Computer Crime Research Center

library/Belousov.jpg

Information Resources Security

Date: November 19, 2003
Source: Computer Crime Research Center
By: Andrey Belousov

Page 1 2 3
... discipline of the personnel, access of unauthorized persons to computing resources creates conditions for abusing and causes difficulties for their detection.


Purpose of information security lies in:

• prevention of leakage, theft, loss, distortion, fake of information;

• prevention of threats for safety of the person, a society, the state;

• prevention of unauthorized actions on erasing, modifying, distorting, copying, blocking of information;

• prevention of other forms of illegal interference in information resources and information systems;

• maintenance of legal regime of the documented information as object of property;

• protection of constitutional rights of citizens on preservation of personal secret and confidentiality of personal data stored in information systems;

• preservation of the state secret, confidentiality of the documented information according to the legislation;

• assurance of rights in information processes, development, manufacture and application of information systems, technologies and means of their maintenance.


Any documented information is to be protected. Illegal manipulation of which can do harm to its proprietor, owner, user and other person.


Control of requirements observance of information security and operation of special software means of protection, and also maintenance of organizational measures of information security systems processing the information with restricted access in non-state institutions, is carried out by public authorities.


Organizations that process restricted access information which is the property of the state, create special services providing information security.


The owner of information resources or the persons authorized by him have the right to fulfill control of requirements on information security and to forbid or to stop information processing in case of violations of these requirements. The proprietor or the owner of the documented information has the right to apply to public authorities for accuracy estimation of performance of norms and requirements on information security in information systems.


The proprietor of the document, document file, information systems or the persons authorized by him establish the order of information granting with instructions on place, time, responsible officials, and also necessary procedures. Also they provide conditions of access to information according to the law.


The owner of the document, document file, information systems provides information security level according to the law.


The risk related to use of uncertificated information systems and means of their maintenance, lies on the proprietor (owner) of these systems and means. The risk related to use of the information received from uncertificated system, lies on the consumer of the information.


Protection of the rights in sphere of forming information resources, their usage, development, production and application of information systems technologies and means of their maintenance is carried out for purpose of preventing offences, suppression of illegal actions, restoration of the broken rights and compensation of the caused damage.


The responsibility for infringements of the international norms and rules in field of information resources forming and using, creating and using of information systems, technologies and means of their maintenance is assigned to public authorities, organizations and citizens according to contracts awarded with foreign companies and other partners including international contracts.


Refusal in access to the open information or granting of unreliable information can be appealed in the court.


The attorney generals and other officials of public authorities, organizations, that are guilty in illegal restriction of access to information and infringement of information security mode, bear the responsibility according to the criminal, civil legislation and legislation on administrative offences.


[1] V. Golubev, Computer Information Is an Object of Legal Relationship, - http://www.crime-research.org/library/Golubev_oct.html

[2] I. Konovalov, Digital ID, - http://www.crime-research.ru/library/2101.html

[3] V. Polivanyuk, Legal Problems of Information Security, - http://www.crime-research.org/eng/library/Polivan0803eng.html

[4] V. Golubev, Legal personality of information relationship participants as an object of legal protection, Information technologies and information security, Scientific works digest, Ministry of Internal Affairs of Ukraine High School of Law, Zaporizhzhya: 1999, Issue 3, #1, p.3.

[5] V. Golubev, Some problems of investigating cybercrimes, - http://www.crime-research.org/eng/library/Golubev_sep.html
Page 1 2 3
Add comment  Email to a Friend

Copyright © 2001-2024 Computer Crime Research Center
CCRC logo