The functional subsystem of the information system includes security. Functional and secure subsystems of information systems. Technical security subsystem
To secure subsystems that are essential for all IS regardless of the specific functional subsystems that require these or other types of security. The warehouse will ensure that the subsystems do not lie in the same subject area and may (Fig. 6.11): functional structure, information, mathematical (algorithmic and program), technical, organizational, personnel, and at the development stage ІВ additional data - legal, linguistic, technological and methodological security , as well as interfaces with external IVs.
Small 6.11. IC subsystems to ensure
The main goal of the robot IV in the control loop is the functional structure and information security; human behavior - organizational and personnel; The functions of the machine are mathematically and technically secure.
The functional structure (Fig. 6.12) shows the distribution of the functions it implements (tasks) and promotes their subordination. The IV function includes a collection of IVs that have access to private information management. The range of functions that are implemented in IV is regulated by GOST and is divided into information and other functions.
Small 6.12. Functional structure of the IS
Information functions - centralized control (1 - adjustment of parameter values, 2 - adjustment of their value to specified values) and computational and logical operations (3 - feasibility testing IV and 4 - preparation and exchange of information with other systems). Key functions must be performed: 5 - search and development of rational management modes; b - implementation of specified control modes.
Information security- this is a set of features and methods for creating an information base (Fig. 6.13), which includes systems for classifying and encoding information, unifying document systems, information flow schemes, principles and methods for creating databases.
This means the ways and forms of displaying the control object in the form of IV data, documents, graphs and signals. Information security is divided into external and internal.
Small 6.13. Information security IV
Technical safety- a complex of techies of the prevalery, in the technological process of re -formatzi in systems, is a prevalence of ex -piditrimi, the documentary on the cosel of the technology process, the internal standard of the Pidprimanism.
Tse:
Technical methods for collecting, registering, accumulating, processing, displaying, duplicating, delivering, saving and securing information;
Computers of any model, hard server and hardware devices, office equipment;
Telecommunication technology and communications;
Regulatory system documentation, which includes state, Galuzev and corporate standards from technical security;
Specialized documentation that contains methodological materials at all stages of design, development, implementation, support and installation of technical and technological features;
Regulatory and pre-production documentation prior to the establishment of technical safety.
Technical security consists of devices: modification, transformation, transfer, saving, processing, display, registration, entering/displaying information and other devices (Fig. 6.14).
Small 6.14. Technical safety IV
Security programs are complexes of programs, oriented to corporate clients and designed for the highest standard information processing tasks. They serve to expand the functional capabilities of control and management processes. The software includes packages of applied programs that implement economic and mathematical models of different levels of adequacy that support the functioning of a real object.
Mathematical security is a set of mathematical methods, models, information processing algorithms, typical systems management tasks, mass service theories, gambling theories and others.
Mathematical security consists of algorithmic and software (Fig. 6.15). Algorithmic security is a set of mathematical methods, models and algorithms that are used in the system for advanced data processing and processing. Software security consists of both basic (OS, translators, tests and diagnostics, etc., all of which will ensure the robot “gets up and running”) and special (application software that will ensure automation of control processes in a given subject area ).
Small 6.15. Mathematical security IV
Linguistic security (ontologically) - the totality of linguistic features, customary rules, methods, dictionaries, high-level algorithmic languages, management and manipulation of data, which allows fakhivs, distributors, traders and Operators are told with one word that they should use the system using the method of increasing the viscosity. the pain and relief of the human being with the machine.
This is a combination of software, technical and information security, as well as a set of scientific and technical terms and other scientific features that are used in information systems, as well as formal rules Natural language translations, which include methods for compressing and unpacking text information to improve the efficiency of automated information processing The values that are included in the linguistic security subsystem are divided (Fig. 6.16) into two groups: traditional languages (natural, mathematical, algorithmic, language modeling) and values for dialogue with EOM (information but-search, DBMS language, operational middleware, input language application packages).
Small 6.16. Warehouse for linguistic security IS
Organizational security- This is the totality of features and methods of organizing the generation and management of them in the minds of the stagnation of IV. The method of organizational security is: selection and setting of the management task, analysis of the management system and in-depth work, development of solutions for organizing interaction and personnel, implementation of the task management Organizational security includes methods of carrying out work, including preparation of documents and plant instructions.
This is one of the most important subsystems of IV, which is essential for the successful implementation of the goals and functions of the system. This warehouse includes several groups of components.
The first group includes the most important methodological materials that regulate the process of creation and functioning of the system (background methodological materials for creation IV, typical design solutions, methodological materials for organization and implementation of pre-project quilting at enterprises; methodological materials for the creation and distribution of project documentation).
The other group includes a set of features necessary for the effective design and operation of IV (control task complexes, including typical application software packages; typical enterprise management structures; unified document systems; behind-the-scenes and Galuzev classifiers).
The third group includes technical documentation, carried out in the process of design, design and maintenance of the system (technical and economical design; technical documentation; technical and working design and documents that document the phased commissioning of the system tsіyu).
Up to the fourth group there is a subsystem, which represents the organizational and staffing layout, which means, simultaneously, the warehouse of accountants from the functional management subsystems.
Personnel security- This is the totality of methods and features of the organization and training of personnel in the use of IV work. Its purpose is to encourage efficiency and feasibility for further development. Personnel security includes training methods, a program of courses and practical activities, technical aspects and rules for working with them, a warehouse of accountants who take part in the created and working system, staff list and functional equipment.
Ergonomic security - a set of methods and features that are used during the development of a functioning information system, which creates an optimal mind for the activities of personnel, for the most recent mastery of the systems and.
Legal security - the totality of regulatory documents, the initial legal and obligatory personnel for the functioning of the system, and a set of documents that regulate the procedure for saving and protecting information, rules for data audit, security extreme cleanliness of the operations involved.
These are federal laws and decrees of the President of the Russian Federation, decrees of state authorities, punishments, Galuzev’s instructions, regulations of tax authorities and the military service.
Legal security is intended to regulate the process of creation and operation of IVs, which includes a set of legal documents with a statement of regulatory requirements for the formation, saving, processing of intermediate and resulting information atsion systems.
More methodically safe- The complex is a solution that regulates the processes of creation and functioning of both the system as a whole and its personnel. This is a set of methods, features and documents that regulate the interaction of IV modules, technical and technological features, for personnel in the process of development, implementation and operation of IV.
At development stage IV - This includes regulations related to the contractual agreements of the distributor and the depository of the IV, legal regulation of disputes, ensuring the stages of development and protection of intellectual property rights.
At stage IV of operation - This value is determined by the status of the IT sphere in specific management and control bodies, rights and obligations for personnel, procedures for collecting and processing information, ensuring access rights for correspondents, regulatory documentation on work with information, etc. There are secrets and confidential information.
The training of personnel and certification of systems and ownership - recruitment was possible until the level of training of facists and service personnel, initial methodological and planned documentation of training and advanced qualifications. Possible specifications for the preparation of separate systems for certification in Galuzev, national and international organizations that certify (Derzhstandart, Oboronsertifik, ISO, SEI etc.).
Information system - there is a mutual connection between the set of methods, methods and personnel that are used to save, process and type of information in order to achieve the target goal.
Today, in small businesses there is a growing need for the processing of important information, and it is obviously necessary to stagnate automated information systems. Automated information system (AIS)- A set of software, technical, information, linguistic, organizational and technological features and personnel, purposes for collecting, primary processing, saving, searching, secondary processing and data submission in a given form (type) for the highest level of diverse professional tasks in the corporate system. In AIS, part of the function of managing and processing data is determined by the system, and part by the people. AIS can be viewed as a human-machine system with automated technology for extracting the resultant information necessary for information services for economists and optimization of the management process in various areas of human activity. and activities.
Strictly speaking, the information system transmits information to its computer. Having respectfully taken this into account, it becomes obvious. The IS transfers the processing and output of information using additional methods, methods and personnel, otherwise it is not equipped. The meaning refers to all information that circulates in the organization. ALE! The current understanding of the information system transmits vicor as the main technical process for processing computer information. That. The term IC (EIC) is based on the automated system itself. It is necessary to understand the differences between computers and information systems. Comp'yuteri, equipped with specialized software, technical base and tools for information systems. An information system is inconceivable without personnel who interact with computers and telecommunications. Tobto. The technical implementation of the information system itself is meaningless, since the role of the person for whom the information is generated and without any impossible withdrawal of that manifestation is not protected.
Economic Information System (EIS) - This is the totality of internal and external flows of direct and return information linking an economic object, methods, features, agents that take part in the process of processing information and in and improvement of management decisions.
You can see that this value of the EIS benefits the entire enterprise (organization) as a whole. Which is completely logical, because... The enterprise (organization) is rounded off with the form of an economical system. ALE! We will use the term “EIS” from more “university” people. The EIS itself is automated, then. Such a system for processing information flows is supported by additional daily VT.
Economic information system- The duty of the Apalanikh of the Aparatykh Ta of the Personables, INformation resource, and such is managed by Servis, yaki health, INFORMANII Processed for forgetting the piddovka, the ukononniki rishin.
The IV structure shows functional subsystem , which represents the goals and objectives of management, і will provide the subsystem - Revenge yourself from the most important tasks. Subsystems do not function by independent forces, but are closely connected to each other. Decomposition is used only to facilitate and simplify the analysis, design and implementation of IV.
The EEC subsystems that provide security are common to the entire EEC, regardless of the specific functional subsystems in which these or other types of security are embedded. The warehouse of subsystems that will be ensured does not lie in the selected subject area. The range of subsystems to be secured includes subsystems of organizational, legal, technical, mathematical, software, information, linguistic and technological security.
Subsystem " Organizational security » (GO) It is one of the most important subsystems of the EIS, which is essential for the successful implementation of the goals and functions of the system. In the organizational security warehouse, you can name four groups of components.
The first group includes the most important methodological materials that regulate the process of creation and functioning of the system:
· Zagalnogaluzevі kerіvny methodical materials from the creation of EIS;
· Typical design solutions;
· Methodical materials on the organization and implementation of pre-project quilting at the enterprise;
· Methodical materials for the creation and distribution of design documentation.
Another component of the structure of organizational security of the EIS is the totality of features necessary for the effective design and operation of the EIS (request control complexes, including typical packages of application programs, typical structures of industrial control capacity, unified document systems, back-office systems and galouze classifiers, etc.).
The third component of the organizational security subsystem is technical documentation, maintained during the process of quilting, design and implementation of the system: technical and economical lining, technical specifications, technical and working projects and documents stage-by-stage commissioning of the system.
The fourth component of the organizational security subsystem is the “Personnel” document, which represents the organizational and staffing structure of the project, which means, in short, the warehouse of the system’s chief designers and managers of functional management subsystems.
Subsystem " Legal security » (Pro) is intended to regulate the process of creation and operation of the EIS, which includes the collection of legal documents with the establishment of regulatory requirements for the formation, saving, processing of intermediate and resulting information of the system.
Before the legal documents that are valid at the stage of creating the system, there are: an agreement between the broker and the deputy; documents that regulate communications between participants in the creation process.
Before legal documents created at the stage of development, the following must be provided: a description of the status of the created system; legal importance of EIS children; legal requirements for certain types of information processing processes; legal notices of correspondents at the established technical standards.
Subsystem " Technical safety " (THAT) represents a set of technical features used for processing EIS data. The warehouse complex includes electronic counting machines that process economical information, methods of preparing data on machine media, methods of collecting and registering information, methods of transmitting data through communication channels , methods of accumulating and saving data and types of resulting information, additionally possessed and organizational technology .
Subsystem " Software security "(PZ) includes a set of computer programs, descriptions and instructions for their installation on the EOM (Fig. 1.4).
Security software is divided into two complexes: underground (operating systems, operating shells, compilers, interpreters, middleware programs for developing application programs, database management systems, backbone programs, etc.) and special (with treasures of programs, divided into specific tasks within the framework of functional subsystems and control applications).
Subsystem " More mathematically secure "(MO) – This is a set of mathematical models and algorithms for advanced data processing and processing of information from the stagnation of computational technology, as well as a set of features and methods that allow future economic and mathematical models of data management nnya. The MO warehouse includes:
· Features of MO (specifics of modeling typical management tasks, methods of rich criteria optimization, mathematical statistics, mass service theory, etc.);
· Technical documentation (description of the order, algorithms for achieving the order, economic and mathematical models);
· Methods for choosing MO (methods for identifying task types, methods for assessing the computational complexity of algorithms, methods for assessing the reliability of results).
Subsystem " Information security
» (ІВ) –
This is the combination of a unified classification system and coding of technical and economic information, a unified documentation system and information base (Fig.
1.5).
The IV warehouse includes two complexes: components of machine information security (classifiers of technical and economic information and documents) and internal machine information security (layouts or screen forms for entering primary data in EOM or displaying the resultant information, the structure of the information base: input, output files ) , basis data).
The central component of information security is database, This is how data from different tasks are exchanged. The database will ensure the integration of a variety of different information objects in functional subsystems.
Subsystem "Linguistic security" (LO) includes a set of scientific and technical terms and other human features that are used in information systems, as well as rules for the formalization of natural language, which include methods for compressing and opening text information This is a method of increasing the efficiency of automated information processing and facilitating the integration of people with the EIS. The main functions included in the LP subsystem are divided into two groups:
1) traditional languages (natural, mathematical, algorithmic languages, language modeling);
2) languages designated for dialogue with EOM (information-sounding languages, DBMS languages, operational middleware languages, input languages of application program packages).
Subsystem "Technological security" (THAT) EIS corresponds to the EIS subsystem for the technological stages of processing various types of information:
· Primary and resultant information (stages of the technological process of collecting, transmitting, accumulating, saving, processing primary information, extracting and obtaining resultant information);
· Organizational and procedural documentation (stages of extracting input documentation, transferring to printing, stages of forming and saving certificates, folding and duplicating internal documents and reports);
· technological documentation and table (stages of entering into the system and updating the virus templates, entering output data and forming design documentation for new types of virus, entering the plotter table, updating the bank of powers and galuzev their standards, technical expertise, regulatory data, preparation of such technological documentation for new species of virobes);
· databases and knowledge (stages of forming databases of knowledge and knowledge, entering and processing queries in search of a solution, type of solution and explanation to the next);
· scientific and technical information, state standards and technical minds, legal documents and references (stages of forming sound images of documents, forming an information fund, entering the thesaurus of the source of key words and their codes, encoding I'll ask for the search, search for the type of document or the address to save the document ).
All subsystems that are supported are interconnected with each other and with functional subsystems. The “Organizational Security” subsystem indicates the procedure for developing and implementing the EIS, the organizational structure of the EIS and the warehouse of practitioners, legal instructions for those located in the “Legal Security” subsystem.
Functional subsystems represent task warehouses and task settings, mathematical models and advanced algorithms are subdivided into the warehouse of the "Mathematical Security" subsystem and which, in turn, provide the basis for the development of application programs that are included in the warehouse. “Software Security” subsystem.
Functional subsystems, components of MO and PP indicate the principles of organization and warehouse of document classifiers, warehouse of information base. The expansion of the structure and storage of the information base allows you to integrate all the tasks of functional subsystems into a single economical information system that functions according to the principles formulated in the organizational and legal documents liverless.
The volume of data flows of information at the same time with complex data is based on the level of complexity of algorithms and programs that are broken down, allowing the selection and development of technical security components. The selection of a set of technical features allows you to determine the type of operating system, and the fragmented software and information security allows you to organize the technology for processing information to complete the tasks that are included in the line. and functional subsystems.
The structure of an information system is a collection of adjacent elements, called subsystems. The rest are functional and safe. The functional part consists of lower subsystems that deal with specific planning, control, analysis, organization and management of the activities of objects. To ensure the normal operation of the main part of the information system in the warehouse, there is a subsystem that will ensure it.
The basic structure of an information system is a complex of subsystems, which may be different. So, what to ensure:
- informational;
- technical;
- mathematical and software;
- organizational;
- legal
Information security subsystem
The IO subsystem is a single classification system and a unified documentation system, a diagram of information flows that circulate in the organization and a methodology for organizing databases.
The structure of the information system conveys this element to ensure timely generation and type of reliable information for management decisions.
In order to competently organize information security, it is necessary to:
Clearly understand the goals, objectives, and functions of the entire information system;
Accurately identify the flow of information and flow from the appearance of information flow patterns;
Streamline the document management process;
Vikoristovat the current system of classification and coding;
Volodya uses the methodology of creating connections;
Create massive amounts of information on data media.
Technical security subsystem
Technical security is the totality of technical features to ensure the effectiveness of the information system and their documentation.
Technical features are represented by computers of all models; devices for collecting, accumulating information, as well as processing, transferring and organizing data collection; office equipment devices and devices for automatic reading of information; operating materials and others.
Mathematical and software subsystem ІС
The structure of the information system conveys the presence of a mathematical and software subsystem, which is a set of mathematical methods, algorithms and programs for the implementation of functions.
Features of mathematical software include features of modeling control processes, mathematical programming, etc.
The security software is not divided into them.
Organizational security
This subsystem is a set of methods and features directly aimed at regulating the production of technical means and the interaction of workers among themselves during the development and industrial exploitation of IVs.
The functions of the subsystem relate to the analysis of this type of control and identified tasks that require automation; setting up a task to be completed on a computer, ensuring its effectiveness; disaggregation of management decisions in the structure of the organization, the methodology of the highest task, which promotes the effectiveness of the management system.
Legal security subsystem
These are the legal norms, the initial creation of the information system, and the main tasks of legal security are the importance of the legality of the system, which is to establish laws, decrees, instructions, regulations, etc.
The architecture of an information system is defined by a concept, which means the model, structure, functions and interconnections of components.
The concept of “information system” also includes traditional architectures. This is a file-server, client-server, transitional to trishare and trishare architecture.
FOOD BEFORE BED AT WEEK
Significance of information system.
Information system is a set of organizational, technical, software and information features integrated into a single system using the method of collecting, saving, processing and types of information.
The principles of the systemic approach have been developed IV.
Apparently, any system is a set of mutual relationships -
them objects (elements) that function seamlessly to reach the target area.
The system is characterized by changing the settings of objects, as a result of the current
Menus are created as a result of the interaction of objects in different processes and with external processes.
nіy middle. As a result of this behavior of the system, it is important to maintain the offensive principles.
emergence, that is, the integrity of the system based on the underlying structure, which
where the behavior of the surrounding objects is viewed from the position of the functioning of everything
homeostasis, to ensure stable functioning of the system
reach of the sleeping area;
adaptability to changes in the external environment and kerovanost for additional opportunities
dii on system elements;
In the future, the way to change the structure of the system is obvious before the change
system goals
Control system is a collection of mutual
structural parts of the economic system (for example, at the industrial front-
Accepted: directorate, financial, military, post-employment, household and other.
or) that the following control functions operate:
planning- function, which means the method of functioning economically
any system at different times (strategic, tactical, operational
planning);
appearance– a function that displays the state of the control object as a result of the
vykonanny gospodarskih processes;
control- a function that supports the storage of cloud data
them as planned goals and standards;
operatively keruvannya- a function that regulates all ho-
business processes by disabling the faulty activities of planned and
cloud data;
analysis– a function that indicates trends in a robotic economic system
reserves to take out insurance in advance of planning for the upcoming time period.
Structure of the information system
This structure embraces the life cycle of software features from the concept of ideas through the design and integration of processes for the development and delivery of software products and services. In addition, this structure is intended to control and modernize these processes.
The processes specified in this standard establish the impersonality of ceremonial significance. A specific organization, depending on its design, can choose a variety of processes before completing its specific tasks. Therefore, this standard must be adapted for a specific organization, project or application. This standard applies to both the range of software that is directly supplied and the software that is supplied or integrated into the installation system.
Basic processes of the life cycle.................................................................... ........................................................ ........................................................ ........................... 7
5.1 Contract process. ........................................................ ........................................................ ........................................................ ........................................................ .......... 7
5.2 Posting process.................................................... ........................................................ ........................................................ ........................................................ ......... 9
5.3 Breakdown process.................................................... ........................................................ ........................................................ ........................................................ ..... 12
5.4 Operation process.................................................... ........................................................ ........................................................ ........................................................ 18
5.5 Supervision process.................................................... ........................................................ ........................................................ ................................................ 19
Functional and ensure IV subsystems.
Ensure that the subsystems are functional and secure. Function-
other EIS information subsystems serve songs in an active manner
This economical system (enterprises), typical for structural subdivisions
economical system and/or control functions. Integration of functional sub-
systems into a single system is achieved through the creation and functioning of the
subsystems such as information, software, mathematics, technical
syska, technological, organizational and legal subsystems.
Functional and secure IV subsystems
Automated information system It is functional and secure for the subsystems.
Functional subsystem will ensure the required specifications and functions of the information system. In an information system, the functional part is divided into subsystems with functional signs:
level of subject activity, such as management (high, middle, low);
Type of ceramic resource (material, labor, financial, etc.);
Sphere of stagnation (banking, stock market, etc.);
Functions of the bath and period of control.
Based on the implementation of the control functions, the following subsystems are seen:
Planuvannya;
Regulation (operational management);
The warehouse is secured by the IV subsystem.
EEC subsystems, which are ensured, are interconnected for all EEC, regardless of
specific functional subsystems that support these and other types of security. The warehouse of subsystems that will be ensured does not lie in the selected subject area. The range of subsystems to be ensured includes subsystems of organizational, legal, technical, mathematical, software, information, linguistic and
technological security
Subsystem "Organizational Security" (GO) It is one of the most important subsystems of the EIS, which is essential for the successful implementation of the goals and functions of the system.
You can see four groups of components in the organizational supply warehouse.
The first group includes the most important methodological materials that regulate the process of creation and functioning of the system:
Back-of-the-wall methodological materials created by EIS,
Typical design solutions
Methodological materials for organizing and carrying out pre-project quilting at an enterprise,
Methodical materials for the creation and distribution of design documentation.
Another component in the structure of the organizational security of the EIS is the totality of features necessary for the effective design and operation of the EEC (control complexes, including standard packages of application programs,
typical business management structures, unified document systems,
zagal system and Galuzev classifiers etc.)
The third component of the organizational security subsystem is technical documentation maintained during the process of quilting, design and implementation.
systems: technical and economical design, technical specifications, technical and working designs and documents that formalize the phased commissioning of the system.
The fourth component of the organizational security subsystem is
“Personnel”, which represents the organizational and staffing structure of the project, which means the warehouse of the head designers of the system and the managers of the functional subsystems of management.
Zachman model.
vikorystovuvanі tributes (what?)
processes and functions (how?)
place of vikonannya of these processes (de?)
organizations and personalities-participants (who?)
keruyuchy podіi (if?)
goals and boundaries that mean the work of the system (what?)
