means. In the duty units, operatives, district police inspectors, investigators, employees of forensic departments, the migration service, and other divisions, on primary registration documents, and accounting journals and on other media, accumulate data arrays of operational search and operational reference purposes, in which contains information about:
- offenders and criminals;
- owners of motor vehicles;
- owners of firearms;
- events and facts of a criminal nature, offenses;
- stolen and confiscated things, antiques, as well as other information to be stored.
Services and divisions of the internal affairs bodies are characterized by the data:
- about the forces and means at the disposal of the body;
- on the results of their activities.
The above information is used when organizing the work of units, when taking practical measures to combat crime and delinquency.
In addition to the specified information, scientific and technical information is widely used, which is necessary to improve the activities of the internal affairs bodies.
Special attention should be paid to the information used by the internal affairs bodies in the disclosure and investigation of crimes. This kind of information includes, including:
All types of evidence in a criminal case;
Materials of the criminal case;
Information about the course of the investigation of the criminal case (i.e., the totality of operational and procedural information about the event being investigated, plans for conducting operational-search and procedural actions);
Information about law enforcement officers involved in the investigation of the crime;
Information about the persons suspected and accused in the case;
Information about the victims, witnesses and other persons assisting in the investigation of the crime, etc.
In addition to those noted, information with limited access by individuals and legal entities is also subject to protection, to which officials of police units gain access in the performance of their official duties, in particular, in the disclosure and investigation of crimes;
q information infrastructure internal affairs bodies, which is understood a set of methods, means and technologies for the implementation of information processes (i.e. processes of creation, collection, processing, accumulation, storage, search, dissemination and consumption of information) that must be carried out in the police department when performing the tasks assigned to them by law.
The information infrastructure of ATS includes primarily those used in the practical activities of law enforcement agencies Information Systems, the network and communication networks(including general use).
The information infrastructure of the internal affairs bodies should certainly include those used in the practical activities of the internal affairs bodies information Technology- processes using a set of means and methods for collecting, processing and transmitting data (primary information) to obtain information of a new quality about the state of an object, process or phenomenon (information product).
Information infrastructure objects include premises, in which information processes take place, carried out in the course of performing official activities, processing information on a computer, etc.
Threats to an information security object. The organization of information security for internal affairs bodies should be comprehensive and based on a deep analysis of possible negative consequences. In doing so, it is important not to overlook any significant aspects. Analysis of negative consequences implies the mandatory identification of possible sources of threats, factors contributing to their manifestation and, as a result, the identification of actual threats to information security.
Based on this principle, it is advisable to carry out modeling and classification of sources of threats to information resources and information infrastructure of ATS on the basis of an analysis of the interaction of a logical chain:
Sources of threats . In the theory of information security under sources of threat confidential information understand potential carriers of information security threats , which, depending on the nature, are subdivided into anthropogenic(caused by human activity), man-made or spontaneous... In relation to the security object itself, the sources of threats are divided into external and internal.
Analysis of the provisions of the Doctrine of Information Security of the Russian Federation, as well as other regulatory documents in the field of information security, allows us to identify the following main sources of threats to information security of internal affairs bodies.
The main external sources of threats to the information security of internal affairs bodies include:
Intelligence activities of special services of foreign states, international criminal communities, organizations and groups related to the collection of information revealing tasks, plans of activities, technical equipment, working methods and locations of special units and internal affairs bodies of the Russian Federation;
Activities of foreign state and private commercial structures, as well as domestic criminal gangs and commercial organizations seeking to gain unauthorized access to information resources of law enforcement agencies;
Natural disasters and natural phenomena (fires, earthquakes, floods and other unforeseen circumstances);
Various kinds of man-made accidents;
Failures and malfunctions, failures in the operation of information infrastructure elements caused by errors in their design and / or manufacture.
The main internal sources of threats to the information security of internal affairs bodies include:
Violation of the established regulations for the collection, processing, storage and transmission of information used in the practical activities of the internal affairs bodies, including those contained in file cabinets and automated data banks and used to investigate crimes;
Failure of hardware and software failures in information and telecommunication systems;
Use of uncertified software that disrupts the normal functioning of information and information and telecommunication systems, including information security systems;
Intentional actions, as well as errors of personnel directly involved in the maintenance of information systems used in internal affairs bodies, including those involved in the formation and maintenance of card files and automated data banks;
Inability or unwillingness of service personnel and / or users of ATS information systems to fulfill their duties (civil unrest, transport accidents, terrorist act or its threat, strike, etc.).
Vulnerabilities . Under vulnerability in the context of the issue under consideration, we believe it is necessary to understand reasons leading to a violation of the established regime of information protection in the internal affairs bodies ... These reasons include, for example:
An unfavorable crime situation, accompanied by tendencies for the merging of state and criminal structures in the information sphere, for criminal structures to gain access to confidential information, increase the influence of organized crime on the life of society, reduce the degree of protection of the legitimate interests of citizens, society and the state in the information sphere;
Lack of legislative and regulatory regulation of information exchange in the law enforcement sphere;
Insufficient coordination of the activities of the internal affairs bodies and their divisions for the implementation of a unified policy in the field of information security;
Insufficient activity in informing the public about the activities of the internal affairs bodies, in explaining the decisions made, in the formation of open state resources and the development of a system of citizens' access to them;
Insufficient funding of measures to ensure information security of internal affairs bodies;
Decrease in the efficiency of the education and training system, insufficient number of qualified personnel in the field of information security;
Lack of a unified methodology for collecting, processing and storing information of an operational-search, reference, forensic and statistical nature, etc.
The presence of such design features and technical characteristics of information infrastructure elements that can lead to a violation of the integrity, availability and confidentiality of security objects. So, for example, the TCP / IP protocol used in the global electronic network Internet was originally developed without taking into account the requirements of information security, and most of the software used in the practice of ATS contains a lot of errors and undocumented features.
Threats . The listed vulnerabilities give rise to corresponding threats to the security of information and information infrastructure of the internal affairs bodies. Wherein by threats to an object of information security we mean a set of conditions and factors that create a potential or real danger of leakage, theft, loss, destruction, distortion, modification, forgery, copying, blocking of information and unauthorized access to it .
However, and this must be emphasized, a threat to a security object is not something that exists on its own. It is either a manifestation of the interaction of a security object with other objects, which can harm its functioning and properties, or a similar manifestation of the interaction of subsystems and elements of the security object itself.
The security of information resources and information infrastructure of internal affairs bodies is manifested through the security of their most important properties, which include:
q integrity - property of information and information infrastructure, characterized by the ability to resist unauthorized or unintentional destruction and distortion of information;
q availability - property of information and information infrastructure, characterized by the ability to provide unimpeded access to information for subjects having the proper authority to do so;
q confidentiality - property of information and information infrastructure, characterized by the ability of information to be kept secret from subjects who do not have the authority to familiarize themselves with it.
Violation of the specified properties of the information security objects of the internal affairs bodies also constitutes a threat to the information security of the internal affairs bodies. The manifestation of these threats is carried out by:
q violation of the integrity of information as a result of it:
- loss (theft). It consists in the "withdrawal" of information and / or its carriers from the information sphere of the internal affairs bodies, leading to the impossibility of further use of this information in the activities of the internal affairs bodies;
- destruction. Destruction is such an impact on the information circulating in the internal affairs bodies and / or its carriers, as a result of which they cease to exist or are brought into such a state that makes it impossible for them to be further used in the practical activities of the internal affairs bodies;
- distortion (modifications, fakes), i.e. as a result of such an impact on information, which leads to a change in its (information) semantic content, the creation and / or imposition of false carriers of information;
q violation of the availability of information as a result of it:
- blocking, those. termination or obstruction of access to information by authorized persons;
- loss;
q violation of confidentiality of information as a result of:
- unauthorized disclosure of information. Represents intentional or unintentional actions of persons having access to undisclosed information, contributing to unauthorized acquaintance with this information of third parties .;
- unauthorized acquaintance with information. Represents the intentional or unintentional actions of persons who do not have the right to access information, to familiarize themselves with it.
Information security. We have already noted that the information security of the internal affairs bodies is the protection of information resources and the supporting information infrastructure of the internal affairs bodies from threats, i.e. impossibility of any damage or harm to them. Since both the information resources and the information infrastructure of the Internal Affairs Directorate do not exist on their own, outside the practical activities of the internal affairs bodies, but in fact are one of the means of this activity, it is quite obvious that their security can be ensured only by creating such conditions for the activities of the internal cases in which potentially dangerous impacts for safety objects were either prevented or reduced to such a level at which they are not capable of causing damage to them.
Thus, ensuring information security of the internal affairs bodies is the process of creating such conditions for the implementation of the activities of the internal affairs bodies, in which the impacts on them, potentially dangerous for information resources and information infrastructure of the internal affairs bodies, were either prevented or reduced to a level that did not interfere with the solution of the tasks facing the internal affairs bodies.
It is clear from this definition that ensuring information security is of an auxiliary nature in the system of activities of the internal affairs bodies, since it is aimed at creating conditions for achieving the main goals of the internal affairs bodies - first of all, an effective fight against crime.
Ensuring the information security of the ATS has its own external and internal focus. External focus This kind of activity is due to the need to ensure the legitimate rights and interests of the copyright holders of information protected by law, involved in the field of activities of the internal affairs bodies.
Internal focus activities to ensure the information security of the internal affairs bodies is due to the need to implement the tasks and achieve the goals facing the internal affairs bodies - first of all, the detection, disclosure, investigation and prevention of crimes. In other words, it creates the preconditions for the successful fulfillment of the tasks facing the internal affairs bodies.
Information security activities are carried out on the basis of a set of the most important, key ideas and provisions, called principles. These fundamental principles include the following:
Humanism;
Objectivity;
Concreteness;
Efficiency;
Combination of publicity and official secrecy;
Legality and constitutionality;
Compliance of the selected means and methods with the goal of counteraction;
Complexity.
Principle humanism is to ensure the rights and freedoms of a person and a citizen in countering threats to information security, in preventing unlawful encroachments on his personality, humiliation of a person's honor and dignity, arbitrary interference in his private life, personal and family secrets, restricting the freedom of his information activities, as well as in minimizing damage to these rights and freedoms when their restriction is carried out on legal grounds.
Principle objectivity is to take into account, in the implementation of counteraction, the objective laws of social development, the interaction of society with the environment, the real capabilities of the subjects of information security to eliminate the threat or minimize the consequences of its implementation. This principle requires an integrated, systematic approach to determining how to achieve the goals of the activity with the least expenditure of manpower and resources.
Principle concreteness is to ensure security in relation to specific life circumstances, taking into account the various forms of manifestation of objective laws on the basis of reliable information about both internal and external threats, and about the possibilities to counter them. Reliable information makes it possible to establish specific forms of manifestation of threats, to determine in accordance with this the goals and actions to ensure security, to concretize the methods of countering threats, the forces and means necessary for their implementation.
Principle efficiency is to achieve the goals of counteraction with the least expenditure of manpower and resources. Ensuring information security in any social community requires certain material, financial and human resources. Proceeding from this, ensuring security, like any socially useful activity of people, must be carried out rationally and efficiently. Usually, the efficiency criteria that are applied in practice include the ratio of the amount of prevented damage from the implementation of threats to the costs of countering these threats.
Principle combination of publicity and secrecy is to find and maintain the necessary balance between the openness of information security activities, which makes it possible to gain public trust and support, and, on the other hand, in the protection of internal police information, the disclosure of which can reduce the effectiveness of countering security threats.
Principle legality and constitutionality means the exercise of all functions inherent in state organizations and officials in strict accordance with the current constitution, laws and by-laws, in accordance with the competence established by law. Strict and unswerving observance of legality and constitutionality should be an indispensable requirement, a principle of activity of not only state, but also non-state bodies, institutions and organizations.
Principle the correspondence of the selected means and methods to the goal of counteraction means that these means and methods should, on the one hand, be sufficient to achieve the goal, and on the other, not lead to undesirable consequences for society.
Principle complexity the use of the available forces and means consists in the coordinated activity of the subjects of countering threats to information security and the coordinated use of the resources available for this.
As a type of security, information security has a complex structure, including goals, means and subjects of this activity.
The following can be singled out as the goals of activities to ensure the information security of the internal affairs bodies:
q elimination (prevention) of security threats;
q minimization of damage from the manifestation of threats.
Elimination (prevention) of threats as the goal of ensuring information security, this is the nature of the interaction between the security object and the source of threats, in which these sources cease to have the property of generating a threat.
Minimizing the consequences implementation of a threat as the goal of information security activities arises when the elimination (prevention) of threats is not possible. This goal is such a nature of the interaction between the security object and the source of threats, in which emerging threats are promptly identified, the reasons contributing to this process are identified and eliminated, as well as the elimination of the consequences of the manifestation of threats.
Information security tools – it is a set of legal, organizational and technical means designed to ensure information security.
All information security tools can be divided into two groups:
q formal;
q informal.
TO formal includes such means that perform their functions to protect information formally, that is, mainly without human participation. TO informal means the basis of which is the purposeful activity of people.
Formal means are divided into physical, hardware and programmatic.
Physical means - mechanical, electrical, electromechanical, electronic, electronic-mechanical and similar devices and systems that function autonomously, creating various kinds of obstacles to destabilizing factors.
Hardware - various electronic, electronic-mechanical and similar devices, which are built in circuitry into the equipment of the data processing system or are interfaced with it specifically to solve information security problems. For example, noise generators are used to protect against leakage through technical channels.
Physical and hardware are combined into a class technical means of information protection.
Software- special software packages or individual programs included in the software of automated systems in order to solve information security problems. These can be various programs for cryptographic data conversion, access control, virus protection, etc.
Informal means are divided into organizational, legal and moral and ethical.
Organizational means - organizational and technical measures specially provided for in the technology of functioning of the object to solve problems of protecting information, carried out in the form of purposeful activities of people.
Legal remedies - existing in the country or specially issued normative legal acts, with the help of which the rights and obligations related to ensuring the protection of information, of all persons and divisions related to the functioning of the system are regulated, as well as liability is established for violation of the rules for processing information, which may result in violation of information security.
Moral and ethical standards - moral norms or ethical rules that have developed in society or a given collective, the observance of which contributes to the protection of information, and violation of them is equivalent to non-compliance with the rules of conduct in society or a collective.
Moral and ethical methods of protecting information can be attributed to the group of those methods that, based on the popular expression that "the secret is kept not by locks, but by people", play a very important role in protecting information. It is a person, an employee of an enterprise or institution, who is admitted to secrets and accumulates in his memory colossal amounts of information, including secret, that often becomes a source of leakage of this information, or through his fault a rival gets the opportunity of unauthorized access to protected information carriers.
Moral and ethical methods of protecting information presuppose, first of all, the education of an employee admitted to secrets, that is, carrying out special work aimed at forming a system of certain qualities, views and beliefs (patriotism, understanding of the importance and usefulness of protecting information and for him personally), and training an employee who is aware of the information constituting a protected secret, the rules and methods of protecting information, instilling in him the skills of working with carriers of classified and confidential information.
Information security entities are bodies, organizations and persons authorized by law to carry out relevant activities... These include, first of all, the heads of the internal affairs bodies, employees of the relevant ATS units dealing with information security issues (for example, employees of technical departments carrying out technical protection of ATS facilities), federal executive bodies exercising oversight functions within their competence (for example , FSB in terms of ensuring the safety of information constituting a state secret), etc.
Conclusion
In the internal affairs bodies, serious attention is paid to the issues of preserving secret information, instilling high vigilance among employees. One of them is often underestimated the danger of such information leakage. They show carelessness bordering on criminal negligence when handling classified documents, which often leads to the disclosure of information constituting a state secret, and even to the loss of classified items and documents. At the same time, some employees of the internal affairs bodies establish and maintain dubious undesirable connections, disclose information about the methods and forms of work of the internal affairs bodies to unauthorized persons. Low professional qualities of individual employees often lead to a violation of the secrecy of the events being held. The purpose of this course is to understand what information security is, how and by what means it can be ensured and to avoid the negative consequences that may occur for you if there is a leak of confidential information.
Department of Informatics and Mathematics
Test
"Fundamentals of Information Security in Internal Affairs Bodies"
Performed:
Elena N. Bychkova
2nd year student, 2nd group
Moscow - 2009
Plan
1. The concept and purpose of conducting special checks of objects of informatization; the main stages of the audit
2. Vulnerability of computer systems. The concept of unauthorized access (unauthorized access). Classes and types of NSD
2.1 Vulnerability of the main structural and functional elements of distributed speakers
2.2 Threats to the security of information, AS and subjects of information relations
2.3 The main types of threats to the security of subjects of information relations
List of used literature
1. The concept and purpose of conducting special checks of objects of informatization; the main stages of the audit
Informatization object - a set of informatization means together with the premises in which they are installed, intended for processing and transmission of protected information, as well as dedicated premises.
Informatization means - means of computer technology and communication, office equipment intended for collecting, accumulating, storing, searching, processing data and issuing information to the consumer.
Computer facilities - electronic computers and complexes, personal electronic computers, including software, peripheral equipment, data teleprocessing devices.
Object of computer technology (VT) - a stationary or mobile object, which is a complex of computer technology, designed to perform certain functions of information processing. Computer facilities include automated systems (AS), automated workstations (AWPs), information computing centers (ICCs) and other complexes of computer technology.
The objects of computing technology can also include individual means of computing technology that perform independent functions of information processing.
Allocated room (VP)- a special room designed for meetings, conferences, conversations and other events of a speech nature on secret or confidential matters.
Activities of a speech nature can be carried out in dedicated rooms with the use of technical means of processing speech information (TSOI) and without them.
Technical means of information processing (ICT)- technical means for receiving, storing, searching, transforming, displaying and / or transmitting information via communication channels.
The ICT includes computer facilities, communication facilities and systems for recording, amplification and reproduction of sound, intercom and television devices, means for the production and reproduction of documents, cinema projection equipment and other technical means associated with the reception, accumulation, storage, search, transformation, display and / or transmission of information via communication channels.
Automated System (AC)- a set of software and hardware designed to automate various processes associated with human activities. In this case, a person is a link in the system.
Special check This is a check of a technical means of information processing carried out in order to search for and withdraw special electronic embedded devices (hardware tabs).
Protected object certificate- a document issued by a certification body or other specially authorized body confirming the presence of necessary and sufficient conditions at the protected object to fulfill the established requirements and standards of information protection efficiency.
Allocated room certificate- a document issued by an attestation (certification) body or other specially authorized body, confirming the presence of the necessary conditions to ensure reliable acoustic protection of the allocated room in accordance with the established rules and regulations.
Instruction for use- a document containing requirements for ensuring the security of a technical means of information processing during its operation.
Certification test program- an obligatory organizational and methodological document that establishes the object and objectives of the test, the types, sequence and volume of experiments conducted, the procedure, conditions, place and timing of tests, provision and reporting on them, as well as responsibility for ensuring and conducting tests.
Qualification test procedure- obligatory for execution, organizational methodological document, including the test method, means and conditions of testing, sampling, algorithm for performing operations. By determining one or several interrelated characteristics of the security of the object of the form of data presentation and assessment of the accuracy, reliability of the results.
Certification test report- a document containing the necessary information about the test object, applied methods, means and test conditions, as well as a conclusion on the test results, drawn up in accordance with the established procedure.
Fixed technical means and systems (OTSS)- technical means and systems, as well as their communications used for the processing, storage and transmission of confidential (secret) information.
OTSS may include means and systems of informatization (means of computer technology, automated systems of various levels and purposes based on computer technology, including information and computing complexes, networks and systems, means and systems for communication and data transmission), technical means of receiving, transmission and processing of information (telephony, sound recording, sound amplification, sound reproduction, intercom and television devices, means of production, duplication of documents and other technical means of processing speech, graphic video, semantic and alphanumeric information) used for processing confidential (secret) information.
Auxiliary hardware and systems (VTSS)- technical means and systems that are not intended for the transmission, processing and storage of confidential information, installed jointly with OTSS or in dedicated premises.
These include:
Various types of telephone facilities and systems;
Means and systems for data transmission in a radio communication system;
Security and fire alarm systems and equipment;
Means and systems of warning and signaling;
Control and measuring equipment;
Air conditioning facilities and systems;
Means and systems of a wired radio broadcasting network and reception of radio broadcasting and television programs (subscriber loudspeakers, radio broadcasting systems, televisions and radio receivers, etc.);
Electronic office equipment.
Preparation of documents based on the results of certification tests:
Based on the results of certification tests in various areas and components, test reports are drawn up. Based on the protocols, a Conclusion is adopted based on the results of certification with a brief assessment of the compliance of the informatization object with information security requirements, a conclusion about the possibility of issuing a "Certificate of Compliance" and the necessary recommendations. If the object of informatization complies with the established requirements for information security, a Certificate of Conformity is issued for it.
Re-certification of the object of informatization is carried out in the case when changes were made at the recently certified object. These changes may include:
Changing the location of OTSS or VTSS;
Replacement of OTSS or VTSS with others;
Replacement of technical means of information protection;
Changes in the installation and laying of low-current and salt cable lines;
Unauthorized opening of sealed OTSS or VTSS cases;
Repair and construction works in dedicated premises, etc.
If it is necessary to re-certification of an informatization object, re-certification is carried out, according to a simplified program. Simplifications are that only the elements that have undergone changes are tested.
2. Vulnerability of computer systems. The concept of unauthorized access (unauthorized access). Classes and types of NSD
As the analysis shows, the majority of modern automated information processing systems (AS) in the general case are geographically distributed systems of intensively interacting (synchronizing) with each other according to data (resources) and control (events) of local computer networks (LAN) and individual computers.
All "traditional" methods for locally located (centralized) computing systems of unauthorized interference in their work and access to information are possible in distributed AS. In addition, they are characterized by new specific channels of penetration into the system and unauthorized access to information.
Let's list the main features of distributed speakers:
· Territorial diversity of the components of the system and the presence of an intensive exchange of information between them;
· A wide range of used methods of presentation, storage and transmission of information;
· Integration of data for various purposes, belonging to different subjects, within the framework of single databases and, conversely, the placement of data necessary for some subjects in various remote nodes of the network;
480 RUB | UAH 150 | $ 7.5 ", MOUSEOFF, FGCOLOR," #FFFFCC ", BGCOLOR," # 393939 ");" onMouseOut = "return nd ();"> Dissertation - 480 rubles, delivery 10 minutes, around the clock, seven days a week
Velichko Mikhail Yurievich. Information security in activity of law-enforcement bodies: theoretical and legal aspect: theoretical and legal aspect: dissertation ... Candidate of jurisprudence: 12.00.01 Kazan, 2007 185 p., Bibliography: p. 160-185 RSL OD, 61: 07-12 / 1711
Introduction
CHAPTER I Theoretical and legal foundations of information security
1. Information security in the national security system: nature, essence, place in the categorical apparatus of the general theory of law
2.0 legal support of information security
CHAPTER 2. Threats to information security in the activities of internal affairs bodies
1. Computer and telecommunications crime 57
2. Information terrorism: concept, legal qualifications, countermeasures
3. Information war: organizational and legal support of state countering cyber crime
CHAPTER 3. The main directions of improving the regulatory and organizational support of information security in the activities of internal affairs bodies
1. State legal regulation in the field of combating computer crimes 96
2. Improving the legal framework for the protection of information of internal affairs bodies 115
3. Organizational, managerial and legal mechanism for the protection of information in the activities of the internal affairs bodies: ways of further development 127
Conclusion 153
List of used literature 1 () 0
Introduction to work
Relevance of the topic of dissertation research. As a result of the implementation of socio-economic transformations over the past years, society and public relations in Russia have moved into a qualitatively new state, characterized, in particular, by a strong coalescence of government bodies, business organizations and criminals, which dictates an urgent need to revise the functions and tasks of law enforcement agencies, security agencies national security, economic security and law enforcement forces.
The transition to a new state of Russian society is inextricably linked with the emergence of new challenges and threats to both national security in general and its most important components - economic and public security. The emergence of these threats against the background of a strong backwardness and insufficient development of the Russian legislative framework is associated, first of all, with the accelerated capitalization of the economic relations of society, the rapid development of market relations, the close integration of Russia into global world economic relations, the globalization of the world economy, globalization and transnationalization of crime in the main important spheres of public relations, the emergence and development of international terrorism, etc.
All this requires serious reflection and the development of new mechanisms for organizing counteraction to national and transnational crime.
A necessary condition for the socio-economic development of the Russian Federation is a decrease in the crime rate. The existing state, the applied law enforcement mechanisms and means of combating modern crime do not fully correspond to the state and dynamics of the spread of organized crime, the shadow economy and economic crime, drug trafficking and human trafficking, terrorism and extremism, and corruption.
The information revolution contributes to the creation and inclusion of such flows of information into the socio-economic system, which may be quite sufficient for the effective resolution of most modern global and regional socio-economic problems, to ensure rational nature management, harmonious economic, political, social, cultural and spiritual development of society and its safety. The same advances in the field of information are also fully used by crime, which is basically large-scale and organized, covering entire regions and even the entire territory of the country, going beyond its borders, has great opportunities for access to information, technical and financial resources, their build-up and use in their illegal activities. These circumstances necessitate a radical rethinking of existing views and the development of new conceptual approaches to the problem of information security, the fight against such new phenomena as cyber criminality and cyber terrorism in order to ensure national security.
The relevance of the study of legal and organizational and managerial mechanisms for ensuring the information security of internal affairs bodies in the context of the integration of information systems of law enforcement agencies and special services is also due to the fact that issues of the theory of information protection were traditionally considered, as a rule, from a technical standpoint or in relation to previously existing and well-established organizational systems
A number of studies note that the problem of ensuring the protection of information is often narrowed down to the problem of ensuring the protection of only computer information. So, O.V. GNNS rightly believes that a coherent consideration of a number of aspects of information security is required to implement an effective approach1.
The formation of an information security regime is a complex problem in which four levels can be distinguished: legislative (laws, regulations, standards, etc.); administrative (general actions taken by management); procedural (security measures aimed at monitoring compliance by employees with measures aimed at ensuring information security); software and hardware (technical measures).
Based on this, there is a need to develop theoretical provisions and methodological principles for ensuring information security by internal affairs bodies. The scientific and practical problem of complex consideration of issues of state and legal regulation and organizational management in the field of information security of law enforcement agencies is of particular importance. All this determined the relevance of the research topic and the range of issues under consideration.
The state of knowledge of the problem. The issues of state regulation in the information sphere began to be largely addressed in scientific publications only in the second half of the 20th century, when the international exchange of scientific and technical achievements began to develop at an accelerated pace. The following domestic scientists have made a great contribution to this area: V.D., Anosov, A.B. Antopolsky, G7G. Artamonov, P.I. Asyaev, Yu.M. Baturin, IL. Bachilo, M. Boer, A.B. Vengerov, M.I., Dzliev, GL. Emelyanov, I.F. Ismagilov, V.A. Kopylov, V.A. Lebedev, V.N., Lopatin, G.G. Pocheptsov, M.M. Rassolov, I.M. Rassolov, A.A. Streltsov, A.D. Ursul, A.A. Fatyanov, AL. Fisun and others. Among foreign scientists in this direction, one can note the works of R. Goldsheider, I, Gerard, J. Mayer, B. Markus, J. Romari, S. Philips and others.
The purpose and objectives of dissertation research. The aim of the study is to clarify the theoretical and legal provisions, methodological principles of ensuring information security of internal affairs bodies, information confrontation and effective information countermeasures to criminal structures using legal and law enforcement mechanisms.
In accordance with the formulated goal, the following tasks were set in the work:
Research and clarify the theoretical and methodological foundations of state and legal regulation in the field of information protection and organization of information security of internal affairs bodies;
Determine ways to improve legal mechanisms for protecting information, organizational measures and management decisions to combat computer crimes; - to identify the role of legal and organizational mechanisms for protecting information in information support systems for the activities of internal affairs bodies;
To develop proposals on the formation of organizational and legal mechanisms for ensuring information security of internal affairs bodies.
The object of the dissertation research is the information security of the internal affairs bodies.
The subject of the research is the legal and organizational and managerial mechanisms for ensuring the information security of the internal affairs bodies.
The theoretical and methodological basis of the dissertation research was the theoretical and methodological developments of domestic and foreign scientists on the problems of national, economic and information security, information protection.
The research is based on the systemic methodology developed by V.N. Anischepko, B.V., Akhlibininsky, L.B. Bazhenov, R.N. Baiguzin, B.V. Biryukov, V.V. Bor dyuzhe, V.V. Verzhbitsky, PG Vdovichenko, V.A. Galatenko, A.P. Gerasimov, I.I. Grishkin, D.I. Dubrovsky, N.I., Zhukov, A.M. Korshunov, K.E., Morozov, I.B. Novik, L.A. Petrusheiko, M.I. Setrov, A.D. Ursul, G.I. Tsarsgorodtsev and others.
The theoretical and legal basis of the dissertation research was the works of scientists in the field of criminal law, criminology, theory of law of informatics, including the works of S.S. Alekseeva, IO.M. Baturina, N.I. Vetrova, V.E. Vekhova, B.V. Zdravomyslova, V.V. Krylova, V.N. Kudryavtseva, Yu.I. Lyapunov, A, V. Naumova, S.A. Pashina7 A.A. Piontkovsky, N.A. Selivanova, A.R. Trainipa, O.F. Shishova.
During the research, dialectical, formal-legal, comparative-legal, abstract-logical, analytical and systemic methods were used, as well as the method of expert assessments; the methods of applied, special disciplines (criminal law, statistics, computer science, information security theory) were widely used.
The normative and legal basis of the study was the provisions of international legislation, the legal framework of the Russian Federation for the protection of information, the Criminal Code of the Russian Federation and regulatory legal documents based on them.
The scientific novelty of the dissertation research is determined by a comprehensive analysis of the legal and organizational mechanisms for ensuring the information security of the internal affairs bodies.
The scientific novelty of the research lies in the very formulation of the problem and the choice of the range of issues to be considered. This dissertation is the first work in domestic legal science devoted to a comprehensive study of the legal and organizational foundations of information security of law enforcement agencies of the Russian Federation, the basis of which is formed by the internal affairs bodies of the Ministry of Internal Affairs of Russia. For the first time, it analyzes modern threats to national security in the information sphere, emanating from organized national and transnational crime, corruption, terrorism, extremism and the criminal economy, substantiates the role and place of information security in the overall system of ensuring national security. For the first time, a comprehensive analysis of the goals, objectives, functions and powers of the internal affairs bodies in the field of combating computer crimes and cyber terrorism, ensuring information security in operational and service activities has been carried out. On the basis of an interrelated assessment of the state of the operational situation and the nature of crimes in the information sphere, the scale, forms, methods and means of information countermeasures to law enforcement agencies on the part of crime, the provision on finding the internal affairs bodies in a state of information war with various types of crime, primarily organized and economic. Proposals are formulated on the directions of improving the state and legal regulation of relations in the field of ensuring information security of internal affairs bodies and the development of current legislation.
The practical significance of the results of the dissertation research lies in their focus on solving the problems facing the internal affairs bodies to ensure law and order, the security of the state, society and the individual.
The theoretical provisions, formulated conclusions and practical recommendations obtained in the course of the study can contribute to the implementation of a coordinated state policy in the field of ensuring national and information security, the gradual improvement of state and legal regulation of relations between the internal affairs bodies in the field of information protection, countering computer crime and cyber terrorism.
The conclusions and recommendations of the applicant were used to substantiate state-legal measures and mechanisms for ensuring information security of internal affairs bodies, to prepare reports to the leadership of the Ministry of Internal Affairs of Russia and to the highest executive bodies of the Russian Federation on security issues.
The theoretical developments of the applicant can serve as the basis for further scientific research in the field of ensuring the national security of the Russian state and society, and can also be used in the educational process of higher educational institutions and research institutions of the Ministry of Internal Affairs of Russia.
Provisions for Defense. In the course of the research, a number of new theoretical provisions were obtained, which are submitted for defense:
In modern conditions, the information security of society, the state and the individual is, along with other types of security, including economic, the most important component of national security.
Threats to the country's information security, the sources of which are modern national and transnational criminal communities, in their totality and scale of impact, covering the entire territory of the country and affecting all spheres of life of society, undermine the foundations of the national security of the Russian Federation, causing significant damage to it.
The internal affairs bodies of the Ministry of Internal Affairs of Russia are an important component of the forces and means of countering information encroachments by criminal communities on the rights and freedoms of citizens, the security of the state, society and the individual.
In the current state of crime, which is basically large-scale and organized, covers entire regions and even the entire territory of the country, going beyond its borders, it has great opportunities to access information resources and weapons, build them up and use them in their illegal activities, it is impossible ensure the information security of the internal affairs bodies only through the use of protective mechanisms and mechanisms. In these conditions, it is necessary to conduct active offensive (combat) actions using all types of information weapons and other offensive means in order to ensure superiority over crime in the information sphere.
The internal affairs bodies of the Ministry of Internal Affairs of Russia are in a state of information war with both national and transnational criminal communities, the specific content and main form of which is information warfare using information and computing and radio equipment, radio intelligence, information and telecommunication systems, including space channels. communications, geographic information systems to other information systems, complexes and means.
The evolution of the legal regime, organizational foundations and the actual activities of the internal affairs bodies to ensure information security, counter computer crimes and cyber terrorism have been strongly affected by changes in the political and socio-economic situation of the country. The developed and implemented approaches to "forceful" enforcement of law and order and security in conditions of high activity of organized criminal communities require a radical rethinking of existing views and the development of new conceptual approaches to the problem of state-legal regulation of relations in the field of information security "to combat such new phenomena as cyber crime and cyber terrorism in order to ensure national security.
The general social nature of the activities of the internal affairs bodies, the need for clear legal regulation of their activities in the special conditions of conducting an information war against large-scale organized crime require the creation of an appropriate state-legal regime and its reflection in the fundamental political and regulatory legal documents. Therefore, it seems logical to supplement the Concept of National Security and the Doctrine of Information Security of the Russian Federation, the RSFSR Law "On Security" with provisions regarding the concept of "information war" and the conditions for the use of information weapons in the fight against cyber crime and cyber terrorism, as well as expanding the range of powers of employees of internal cases in the law of the RSFSR "On the police" in terms of special conditions for the use of information weapons in order to effectively counter organized crime in the event of direct threats to the information security of society and the state-Approbation of the results of dissertation research. A number of provisions of this work were discussed at the scientific-practical conference "Institutional, economic and legal foundations of financial investigations in the fight against terrorism" (Academy of Economic Security of the Ministry of Internal Affairs of Russia, 2006), the interdepartmental round table "Actual problems of legislative regulation of operational and investigative activities of law enforcement agencies" and the interdepartmental scientific conference "Topical issues of the theory and practice of operational and investigative activities of the internal affairs bodies in the fight against economic crimes", the All-Russian scientific-practical conference "Countering the legalization of proceeds of crime: problems and solutions" (Academy of Economic Security of the Ministry of Internal Affairs of Russia and the All-Russian Scientific - Research Institute of the Ministry of Internal Affairs of Russia, 2007). The material of the dissertation research was used in the preparation of specialized lectures on the problems of responsibility for committing crimes in the field of computer information at advanced training courses for bodies to combat economic crimes.
The main provisions and conclusions of the dissertation are presented in six scientific publications.
The volume and structure of the dissertation research. The structure and scope of the thesis are determined by the goal and objectives of the research. It consists of an introduction, three chapters with eight paragraphs, a conclusion and a bibliography.
Information security in the national security system: nature, essence, place in the categorical apparatus of the general theory of law
Modern realities require a new approach to issues of ensuring national security, in which information security is beginning to play an increasingly important role. Such trends have been developing since the 80s of the last century and are caused by scientific and technological progress in the field of information technology, global telecommunication systems, and communications.
The basic concepts in the field of information security include: "information", "information sphere" and "information security" 1.
Here are just two approaches to defining the concept of "information". The first approach boils down to the following. In the philosophical literature, “information” is revealed as “one of the most general concepts of science, denoting some information, a set of any data, knowledge, etc.” 2. At the same time, it is noted that the very concept of "information" usually presupposes the presence of at least three objects: a source of information, a consumer of information and a transmission medium.
Information cannot be transmitted, received or stored in its pure form. The information carrier is the message. It follows that the concept of "information" includes two main elements: information and messages. The whole set of information accumulated by a person can be presented in the form of a certain "knowledge base", which contains images that arise as a result of awareness of received messages, sensations caused by these images, emotional and pragmatic assessments of these images. Certain associative relationships can be established between the objects of the "base". The totality of images, sensations, assessments that persist in a person with established associative relationships between them forms knowledge4.
The amount of information available to a person in the form of information can be measured by the amount of accumulated sensations, images, assessments and associative relationships between them. The more of these sensations, images and assessments, the more information a person has. Accordingly, the amount of information that comes to a person through a message can be measured by the number of new objects of the “base” (sensations, images, assessments, relationships between the elements of the “base”) that appear as a result of understanding the message.
The value of information, manifested in the form of information, is determined by the subjective importance of the task for the solution of which this information can be used, as well as by the influence that the information had on the solution of the problem. This influence can be expressed in a change in the conceptual model of the problem, the priorities between the possible options for its solution, in the assessment of the feasibility of solving the problem in general.
Information that comes to a person in the form of information has a number of properties: ideality - existence only in the person's consciousness and, as a result, the impossibility of perception by the senses; subjectivity - the dependence of the amount and value of information on the information model of the subject receiving the information; informational iewiichtozhalyusty - the impossibility of destroying information by other information obtained by a person; dynamism - the ability to change the value of existing information and knowledge under the influence of time and other incoming information; and the accumulation of peaks - the possibility of practically unlimited accumulation of information in the information model of a person5.
The ability to receive, accumulate and use information in the form of information to support life is a property of all living objects, however, the volume and content of the functions performed with their use for different classes of these objects differ significantly. So, we can assume that only a person performs the function of goal-setting.
The concept of "message" is often defined as "a coded equivalent of an event, recorded by a source of information and expressed using a sequence of conventional physical symbols (alphabet) that form a certain ordered set."
From the point of view of interest to us, messages are used primarily to convey information to other people and constitute the essence of the representative side of information or its representative form. Information in the form of a message appears as a realization of a person's ability to describe information in a certain language, which is a set of vocabulary and grammar.
A person, forming a message, selects a part of his information model that he wants to convey, establishes a relationship between its elements and concepts known to him. With the help of language in a certain alphabet, he encodes concepts, resulting in a systematized set of signs that can be transmitted to other people, that is, the content side of information is objectified and the corresponding information becomes available for perception by the senses, as it were "
Perceiving a message, a person establishes relations between the set of letters and signs that make up it and the concepts known to him, and then - images, sensations, assessments, associative relationships, that is, transforms the representative form of information into its meaningful form7 "
Based on this, a message can be represented as a set of a set of transmitted information and the order (algorithms) of their encoding into a set of message characters and decoding into information. Without an encoding algorithm, the message becomes just a set of characters.
A person as a source of information can exchange messages with a technical system only if it contains a certain algorithm for decoding the transmitted set of characters, their subsequent processing, as well as an encoding algorithm for transmitting a response message to a human consumer.
The transformation of information from information into messages and from messages into information constitutes the essence of the general law of information circulation.
Information in the form of a message has a number of properties, which include: materiality - the ability to influence the senses; measurability - the ability to quantify the parameters of the message (the number of characters that make up the message); complexity - the presence of a set of characters and algorithms for their encoding and decoding; problem orientation - the content of information related to one of the tasks of human activity8. Information in the form of messages is most often examined from a technical, semantic and pragmatic point of view. From a technical point of view, messages are of interest as an object of transmission over communication channels. At the same time, the issues of reliability, stability, efficiency, range, noise immunity of message transmission, in some cases - secrecy of transmission, as well as the principles and methods of designing message transmission systems, their means of protecting them from unauthorized access are studied.
Computer and telecommunications crime
The development of information and telecommunication technologies has led to the fact that modern society is highly dependent on the management of various processes through computer technology, electronic processing, storage, access and transmission of information. According to the Bureau of Special Technical Measures (BSTM) of the Ministry of Internal Affairs of Russia, more than 14 thousand crimes related to high technologies were recorded in Russia last year, which is slightly higher than the year before last. The structure of cyber crime also did not undergo major changes: it was mainly associated with illegal access to computer information. An analysis of the current situation shows that about 16% of cybercriminals operating in the "computer" area of crime are young people under the age of 18, 58% - from 18 to 25 years old, and about 70% of them have higher or incomplete higher education ... Research conducted by the Computer Crime Research Center showed that 33% of cybercriminals were under 20 years old at the time of the crime; 54% - from 20 to 40 years old; 13% were over 40 years old. Crimes related to illegal access to computers are 5 times more likely to be committed by males. Most of the subjects of such crimes have higher or incomplete higher technical education (53.7%), as well as other higher or incomplete higher education (19.2%). But recently, the proportion of women among them has been constantly increasing. This is due to the vocational guidance of some specialties and jobs aimed at women (secretary, accountant, economist, manager, cashier, controller, etc.), equipped with computers and having access to the Internet1.
Research has shown that 52% of identified offenders have had specialized training in information technology; 97% were employees of government agencies and organizations using computers and information technology in their daily activities; 30% of them were directly related to the operation of computer equipment.
According to Russian law, acts provided for in Article 272 of the Criminal Code are punishable by a fine in the amount of two hundred to five hundred times the minimum wage; or in the amount of wages; or any other income of the convicted person for a period of two to five months; or correctional labor for a period from six months to one year; or imprisonment for up to two years. The same act, with aggravating consequences, is punishable by restraint of liberty for a term of up to five years. According to unofficial expert estimates, out of 100% of criminal cases initiated, about 30% go to court, and only 10-15% of the defendants serve their sentences in prison. Most cases are re-qualified or terminated due to insufficient evidence. The real state of affairs in the CIS countries is a question from the realm of fantasy. Computer crimes are considered high latency crimes. Latency is a sign that reflects the existence in the country of that real situation when a certain part of crime remains unaccounted for. In all states, actual crime exceeds the number of crimes registered by 59 law enforcement agencies. In this regard, practice shows that information based on statistical display is distorted and does not always correspond to reality. Latent (hidden) crime, the so-called "dark figure" of crime, remains outside the boundaries of accounting. The presence of latent crime can cause serious, far-reaching negative consequences. The main reasons for the artificial latency of computer crime, in the first place, include the unwillingness of the injured party (enterprises, institutions, organizations or individual citizens) to report to law enforcement agencies about criminal encroachments on their computer systems3.
Considering the still weak judicial practice in cases of computer crimes, one can only guess about the level of special training of the majority of judges who, being good lawyers, are poorly versed in the intricacies of information technology and for whom, for example, a computer system or computer information is something incomprehensible and distant. Evidence related to computer crimes and seized from the scene can be easily changed both as a result of errors during their seizure, and in the process of the investigation itself. The presentation of such evidence in a judicial proceeding requires special knowledge and appropriate training. Of course, both the prosecution and the defense must have special knowledge.
The most punishable composition of computer crimes is Art, 272 of the Criminal Code of the Russian Federation. As an example, we will cite the case of the St. Petersburg international criminal group that hacked the websites of Western bookmakers and demanded significant sums from their owners to stop attacks. The suspects managed to get hundreds of thousands of dollars in this way. In parallel with the St. Petersburg operatives, a number of arrests of hackers were carried out by the internal affairs bodies of Saratov and Stavropol. The alleged criminals with "colleagues" abroad followed the same pattern. Shortly before the start of important sporting events, when the bookmaker's offices were most active in accepting bets on wins and losses, "black" computer scientists hacked into the servers. The greatest losses were incurred by British companies, their sites were idle offline from several hours to several days. Then system administrators received letters demanding to transfer certain amounts to hackers - up to $ 40,000 in exchange for stopping the attacks. English bookmakers contacted Interpol. The first 10 malefactors were detained in Riga. Further, through their testimony and with the help of financial structures participating in the transfer of money, it was possible to detain the Russian members of the group. Law enforcement agencies of Russia, Great Britain, Australia, USA, Canada and the Baltic republics took part in a joint operation to develop an organized criminal group.
Not so long ago in Moscow, officers of the "K" Department of the Ministry of Internal Affairs of Russia completely suppressed the activities of a large organized criminal group, which for several years was engaged in the manufacture and sale of special technical devices designed to secretly obtain information from technical telecommunication channels, including computer information circulating in computer system.
The main problem is not that the Criminal Code of the Russian Federation is flawed, but that more often the defense turns out to be more prepared than the accusation, that the law enforcement agencies at the initial stage of the investigation, while inspecting the scene of the incident, still make many investigative errors, information and, ultimately, the criminal case, without reaching the court, simply "crumbles".
There are very few trials in criminal cases related to computer crimes, as a result of which there is no court practice yet, therefore judges do not have the necessary training. But this is yesterday and while today, tomorrow the situation will change.
State legal regulation in the field of combating computer crimes
An important area of ensuring information security is the determination of the system of bodies and officials responsible for ensuring information security in the country. The basis for the creation of a state system of organizational law in ensuring the protection of information is the currently created state system of information protection, which is understood as a set of federal and other governing bodies and interrelated legal, organizational and technical measures carried out at various levels of management and implementation of information relations. and aimed at ensuring the security of information resources.
The interests of the state in the information sphere are to create conditions for the harmonious development of the Russian information infrastructure, for the implementation of constitutional rights and freedoms of man and citizen in the field of obtaining information and using it in order to ensure the inviolability of the constitutional system, sovereignty and territorial integrity of Russia, political, economic and social stability, in the unconditional provision of law and order, the development of equal and mutually beneficial one international cooperation.
The main body coordinating the actions of state structures on information protection issues is the Interdepartmental
97 Commission for the Protection of State Secrets, established by Decree of the President of the Russian Federation of November 8, 1995 No. 11082. It operates within the framework of the State System for the Protection of Information from Leakage through Technical Channels, the Regulation on which was put into effect by the Decree of the Government of the Russian Federation of September 15, 1993 . No. 912-513. This Resolution defines the structure, tasks and functions, as well as the organization of work on the protection of information in relation to information constituting a state secret.The main task of the State Information Protection System is to conduct a unified technical policy, organize and coordinate work on the protection of information in defense, economic, political , scientific and technical and other spheres of the country's activity.
The general organization and coordination of work in the country on the protection of information processed by technical means is carried out by the Federal Service for Technical and Export Control (FSTEC of Russia), which is the federal executive body that implements state policy, organizes interdepartmental coordination and interaction, special and control functions in the field of state security on the following issues in the field of information security:. ensuring the security of information in the systems of information and telecommunications infrastructure, which have a significant impact on the security of the state in the information sphere; # counteraction to foreign technical intelligence services on the territory of the Russian Federation; ensuring the protection (by non-cryptographic methods) of information containing information constituting a state secret, other information with limited access, preventing its leakage through 98 technical channels, unauthorized access to it, special influences on information (information carriers) in order to obtain, destroy, distort and blocking access to it on the territory of the Russian Federation; information protection during the development, production, operation and disposal of non-information emitting complexes, systems and devices. The main tasks in the field of information security for FSTEC of Russia are: implementation, within its competence, of the state policy in the field of information security in key information infrastructure systems, countering technical intelligence and technical protection of information; implementation of state scientific and technical policy in the field of information protection in the development, production, operation and disposal of non-information emitting complexes, systems and devices; - organization of the activities of the state system for countering technical intelligence and technical protection of information at the federal, interregional, regional, sectoral and facility levels, as well as management of the specified state system; implementation of independent legal regulation of issues: ensuring the security of information in key systems of information infrastructure; countering technical intelligence; technical protection of information; placement and use of foreign technical means of observation and control during the implementation of international treaties of the Russian Federation, other programs and projects on the territory of the Russian Federation, on the continental shelf and in the exclusive economic zone of the Russian Federation; coordination of the activities of 99 public authorities on the preparation of detailed lists of information to be classified, as well as methodological guidance of this activity; ensuring, within its competence, information security in key systems of information infrastructure, countering technical intelligence and technical protection of information in the offices of federal state authorities and state authorities of the constituent entities of the Russian Federation, in federal executive authorities, executive authorities of the constituent entities of the Russian Federation, local governments and organizations ; prosthetics of the development of forces, means and capabilities of technical intelligence, identification of yjpo: s information security; counteraction to the extraction of information by technical means of reconnaissance, technical protection of information;
Improving the legal framework for the protection of information of internal affairs bodies
Legal protection of information as a resource is recognized at the international, state level and is determined by interstate treaties, conventions, declarations and is implemented by patents, copyright and licenses for their protection. At the state level, legal protection is regulated by state and departmental acts.
In our country, such rules (acts, norms) are the Constitution and laws of the Russian Federation, civil, administrative, criminal law, set out in the relevant codes.
For failure to provide information to citizens, the chambers of the Federal Assembly of the Russian Federation and the Accounts Chamber of the Russian Federation (Articles 140 and 287), as well as for hiding information about circumstances posing a threat to life or health of people (Article 237), the Criminal Code of the Russian Federation provides for liability24.
Responsibility in the current legislation is stipulated in the event of unlawful classification, violation of the requirements for the composition of the information provided, non-publication of information, violation of the right of citizens to receive information free of charge, concealment (non-provision) of information about circumstances that pose a threat to life or health of people, untimely provision of information, concealment of information , communication of false (unreliable) information, restriction of the right to provide information, distortion of information, violation of free international information exchange25.
Protection of the right to access information can be carried out: in a form outside the jurisdiction (self-defense of one's rights and legitimate interests); in a jurisdictional form (in an administrative or judicial procedure), In an administrative procedure - through the filing of a complaint by a person whose rights have been violated against an official (body) to a higher instance, a special body - the Judicial Chamber for Information Disputes under the President of the Russian Federation. In court - a person can choose any method of protecting violated rights through filing a claim (complaint) for consideration in civil, administrative or criminal proceedings.
When considering a claim in civil proceedings, the victim has the right to use the main methods of protecting civil rights provided for in Art. 12 of the Civil Code of the Russian Federation, including to require: recognition of rights; cessation of actions that violate the right or create a threat of its violation; invalidation of an act of a state body or local self-government body; restoration of rights; compensation for losses; compensation for moral damage.
Cases of possible administrative liability in violation of the right to access objective information are quite numerous. Thus, the Code of Administrative Offenses of the Russian Federation27 provides for administrative liability for: violation of the right of citizens to familiarize themselves with the voter list (Article 5L); production or distribution of anonymous campaign materials (Art, 5.12); deliberate destruction, damage of propaganda printed materials (Article 5L4); lsubmission or non-publication of reports on the expenditure of funds for the preparation and conduct of elections (referendum) (Article 5.17); failure to provide or non-publication of information on voting results or election results (Article 5.25); failure to comply with the obligation to register operations with harmful substances and mixtures in the ship's documents (Article 8.16); manufacturing or operation of technical equipment that does not meet state standards or norms for permissible levels of radio interference (Article 13.8); failure to provide information to the federal antimonopoly authority (Art. 19.8); failure to provide information for drawing up the lists of jurors (Art, 17.6); failure to comply with the legal requirements of the prosecutor (including the provision of information) (Art. 17.7); failure to report information about citizens who are or are obliged to be on the military register (Article 21.4): - violation of the procedure and terms for providing information about minors in need of foster care (Article 536); violation of the procedure for providing a legal copy of documents (Article 13.23); refusal to provide information to a citizen (Article 5.39); abuse of freedom of the media (Art, 13.15); obstruction of the distribution of mass media products (Article 13.16); obstruction of the reception of radio and television programs (Article 13.18); violation of the rules for the distribution of mandatory messages (Article 13.17).
Criminal liability] a guest in this area is provided for in the Criminal Code of the Russian Federation28 in the following articles: 140 (refusal to provide information to a citizen), 237 (concealment of information about circumstances that pose a threat to the life or health of people), 287 (refusal to provide information to the Federal Assembly of the Russian Federation or the Accounts Chamber of the Russian Federation).
Taking into account the established practice of ensuring information security, the following areas of information protection are distinguished: legal - these are special laws, other regulations, rules, procedures and measures that ensure the protection of information on a legal basis; organizational - this is the regulation of production activities and the relationship of performers on a legal basis, excluding or weakening the infliction of any damage to performers; engineering and technical is the use of various technical means that prevent damage to commercial activities-9.
