Information Security Issues and Protection Methods

Lecture Notes in Computer Science

The Information System Security is characterized by an organized frame of significances, perceptions, concepts, policies, procedures, techniques and measures that are required in order to protect individual resources-assets of the Information System, but also the entire system, from each intentional or accidental threat. The effective security management of an Information System initially requires the elaboration of a complete study, which is based on the methodology of Information System Risk Analysis and Management and which follows three main stages, according to the International Organization for Standardization: (a) Identification and valuation of assets, (b) Risk Analysis, which includes the threat assessment and the vulnerability assessment of the Information System and (c) Risk Management, which includes the selection of countermeasures, the determination of the security policy as well as the preparation, implementation and observation of the security plan. The purpose of this paper is to propose the effective guidelines that have to apply to all organisations ("participants") in the new information society and suggest the need for a greater awareness and understanding of security issues and the need to develop a "security policy".

2022

The article deals with cybersecurity issues in the field of information relations, with an analysis of the legislation of the countries of the European Union (EU), Japan and the states of the Eurasian Economic Union (EAEU). Information relations in the world are becoming one of the important components of the interaction of various subjects of law, where, in the practical implementation of relationships, legal issues arise in the field of data security. The information environment, expressed in the form of the Internet space, is a key factor that is based on the information infrastructure. The rapid development of information infrastructure gives impetus to the process of the emergence of new legal norms, institutions, branches in the field of law, which makes it possible to ensure legal regulation of cybersecurity both at the national and international levels, taking into account the legislation of certain countries included in the integration associations. The purpose of the work is to analyze and formulate proposals for the further development of new directions in the field of cybersecurity based on the development of a common information infrastructure based on the development of legal, economic relations aimed at ensuring data security. Cybersecurity, as an area of information technology protection, is intended to regulate information and communication technologies in the field of protection and security of the global network and its users; this area is gaining relevance and becomes a concentrated reflection of the ongoing globalization. Research on the development of information relations contributes to the formation of information legislation, including the EAEU member states, which create a common structure for the exchange of legal and economic information. Establishing a mechanism for international control over the safety of digital processes is becoming a priority area for the development of information and communication technologies, Internet networks, ensuring the integration interaction of states and a number of countries in building a global infrastructure.

System Safety: Human - Technical Facility - Environment, 2021

In the age of the information society, determined by the evolution of digital technology, information has become an essential element of the functioning of every human being. Its acquisition, processing and distribution serves to satisfy the key areas of society’s life and constitutes a necessary component of every decision-making process. These days became dominated by the increasing demand for information. The problem of its protection against unwanted obtaining (disclosure) has become a challenge for many scientific communities. This state of affairs has forced us to take a number of steps to ensure the security of useful information, characterized by accuracy, unambiguity, completeness and authenticity. The problem of information security is inseparably linked to the threats present in the cyberspace environment. They are commonly identified with the so-called computer crime, resulting in factors like: infiltration, obtaining passwords and other data used for logging in, identit...

S. Kavyn, I. Bratsuk, A. Lytvynenko, Regulatory and Legal Enforcement of Cyber Security in Countries of the European Union: The Experience of Germany and France, 121 Teise, p.p. 135-147 (2021), 2021

This article is devoted to the study of information security in the EU member states, in particular Germany and France, in the context of the analysis of their national legislation, state, national programs and regulations. Particular attention is paid to the study of the features of regulatory and legal security of information security of Germany and France in the context of the study of their national legislation in terms of economic security as an inherent component of national security. In the course of this study the peculiarities of the functioning of the institutional and legal mechanism of cyber defense in the context of the multi-vector system of international security and legal regulation of international cooperation are analyzed. The article substantiates the expediency of developing an integrated, coordinated information policy of the EU member states in order to unify approaches to information security.

Actual Problems of International Relations, 2021

Currently, society is evolving into information one, which, on the one hand, simplifies the interaction between participants in public relations, and on the other hand, increases the risk of human rights violations, when using information and communication technologies. Changing the structure and scope of information transfer requires both the subjects of social relations, which have a personal interest in ensuring the highest possible level of security of transmitted data, and the state as a whole as a guarantor of the stability of the legal field of public relations. It is obvious that national security largely depends on information security, and in the course of technical progress, this dependence is only growing. Information, acting as an economic and social guarantee of stability of existence and development of society and the state, is the object of close attention and influence of the state. The introduction of e-document management and the creation of interconnected informa...

Revista Amazonía investiga, 2023

The aim of the article was to study the characteristics of the formation of an information system to implement the administrative and legal mechanism to ensure financial and economic security under the influence of cyber threats. The research methodology involved the use of hierarchical and pairwise comparison analysis, as well as the method of expert analysis, with the help of academic documentary sources. As a result of the study, the main cyber threats in the information system of the administrative and legal mechanism for ensuring financial and economic security were identified and ordered according to their level of influence. This order will allow the management apparatus to understand, at least in theory, the hierarchy of importance of existing threats and subsequently use the latter to build information systems. Everything allows to conclude that, by analyzing the obtained results, a methodical approach to the assessment of cyber threats to financial and economic security was formed. However, the www.amazoniainvestiga.info ISSN 2322 -6307 study has its limitations, as for the formation of the above-mentioned information systems, a small number of cyber threats were adopted, which are also characteristic for a particular country like Ukraine.

Oditor

The development of information technologies and the Internet and the commission of criminal acts in this new environment leads to the emergence of transnational, high-tech crime. Competent bodies for the fight against crime are hindered in achieving results by the traditional division into national jurisdictions, while there are no such restrictions for perpetrators. Cyber activities cause great damage and consequences to natural or legal persons, illegally appropriate financial resources and protected data. The specificities of high-tech crime require the specialization of state authorities because in the fight against crime, individual rights, privacy and freedoms of individuals must not be jeopardized. The aim of this paper is to show how the legislation of the European Union (EU) and the activities of its institutions improve the prevention, investigation and prosecution of perpetrators and build capacities in the judiciary. Harmonization of domestic law with EU law in the field...

2002

Information technologies are developing at a rapid pace, bringing great benefits to mankind, but at the same time provoking huge dangers. Access to personal information, the impact of negative content on children, the modification and stealing of information, damage to information systems, cybercrime, etc. are signs of the use of information and communication technologies to undermine information security. Naturally, both states and organizations develop a number of mechanisms to prevent/overcome destructive information influences. The purpose of the article is to analyze how the EU experience in the field of information/cybersecurity has been/could be applicable in Ukraine. Since the early 21 st century the EU has adopted a number of regulations, has created necessary empowered bodies and has developed strategies to eliminate threats in the information sphere. Legislation of the EU is being constantly improved. EU legal framework regulates access to personal data, public information, counterfeit payment issues, issues of online sexual exploitation of children, protection of classified information, prevention of attacks on information systems, protection of national information infrastructures. Trying to adapt its legal frameworks to the norms of the EU legislation, Ukraine adopted the law on "Processing personal data", the law on "Access to public information", "the Cybersecurity Strategy of Ukraine", and the law on "Basic principles of providing cybersecurity of Ukraine"; established respective cybersecurity structures, specifically the National Coordination Center for Cyber Security, Cyberpolice, CERT-UA. In the article the author considers some challenges provoked by the mentioned legislation and offers personal ideas concerning the improvement of some cybersecurity aspects in Ukraine.

2013

Todays modern society is extremely dependent on computer based information systems. Many of the organizations would simply not be able to function properly without services provided by these systems, just like financing organizations. Although interruption might decrease the efficiency of an organization, theft or unintentional disclosure of entrusted private data could have more serious consequences, such as legal actions as well as loss of business due to lack of trust from potential users. This dependence on information systems has lead to a need for securing these systems and this in turn has created a need for knowing how secure they are. The introduction of the information society has changed how people interact with government agencies. Government agencies are now encouraged to uphold a 24-hour electronic service to the citizens. The introduction of government services on the Internet is meant to facilitate communication with agencies, decrease service times and to lessen the amount of papers that needs to be processed. The increased connectivity to the Internet results in a rising demand for information security in these systems. In this article, we have discussed about many file data breaches in the past and current history and they are going to increase day by day as the reports by DataLossDB (Open Security Foundation) organization, a non-profit organization in US.