STUDY OF THE POSSIBILITY OF IMPROVING
THE EFFICIENCY OF THE CERTIFICATION
PROCESS OF THE INFORMATION OBJECT
 
Alina E. Vanteeva
 
Information Security Engineer of the 2nd category,
Department of Information Security,
Information Technology Center of Volgograd Region
This email address is being protected from spambots. You need JavaScript enabled to view it.
Vitimskaya St, 15A, 400012 Volgograd, Russian Federation
 
Tatiana A. Omelchenko
 
Senior Lecturer, Department of Information Security,
Volgograd State University
This email address is being protected from spambots. You need JavaScript enabled to view it.
Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation
 
Arina V. Nikishova
 
Candidate of Sciences (Engineering), Associate Professor,
Department of Information Security,
Volgograd State University
This email address is being protected from spambots. You need JavaScript enabled to view it.
Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation
 
Abstract. Attestation of information objects (IO) is an important stage in the implementation 
of information protection system at enterprise, organization or state body. In essence, attestation
is a set of measures carried out at the IO to check the reliability of the implemented information
protection system, as a result of which compliance with certain requirements of the state regulator
in the field of technical information protection (FSTEC of Russia) is confirmed. The attestation process
is necessary as a stage preceding the beginning of processing of the protected information, which
provides for comprehensive (certification) tests of the protected IO in order to assess them. Such
assessment is carried out in terms of compliance of the set of means and security measures used in
IO to the put forward level of protection and should be carried out under real operating conditions of
the system. The “Certificate of Conformity” obtained as a result of attestation gives the right to processes
of information processing with the established level of confidentiality for the period specified in the
certificate. This work examines various aspects of attestation of information object, the structure of attestation
tests, legal framework, and organizational issues. The basic stages of attestation tests, and a list of necessary
reporting documentation formed at various stages of tests are allocated. The concept of evaluation of attestation
tests’ efficiency is considered and the question of the approach’s realization to increase the efficiency of information
object’s attestation of information security requirements is raised.
Key words: attestation, information objects, OI, automation, efficiency.

Creative Commons License

This work is licensed under a 
Creative Commons Attribution 4.0 International License.
Attachments:
Download this file (1_Vanteeva etc.pdf) 1_Vanteeva etc.pdf
URL: https://ti.jvolsu.com/index.php/en/component/attachments/download/799
232 DownloadsUpdate this file (1_Vanteeva etc.pdf)