TНЕ CONCEPT OF INFORMATION SECURITY

THE VI INTERNATIONAL SCIENTIFIC CONFERENCE “SCIENTIFIC FOUNDATIONS FOR THE USE OF
INFORMATION TECHNOLOGIES OF A NEW LEVEL AND MODERN PROBLEMS OF AUTOMATION”,
NOVEMBER 20, 2025
55
TНЕ CONCEPT OF INFORMATION SECURITY
1Akhmedo a Sanaba khan Kha izo na, 2Koshele a Aleksand a Dmi ie na
1Candida e o Economic Sciences, Associa e P o esso o he Depa men “Economics and
Logis ics”, Bela usian-Uzbek Join In e sec o al Ins i u e o Applied Technical Skills;
2Mas e 's s uden in Quali y Assu ance, Bela usian-Uzbek Join In e sec o al Ins i u e o Applied
Enginee ing
h ps://doi.o g/10.5281/zenodo.17712352
Abs ac . Any ad e se impac on in o ma ion subjec s caused by acciden al o in en ional
na u al o a i icial in luences, we unde s and ha in o ma ion is p o ec ed om use s and owne s
o in o ma ion ha would cause undue ha m o in o ma ion subjec s, including suppo ing
in as uc u e.
C yp og aphy is a collec ion o ideas and echniques ela ed o ans o ming in o ma ion
in o de o p o ec i om unin ended use s. In o ma ion is p esen ed in he o m o ex (message).
Such in o ma ion is called plain ex . Such in o ma ion is called plain ex . The p ocess o
con e ing i in o a p o ec ed s a e is called enc yp ion, and he p ocess o con e ing i in o a
ciphe s a e is called enc yp ion.
F om c yp og am, i.e. om enc yp ed ex o clea ex , i is ca ied ou by dec yp ion. To
pe o m enc yp ion and dec yp ion, addi ional in o ma ion called a key is used. The key i sel is
he sec e o enc yp ion. I should no be signi ican ly di icul o p ac ically impossible o ead
he c yp og am wi hin a limi ed ime wi hou knowing he key. C yp og aphy is one o he
componen s o c yp ology - he science o sending in o ma ion p o ec ed om unau ho ized
access. C yp og aphy, as men ioned, deals wi h he enc yp ion and dec yp ion o da a using a
sec e key. Ano he componen o c yp ology, c yp analysis, deals wi h he heo y o ex ac ing
in o ma ion om a c yp og am wi hou knowing he key.
Key wo ds: ad e se e ec s, in o ma ion, c yp og aphy, enc yp ion, dec yp ion.
Аннотация. При любом неблагоприятном воздействии на субъекты информации,
вызванные случайным или преднамеренным естественным или искусственным
воздействием, как мы понимаем, информация защищена от пользователей и владельцев
информации, которые могли бы нанести неоправданный вред субъектам информации,
включая поддерживающую инфраструктуру. Криптография — это совокупность идей и
методов, связанных с преобразованием информации для её защиты от
несанкционированного доступа. Информация представляется в виде текста (сообщения).
Такая информация называется открытым текстом. Процесс перевода его в защищенное
состояние называется шифрованием, процесс перевода его в зашифрованное состояние
также называется шифрованием.
Перевод криптограммы, то есть зашифрованного текста в открытый,
осуществляется путём расшифровки. Для шифрования и расшифровки используется
дополнительная информация, называемая ключом. Сам ключ — это секрет шифрования.
Прочитать криптограмму за ограниченное время без знания ключа не должно быть
существенно сложно или практически невозможно. Криптография является одним из
компонентов криптологии — науки о передаче информации, защищённой от
несанкционированного доступа. Криптография, как уже упоминалось, занимается
шифрованием и дешифрованием данных с использованием секретного ключа. Другой раздел
THE VI INTERNATIONAL SCIENTIFIC CONFERENCE “SCIENTIFIC FOUNDATIONS FOR THE USE OF
INFORMATION TECHNOLOGIES OF A NEW LEVEL AND MODERN PROBLEMS OF AUTOMATION”,
NOVEMBER 20, 2025
56
криптологии, криптоанализ, занимается теорией извлечения информации из
криптограммы без знания ключа.
By in o ma ion secu i y, we mean he p o ec ion o in o ma ion om acciden al o
in en ional na u al o a i icial in luences ha could cause undue ha m o in o ma ion subjec s,
including in o ma ion use s and owne s who suppo he in as uc u e.
In o ma ion p o ec ion is a complex se o measu es aimed a ensu ing he sa e y o
in o ma ion.
The main o ganize s o in o ma ion secu i y consis o he ollowing ca ego ies: ensu ing
con iden iali y, in eg i y and a ailabili y o suppo ing in as uc u e and in o ma ion esou ces.
Usabili y is he abili y o ob ain he necessa y in o ma ion se ice wi hin a ce ain pe iod
o ime.
In eg i y is he alidi y o in o ma ion and i s p o ec ion agains des uc ion and
unau ho ized modi ica ion. Only hose wi h he app op ia e igh s should ha e he abili y o modi y
in o ma ion.
Con iden iali y is he p o ec ion o in o ma ion om unau ho ized access. Only hose wi h
he app op ia e igh s should ha e access o in o ma ion.
Basic me hods o in o ma ion p o ec ion
Pe mission con ol is a me hod o p o ec ion by egula ing he use o all esou ces o
in o ma ion sys ems and in o ma ion echnologies. Such me hods should be able o elimina e all
possibili ies o unau ho ized access o in o ma ion. Pe missions managemen includes he
ollowing secu i y ea u es:
• iden i ica ion o use s, employees and sys em esou ces (gi ing a pe sonal iden i ie o
each objec );
• iden i y objec s o en i ies by hei assigned iden i ie (au hen ica ion);
• e i y he owne o access igh s;
• egis e access o p o ec ed esou ces;
• p e en unau ho ized access de ec ion o a emp ed ac ions (ala m wa ning, sys em
shu down, sys em shu down, non- esponse o eques s).
Iden i ica ion and au hen ica ion can be conside ed an impo an so wa e and echnical
means o secu i y, since he emaining se ices a e in ended only o he en i ies hemsel es.
Iden i ica ion and au hen ica ion a e he ini ial line o de ense o accessing he in o ma ion space
o he en e p ise.
The combined implemen a ion o he iden i ica ion and au hen ica ion p ocedu es is
conside ed an au ho iza ion p ocedu e.
Iden i ica ion allows en i ies (use s, p ocesses, and hose ac ing on behal o a pa icula
use ) o iden i y hemsel es. Au hen ica ion le s you know who he o he pa y eally is. Some imes
he e m "au hen ica ion" is used as a synonym o "au hen ica ion".
Au hen ica ion is o wo ypes, one-way (usually he clien au hen ica es o he se e ) and
wo-way (bo h pa ies au hen ica e each o he ). One-way au hen ica ion
An example o a p ocedu e is he s a e o use s logging in o a sys em.
In an open ne wo k en i onmen , he e is no us ed ou e o iden i ica ion/au hen ica ion
be ween pa ies.
I is necessa y o p o ide p o ec ion agains passi e and ac i e ea esd opping, i.e.
in e cep ion, modi ica ion and p ocessing o da a in ne wo ks.
Mode n iden i ica ion/au hen ica ion ools should suppo he concep o cen alized
THE VI INTERNATIONAL SCIENTIFIC CONFERENCE “SCIENTIFIC FOUNDATIONS FOR THE USE OF
INFORMATION TECHNOLOGIES OF A NEW LEVEL AND MODERN PROBLEMS OF AUTOMATION”,
NOVEMBER 20, 2025
57
ne wo k access. Cen alized ne wo k access is p ima ily a equi emen o use con enience.
I many in o ma ion se ices in a co po a e ne wo k make eques s independen ly o each
o he , hen iden i ica ion/au hen ica ion becomes e y di icul .
One o he au hen ica ion me hods in compu e sys ems is o en e a use iden i ie ,
commonly known as a login (in English - he name unde which he use is egis e ed) and a
passwo d - some kind o con iden ial in o ma ion. The us ed passwo d and login pai is s o ed in
a special da abase.
Simple au hen ica ion consis s o he ollowing gene al algo i hms:
1. The subjec eques s pe mission o en e he sys em and en e s a pe sonal iden i ie and
passwo d.
2. The en e ed non- e u nable da a is compa ed wi h he s anda d on he au hen ica ion
se e .
3. I he da a ma ches he au hen ica ion s anda d, i is conside ed success ul; i i does no
ma ch, he subjec p oceeds o s ep 1.
The passwo d en e ed by he subjec is ansmi ed o he ne wo k in wo ways:
• based on he Passwo d Au hen ica ion P o ocol (PAP), in he clea , unenc yp ed s a e
• using SSL o TLS enc yp ion. The i e ie able da a en e ed by he subjec is ansmi ed
o e he ne wo k in a p o ec ed s a e.
• C yp og aphy (G eek o w i ing wi h sec e symbols) is a se o ideas and echniques
ela ed o he ans o ma ion o in o ma ion in o de o p o ec i om unin ended use s.
In o ma ion is p esen ed in he o m o ex (message). Such in o ma ion is called plain ex .
The p ocess o con e ing i in o a p o ec ed s a e is called ciphe , he p ocess o con e ing i in o
a ciphe s a e is called enc yp ion, and he changed ex ob ained as a esul o enc yp ion is called
a c yp og am. The ans o ma ion om a c yp og am, ha is, om enc yp ed ex o plain ex , is
ca ied ou by dec yp ion. To pe o m enc yp ion and dec yp ion, addi ional in o ma ion called a
key is used. I is he key ha is he sec e o enc yp ion. I should no be signi ican ly di icul o
p ac ically impossible o ead he c yp og am wi hin a limi ed ime wi hou knowing he key.
C yp og aphy is one o he componen s o c yp ology - he science o sending in o ma ion
p o ec ed om unau ho ized access. C yp og aphy, as men ioned, deals wi h he enc yp ion and
dec yp ion o da a using a sec e key. Ano he componen o c yp ology, c yp analysis, deals wi h
he heo y o ex ac ing in o ma ion om a c yp og am wi hou knowing he key.
Mode n c yp og aphy consis s o ou majo b anches:
• Symme ic c yp osys ems;
• Public-key c yp osys ems;
• Elec onic digi al signa u e sys ems;
• Key managemen .
Symme ic c yp osys ems include algo i hms ha pe o m enc yp ion and dec yp ion using
a single key. These algo i hms a e some imes called sec e -key algo i hms. In such sys ems, he
key ha he sende and ecei e o he message in end o use mus ha e been p e iously exchanged
o e a sec e channel. Among c yp og aphic da a p o ec ion sys ems, he mos e ec i e a e public-
key c yp osys ems, in o he wo ds, asymme ic c yp osys ems. In such sys ems, one key is used
o da a enc yp ion and ano he key is used o dec yp ion (hence he wo d asymme ic). The i s
key is known o all use s in he sys em and is used o enc yp da a. The public key canno be used
o dec yp da a.
The use uses a second key, he p i a e key, o dec yp he enc yp ed da a. I should be
THE VI INTERNATIONAL SCIENTIFIC CONFERENCE “SCIENTIFIC FOUNDATIONS FOR THE USE OF
INFORMATION TECHNOLOGIES OF A NEW LEVEL AND MODERN PROBLEMS OF AUTOMATION”,
NOVEMBER 20, 2025
58
no ed ha he dec yp ion key canno be ound using he key used o enc yp ion.
Elec onic digi al signa u e (EDI) is a equisi e o an elec onic documen , which is used o
p o ec he elec onic documen om o ge y and con i m he sou ce o in o ma ion. An elec onic
digi al signa u e consis s o a sequence o symbols c ea ed as a esul o c yp og aphic
modi ica ion o an elec onic documen . The ERI is added o he da a block and allows he da a
ecei e o p o ec he da a sou ce, da a in eg i y and alsi ica ion.
An elec onic digi al signa u e is gene a ed h ough c yp og aphic sel - egula ion using
special so wa e and a sec e key o an elec onic digi al signa u e.
ERI imp o es elec onic documen exchange and gua an ees documen eliabili y. I he
ini ial ex is op ionally changed, he ERI will no be alid.
A unique public and sec e c yp og aphic key is gene a ed o each use pa icipa ing in
elec onic documen exchange and using an elec onic digi al signa u e. An impo an elemen is
he sec e key: wi h i s help, elec onic documen s a e enc yp ed and an elec onic digi al signa u e
is c ea ed. An impo an elemen is he sec e key: wi h i s help, elec onic documen s a e enc yp ed
and an elec onic digi al signa u e is c ea ed. The p i a e key also emains wi h he use and is
ansmi ed ia a sepa a e medium: his can be a loppy disk, sma ca d, o ouch memo y. I mus
be kep sec e om o he use s on he ne wo k.
The public key is used o e i y he alidi y o he ERI. A copy o he public keys is s o ed
in he au hen ica ion cen e , i.e. public key ce i ica e lib a y. The ce i ica ion au ho i y ensu es
ha he egis a ion and public key a e p o ec ed om inco ec en y o o ge y. p o ides
p o ec ion agains a emp s.
When a use wan s o pu his digi al signa u e on an elec onic documen , he sec e key o
he digi al signa u e
LITERATURE
1. Akhmedo a S.Kh. Lec u e ma e ials.
2. In e ne esou ces