Information security problems of educational electronic information resources
- Details
- Category: Information technologies, systems analysis and administration
- Last Updated on 17 October 2013
- Published on 08 November 2012
- Hits: 6435
Authors:
T.V. Babenko, Dr. Sci. (Tech.), Professor, State Higher Educational Institution “National Mining University”, Head of the Department of Electronics and Information Technologies, Head of the Information Computer Complex, Dnipropetrovsk, Ukraine
O.M. Tretiak, State Higher Educational Institution “National Mining University”, Chief Engineer of Information Computer Complex, Dnipropetrovsk, Ukraine
О.V. Kruchinin, State Higher Educational Institution “National Mining University”, Senior Instructor of the Department of Electronics and Information Technologies, Dnipropetrovsk, Ukraine
D.S. Tymofieiev, State Higher Educational Institution “National Mining University”, Senior Instructor of the Department of Electronics and Information Technologies, Dnipropetrovsk, Ukraine
Abstract:
Purpose. The purpose of the article is to analyze the security level of the information processed in an automated electronic document management system for universities and students working with the United State Electronic Database on Education (USEDE).
Methodology. For the information security risk analysis within the investigated system we have used qualitative methods, which allowed us to rank probable incidents that may arise while working with USEDE, and identify those ones that require treatment.
Findings. The analysis identified the most critical threats to the information that is processed in the USEDE automated system. In addition, during the investigation the existing regulatory documents, in the area of information security, were examined, and this helped to define the requirements to the protection system. The recommendations on the formulation of the functional information security profile for the construction of an integrated information security system were suggested.
Originality. Scientific innovation consists in developing recommendations for unambiguous identification and authentication of university entrants during electronic registration of their applications in personal electronic office within automated system USEDE.
Practical value. The experimental system “Electronic entry” introduced in 2011, after certain modernization in 2012 has turned into a comprehensive system of electronic registration for the university entrants, who now don’t have to attend university personally to apply the documents for participation in the competition. The collection, verification, processing and data protection performed in USEDE, which is considered as a special case of electronic document management system. The suggested solutions will improve the effectiveness of information protection facilities, including personal data that circulate in the automated system USEDE.
References:
1. Постанова №752 від 13.07.2011 р. „Про створення Єдиної державної електронної бази з питань освіти“ [Електронний ресурс]. – Режим доступу: http://zakon 2.rada.gov.ua/laws/show/752-2011-%D0%BF
Decree no.752 dated July 13, 2011 “About creation of unified state education electronic database”, available at: http://zakon2.rada.gov.ua/laws/show/752-2011-%D0%BF
2. Наказ МОНмолодьспорт №1179 від 12.10.2011 р. „Порядок подання та розгляду заяв в електронній формі на участь у конкурсному відборі до вищих навчальних закладів“ [Електронний ресурс]. – Режим доступу: http://zakon2.rada.gov.ua/laws/show/z1222-11
Decree of Ministry of Education and Science, Youth and Sport of Ukraine no.1179 dated October 12, 2011 “Procedure of registration and consideration of applications in electronic form for participation in the competition for entering to the universities”, available at: http://zakon2.rada.gov.ua/laws/show/z1222-11
3. Закон України „Про електронні документи та електронний документообіг“ [Електронний ресурс]. – Режим доступу: http://zakon1.rada.gov.ua/laws/show/851-15
Law of Ukraine “On the electronic documents and electronic document circulation”, available at: http://zakon1.rada.gov.ua/laws/show/851-15
4. Астахов А. М. Искусство управления информационными рисками / Астахов А. М. – М.: ДМК Пресс, 2010. – 312 с.,ил.
Astakhov, A.M. (2010), Iskusstvo upravlenia informatsionnimi riskami [The Art of Information Risk Management], Press, Moscow, Russia.
2012_5_babenko | |
2013-10-17 325.58 KB 1333 |