O.V. Lukinova - Research Scientist, Jnstitute of control V.A. Trapeznikova RAS. E-mail: lobars@mail.ru

The area of scientific knowledge connected with structural modeling of concepts of such subject domain as information security, practically isn't investigated by experts. Only in the last year - two there was some operation in this direction. In this work the following classes of the concepts relating to the organization of protection of information systems in the form of program and technical complexes are allocated and presented on the basis of formalism of ontologies: 1. Business model, as a set of the automated business processes constructed in the network environment and protection which was objects. 2. The criteria of safety describing that quality of safety which information system has to possess. 3. The model of threats including such concepts as vulnerability of the information environment of realization of business process, the violator, possible attacks. 4. The protection system, represents a complex of hardware-software protective equipment which, in turn, realize these or those mechanisms ensuring safety of object of protection. 5. Risks which are born by the enterprise in case safety of its business processes owing to realization of information threats will be broken. The presented ontology allows to solve some problems: to become a basis of semantic uniformity of concepts of information security, to be used as model of data for the INFORMATION RETRIEVAL SYSTEM and base of the facts of a logical conclusion at the automated design of systems of protection.