{"id":603,"date":"2018-12-26T13:11:18","date_gmt":"2018-12-26T11:11:18","guid":{"rendered":"http:\/\/nti.ukrintei.ua\/?page_id=603"},"modified":"2018-12-26T13:11:18","modified_gmt":"2018-12-26T11:11:18","slug":"science-technologies-innovations-sti-%e2%84%96-22-2017-53-64-p","status":"publish","type":"page","link":"https:\/\/nti.ukrintei.ua\/?page_id=603","title":{"rendered":"Science, technologies, innovations (STI) \u2116 2(2) 2017, 53-64 p"},"content":{"rendered":"<p><a title=\"All text\" href=\"\/wp-content\/uploads\/2018\/05\/2017-2_stat7_UA_povn.pdf\"><img loading=\"lazy\" class=\"alignnone size-full wp-image-359\" src=\"\/wp-content\/uploads\/2018\/05\/pdf-icon.png\" alt=\"\" width=\"32\" height=\"32\" \/>PDF<\/a><\/p>\n<p><strong>Hladun A. Ia.<\/strong> \u2013 PhD in Engineering, Senior Researcher, International Research and Training Center for Information Technologies and Systems under NAS and MES of Ukraine, 40, Acad. Glushkova Ave., Kyiv, Ukraine, 03680; +38(044) 502-63-66; glanat@yahoo.com; ORCID: 0000-0002-4133-8169<\/p>\n<p><strong>Khala K. O.<\/strong> \u2013 Junior Researcher, IRTCITS under NAS and MES of Ukraine, 40, Acad. Glushkova Ave., Kyiv, Ukraine, 03680; +38(044) 502-63-66; cecerongreat@ukr.net; ORCID: 0000-0002-9477-970X<\/p>\n<p><strong>TAXONOMY OF INFORMATION SECURITY STANDARDS<\/strong><\/p>\n<p><strong>Abstract.<\/strong> This paper presents a taxonomy (structural classification) of standards for information security (hereafter \u2014 IS), which represents a certain systematic analysis of standards both in terms of standard makers and from the point of view of designers and developers of secure systems. The taxonomy of standards provides a systematic approach of decomposition of general security management problems for solving specific problems.<\/p>\n<p><strong>Keywords:<\/strong> information security, standard, authorization, authentication, taxonomy.<\/p>\n<p><strong>REFERENCES<\/strong><br \/>\n1. Hladun A.Ia., Rohushyna Yu.V. (2016) Ontolohichnii pidkhid do problem pidvyshchennia yakosti rozroblennia natsionalnykh standartiv Ukrainy [Ontological approach to improving the quality of development of national standards of Ukraine]. Standartyzatsiia, sertyfikatsiia, yakist [Standardization, Certification, Quality], no. 2, pp. 19\u201328.<br \/>\n2. Hladun A.Ia., Rohushyna Yu.V. (2016) Data Maning: Poshuk znan v danykh [Search for knowledge in these], Ed. S. Kuznetsov. Kyiv: TOV \u201cVD \u201cADEFUkraina\u201d, 452 p.<br \/>\n3. Kryterii otsinky zakhyshchenosti informatsii v kompiuternykh systemakh vid nesanktsionovanoho dostupu: ND TZI 2.5-004-99 [Criteria for evaluating information security in computer systems from unauthorized access: Sun Heat 2.5-004-99. \u2014 Kind. official. \u2014 For the first time intr. 07\/01\/1999]. Kyiv:<br \/>\nDerzhspozhyvstandart Ukrainy [State Committee of Ukraine], 1999. IV, 61 p. Normatyvnii dokument Systemy tekhnichnoho zakhystu informatsii [Normative documents of technical protection of information].<br \/>\n4. Hladun A.Ia., Rohushyna Yu.V. (2016) Semantychni tekhnolohii: pryntsypy ta praktyky: monohrafiia [Principles and Practice. monograph]. Kyiv: TOV \u201cVD \u201cADEF-Ukraina\u201d, 387 p.<br \/>\n5. Systemy obroblennia informatsii. Vzaiemozviazok vidkrytykh system. Bazova etalonna model. Chastyna 2. Arkhitektura zakhystu informatsii (ISO 7498-2: 1989, IDT): DSTU ISO 7498-2:2004. \u2014 2006-04-01 [Information processing systems. Open Systems Interconnection. Basic reference model. Part 2<br \/>\n6. Systemy obrobky informatsii \u2014 Vzaiemozviazok vidkrytykh system \u2014 Bazova etalonna model \u2014 Chastyna 4: Struktura upravlinnia: ISO\/IEC 7498-4: 1989 \u2014 ISO\/IEC. \u2014 1989-11-16 [Information processing systems \u2014 Open Systems Interconnection \u2014 Basic Reference Model \u2014 Part 4: Management framework: ISO\/IEC 7498-4:1989 \u2014 ISO\/IEC. \u2014 First edit. 1989-11-16]. Mizhnarodna orhanizatsiia zistandartyzatsii [International Organization for Standardization], 2006. I, 9 p. Mizhnarodnyi standart [International standard].<br \/>\n7. Informatsiini tekhnolohii. Nastanovy z keruvannia bezpekoiu informatsiinykh tekhnolohii (IT). Chastyna 2. Keruvannia ta planuvannia bezpeky IT (ISO\/IEC TR 13335-2:1997, IDT): DSTU ISO\/IEC TR 13335-2:2003. \u2014 2004-10-01 [Information Technology. Guide to Security Management Information Technology (IT). Part 2: Managing and planning IT Security (ISO\/IEC TR 13335-2: 1997, IDT): GOST ISO\/IEC TR 13335-2: 2003. \u2014 Kind. official. \u2014 For the first time intr. 2004-10-01]. Kyiv: Derzhspozhyvstandart Ukrainy [State Committee of Ukraine], 2005. IV, 16 p. Natsionalnyi standart Ukrainy [National standard of Ukraine].<br \/>\n8. Informatsiini tekhnolohii. Nastanovy z keruvannia bezpekoiu informatsiinykh tekhnolohii (IT). Chastyna 3. Metody keruvannia zakhystom IT (ISO\/IEC TR 13335-3:1998, IDT): DSTU ISO\/IEC TR 13335-3: 2003<br \/>\n[Information technology. Guide to Security Management Information Technology (IT). Part 3. Methods of protection of IT management (ISO\/IEC TR 13335-3:1998, IDT): GOST ISO \/ IEC TR 13335-3: 2003. \u2014 Kind. official. \u2014 For the first time intr. 2004-10-01]. Kyiv: Derzhspozhyvstandart Ukrainy [State Committee of<br \/>\nUkraine], 2005. IV, 16 p. Natsionalnyi standart Ukrainy [National standard of Ukraine].<br \/>\n9. Informatsiini tekhnolohii. Nastanovy z keruvannia bezpekoiu informatsiinykh tekhnolohii (IT). Chastyna 5. Nastanova z keruvannia merezhnoiu bezpekoiu (ISO\/IEC TR 13335-5:2001, IDT): DSTU ISO\/IEC TR 13335-5:2005. \u2014 2006-07-01 [Information technology. Guide to Security Management Information Technology (IT). Part 5. Guidance on managing network security\u00a0 (ISO \/ IEC TR 13335-5: 2001, IDT): GOST ISO\/IEC TR 13335-5: 2005. \u2014 Kind. official. \u2014 For the first time intr. 2006-07-01]. Kyiv: Derzhspozhyvstandart<br \/>\nUkrainy [State Committee of Ukraine], 2007. VIII, 21 p. Natsionalnyi standart Ukrainy [National standard of Ukraine].<br \/>\n10. Informatsiini tekhnolohii. Kryptohrafichnyi zakhyst informatsii. Alhorytm symetrychnoho blokovoho peretvorennia: DSTU 7624:2014. \u2014 2015- 07-01. [Information technology. Cryptographic protection. The algorithm is a symmetric block transformation: ISO 7624: 2014. \u2014 Kind. official. \u2014 For the first time intr. 07\/01\/2015]. Kyiv: Derzhspozhyvstandart Ukrainy [State Committee of Ukraine], 2015. III, 226 p. Natsionalnyi standart Ukrainy [National standard of Ukraine].<br \/>\n11. Informatsiini tekhnolohii. Kryptohrafichnyi zakhyst informatsii. Funktsiia kheshuvannia: DSTU 7564: 2014. \u2014 2015-04-01. [Information technology. Cryptographic protection. Hash function: ISO 7564: 2014. \u2014 Kind. official. \u2014 For the first time intr. 04\/01\/2015]. Kyiv: Derzhspozhyvstandart Ukrainy [State Committee of Ukraine], 2015. III, 37 p. Natsionalnyi standart Ukrainy [National standard of Ukraine].<br \/>\n12. Informatsiini tekhnolohii \u2014 Metody ubezpechennia \u2014 Kryterii otsinennia bezpeky IT \u2014 Chastyna 2: Funktsionalni komponenty bezpeky: ISO\/IEC 15408-2:2008 \u2014 ISO \/ IEC. \u2014 2008-08-19; 2014-12-01 [Information technology \u2014 Security techniques \u2014 Evaluation criteria for IT security \u2014 Part 2: Security functional components: ISO\/IEC 15408-2: 2008 \u2014 ISO\/IEC. \u2014 First edit. 2008-08-19; Last edit. 2014-12-01]. Mizhnarodna orhanizatsiia postandartyzatsii [International Organization for Standardization], 2008. III, 218 p. Mizhnarodnyi standart [International standard].<br \/>\n13. Informatsiini tekhnolohii \u2014 Metody ubezpechennia \u2014 Kryterii otsinennia bezpeky IT \u2014 Chastyna 3: Komponenty ubezpechennia: ISO\/IEC 15408-2 2008 \u2014 ISO\/IEC. \u2014 2008-08-19; 2014-12-01. [Information technology \u2014 Security techniques \u2014 Evaluation criteria for IT security \u2014 Part 3: Security assurance components: ISO\/IEC 15408-2:2008 \u2014 ISO\/IEC. \u2014 First edit. 2008-08-19; Last edit. 2014-12-01]. Mizhnarodna orhanizatsiia po standartyzatsii [International Organization for Standardization], 2008. III, 174 p. Mizhnarodnyi standart [International standard].<\/p>\n","protected":false},"excerpt":{"rendered":"<p>PDF Hladun A. Ia. \u2013 PhD in Engineering, Senior Researcher, International Research and Training Center for Information Technologies and Systems under NAS and MES of Ukraine, 40, Acad. Glushkova Ave., Kyiv, Ukraine, 03680; +38(044) 502-63-66; glanat@yahoo.com; ORCID: 0000-0002-4133-8169 Khala K. O. \u2013 Junior Researcher, IRTCITS under NAS and MES of Ukraine, 40, Acad. Glushkova Ave., &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"https:\/\/nti.ukrintei.ua\/?page_id=603\">Continue reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/nti.ukrintei.ua\/index.php?rest_route=\/wp\/v2\/pages\/603"}],"collection":[{"href":"https:\/\/nti.ukrintei.ua\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/nti.ukrintei.ua\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/nti.ukrintei.ua\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nti.ukrintei.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=603"}],"version-history":[{"count":1,"href":"https:\/\/nti.ukrintei.ua\/index.php?rest_route=\/wp\/v2\/pages\/603\/revisions"}],"predecessor-version":[{"id":604,"href":"https:\/\/nti.ukrintei.ua\/index.php?rest_route=\/wp\/v2\/pages\/603\/revisions\/604"}],"wp:attachment":[{"href":"https:\/\/nti.ukrintei.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=603"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}