Requirements for the production of certified information security products. Certification of information security tools

Internet connection speed in different countries ax is measured by the average peak communication speed. It is the average of all measured speeds for all registered IP addresses in a certain region. Different countries have different communications system capacities and high-speed fiber optic network coverage. We present you a list of 10 countries with the fastest Internet.

Internet in Singapore

This country is one of the richest technical centers worldwide, with an average Internet speed of 30.7 megabits per second, which is almost double the average peak global Internet speed. The country has six Internet service providers and more than 300,000 broadband Internet users. Such fast Internet speeds are ensured thanks to an ultra-fast fiber network, the construction of which began in 2010.

Internet in Israel

Israel is a Middle Eastern country with an average Internet connection speed of 30.9 megabits per second. It is one of the few countries where broadband internet access is available to 95% of the total population. Internet is provided via cable infrastructure and telephone by two largest companies in Communication, HOT and Bezeq.

Internet Bulgaria

The broadband Internet speed in this country reaches 32.1 megabits per second, which places Bulgaria on the list of countries with the fastest connections in the world. In this country, approximately 50% of Internet users use local network. Asymmetric digital line was introduced in Bulgaria along with the liberalization of the telecommunications market, which allowed for significantly improved data transmission.

Internet in Switzerland

Switzerland has one of the fastest broadband networks in the world and one of the largest coverages on the continent. The country currently has an average internet connection speed of 32.4 megabits per second. ADSL and VDSL lines are the most popular here, but companies rely most on satellite and xDSL connections due to their widespread availability.

Internet in Belgium

Since 1999, when ADSL first appeared in Belgium, the average Internet connection speed has increased to 32.7 megabits per second. This has allowed Belgium to be among the countries with the fastest internet connections in the world. In addition to this, the country also has an extensive cable network with speeds reaching 100 megabits per second.

Internet in the Czech Republic

The Czech Republic has fairly high internet connection speeds, which are among the fastest in Europe. Maximum speed reaches 120 megabits per second with cable Internet, which is used by the majority of the country's residents.

Ireland

Ireland is among the countries with the fastest internet in the world. More than 50% of the population of this country have Free access to broadband Internet with a speed of 70-100 megabits. Cable Internet, third generation technologies and DSL are the most popular types of communication in Ireland.

Romania

Even after average peak speeds fell by 3.2%, Romania is still among the countries with the fastest internet connections. Broadband speed in the country reaches 32.5 megabits per second, and more than 50% of Romanians use it.

South Korea

This country is on the list of several Asian countries with the fastest internet connection in the world. average speed Internet connection is 48.8 megabits per second. IN South Korea There is also an ADSL network, which is able to provide speeds from 2 to 8 megabits per second.

Hong Kong

The average peak Internet speed in Hong Kong is 54.1 megabits per second. Broadband Internet can reach speeds of up to 1,000 megabits per second thanks to a fiber optic network connected to every home. The government strongly supports connectivity, so the network covers about 70% of the country's population. There are no content restrictions, and no licenses are required to create a website.

It is also interesting that none of these countries is among the ten most educated in the world, despite the presence of such high-speed Internet.

One of mandatory conditions Obtaining a license to work with state secrets is the presence of certified information security tools in the organization.

Certification of information security means, first of all, involves checking them quality characteristics to implement the main function - information protection based on state standards and information security requirements. In relation to information constituting state secret, general principles organizations for certification of information security means are determined by the norms of Article 28 of the Law of the Russian Federation “On State Secrets” - information security means must have a certificate certifying their compliance with the requirements for the protection of information of the corresponding degree of secrecy. The organization of certification of information security means is entrusted to Federal agency export and technology control, the Ministry of Defense of the Russian Federation in accordance with the functions assigned to them by the legislation of the Russian Federation. Certification is carried out on the basis of the requirements of state standards of the Russian Federation and other regulatory documents approved by the Government of the Russian Federation. One of the main guidance documents information security certification is currently the Regulation on Certification of Information Security Tools, approved by the Resolution Government of the Russian Federation dated June 25, 1995 No. 608, implementing the norms of the Law of the Russian Federation “On Certification of Products and Services”.

The certification procedure is based on following principles :

1. The obligation to certify products that ensure the protection of state secrets.

2. Mandatory use of cryptographic algorithms that are standards.

3. Acceptance for certification only of products from licensed applicants.

Thus, in accordance with the above documents, lists of information security measures subject to mandatory certification; government organizations and businesses are prohibited from using information systems Oh encryption tools(incl. electronic signature and protected technical means storage, processing and transmission of information) without a certificate.

Implemented next order certification(Fig. 4.2.):

1. To the Central Certification Body (body accredited FSTEC of Russia) an application and a complete set of technical documentation are submitted.

2. The central authority appoints a testing center (laboratory) to conduct the test.

3. Tests are carried out based on economic contract between the applicant and the testing center.

4. Certification (examination of materials and preparation of documents for issue) is carried out Central authority. The certificate is issued for a period of up to 5 years.

In addition to these purposes, certification of information security tools is also necessary to resolve issues economic security organization due to constant growth computer crimes. Legal basis prevention of computer crimes is the Decree of the President of the Russian Federation “On measures to comply with the law in the field of development, production, sale and operation of encryption tools, as well as the provision of services in the field of information encryption” No. 334 dated 04/03/95. Here are some excerpts from this decree:

· government organizations and enterprises are prohibited from using encryption tools, technical means of storing, processing and transmitting information that do not have a certificate;

· posting prohibited government orders at enterprises and organizations using specified funds who do not have a certificate;

prohibit the activities of individuals and legal entities in the field of encryption and secure tools without a license;

· prohibit the import into Russia of unlicensed encryption tools and secure foreign-made equipment.

After receiving a certificate for the right to provide services, the organization is subject to state control(supervision) on compliance with the requirements of technical regulations.

The system of certification of informatization objects according to information security requirements is integral part unified system certification of information security means and certification of informatization objects according to information security requirements and is subject to state registration V in the prescribed manner. The activities of the certification system are organized by federal body for certification of products and certification of informatization objects according to information security requirements, the federal body for certification and certification, which is the FSTEC of Russia.

Under certification of informatization objects is understood as a complex of organizational and technical measures, as a result of which, through special document- “Certificate of Conformity” confirms that the object complies with the requirements of standards or other regulatory and technical documents on information security approved by the FSTEC of Russia. The presence of a valid “Certificate of Compliance” at the informatization facility gives the right to process information with the level of secrecy (confidentiality) and for the period of time established in the “Certificate of Compliance”.

Mandatory certification Informatization objects intended for processing information constituting state secrets and conducting secret negotiations are subject to.

Certification provides due diligence protected object of informatization in real conditions operation in order to assess the compliance of the applied set of measures and means of protection with the required level of information security. Certification according to information security requirements precedes the start of processing of information subject to protection and is caused by the need official confirmation efficiency of the complex used on specific object informatization of measures and means of information protection. When certifying an informatization object, its compliance with the requirements for protecting information from unauthorized access, including from computer viruses, from leakage due to side electromagnetic radiation and interference under special influences on the object (high-frequency imposition and irradiation, electromagnetic and radiation exposure), from leakage or impact on it due to special devices built into information objects.

Literature

1. Averchenkov, V.I. Information security audit: textbook. allowance/V.I. Averchenkov. – Bryansk: BSTU, 2005 – 269 p.

2. Averchenkov, V.I. Organizational defense information: textbook. allowance/V.I. Averchenkov, M.Yu. Rytov – Bryansk: BSTU, 2005 – 184 p.

3. Averchenkov, V.I., Information security service: organization and management: textbook. allowance / V.I. Averchenkov, M.Yu. Rytov – Bryansk: BSTU, 2005 – 186 p.

4. Averchenkov, V.I. Security system Russian Federation: textbook allowance / V.I. Averchenkov, V.V. Erokhin. – Bryansk: BSTU, 2005. – 120 p.

5. Averchenkov, V.I. Information security systems in leading foreign countries: textbook manual for universities / V.I. Averchenkov, M.Yu. Rytov, G.V. Kondrashin, M.V. Rudanovsky. – Bryansk: BSTU, 2007. – 225 p.

6. Domarev, V.V. Information technology security. Systematic approach / V.V. Domarev - Kyiv: LLC "TiD", 2004. - 914 p.

7. Medvedovsky, I.D. Practical use international standard information systems security ISO 17799 www.dsec.ru/cd-courses/iso 17799 cd.php/

8. Petrenko, S.A. Security audit Iuranrt / S.A. Petrenko, A.A. Petrenko – M: A&T Academy: DMK Press, 2002. – 438 p.

9. Petrenko, S.A. Information risk management. Economically justified safety / S.A. Petrenko, S.V. Simonov - M: Academy of A&T: DMK Press, 2004. - 384 p.

10. Pokrovsky, P. Assessment of information risks / P. Pokrovsky - 2004. - No. 10. Publishing house " Open systems"(www.osp.ru).

11. Semkin, S.I. Basics organizational support information security of informatization objects: textbook. allowance. / S.I. Semkin, E.V. Belyakov, S.V. Grebnev, V.I. Kozichok – M: Helios ARV, 2005 – 192 p.

13. www.rg.ru – Internet site of “Rossiyskaya Gazeta”.

14. www.fstek.ru- Official website of FSTEC of Russia.

15. www.fsb.ru - Official website of the FSB of Russia.

16. www.egovernment.ru - Internet magazine “ Information Security”.

17. www.gtk.lissi.ru - Official documents State Technical Commission of Russia.

18. www.gdezakon.ru - Internet site “Complete collection of laws of Russia”.

19. www.law.yarovoiy.com - - Internet site “All laws of Russia”.

20. Galatenko, A. Active audit / A. Galatenko // Jet Info on line. – 1999. – No. 8 (75). article 1.8. 1999……

21. Guzik, S. Why audit information systems? /WITH. Guzik // Jet Info on line. – 2000. – 10 (89). articlel.10.2000.

22. Kobzarev, M Methodology for assessing the security of information technologies by general criteria/ M. Kobzarev, A. Sidak // Jet Info on line. – 2004. – 6 (133). article 1.6.2004.

23. Petrenko, S Information security: Economic aspects/ S. Petrenko, S. Simonov, R. Kislov // Jet Info on line. – 2003 – No. 10 (125). article 10/1/2003.

©2015-2019 site
All rights belong to their authors. This site does not claim authorship, but provides free use.
Page creation date: 2016-08-07

Certification is a procedure by which it is confirmed that certain products meets all requirements. However, certification of information security means is an activity that is associated with confirming that these means comply national standards, as well as the requirements prescribed in technical regulations, and other regulatory documents.

FSTEC of the Russian Federation represents a certification system, the existence of which is aimed at achieving security in the field of informatization. The information security certification system deals with the formation of policy in the field of information technology and also ensures its implementation. At the same time, its main tasks include promoting the creation of a market in which everyone information Technology, as well as all kinds of security means, are completely protected from theft or other negative influences.

This system additionally regulates and controls various developments of information security tools, and also takes into account their subsequent creation. The system’s objectives include helping various consumers who cannot do it on their own due to the lack of necessary knowledge, do right choice information security tools. In addition, it is with the help of the system that reliable, constant and effective protection all consumers from unscrupulous sellers and creators of information security tools. With the help of this system, certification of these products is ensured, therefore all companies that specialize in the production or sale of protective equipment must undergo mandatory certification in this state. organs

What products are subject to mandatory certification?

All companies or entrepreneurs whose activities are related to information security means should be aware of which means must be certified. These include primarily technical and software tools, as well as software and hardware. This also includes means of monitoring the reliability of protection and means in which the information security system is implemented.

Therefore, every company or entrepreneur must certify these funds.

Features of obtaining a certificate

Certification is valid for only three years, however, there are situations in which its validity period is increased, but it cannot exceed five years.

Firms or entrepreneurs have the opportunity to renew the validity of a certificate received three years ago, and will not need to undergo re-certification, however, this can only be done if they comply certain conditions. These include the fact that the company's number of products that are subject to certification must remain the same. Also, the requirements that apply to these products during the certification procedure should not change. At the same time, you should make sure that the specifications and design of these products have not changed in any way over three years. If all these conditions are met, the company can renew the certificate. However, if even one condition does not meet the requirements, then the organization’s products must again go through the primary certification procedure.

Certification of information security tools is significant procedure, which allows consumers to receive only high-quality products that meet all necessary standards and requirements.

Car loans

Legislation

Business ideas

• 

  Content Urgent production seals and stamps Who will act as buyers Where to start a business Equipment for running a business There are many types of businesses that can be started by people with entrepreneurial skills. Moreover, each option has its own unique features and parameters. Urgent production of seals and stamps The business idea of ​​​​manufacturing seals and stamps is considered quite attractive in terms of...

• 

  Contents Business idea for making postcards How to open a business based on creating custom postcards Employees Premises How to sell created postcards Many people with certain entrepreneurial abilities are thinking about opening own business, and at the same time evaluate and consider a large number of various options to open. The business idea of ​​making postcards is considered quite interesting, since postcards are such items in demand..

• 
• 

  Contents Choosing a room for a gym What you need to open Gym? The gym is becoming increasingly popular in modern world because everything more people are thinking about leading healthy image life, suggesting proper nutrition and playing sports. Therefore, any businessman can open a gym, but to obtain good income needs to be thought through..

• 

  Contents Store location Assortment of goods Sellers Jewelry is a must-have item in the wardrobe of every woman who takes care of herself and tries to look attractive and bright. Therefore, almost every entrepreneur who is aware of the possibility of making good profits wants to open his own jewelry store. To do this, you need to study all available prospects, draw up a business plan and predict possible income in order to decide whether...