Open AccessFORMS OF ELECTRONIC SIGNATURE AND FEATURES OF ITS USE IN SECURED INFORMATION SYSTEMS
Author(s) -
Світлана Паламарчук,
Nataliya Palamarchuk,
Volodymyr Tkach,
Olga Shugaly
Publication year - 2021
Publication title -
kìberbezpeka. osvìta, nauka, tehnìka
Language(s) - English
Resource type - Journals
ISSN - 2663-4023
DOI - 10.28925/2663-4023.2021.14.100106
Subject(s) - electronic signature , digital signature , computer security , secrecy , computer science , information system , confidentiality , internet privacy , hash function , law , political science , process (computing) , operating system
The Law of Ukraine “On Electronic Documents” and “On Electronic Digital Signature”, which came into force on December 28, 2003 and January 1, 2004, respectively, gave the “green light” to the widespread use of electronic documents and digital signatures in the country. Continuation in the introduction of electronic documents, including electronic signature forms and their use in secure information systems, was the adoption in 2018 of the Law of Ukraine "On electronic trust services" (Law of Ukraine "On electronic digital signature" expired) and a number of bylaws regarding electronic interaction between two information resources (state registers / information and telecommunication systems…) and / or for the provision of administrative services. At the same time, the use of the latest technologies aimed at increasing the efficiency of work creates new risks that can lead to the disclosure of sensitive information, the consequences of which can be critical. To prevent this from happening, the system being created or the existing system must be well protected and comply with the Concept of "Secure Information Systems". This Concept includes a number of legislative initiatives, scientific, technical and technological solutions. Also, it is necessary to refer to the definition of a reliable information system, which is provided in the "Orange Book". According to which, a reliable information system is defined as “a system that uses sufficient hardware and software to ensure the simultaneous reliable processing of information of varying degrees of secrecy by different users or groups of users without violating access rights, integrity and confidentiality of data and information, and which maintains its performance under the influence of a set of external and internal threats. " Today, among the established methods of information protection, a special place is occupied by an electronic signature (both for verifying the integrity of the document, confirmation of authorship and for user authentication).