Lysenko Serhiy Oleksiyovych,
PhD. in Law. Associate Professor in the Department of Security Management and Law Enforcement and Anti-Corruption Activities.
Interregional Academy of Personnel Management
Abstract: The paper deals with some of the organizational and legal issues relative to identifying structural-functional components of information security as part of general corporate security. It studies components of models of corporate information security systems. A reconstruction methodology is described as a component of a corporate information security system.
Keywords: Information law. information security, law. corporate information security system, information security system model, reconstruction methodology, information, and structural-functional component.
The category 'information security' has a constitutional status within the legislative system of Ukraine; it is reflected in Art. 17 of the Constitution of Ukraine. Yet at the same time, the legislator enabled founders of enterprises to independently formulate the main structural-functional components of this category in their charters and regulations thereby leaving a wide room for its understanding and interpretation .
The component of organizational and legal regulation of corporate information security is the linchpin integrating all other elements into a single system. When developing methods to organize information security systems and their models, the key problem consists in shaping regulations for an authorization (restriction) system, personnel access to confidential data, documents and databases, and most important - delimitation of powers and official duties of all subjects of these legal relationships. Job descriptions and department regulations specify the required degree of access, enhancement of safeguards, structure of enterprise units, and specification of measures aimed at preventing, terminating and neutralizing illegal interventions.
Organizational and legal measures must be reflected in regulatory and guidance documents of the enterprise security service. In this connection, two components of models of corporate information security systems are considered: organizational and legal regulation and operation methodology. The first component strictly regulates relationships among subjects (executors) depending on access degrees and means they use for this end. The second component specifies a list of methods and measures necessary to fulfill certain tasks (protection of technical channels of information leakage: protection of premises against visual and acoustic technical intelligence methods: protection of buildings and premises against intrusion by unauthorized persons; fire protection; and detection of technical intelligence devices and facilities) by particular subjects . For example, organizational and legal regulation governs the system of personnel access to confidential information documents or the procedure for using the reconstruction method for line-of-duty investigations and so on.
Consequently, the information security system model an enterprise uses represents a customized set of essential security components each of which individually performs its tasks specific to a given enterprise and has a content specified relative to these tasks. Taken together, these components constitute an individual information security model and provide a relative protection guarantee for entrepreneurial activities. Document circulation as an object of protection represents a set (network) of channels for disseminating documented confidential information to users in the course of management and production activities. The informational flow cannot be viewed only as mechanical movement of documents (files) through official channels. The major characteristic of such a flow consists in its technological comprehensiveness, that is. integration of managerial, record-keeping, postal and electronic (program) tasks that collectively determine the information movement content.
In case of a documents flow (including electronic documents) through official channels, there arise potentialities of losing that information due to an increase in the number of sources having valuable information. Threats to documents in document flows can include stealing, copying paper and electronic documents; accidental or malicious destruction of important documents and databases; disguising as registered users; and information leakage via technical channels .
Information security at large enterprises with a large amount of documents is achieved owing to generation of independent, isolated flows and their further splitting into isolated flows according to the level of confidentiality (level of classification) of documents moved; use of a centralized stand-alone technological information processing and storage system isolated from other systems; and organization of an independent confidential document division (service) or a similar division forming part of the security service (4].
At enterprises with a small staff and amount of processed documents (for example, at small businesses), as well as at entities where the bulk of documents are confidential (for example, at banks, insurance companies), confidential documents do not need to be singled out from total document flow and can be processed within a single technological system. The functions of confidential information processing and storage are assigned to a chartered secretary, desk officer or. sometimes, an experienced administrative assistant of an enterprise. No matter what option of building an information security model is chosen, measures taken for information security purposes should not extend the time for movement and execution of documents [5).
O. V. Potiy and A. V. Lenshyn hold that it is possible to ensure controllability of an information security model and comparability of results due to application of basic principles of the system approach the core one of them being the principle of adequacy of measures taken to likely costs for a model development, implications and an amount of losses in case of illegal intervention. It is possible to assess the latter without derogation from this principle only through reconstruction of possible unlawful events. Application of reconstruction techniques and the procedure for their introduction to assess the whole model or possible losses should be reflected in appropriate in-plant instructions. The problem of performing internal investigations during wrongful acts associated with confidential information is a separate issue .
Let us consider a description of the reconstruction methodology as a component of corporate information security system. Choosing appropriate techniques and ways of their mastering is an important issue when organizing reconstruction as a method of assessing information security models.
To perform reconstruction in order to assess the security system effectiveness, testimonies given by the security system subjects, that is. participants in the information protection process at an enterprise are used. Concurrence of their actions, effectiveness, feasibility and efficiency of the chosen model are checked and tested. It is necessary to identify as soon as possible inconsistencies between reconstruction and actual data and find out their cause .
Upon completing all preparatory work, it is necessary to proceed to performing reconstruction. It is advisable to perform reconstruction in stages. At the first stage, the reconstruction participants should be informed of its content and tasks, make sure its means are ready. At the second stage, the on-scene situation or individual items and phenomena are reconstructed. At the third, closing stage, conformity of the results of the primary state of the situation or individual items is checked. If the need arises, other reconstruction options are carried out according to decisions made as part of preparation.
Contemporary scholars recommend keeping in mind the following:
a) in all cases, the scene of the event and individual items must be examined and their position recorded prior to the start of reconstruction;
b) next, by examining the witnesses (suspect) it should be found out what changes and for what reasons occurred on the event scene or in individual items; explanations are recorded; and
c) if reconstruction performance requires specialist knowledge, for example, that of a radio technician or programmer, an appropriate expert has to be invited .
State-of-the-art technological tools ensure the accuracy of recording the onscene situation and traces, which helps in the following to perform reconstruction and repeated inspection. The course and results of reconstruction are described. At the same time, an outline plan of reconstruction is must be framed. Items needed for reconstruction performance can be selected from among similar objects, manufactured anew or reproduced using the partially destroyed original.
Creation of information security models should meet the following tactical requirements:
Mental reconstruction represents a separate and the most common reconstruction method of reconstruction. It should be stated that mental reconstruction is performed to accomplish special cognitive tasks related mainly to indirect study of objects. If this is the case, mental reconstruction is an important cognition factor; it replaces missing links, gaps in explanation of facts, facilitates seeking and finding evidence, their examination and thus discovery of the unknown .
The following becomes structural-functional components for information security models: data on guarded facilities and protected information; expert opinions; and most importantly - analysis of the system of corporate goals (interests) and potential threats to them, both internal (personnel, management team, risks of doing business and so on) and external (rivals, economic risks of pursuing activities in a given region and so forth).
Mental reconstructions rely on information on the event under study, past experience and knowledge; therefore, they turn out to be knowledge sources themselves similarly to physical reconstructions .
Given the specific features of an information security model or a line-of-duty investigation, a distinction is made between two major areas where mental reconstructions are applied and their functions are implemented. These areas should include retrospective - associated with the past, and perspective - aimed at studying consequences, reconstructions. Both areas are closely related and partitioned for clarity, for scientific and practical purposes .
In conclusion, note that reconstruction can be used to assess quality of corporate information security models and conduct line-of-duty investigations. Reconstruction is meant to check quality and reliability of models in accordance with tasks allotted to them. The key requirement imposed on security models examined during reconstruction consists in their ability to measure the basic qualities and indicators under study.
1. Tsymbaliuk, V. S. Information Security of Entrepreneurial Activities: Definition of the Essence and Content of the Concept in Case Ukraine Joins Information Society (global cyber civilizations) // Entrepreneurship. Economy and Law. -2004. -№3.-p. 88-91.
2. Bilenchuk. P. D.. Romaniuk, В. V., Tsymbaliuk. V. S. et al. Computer Crime. A Manual. - Kyiv: Atika. 2002. - 240 pages.
3. Blyzniuk. I. Information Security of Ukraine and Measures to Provide it // Scientific Bulletin of the National Academy of Internal Affairs of Ukraine. - 2003. -- № 5. - p. 101-214.
4. Tsymbaliuk. V. S. Subjects of Information Law and Agents of Information Activity // V. S. Tsymbaliuk // Legal Informatics. - 2010. - № 3 (27). - p. 29-32.
5. But, V. V. Security Problems in the Information Sphere - the Essence of Concepts and their Terminological Interpretation // Scientific Bulletin of the National Academy of Internal Affairs of Ukraine. - 2003. - № 5. - p. 225-232.
6. О. V. Potiy, A. V. Lenshyn, Kharkiv I. Kozhedub Air Force University, Kharkiv National University of Radioelectronics, Kharkiv // Collection of scientific papers of the Kharkiv Air Force University. - 2010. - Issue 2 (24).
7. Vertuzaev, M. S., Popov. A. F. Problems of Combating Cybercrimes // Information Technology and Information Protection. - 1998. - №1. - p. 4-14.
8. P. D. Bilenchuk, A. P. Неї. H. S. Semakov, Criminalistic Tactics of and Techniques for Investigation of Certain Types of Crimes. A Manual, Kyiv. IAPM, 2007 -512 pages.
9. Hnatsov, O. Political and Managerial Aspects of Information Resources within the National Security Protection System // Bulletin of the National Academy for Public Administration under the President of Ukraine. - 2004. - № 3. - p. 485-492.
10. V. S. Tsymbaliuk. Information Law. Conceptual Postulates, a Monograph, Kyiv. Osvita Ukrainy, 2011 - 426 pages.
11. Holovatyi, M. (2015). The state and society: The conceptual foundations and social interaction in the context of formation and functioning of states. Economic Annals-XXI. 9-10.4-8.