V.I. Budzko – Dr.Sc.(Eng.), Professor, Deputy Director for Research,
Institute of Informatics Problems of FRC CSC RAS (Moscow);
Full Member of Russian Cryptography Academy
E-mail: vbudzko@ipiran.ru
D.A. Melnikov – Ph.D.(Eng.), Associate Professor, Leading Research Scientist,
FRC «Computer Science and Control» of RAS (Moscow);
Associate Professor, Department №42 «Cryptology and Cybersecurity»,
National Research Nuclear University «MEPhI» (Moscow)
E-mail: damelnikov@ipiran.ru
V.M. Fomichev – Dr.Sc.(Phys.-Math.), Professor, Leading Research Scientist,
FRC «Computer Science and Control» of RAS (Moscow);
Professor, Financial University under the Government of the Russian Federation; Professor, National Research Nuclear University «MEPhI» (Moscow) E-mail: fomichev.2016@yandex.ru
The principles of development inherent in large information and telecommunication systems (ITS) in the Russian Federation over the past 20 years are analyzed. ITS is an organizational and technical system including information and telecommunications facilities and operating personnel that provide core enterprises and their departments with the solution of their functional tasks based on the provision of information and telecommunication resources, capabilities and services. Given the scale, diversity of functions and the range of software and hardware used, a large ITS is a unique, complex, multi-purpose automated system, often widely geographically distributed.
The past time period was characterized by a decentralized ITS architecture, formed under the influence of factors caused by the insufficient development of the network capabilities of the telecommunications component. The negative trends generated by the decentralized architecture are indicated, a number of problems are noted, the solution of which is critically overdue. The main ones are related with underutilization of capacities, difficulties of scaling, fragmentation of technical solutions and requirements, duplication of some works and increase of their labor intensity and cost.
It is shown that the ITS development strategy should determine the main directions for reforming the existing state of ITS while maintaining stable macroeconomic conditions in the country's economy. At the same time, it is also necessary to take into account the prospects for consistent and effective implementation of structural reforms in all major sectors of the economy adjacent to the area in which the reformed ITS is used. The implementation of the strategy requires an adequate improvement and development of informatization in the main functional areas of activity of all major related sectors of the economy, as well as appropriate legislative support in the form of adopting the necessary legislative acts and approving measures to manage their implementation. The paper describes the main characteristics of the integration processes and their possible positive results aimed at eliminating negative trends in the development of ITS. The development of ITS is considered in direct connection with the solution of information security issues. For large ITS, the main cyber threats and information security threats associated with development and integration processes have been identified. Modern information technologies increasingly require the use of cryptographic methods to protect data from their unauthorized disclosing or modification during authentication procedures or non-repudiation managing. The level of security and reliability provided by such methods directly depend on the management and protection of the used security parameter, the cryptographic key. The secure managing of cryptographic keys is a critical procedure and, in combination with the cryptographic functions implemented in the system, forms an important segment of information security management.
The paper presents the main directions and specific mechanisms of the ITS information security management and to counter major cyber threats. It is noted that in order to minimize the various risks of information security, the main object of control should be critical systems. Information technologies control processes must be aligned to manage the continuity and availability of critical information technologies systems.
- Hu V.C., Grance T., Ferraiolo D.F., Kuhn D.R. An Access Control scheme for Big Data processing. Proc. of 10th IEEE/EAI International Conference on Collaborative Computing: Networking, Applications and Worksharing (IEEE/EAI CollaborateCom 2014). Miami, Florida. 22−25 Oct. 2014. P. 1−7.
- Melnikov D.A., Gorbatov V.S., Durakovskiy A.P., Lavrukhin Y.N., Petrov V.R. Access Control Mechanism Based On Entity Authentication With IPv6 Header «Flow Label» Field. Proc. of the 3rd International Conference on Future Internet of Things and Cloud (FiCloud 2015). 2015. P. 158−164.
- NIST. Attribute Based Access Control Definition and Consideration. Special Publication 800-162. Jan. 2013.
- Smith K.T. Big Data Security: The Evolution of Hadoop’s Security Model. InfoQ. Aug. 2014. URL = http://www.infoq.com/articles/Ha– doopSecurityModel.
- Fomichyov V.M., Melnikov D.A. Kriptograficheskie metody zashchity informatsii: Uchebnik. V 2-kh chastyakh. M.: Yurait. 2016. (In Russian).
- Melnikov D.A. Informatsionnaya bezopasnost otkrytykh sistem: Uchebnik. M.: FLINTA. Nauka. 2013. 448 s. (In Russian).