PROTECTION OF INFORMATION
Rapid development of automation processes and the penetration of the
computers in all fields of life have lead to appearance of a range of
peculiar problems. One of these problems is the necessity of providing
effective protection to information and means of its processing.
A lot of ways to access information, considerable quantity of qualified
specialists, vast use of special technical equipment in social
production make it possible for violators practically at any moment and
in any place carry out the actions, which represent a threat to
Particular role in this process has been played by appearance of
personal computer (PC), which has made computers, software and other
informational technologies available to general public. Wide
distribution of PC and impossibility of conducting effective control of
their use have resulted in the decreasing security level of information
In the current situation, data processing has moved the problems of
information security forward to the rank of most important problems of
national economy. Solving the problem of poor information security
presupposes a complex of measures. First of all, such actions of
government as development of classification system, documentation of
information and protection methods, data access regulations and
punishing measures against information security violators.
PROTECTION OF INFORMATION
a. State informational sources
Formation of state informational sources is carried out by citizens,
state authorities, organizations and social unions. Documents, which
belong to a person, can be included in the state structure of
informational sources, of course, if the person wishes. State
informational sources are open and generally available. Documented
information with limited access is divided into state secret and
b. Citizen information (personal information)
Personal data refers to confidential information. The collection,
storage, use and distribution of private information are not allowed.
The information, which breaks personal and family secret, secret of
correspondence, telephone, postal, telegraph talks and other messages of
a person without his/her permission, is also confidential.
Personal data may not be used with purpose of causing damage to
person’s property and reputation, difficulties of realization its right.
Collected data must be limited to necessary information. The
information, which carries strong probability of causing damage to a
citizen’s interests shouldn’t be collected.
There are some categories of personal information:
official department rules and instructions;
information, which is not to be made public in accordance with
confidential business information;
information, which touches private life of a person;
information of financial institutions;
c. Development and production of informational systems
All types of informational systems and networks, technologies and means
of their providing compose a special branch of economic activity, whose
development is defined by the state scientific, technological and
industrial policy of informatization.
State and non-state organizations and, of course, the citizens have
equal rights in terms of access to the development and producing of
informational systems, technologies.
Owner of informational systems
The informational systems, technologies and means of their providing
can be the property objects of juridical person, non-juridical person
and state. The owner of informational system is a person, who purchased
these objects or got as a gift, heredity or by any other legal way.
The informational systems, technologies and means of their providing
can be considered as a good (product), if the producer rights are not
broken. The owner of informational system determines the using
conditions of this product.
Copyrights and property rights
Copyrights and property rights on informational systems, technologies
and means of their providing can be belong to different persons. The
owner of informational systems has to protect copyrights in accordance
Informational systems and databases, intended for citizens’ and
organizations’ informational service, are subjected to certification
according to the established custom.
The organizations, which work in the field of making design, producing
the means of information protection and personal data treatment, must
obtain licensees to conduct such activity. The steps for obtaining
license are defined by the legislation.
Computer systems and protection of information
a. Problem of information protection
The problem of information security is relatively new. Not all
problems, connected with it have been figured out and solved up to now.
The fact of great number of computer systems users means the definite
risk to security because not all clients will carry out the requirements
of its providing.
The order of storage mediums should be clearly defined in legal acts
and envisage the complete safety of mediums, control over the work with
information, responsibility for unsanctioned access to mediums with a
purpose of copying, changing or destroying them and so on.
b. Legal aspects
There are some legal aspects of information protection, which can
appear due to not carefully thought or ill-intentioned use of computer
legal questions of protection of informational massifs from distortions;
security of stored information from the unsanctioned access;
setting juridically fixed rules and methods of copyrights protection and
priorities of software producers;
development of measures for providing the juridical power to the
documents, which are given to the machines;
legal protection of the experts’ interests, who pass their knowledge to
setting of legal norms and juridical responsibility for using electronic
computer means in personal interests, which hurt other people and social
interests and can harm them;
The lack of appropriate registration and control, low level of work and
discipline, the access of an unauthorized persons to the computing
sources create conditions for abusing and cause difficulties to their
detection. In every computing center it is usual to set and strictly
follow the regulations of the access to different official rooms for
employees of any categories.
The main purpose of information protection is preventing from the leak,
theft, distortion, counterfeit of information; preventing the threat to
person’s life and social safety, protection of the constitution and so
on. The information is subjected to protection, when it may cause the
harm for its owner, user or other person.
The development of computer technology and its wide use have lead to
appearance and spread of computer crimes. Such situation causes alarm
among those organizations and legislative institutions that use computer
technologies and, of course, people, who use new informational services
The term “computer crime” was first used in the early 70s. However, the
discussions concerning it are still actual. The top question of these
discussions is ”What unlawful actions are implied by computer crime”. A
rank of definitions of the computer crime has been composed. It often
refers to crimes directly or indirectly connected to electronic
computing machines and which includes a number of illegal acts,
committed by means of electronic data processing system or against it.
Others consider that computer crime is any action, which goes together
with interfering with property rights and fulfilled by means of
computers. The thirds think that computer crime can be defined as all
intentional and unlawful actions, which lead to causing harm to
possessions, with help of computers too.
There are following forms of computer criminality: computer
manipulations, economic espionage, sabotage, computer extortion,
“hackers” activity. The main character of committing computer crimes in
the business field becomes highly qualified “white collars” from the
suffered organization’s employees.
According to the MIS Traiding Institute (USA), they get 63% of all
causes, examining crimes and abuses. More than 36% of law-committing
employees are related to the personnel, which is not connected with
computer servicing, 29% — qualified programmers, 25% — other workers of
computing center. This tendency is reflected in official statistics too,
according to which, about 40% of computer crimes are committed for
solving of financial problems, 20% are motivated as an intellectual
challenge to society, 17% — by the willing of solving personal problems,
8% — problems of corporation or organization, 4% — are directed for
social admitting, 3% — for wounding somebody’s rights and so on.
c. “Hackers” and “crackers”
The most dangerous individuals of computer swindle are so called
“hackers”, “crackers” and representatives of other groups, working in
the sphere of industrial espionage. So, many security specialists advise
employers to pay special attention to engaged workers-specialists in
computer technologies, programming and information protection spheres.
There are many causes, when “hackers” get a job with a goal of personal
enrichment. But the most danger can represent such specialists, who are
in collusion with managers of commercial structures and organized
criminal groups; in these situations causing damage and weight of
consequences considerably increases.
There are two types of unsanctioned access:
internal “breaking open” – the criminal has access to the terminal, with
information he interested in and can work with it for some time without
external “breaking open” – the criminal doesn’t have indirect access to
the computer system, but has an opportunity of penetration to the
protected system by means of remote access;
Analysis of such actions shows that single crimes from own or neighbor
work places gradually develop into network computer crimes, which are
carried out by means of breaking of organizations’ protecting systems.
Therefore, the importance of information protection can not be doubted.
I think, every organization should have a high-quality protection system
in order to insure its safety. However, not only companies and state
institutions need information protection system but also general home
users need information protection system and should maintain the
security of their computers.