Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 222
Terrorism: Reducing Vulnerabilities and Improving Responses - U.S.-Russian Workshop Proceedings APPENDIX F Top-Priority Problems for Scientific Research on the Information Security of the Russian Federation This list of priority problems was developed and approved by the Information Security Section of the Science Council of the Security Council of the Russian Federation (Protocol 1 of March 28, 2001).* Humanitarian Problems of Ensuring the Information Security of the Russian Federation Study of the place and role of information security problems in the transition to a modern information society. Study of the problems of ensuring a balance of the interests of the individual, society, and the state in the information sphere. Study of the role and place of information security in ensuring military, economic, environmental, and other types of national security. Development of a unified conceptual framework (terms and definitions) in the information security sphere. Provision of a scientific foundation for the basic activities of state governmental structures in ensuring the information security of the Russian Federation. The national interests of Russia and cyberconflict in the modern world. The ethical orientation of the individual, the information-related foundations of this orientation, and information security. Information security and political ethics. * Appendix 4 from Streltsov, A. A. 2002. Ensuring Russia’s Information Security. Moscow: Moscow Center of Continuing Mathematical Education. Translated from the Russian by Kelly Robbins.
OCR for page 223
Terrorism: Reducing Vulnerabilities and Improving Responses - U.S.-Russian Workshop Proceedings The information space and the problem of the integrality of the Russian state. Study and forecasting of the sociopsychological consequences of the introduction and broad dissemination of modern information technologies. Study of the historical aspects, current status, and prospects for development of the information-related activities of foreign states involving the use of Russian information systems for promoting their own interests. Development of and provision of a scientific foundation for a system for monitoring the status of the information security of the Russian Federation. Development of an information-dynamic model of the balance between the demand for free exchange of information and allowable limits on its distribution. Development of legal mechanisms for ensuring the constitutional rights and freedoms of citizens in the information sphere. Problems of providing legal protection and assigning property and profit rights with regard to the results of scientific-technical activities and compensating authors and persons facilitating the use of intellectual property. Study of the place and role of the mass media in addressing issues related to the information technology-related aspects of the state policy of the Russian Federation. Development of regulations aimed at preserving and legally protecting Russian intellectual property in the information sphere. Improving the legal base regulating the creation and use of databases and other information resources of federal significance. Study of problems of legal regulation in the area of technological independence. Development of a mechanism for legal regulation of the protection and use of dual-use technologies. Development of models and mechanisms for providing insurance coverage for information-related risks. Development of legal mechanisms for cooperation among members of the Commonwealth of Independent States in ensuring collective information security. Study of problems of legal regulation on issues of investment policy in the area of information technologies. Development of legal mechanisms for regulating the creation and utilization of cryptographic products. Development of legal mechanisms regulating the circulation of electronic documents. Problems of providing a legal foundation for the creation and operation of a system for monitoring the threat of information attacks on critically important segments of the information infrastructure of the Russian Federation. Improvement of the legal and regulatory base for conducting expert reviews and monitoring of the quality of protection afforded to information and information resources.
OCR for page 224
Terrorism: Reducing Vulnerabilities and Improving Responses - U.S.-Russian Workshop Proceedings Development of mechanisms in international law to restrict cyberconflicts. Harmonization of domestic and foreign standards in the information technology sphere. Problems of the formation of the international system for information security. Development of models and legal mechanisms for facilitating cooperation on information security matters between the federal government and the various entities making up the Russian Federation. Development of models and legal mechanisms for facilitating cooperation on information security matters between oblast, republic, and territory governments and the various local governments. Development of and provision of a scientific foundation for means of ensuring the information-psychological security of the individual and society. Scientific-Technical Problems of Ensuring the Information Security of the Russian Federation (Physical-Mathematical, Technical) Development of an integrated conceptual framework of the information space and the content of information resources. Problems of creating and developing the information component of a special-purpose information-telecommunications system in the interests of government departments and agencies. Study of the problems of ensuring information security of national payment systems based on Russian intellectual resources. Study of the problems of creating and developing a national system for managing digital certificates. Search for ways of resolving the problem of creating a unified system of technical standards for information exchange (protocols, data formats, interface specifications) taking into account existing international standards and prospects for their future development. Study of approaches to the creation of a Russian system of industrial standards for the design and development of information and telecommunications systems taking into account existing international standards and prospects for their development. Studies aimed at the creation of a range of Russian technical means for designing information systems. Problems of improving Russian software. Development of and provision of scientific foundations for systems for certifying hardware or software containing foreign-produced components. Analysis of the potential for using technological production features of the latest foreign and domestic microelectronics to perform destructive IT-related functions.
OCR for page 225
Terrorism: Reducing Vulnerabilities and Improving Responses - U.S.-Russian Workshop Proceedings Study of the problems of creating and operating a national standard database of software found to be reliable. Study of the problems of creating and developing protected information-telecommunications systems, including developing methods for selecting the architecture and calculating the parameters for such systems, mathematical models and control technologies, systems software and applications with integration protection functions, networking devices and software, and devices for the transfer and distribution of information. Development of models of system security threats and means of carrying them out, determination of methods and means of monitoring to detect unauthorized operations, development of methodologies and a conceptual framework for assessing damages from the impacts of information security threats. Development of methods and means for conducting expert analyses and quality control regarding the protection of information and information resources, including matters related to assessing fundamental systems software in accordance with information security demands. Development of methods and means of ensuring the information security of information and telecommunications systems, including automated safety control systems, methods and means of key distribution and protection of information and information resources from unauthorized access and destructive actions, antivirus technologies, methods and means of monitoring the protection of modern and cutting-edge equipment and communications channels against unauthorized access, resolution of the problem of guaranteed deletion of data on magnetic media, study and development of methods for constructing protected systems that include elements that are unreliable (from an information security standpoint), including the problem of testing such systems. Study of problems of the security of the Russian information infrastructure as a whole as it is being integrated into the global infrastructure. 50. Study of problems of ensuring the information security of special-purpose information-telecommunications systems, including the development of regulatory and technical security documentation, automated security control systems, and a unified range of means for cryptographic protection taking into account the information processing technologies used in such special-purpose systems. Study of problems of the information security of corporate networks, including the science and education networks (as part of the comprehensive program of the Russian Ministry of Science and Industry entitled “Scientific, Methodological, Material-Technical, and Information Support for the Education System”). Problems of licensing activities in the area of information-telecommunications systems. Analysis of trends in the development of the global information network and the status of Russian participation in it.
OCR for page 226
Terrorism: Reducing Vulnerabilities and Improving Responses - U.S.-Russian Workshop Proceedings Study of fundamental problems of theoretical cryptography and fields of mathematics. Study of cryptographic problems of creating cutting-edge Russian encryption systems (particularly high-speed systems). Development and provision of scientific foundations for new methods for the cryptographic analysis of modern encryption systems. Development of cutting-edge cryptographic protocols facilitating collaboration among users of complex hierarchical global networks and distributed information-analytical systems. Study of existing open-key systems and development of new ones, along with related authentication and electronic signature protocols. Improvement of the regulatory and methodological base regarding questions of information protection using cryptographic means. Analysis of basic areas and development trends with regard to domestic and foreign means for the cryptographic protection of information. Analysis of opportunities for using advances in physics and engineering to access information processed on modern hardware, including a study of physical bases for information leakage through side channels and of problems related to the analytical processing of side signals. Study of the algorithmic and technological characteristics of the latest foreign and domestic technical means for information processing. Study of the problems and methods of accessing information in communications channels. Development of protection assessment methodology, creation of comprehensive methods and means of protecting information processing hardware from physical-technical methods of unauthorized access, and improvement of the relevant regulatory base. Study of the problem of creating information processing hardware that is protected against physical-technical methods of information access. Comparative analysis of development trends with regard to physical-technical problems of information protection in Russia and abroad. Study of the architectural options for constructing high-output computer systems and algorithms and software taking into account current cryptographic demands. Study of problems of constructing automated systems for the processing of cryptographic information in a heterogeneous computing environment. Study of problems of the management of distributed computing processes. Study of and provision of scientific foundations for threat models and strategies for protection against technical intelligence gathering. Development of methods and means for countering technical intelligence gathering with an eye to the efficiency of their operation.
OCR for page 227
Terrorism: Reducing Vulnerabilities and Improving Responses - U.S.-Russian Workshop Proceedings Development of methods and means for monitoring the status and sufficiency of measures taken to counter technical intelligence gathering at protected targets. Development of modern methodology to ensure that technical intelligence gathering is countered at protected targets. Development and theoretical and experimental study of modern methods of steganography and other means of hiding messages, as well as for protection against forgery and counterfeiting. Study and development of Russian protection screens taking into account models of threats to existing and cutting-edge digital automated telecommunications systems. Problems of Ensuring the Availability of Personnel to Deal with the Information Security of the Russian Federation Creation of a well-founded vision, structure, and operational plan for a unified system of personnel training in the area of modern information technologies and information security. Definition of the structure and functions of the Training and Methodological System for the Training, Retraining, and Continuing Education of Personnel in the Information Security Sphere. Development of state educational standards for new specialists graduating from institutions of higher professional education. Creation of laws and regulations for a special licensing system with regard to information security-related educational activities. Problems related to laws and regulations on the training of specialists in information security and related areas. Development of a regulatory base aimed at preserving the intellectual potential of the state higher educational institutions of the Russian Federation that train specialists in modern information technologies and information security. Development of methods and specialized educational literature pertaining to specialties in the information security sector, including development of training aids for use in the preparation of specialists in cryptography. Development of methods and specialized educational literature pertaining to the study of general questions of information security for use by students being trained in other areas besides information security. Development of a set of fundamental multimedia educational resources for use in training specialists in information security and related countermeasures. Development of methods and specialized educational literature for use in retraining and continuing education courses on information security.
OCR for page 228
Terrorism: Reducing Vulnerabilities and Improving Responses - U.S.-Russian Workshop Proceedings Software and hardware necessary for the integration of modern information technologies into the educational process. The problem of including in the educational process various types of educational and research-oriented games related to information security.
Representative terms from entire chapter: