Valitud ISKE kõrgeima terviklikkuse nõuete teostuse uurimus ja kontseptsiooni tõestamise projekt
Date
2017
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Informatsiooni turvalisus on saamas üha olulisemaks tänapäeva ühiskonnas, kus üha rohkem protsesse ja tegevusi digitaliseeritakse ja andmed liiguvad paberilt bittideks ja baitideks digitaalsele kujule. Eesti riigi- ja avalikud asutused koguvad ja töötlevad informatsiooni, et tagada kõrgetasemelisi teenuseid, täita põhiseaduse kohustusi või rahvusvahelisi lepinguid. Avalik sektor Eestis peab täitma andmete käitlemisel informatsiooni turvalisuse standardi Infosüsteemide turvameetmete süsteemi ISKE nõudeid kolmes teguris: käideldavus, terviklus ja konfidentsiaalsus.Käesolev töö võtab tervikluse valdkonna detailsema uurimise alla, et saavutada ISKE meetmete täitmine ja turvaeesmärkide saavutamine, millised on nõutud kõrgeima terviklusega andmetele. Analüüsides ISKE tervikluse valdkonda ja luues mitmekülgse kontseptsiooni teostuse tõestamise projekti turvanõuete realiseerimise meetmetele on võimalik suurendada arendajate ja ISKE rakendamise partnerite teadlikkust saavutamaks parem informatsiooni turvalisus.
Information security becomes more and more important in today's society, where more processes and operations will be digitised and data moves from paper to bits and bytes and receive digital form. In Estonia state and public institutions are collecting and processing information for providing high level services, fulfilling state needs on constitutional tasks or international contracts. Public sector in Estonia must apply information security standard IT Baseline Security System ISKE requirements in three factors: availability, integrity and confidentiality of processed data.This work takes integrity domain under detail research to meet ISKE requirements and security objectives demanded for data with highest integrity needs. By analysing integrity domain of ISKE and providing versatile proof of concept about solution for implementing security controls, it is possible to increase awareness of software developers and ISKE implementation participants to achieve better security of information.
Information security becomes more and more important in today's society, where more processes and operations will be digitised and data moves from paper to bits and bytes and receive digital form. In Estonia state and public institutions are collecting and processing information for providing high level services, fulfilling state needs on constitutional tasks or international contracts. Public sector in Estonia must apply information security standard IT Baseline Security System ISKE requirements in three factors: availability, integrity and confidentiality of processed data.This work takes integrity domain under detail research to meet ISKE requirements and security objectives demanded for data with highest integrity needs. By analysing integrity domain of ISKE and providing versatile proof of concept about solution for implementing security controls, it is possible to increase awareness of software developers and ISKE implementation participants to achieve better security of information.