METHOD OF DETERMINATION OF THREAT DEGREE TO PERSONAL DATA IN ITS PROCESSING IN INFORMATION SYSTEM

A brief analysis of the key actions is presented, aimed to protect personal data in its processing in information system, which are mandatory by normative documents of Government of Russia and Federal service for technical and export control. Upon the results of a brief analysis it is found a drawback in established order of protection of personal data, and suggested a method of determination of threat degree, allowing to prepare a list of actual threats considering the level of importance of the security object, the danger of destructive effect, and taking into account the importance of safety features of the security object and the need to protect software and hardware designed for personal data processing. For giving numeric values to the characteristics of the danger of destructive effects there is a suggestion of mathematics of a fuzzy set theory.

Authors: I. S. Kozin, S. V. Bezzateev

Direction: Informatics and Computer Technologies

Keywords: Personal Data, Personal Information Data System, Threat Danger, Threat Modeling, Destructive Effect, Damage

---

View full article