Engineering Journal: Science and InnovationELECTRONIC SCIENCE AND ENGINEERING PUBLICATION
Certificate of Registration Media number Эл #ФС77-53688 of 17 April 2013. ISSN 2308-6033. DOI 10.18698/2308-6033
  • Русский
  • Английский
Article

Principles of organization of information protection in automated system for aircraft flight data preparation

Published: 15.07.2020

Authors: Andreev A.G., Zakharov V.N., Kazakov G.V., Koryanov V.V.

Published in issue: #7(103)/2020

DOI: 10.18698/2308-6033-2020-7-2000

Category: Aviation and Rocket-Space Engineering | Chapter: Innovation Technologies of Aerospace Engineering

When designing automated systems for aircraft flight data preparation, many practical problems are solved by introducing either insufficient protection means or their redundancy. Both situations create information security vulnerability. On the basis of a number of publications analysis it is concluded that the basics of information security theory are reduced to the formulation of the main axioms, with the implication that there is currently no complete theory of information security of computer systems. As a result there are many issues, including issues of general nature, requiring some elaboration. The article considers a set of issues related to ensuring information security of the automated system for aircraft flight data preparation. The nature of two basic principles of information protection organization in this system is unraveled. The first principle requires consideration of all aspects related to the problem of ensuring information security of the system, and the second ― optimal control of means of information protection of the automated system of aircraft flight data preparation.


References
[1] Devyanin P.N. Modeli bezopasnosti kompyuternykh sistem. Upravleniye dostupom i informatsionnymi potokami [Models of Computer Systems Security. Access and information flow control]. Moscow, Goryachaya liniya-Telekom Publ., 2013, 338 p.
[2] Grusho A.A., Timonina E.E. Teoreticheskie osnovy zashchity informatsii [Fundamental theory of information security]. Moscow, Yakhtsmen Publ., 1996, 188 p.
[3] Gatchin Yu.A., Sukhostat V.V., Kurakin A.S., Donetskaya Yu.V. Teoriya informatsionnoy bezopasnosti i metodologiya zashchity informatsii [Information security theory and methodology of information protection]. St. Petersburg, University of Information Technology, Mechanics and Optics Publ., 2018, 100 p.
[4] Kiyaev V.I., Saitov A.V. Kompleksnaya informatsionnaya bezopasnost v upravlenii sovremennym predpriyatiyem [Comprehensive information security in the management of a modern enterprise]. St. Petersburg, St. Petersburg State Economic University, 2016, 222 p.
[5] Krylov G.O., Larionova S.L., Nikitina V.L. Bazovye ponyatiya informatsionnoy bezopasnosti [Basic Concepts of Information Security]. Moscow, RUSAYNS Publ., 2017, 258 p.
[6] GOST R ISO/IEC 15408-1‒2012. Informatsionnaya tekhnologiya (IT). Metody i sredstva obespecheniya bezopasnosti. Kriterii otsenki bezopasnosti informatsionnykh tekhnologiy. Chast 1. Vvedeniye i obshchaya model [State Standard R ISO/IEC 15408-1‒2012. Information technology. Security techniques. Evaluation criteria for IT security. Part 1. Introduction and general model]. Moscow, Standartinform Publ., 2014.
[7] GOST R ISO/IEC 15408-2‒2013. Informatsionnaya tekhnologiya. metody i sredstva obespecheniya bezopasnosti. Kriterii otsenki bezopasnosti informatsionnykh tekhnologiy. Chast 2. Funktsionalnyye komponenty bezopasnosti [State Standard R ISO/IEC 15408-2‒2013. Information technology. Security techniques. Evaluation criteria for IT security. Part 2. Security functional components]. Moscow, Standartinform Publ., 2014.
[8] GOST R ISO/IEC 15408-3‒2013. Informatsionnaya tekhnologiya. metody i sredstva obespecheniya bezopasnosti. Kriterii otsenki bezopasnosti informatsionnykh tekhnologiy. Chast 3. Komponenty doveriya k bezopasnosti [State Standard R ISO/IEC 15408-3‒2013. Information technology. Security techniques. Evaluation criteria for IT security. Part 3. Security assurance requirements]. Moscow, Standartinform Publ., 2014.
[9] Gatchin Yu.A., Klimova E.V. Vvedenie v kompleksnuyu zashchitu obyektov informatizatsii [Introduction to Comprehensive Protection of Informatization Objects]. St. Petersburg, University of Information Technology, Mechanics and Optics Publ., 2011, 112 p.
[10] Shangin V.F. Kompleksnaya zashchita informatsii v korporativnykh sistemakh [Comprehensive information protection in corporate systems]. Moscow, “FORUM”; INFRA-M Publ., 2017, 592 p.
[11] Bondaryev V.V. Vvedeniye v informatsionnuyu bezopasnost avtomatizirovannykh sistem: uchebnoye posobiye [Introduction to Information Security of Automated Systems: Tutorial]. Moscow, BMSTU Publ., 2016, 250 p.
[12] Drobotun E.B. Teoreticheskiye osnovy postroyeniya sistem zashchity ot kompyuternykh atak dlya avtomatizirovannykh sistem upravleniya [Basic theory of designing computer attack protection systems for automated control systems]. Monograph. St. Petersburg, Naukoyemkie tekhnologii Publ., 2017, 120 p.
[13] Scherbakov A. Razrushayushchie programmnye vozdeystviya [Destructive software effects]. Moscow, EDEL Publ., 1993, 64 p.
[14] Ukhlinov L.M., Sychev M.P., Skiba V.Y., Kazarin O.V. Obespechenie bezopasnosti informatsii v tsentrakh upravleniya poletami kosmicheskikh apparatov [Ensuring Information Security in Spacecraft Flight Control Centers]. Moscow, BMSTU Publ., 2000, 366 p.
[15] Andreev A.G., Kazakov G.V., Koryanov V.V. Izvestiya vysshikh uchebnykh zavedeniy. Mashinostroenie — Proceedings of Higher Educational Institutions. Маchine Building, 2018, no. 6, pp. 86‒95. DOI: 10.18698/0536-1044-2018-6-86-95
[16] GOST P 51583‒2014. Zashchita informatsii. Poryadok sozdaniya avtomatizirovannykh sistem v zashchishchennom ispolnenii. Obshchiye polozheniya [State Standard P 51583‒2014. Information protection. Sequence of protected operational system formation. General provisions]. Moscow, Standartinform Publ., 2018.
[17] GOST P 51624‒2000. Zashchita informatsii. Avtomatizirovannyye sistemy v zashchishchennom ispolnenii. Obshchiye trebovaniya [State Standard P 51624‒2000. Protection оf information. Protected automated systems. General requirements]. Moscow, Standartinform Publ., 2001, 30 p.
[18] Prikaz Federalnoy sluzhby po tekhnicheskomu i eksportnomu kontrolyu ot 14 marta 2014 g. URL: https://fstec.ru/index?id=868:prikaz-fstek-rossii-ot-14-marta-2014-g-n-31
[19] Andreev A.G., Kazakov G.V., Koryanov V.V. Inzhenernyy zhurnal: nauka i innovatsii ― Engineering Journal: Science and Innovation, 2019, iss. 4. http://dx.doi.org/10.18698/2308-6033-2019-4-1868