SYSTEMIC APPROACH TO THE ANALYSIS OF THE LEGAL FRAMEWORK OF INFORMATION SECURITY

  • Irada Dzhalladova Kyiv National Economic University named after Vadym Hetman
  • Nina Batechko National University of Life and Environmental Sciences of Ukraine
  • Evhenia Kolomiyets-Ludwig Kyiv National Economic University named after Vadym Hetman
Keywords: information security, legal framework, systemic approach

Abstract

The article substantiates the methodic bases for the usage of the systemic approach to analyze the legal framework of information security provision. The authors prove the necessity of the creation of common special vocabulary to be the basis of the theoretical methodological grounds of the information security and its legal framework. The conclusion has been approved that information threats are of dynamic character and moreover, the legal regulation of this sphere usually falls behind the development of the information society in Ukraine and all over the world. The multilevel interpretation of the information security legal framework structure has been suggested, with the components of the latter to be interacting and been arranged by hierarchy. The systematization of the objects for research has been performed basing on its following features: integrity, organization structurality, hierarchy, but considering also its features of the dynamic system such as feedback links and non-linear effects. The multilevel approach has been proved to be effective in arranging of the legal framework of information security provision, which considers global tendencies and works for the society, its members and state, as well as for natural persons and legal entities.

References

Cornish, P. (2009). Cyber Security and Politically, Socially and Religiously Motivated Cyber Attacks [Cyber Security and Politically, Socially and Religiously Motivated Cyber Attacks]. Brussels : European Parliament, [in English]

On the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (2016). Brussels: Regulation of the European Parliament and of the Council of 27 april 2016 №2016/679. Retrieved from https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679 [in English]

Bezkorovainii, M.M., & Tatuzov, A.L. (2014). Kiberbezopasnost – podhody k oopredeleniyu poniatiia [Cybersecurity – the approaches to the notion definition]. Voprosy kiberbezopasnosti – Cybersecurity Issues, 1(2), 22-27 [in Russian]

Bilenchuk, P.D., Borysova, L.V., Kobylianskiy, O.L. & Sobyna, V.O. (2018). Stratehiya informatsiinoi bezpeky Ukraiyny: pravovi zasady zahystu informatsiyi [Information Security Strategy of Ukraine: legal bases of information protection]. Kyiv: UkrDHRI [in Ukrainian]

Buryachok, V.L., Tolubko, V.B., Horoshko, V.O., Toliuoa, S.V. (2015). Informatsiina ta kiberbezpeka: sotsiotehnichnii aspect [Information and Cybersecurity: sociotechnical aspect]. Kyiv: DUT [in Ukrainian]

Havlovskyi, V.D., Butuzov, V.M., & Titunina, K.V. (2009). Kompiuterna zlochynnist: mizhnarodnyi dosvid borotby s perspectyvy dlia Ukrainy [Cyberdelinquency: international experience of struggling against criminal activity and prospects for Ukraine]. Pravova informatyka – Legal Informatics, 1(21). Retrieved from http://ippi.org.ua/sites/default/files/09gvdbpu_0.pdf [in Ukrainian]

Halushko, S.O. (2011). Protyborstvo v informatsiinomu prostori [Confrontation in cyberspace]. Oboronnyi Visnyk – Herald of Defence, 11, 16-19 [in Ukrainian]

Holubev, V.A. (2013). Analiz kiberzlochynnosti u sferi ekonomichnoi bezpeky [Analysis of the cyber delinquency in the sphere of economic security]. Information Technology and Security, 1, 26-32. Retrieved from http://ippi.org.ua/sites/default/files/09gvdbpu_0.pdf [in Ukrainian]

Elementy dlia stvorennya globalnoi kultury kiberbezpeky [Elements of creation of global culture of cybersecurity] (2002). Resolution of General Assembly of UNO of December 20, 2002 № 57/239. Retrieved from http://zakon2.rada.gov.ua/laws/show/995_b42 [in Ukrainian]

Illiash, A.I. (2012). Transformatsii sistemy socialnoy bezopasnosti Ukrainy: regionalnoye izmereniie [Transformation of Social Security System of Ukraine: regional dimension]. Lviv: PAIS [in Ukrainian]

Informatsiini tehnolohii. Kryptohrafichnii zahyst informatsii. Tsyfrovyi pidpys, shcho gruntuyetsya na eliptychnyh kryvyh. Formuvannya ta pereviryannya (2002): Derzhavnyi standart Ukrainy (DSTU 4145-2002) [Information technologies. Cryptographic protection of information. Elliptic Curve Digital Signature. Generation and Check: State Standard of Ukraine]. State Committee on technical regulation and consumers policy, Order 31. Retrieved from http://gostshifr.url.ph/dstu_4145_2002.pdf [in Ukrainian]

Kodeks Ukrainy pro administratyvni pravoporushennya [Code on Administrative Delinquencies of Ukraine]. (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon0.rada.gov.ua /laws/show/80731-10 [in Ukrainian]

Kolesnikov, A.V., & Yashin A.M. (2001). Gibridnyie intellektualnyie sistemy. Teoriia i Tehnologiia razrabotki [Hybrid Intellectual Systems. Theory and Technology of the Development]. SPb.: SPbGTU [in Ukrainian]

Konstytutsiia Ukrainy vid 28.06.1996 № 254к/96 [Constitution of Ukraine]. (1996). Kiev, Vidomosti Verkhovnoi Rady Ukrainy, 30, 141. [in Ukrainian].

Kryminalnyi Kodeks Ukrainy [Penal Code of Ukraine]. (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon5.rada.gov.ua/laws/show/2341-14 [in Ukrainian]

Lipkan, V.A., Lipkan, O.S., & Yakovenko, O.O. (2006). Natsionalna i mizhnarodna bezpeka v vyznachennyah i ponyattyah [National and International Security in Definitions and Terms]. Kyiv: Tekst [in Ukrainian]

Metodychni rekomendatsii shchodo dii orhanizatsiino-tehnichnoho haracteru derzhavnyh ta privatnyh notariusiv u sferi bezpeky vykorystannia Yedynyh ta Derzhavnyh reiesriv Ukrainy (2016) [Methodic Recommendations on the Organization and Technical Actions of State and Private Notaries in the Field of Usage of Common and State Registrars of Ukraine]. Retrieved from https://www.notar.ks.ua/wp-content/uploads/2016/07/metod-npu-kiber.pdf [in Ukrainian]

Mizhnarodna Konventsiia pro borotbu z finansovym teroryzmom [International Convention for the Suppression of the Financing of Terrorism]. (1999) (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon2.rada.gov.ua/laws/show/995_518 [in Ukrainian]

Konventsiia Rady Yevropy “Pro vidmyvannia, poshuk, aresht ta konfiskatsiiu dohodiv, oderzhanyh zlochynnym shliahom” [Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime: Council of Europe]. (1990) (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon2.rada.gov.ua/laws/show/995_029 [in Ukrainian].

Zakon Ukrainy “Pro Derzhavnu sluzhbu spetsialnoho zv’iazku ta zakhystu informatsii Ukrainy” vid 23.02. 06, No 3475-IV [The Law of Ukraine “On the State Service for Special Communications and Information Protection of Ukraine”]. (2006). Kyiv, Vidomosti Verkhovnoi Rady Ukrainy, 30, 258. [in Ukrainian].

Zakon Ukrainy “Pro Derzhavnu Taiemnytsiu” vid 21.01.1994 No 3855-XII [The Law of Ukraine “On State Secrets”]. (1994). Kiev, Vidomosti Verkhovnoi Rady Ukrainy, 16, 422. [in Ukrainian].

Zakon Ukrainy “Pro Dostup Do Publichnoi Informatsii” vid 13.01.2011 No 2939-VI [The Law of Ukraine “On Access to Public Information”]. (2011). Kiev, Vidomosti Verkhovnoi Rady Ukrainy, 32, 314. [in Ukrainian].

Nakaz Administratsii Derzhavnoi Sluzhby specialnoho zviazku ta zahystu informatsii “Pro zatverdzhennia vymoh do formative, struktury ta protokoliv, shcho realizuiutsia u nadiinyh zasobah elektronnohi tsifrovoho pidpysu” [Order of the State Service of Special Communications and Information Protection of Ukraine “On Ratification of Requirements to formats, structure and protocols of secure means of digital signature”]. (2012) (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon5.rada.gov.ua/laws/show/z1398-12 [in Ukrainian].

Postanova Natsionalnoho Banku Ukrainy “Pro zatverdzhennia Polozhennia pro zabezpechennia bezperervnoho funktsionuvannia informatsiinyh system Natsionalnoho Banku Ukrainy ta bankiv Ukrainy” [Regulation of the National Bank of Ukraine “On Ratification of Regulations on the Provision of Continuous Functioning of Information Systems of the National Bank of Ukraine and banks of Ukraine”]. (2004). Kiev, Ofitsiinyi Visnyk Ukrainy, 28, 1910. [in Ukrainian].

Nakaz Administratsii Derzhavnoi Sluzhby specialnoho zviazku ta zahystu informatsii “Pro zatverdzhennia Polozhennia pro poriadok rozroblennia, vyrobnytstva ta ekspluatatsii zasobiv kryptohrafichnogo zahystu informatsii” [Order of the State Service of Special Communications and Information Protection of Ukraine “On Ratification of Regulations on the Development, Production and Usage of Cryptographic Information Protection Means”]. (2007). (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon1.rada.gov.ua/laws/show/z0862-07 [in Ukrainian].

Proekt Postanovy Kabinetu Ministriv Ukrainy “Pro zatverdzhennia poriadkiv formuvannia obiektiv krytychnoi informatsiinoi infrastructury, poriadku vnesennia obektiv krytychnoi informatsiinoi infrastructury do derzhavnoho reiestru obektiv krytychnoi informatsiinoi infrastructury, yioho formuvannia ta zabezpechennia funtsionuvannia” [Draft Regulation of the Cabinet of Ministers of Ukraine “On Ratification of Regulations on the Methods of Forming of the Units of Critical Information Infrastructure, Algorithm of Including of the Units of Critical Information Infrastructure to the State Registrar of the Units of Critical Information Infrastructure, its creation and functioning”]. (2018). Retrieved from http://www.drs.gov.ua/wp-content/uploads/2018/08/10345-23.07.2018_2018.pdf [in Ukrainian]

Postanova Kabinetu Ministriv Ukrainy “Pro zatverdzhennia Pravyl zabezpechennia zahystu informatsii v informatsiinyh, telekomunikatsiinyh ta informatsiino-telekomunikatsiinyh systemah” [Regulation of the Cabinet of Ministers of Ukraine “On Ratification of the Rules of Information Protection Provision in Informational, Telecommunication and Informational-Telecommunication Systems”]. (2006). (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon.rada.gov.ua/laws/show/373-2006-%D0%BF [in Ukrainian]

Zakon Ukrainy “Pro zahyst informatsii u telekomunikatsiinyh systemah” vid 05.07.1994 No №80/94-ВР [The Law of Ukraine “On Information Protection in Telecommunication Systems”]. (1994). Kiev, Vidomosti Verkhovnoi Rady Ukrainy, 31, 286. [in Ukrainian].

Zakon Ukrainy “Pro zahyst personalnyh danyh” vid 01.06.2010 No 2297-VI [The Law of Ukraine “On Personal Data Protection”]. (2010). Kiev, Vidomosti Verkhovnoi Rady Ukrainy, 34, 481. [in Ukrainian].

Zakon Ukrainy “Pro informatsiiu” vid 02.10.1992 No 2657-XII [The Law of Ukraine “On Information”]. (1992). Kiev, Vidomosti Verkhovnoi Rady Ukrainy, 48, 650. [in Ukrainian].

Konventsiia Rady Yevropy “Pro kiberzlochynnist” [The Convention of the Council of Europe on Cybercrime]. (2001). (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon1.rada.gov.ua/laws/show/z0862-07 [in Ukrainian].

Zakon Ukrainy “Pro natsionalnu bezpeku” vid 21.06.2018 No 2469-VIII [The Law of Ukraine “On National Security”]. (2018). Kiev, Oficiinyi Visnyk Ukrainy, 55, 51. [in Ukrainian].

Zakon Ukrainy “Pro osnovni zasady zabezpechennya kiberbezpeky Ukrainy” vid 05.10.2017 No 2163-VIII [The Law of Ukraine “On Bases of Cybersecurity Provision of Ukraine”]. (2007). Kiev, Vidomosti Verkhovnoi Rady Ukrainy, 45, 42. [in Ukrainian].

Rozporiadzhennia Holovy Verhniodniprovskoi raionnoi derzhavnoi administratsii “Pro pryznachennia vidpovidalnoho iz zabezpechennia kiberbezpeky, kiberzahystu ta bezpeky informatsiinyh tehnolohii u Verhniodniprovskii raionnii derzhavnii administratsii” [Order of the Head of Verhniodniprovskii District State Administration “On Appointment of the Responsible Officer on Cybersecurity, Cyberprotection and Information Technologies Security in the Verhniodniprovskii District State Administration”]. (2018). Retrieved from http://www.verhn-rn.dp.gov.ua/OBLADM/vdnepr_rda.nsf/docs/061C3145AC68E2ACC225822B005340B9?OpenDocument&PrintForm [in Ukrainian]

Ukaz Prezydenta Ukrayiny vid 25 Liutoho 2017 roku №47/2017 “Pro Doktrynu Natsionalnoyi Bezpeky Ukrainy” [Doctrine of National Security of Ukraine]. (2017). Kiev, Oficiinyi Visnyk Ukrainy, 20, 8. [in Ukrainian].

Ukaz Prezydenta Ukrayiny vid 26 Travnya 2015 roku № 287/2015 “Pro zatverdzhennya “Stratehiyi natsionalnoyi bezpekyUkrayiny” [Strategy of National Security of Ukraine]. (2015). Kiev, Oficiinyi Visnyk Ukrainy, 43, 14. [in Ukrainian].

Zakon Ukrainy “Pro sluzhbu bezpeky Ukrainy” vid 25.03.1992 №2229-XII [The Law of Ukraine “On Security Service of Ukraine”]. (1992). Kiev, Vidomosti Verkhovnoi Rady Ukrainy, 27, 382. [in Ukrainian].

Rishennia Kabinetu Ministriv Ukrainy “Pro shvalennia Kontseptsii rozvytku tsyfrovoi ekonomiky ta syspilstva Ukrainy na 2018-2020 roky ta zatverdzhennia planu zahodiv shchodo ii realizatsii” [Decision of the Cabinet of Ministers of Ukraine “On the Approvement of the Concept of the Digital Economy and Society Development of Ukraine and Approvement of the List of Activities aimed at its Fulfilment”]. (2018). Kiev, Oficiinyi Visnyk Ukrainy, 16, 70. [in Ukrainian].

Styran, V. (2018). How to stay safe online. Retrieved from https://github.com/sapran/dontclickshit [in Ukrainian].

Sulatskii, D.V. (2012). Heneza poniattia “telekomunikatsiina posluha” v ukrainskomu ta yevropeiskomu zakonodavstvi [Genesis of the notion of “telecommunication service” in the Ukrainian and European legislation]. Informatsiia i Pravo – Information and Law, 2(5), 18-22 [in Ukrainian].

Suprunov, Yu.M. (2013). Napriamky ta okremi problem vykorystannia socialnyh servisiv Internetu v konteksti informatsiinoi bezpeky derzhavy [Directions and Some Issues of Internet Social Services Usage in the context of Information Security of the State]. Problemy stvorennia, vyprobuvannia, zastosuvannia ta ekspluatatsii skladnyh informatsiinyh system – Problems of Creation, Testing, Usage and Exploitation of Complex Information Systems, 7, 145-159 [in Ukrainian].

Postanova Kabinetu Ministriv Ukrainy “Pro deiaki pytannia dokumentuvannia upravlinskoi diialnosti : Typova instructsiia z dokumentuvannia upravlinskoi informatsii v elektronnii formi ta orhanizatsii roboty z elektronnymy dokumentamy v dilovodstvi, elektronnoho mizhvidomchoho obminu” [Regulation of the Cabinet of Ministers of Ukraine “On Certain Issues of Documentation of Management Activity : Standard Manual on Documentation of Management Information in Electronic Form and Organization of Work with Digital Documents, Electronic Interdepartamental Exchange”]. (2018). (n.d.). zakon.rada.gov.ua. Retrieved from http://zakon1.rada.gov.ua/laws/show/55-2018-%D0%BF?test=dCCMfOm7xBWMKeFEZiWk7Ch6 HI4WUs80msh8Ie6 [in Ukrainian].

Furashev, V.M. (2014). Zakonodavche zabezpechennia informatsiinoi bezpeky Ukrainy [Legal Provision of Information Security of Ukraine]. Informatsiia i Pravo – Information and Law, 1(10), 59-67 [in Ukrainian].

Shelomentsev, V.P. Sutnist orhanizatsiinoho zabezpechennia systemy kibernetychnoi bezpeky Ukrainy ta napriamy yoho udoskonalennia [Main Points of the Organizational Provision of Cybernetic System Security of Ukraine and Directions for Its Improvement]. Borotba z orhanizovanoiu zlochynnistiu i koruptsiieiu (teoriia I praktyka) – Struggle Against Organized Crime Activity and Corruption (Theory and Practice), 2, 299 – 309 [in Ukrainian].

Shcherbakova A.V., & Fedorova H.S. (2011). Mnogourovnevyi podhod k postroieniiu gybridnoi intellektualnoi sistemy [Multilevel Approach to the Creation of a Hybrid Intellectual System]. Systemy obrobky informatsii – Information Processing Systems, 3(93), 96-99 [in Ukrainian].

Published
2018-10-06
How to Cite
[1]
Dzhalladova, I., Batechko, N. and Kolomiyets-Ludwig, E. 2018. SYSTEMIC APPROACH TO THE ANALYSIS OF THE LEGAL FRAMEWORK OF INFORMATION SECURITY. Journal of Scientific Papers “Social development & Security”. 7, 5 (Oct. 2018), 3-20. DOI:https://doi.org/10.5281/zenodo.1450873.
Section
Articles