While information systems develop, the problem of security of the information, which is stored and processed in them, arises. On the first stage of creating the Republican informative analytical system of the Chuvash Republic (RIAS) testing and probing of the components of security system is carried out, the complete deployment of the firmware complex is implemented on the second stage.
RIAS comprises the complex multilevel security system against different threats (external invasions and attacks, traffic tapping, internal violations and personnel mistakes).
The firmware on the basis of talk-ens (executive objects, which contain security information) is selected as a basis of system of information security that is intended for safety and integrity of data and users' rights of access to corporate information systems.
The software part of system of information security is based on the digital certificates technology and Public key infrastructure.
The key element of data security system is management of users' talk-ens and certificates.
Management system of certificates ensures integrate environment of management of access to resources and systems. Having given the certificate to an appropriate user, the administrator guarantees that only authorized member of staff can input the certain data.
Thus, only proper implementation of the whole range of means of algorithmic and program-technological security allows achieving the high quality and security of software and data bases, which are necessary for applying in systems of managing and processing of information.
|
Original URL — http://imsconference2002.spbu.ru/02-eng1f24.html |