Protecting the integrity of information during storage
In an information system, the main place of information storage is electronic media, so let's consider security measures in relation to this class of media.
When determining the order of storing information on electronic media, it should be borne in mind that the quality of programs and protected data depends on the state of the media. Electronic media are devices that are subject to intense wear and tear. In addition, bookmarks can be embedded in electronic media, so the methods of recording, storing and reading used cannot be considered secure.
Organizational and technological measures to protect the integrity of information on electronic media can be divided into two main groups:
organizational measures to support the integrity of information;
technological measures to control the integrity of bit sequences.
Organizational measures.
Organizational protection measures are aimed at preventing the theft or loss of media, and with them information. Organizational measures are set out in documents describing the mode of storing confidential information.
Organizational measures are divided into two groups:
creation of backup copies of information stored on electronic media;
ensuring proper storage and operation conditions for media.
Creating backups.
Creating backups of information stored in an information system should be a mandatory regular procedure, the frequency of which depends on the importance of information and its processing technology, in particular on the amount of data entered, the possibility of re-entry, etc. Both standard utilities and specialized backup systems adapted to a specific situation can be used to create backups. the system. In the latter case, you can use your own methods of "differential" archiving, when only that part of the information that has been entered since the last save is recorded on an auxiliary medium.
As a rule, those that are optimal for the price of a unit of stored information are chosen as auxiliary media for storing archived data.
When maintaining backups, it is necessary to regularly check the safety and integrity of the information contained in them.
Ensuring proper storage and operation conditions.
Ensuring proper storage and operation conditions is determined by the specific type of media.
Media registration and accounting are performed regardless of whether there is confidential information on them or not. Service media must have a clear, clearly visible label with a stamp, number, and date of registration. The security classification of the media can only change in a big way, because the information cannot be guaranteed to be deleted. The recording of media in the journal is carried out throughout the "life" of the media. There should be no personal media in the room. It is not allowed to work with unverified media. A systematic commission check of the availability of media and information should be carried out.
The storage of electronic media is the same as regular documents with the same level of confidentiality. The main requirement for storage is the exclusion of unauthorized access. The transfer between departments must be carried out on receipt and recorded in the journal. Removal from the premises is possible only with the permission of authorized persons.
The hard drive is registered with a stamp corresponding to the computer category, regardless of the purpose of its use. There should be a corresponding label on the hard drive case. When transferring a computer for repair, it is necessary either to remove the hard disk, or to remove information from it with guarantee, or to be present during the repair.
Copying files from registered electronic media is allowed only on computers whose category is not lower than the security classification of the media. Each copy must be recorded in a regular or electronic journal.
Special attention should be paid to deleting information from media. The usual methods of deleting files do not delete the data area, erasing occurs only at the logical level. In addition, when deleting, it should be noted that in modern processing tools, information exists in several instances, under different names.
Technological measures.
Let's now consider technological measures to control the integrity of bit sequences stored on electronic media. The integrity of the information in the data areas is checked using a control code, the control numbers of which are written after the corresponding areas, and the corresponding markers are included in the controlled area.
To ensure the integrity of information, a cyclic control code is most often used. This method, which gives good results when protecting against the effects of random factors (interference, failures and failures), does not have any immunity at all, i.e. it does not provide protection from targeted intruder influences leading to the imposition of false data.
To control the integrity, you can use methods of protection based on cryptographic transformations. They provide reliable control of the data stored in the system, but at the same time they are implemented in the form of large programs and require significant computing resources.
