The Modeling of Processes of Design of Information Protection Systems in Financial Information Systems
( Pp. 23-38)

The relevance and necessity of implementing measures to protect information in banks, as well as in other organizations of the financial and credit sphere of activity is due to a number of reasons. Firstly, these are the requirements of regulators in the field of information security. For systems of this type, there are also requirements for information security measures, which are set out in GOST R 57580.1–2017. Secondly, it is the objective presence of threats of various nature that require mandatory neutralization and exist in many modern information systems. In order to ensure information security, the security mechanisms used in the banking sector should take into account such factors as a significant amount of processed information, the need to ensure correct, stable and trouble-free operation, the multi-user nature of access to information resources, and ensuring the security of managed equipment. It is particularly worth highlighting the fact that failures and errors in the operation of banking information systems can entail not only economic damage or negative social consequences. In general, ensuring the information security of banking facilities is one of the most important tasks currently being solved at the state level, since they directly affect the stability of its economy. These circumstances determine the relevance of writing the article. The purpose of writing this paper is to develop a set of models describing the features of organizational, legal and technical processes that must be performed in banking information systems. As a methodological basis for writing the work, GOST R 57580.1–2017, as well as regulatory legal acts of the FSTEC of Russia, which are in the public domain, were used. To describe the ongoing work that must be performed to ensure the protection of information in banking information systems, the methodology of functional graphical modeling IDEF0 was used. The result of the research presented in this paper is a set of graphical and symbolic models describing the processes performed at the stages of designing and functioning of the information security system in critical information infrastructures.

Prokushev Ya.E., Ponomarenko S.V., Maksimov R.R. The Modeling of Processes of Design of Information Protection Systems in Financial Information Infrastructures. Computational Nanotechnology. 2023. Vol. 10. No. 4. Pp. 23–38. (In Rus.) DOI: 10.33693/2313-223X-2023-10-4-23-38. EDN: EDFZFX

Ponomarenko S.V., Prokushev Ya.Е., Ponomarenko S.A. Information security of critical information infrastructure systems. Monography. Belgorod: BUKEP, 2021. 133 p.
Prokushev Ya.Е., Ponomarenko S.V., Ponomarenko S.A. The modeling of information security system design processes in state information systems. Computational Nanotechnology. 2021. Vol. 8. No. 1. Pp. 26–37. (In Rus.)
Prokushev Ya.E., Ponomarenko S.V. Comparative analysis of software and hardware protection of information used in information systems of personal data. Information and Security. 2012. Vol. 15. No. 1. Pp. 31–36. (In Rus.)
Prokushev Ya.Е., Ponomarenko S.V., Shishov N.V. The modeling of processes of design of information protection systems in critical information infrastructures. Computational Nanotechnology. 2022. Vol. 9. No. 2. Pp. 45–55. (In Rus.)
Prokusheva A.P., Prokushev Ya.E. Modeling and optimization of the choice of software and hardware protection of information from the point of view of economic and technical expediency. Information and Security. 2012. Vol. 15. No. 1. Pp. 55–60. (In Rus.)
Mattord H., Whitman M. Management of information security. 6th ed. Cengage Learning, 2019. 752 p.
Rohit Tanwar. Information security and optimization. CRC Press, 2021. 224 p.
Whitman M.E. et al. PRSCIiples of information security. 6th ed. Cengage Learning, 2017. 656 p.

modeling of information security processes, information security, information security management, graphical modeling, methodology of functional graphical modeling, financial information systems.