Article

Article title METHODICAL APPROACH TO CHOOSING THE WAY OF CREATION INFORMATION SECURITY SYSTEMS TO PROVIDE INFORMATION PROTECTION FROM LEAKING BY COLLATERAL ELECTROMAGNETIC RADIATION AND ATTESTATION OF THE ADP EQUIPMENT OBJECTS
Authors V. V. Vasilenko, S. V. Ryzhenko
Section SECTION V. TELECOMMUNICATIONS AND INFORMATION SECURITY
Month, Year 02, 2018 @en
Index UDC 621.396
DOI 10.23683/2311-3103-2018-2-247-256
Abstract The task of this article is to analyze existing types of information protection instruments which are used against leaking by collateral electromagnetic radiation, most common methods of their practical application in modern information objects (ADP computer objects), introduction and definition the concept of distributed information object. The goal of this article is also reviewing various options of constructing information security systems to provide information protection from leaking by collateral electromagnetic radiation from the ADP equipment objects. Offered is the approach to solving the problem of choosing the way of creation information security systems to provide information protection from leaking by collateral electromagnetic radiation and also the way of ADP equipment objects attestation for the required composition of protected computing equipment at the initial design stage for specific technical and economic conditions set by experts. The introduced technical and economic indicators cover a comprehensive view of information object"s preparation and attestation and meet the current requirements of the Federal service for technical and export control. Comparison of technical and economic indicators for different approaches to create information security systems that provide information protection from leaking by collateral electromagnetic radiation allows introducing an expediency indicator and determining the criteria for choosing one of the approaches at the initial design stage. The practical feasibility is proved by the example with technical and economic indicators formed on commercial offers for carrying out protective measures and attestation at one information object by four organizations performing information protection. As main conclusions, we state the fact that proposed methodical approach at initial design stage allows determining the feasibility of using one of the possible ways to create an information security system that provide information protection from leaking by collateral electromagnetic radiation and information objects attestation for specific technical and economic conditions set by experts.

Download PDF

Keywords Means of the active protection; technical tool; means of an ADP equipment; noise generator; object of informatization; collateral electromagnetic radiations.
References 1. GOST 21552-84. Sredstva vychislitel'noy tekhniki. Obshchie tekhnicheskie trebovaniya, priemka, metody ispytaniy, markirovka, upakovka, transportirovanie i khraneniya [Computer aids. General technical requirements, acceptance, test methods, marking, packaging, transportation and storage].
2. GOST R 51318.16.2.3-2009. Sovmestimost' tekhnicheskikh sredstv elektromagnitnaya. Trebovaniya k apparature dlya izmereniya parametrov industrial'nykh pomekh i pomekhoustoychivosti i metody izmereniy [Compatibility of technical means electromagnetic. Requirements for the equipment for measuring the parameters of industrial noise and noise immunity and measurement methods].
3. GOST R 53112-2008. Zashchita informatsii. Kompleksy dlya izmereniya parametrov pobochnykh elektromagnitnykh izlucheniy i navodok. Tekhnicheskie trebovaniya i metody ispytaniy [Information protection. Complexes for measuring parameters of side electromagnetic radiation and crosstalk. Technical requirements and test methods].
4. Sbornik norm zashchity informatsii ot utechki za schet pobochnykh elektromagnitnykh izlucheniy i navodok (PEMIN), Gostekhkomissiya Rossii, 1998 g., v redaktsii 2006 g. [Collection of standards of information protection from leakage due to side electromagnetic radiation and interference (pemin), Gostekhkomissiya of Russia, 1998, as amended in 2006].
5. Spetsial'nye trebovaniya i rekomendatsii po zashchite informatsii (STR) 1997 g. [Special requirements and recommendations for data protection (PP) 1997].
6. GOST 29339-92. Informatsionnaya tekhnologiya. Zashchita informatsii ot utechki za schet pobochnykh elektromagnitnykh izlucheniy i navodok pri ee obrabotke sredstvami vychislitel'noy tekhniki. Obshchie tekhnicheskie trebovaniya [Information technology. Protection of information from leakage due to side electromagnetic radiation and interference in its processing by means of computer technology. General technical requirements].
7. Parfenov V.I. Zashchita informatsii. Slovar' [Information protection. Dictionary]. Voronezh, 2003, 292 p.
8. Sbornik metodicheskikh dokumentov FSTEK Rossii, 2005 [Collection of methodological documents of FSTEC of Russia, 2005].
9. Khorev A.A. Otsenka vozmozhnosti po perekhvatu pobochnykh elektromagnitnykh izlucheniy videosistemy komp'yutera. Ch. 2 [Evaluation of the possibility of intercepting side electromagnetic radiation of the computer video system. Part 2], Spetsial'naya tekhnika [Special equipment], 2011, No. 4.
10. Metodika PSAZ ot utechki za schet PEMIN raspredelennogo ob"ekta informatizatsii [PSAZ method from leakage due to pemin distributed object of Informatization].
11. Prikaz FSTEK Rossii ot 16 maya 2014 g. № 013 [Order of FSTEC of Russia of may 16, 2014 № 013].
12. Ryzhenko S.V., Vasilenko V.V. Uvelichenie zhiznennogo tsikla zashchishchennykh ob"ektov vychislitel'noy tekhniki za schet postroeniya prostranstvennoy sistemy aktivnoy zashchity informatsii raspredelennogo ob"ekta informatizatsii, obespechivayushchey zashchishchennost' po kanalu pobochnykh elektromagnitnykh izlucheniy ot osnovnykh tekhnicheskikh sredstv i sistem [Increasing the life cycle of protected objects of computer technology by building a spatial system of active protection of information distributed object of information, providing protection through the channel of electromagnetic radiation from the main technical means and systems], Materialy XIV Mezhdunarodnoy nauchno-prakticheskoy konferentsii «Informatsionnaya bezopasnost' – 2015» [Proceedings of the XIV International scientific and practical conference "Information security-2015"]. Taganrog, 2015.
13. Kondrat'ev A.V. Tekhnicheskaya zashchita informatsii. Praktika rabot po otsenke osnovnykh kanalov utechki [Technical protection of information. Practice of work on the assessment of the main leakage channels]. Moscow, 2016, 304 p.
14. Kotenko V.V., Rumyantsev K.E. Teoriya informatsii i zashchita telekommunikatsiy [Theory of information and protection of telecommunications]. Rostov-on-Don, 2009, 369 p.
15. Sukharev E.M. Obshchesistemnye voprosy zashchity informatsii [System - wide issues of information protection]. Moscow, 2003, 144 p.
16. Takha Khemdi A. Vvedenie v issledovanie operatsiy [Introduction to operations research]. Moscow, 2005, 912 p.
17. Prikaz FSTEK Rossii ot 20 oktyabrya 2016 g. № 025 [The order of FSTEC of Russia of October 20, 2016 № 025].
18. Kontrol' zashchishchennosti informatsii ot utechki po tekhnicheskim kanalam za schet pobochnykh elektromagnitnykh izlucheniy i navodok. Attestatsionnye ispytaniya po trebovaniyam bezopasnosti informatsii [Control of information security from leakage through technical channels due to side electromagnetic radiation and interference. Qualification tests according to the requirements of information security]. Modcow, 2014, 208 p.
19. Sukharev E.M. Modeli razvitiya tekhnicheskikh razvedok i ugroz bezopasnosti informatsii [Models of development of technical intelligence and threats to information security]. Moscow, 2003, 296 p.
20. Vygodskiy M.Ya. Spravochnik po vysshey matematike [Handbook of higher mathematics]. Moscow: Nauka, 1966.

Comments are closed.