ADVANCED TECHNOLOGIES SUPPORTING INFORMATION SECURITY IN BANKING AREA
Introduction. The article give a view of advanced technologies supporting information security in banking area, using cloud technologies in banking and providing the appropriate level of protection banking information in their application, here considered information security cryptographic algorithms.
The expediency of applying to banks symmetric and asymmetric data encryption to protect banking information, because symmetric cryptographic algorithms can be divided into block and stream encryption, and using asymmetric cryptographic algorithms - generate additional information that is called electronic signature.
Purpose. The study of information security issues in the banking sector, the definition of promising information technologies for supporting banking activities and the allocation of cryptographic information security algorithms.
Methods. The question of effective protection of banking information systems using cryptographic algorithms are considered. It is shown that the effectiveness of the protection banking information depends largely on the safe distribution of keys between users banking information system. Defined the key distribution methods, which should be applied in banking, including basic method / session keys and public key method are defined.
Results. We consider the situation of choosing the method of distribution of keys and shown that the choice of method depends upon the structure of the system and data processing technology. We remark that known methods of key distribution does not provide "absolute" protection of information, but ensured that the cost of "hacking" more in several times that the cost of encrypted information, which is especially important for the banking sector.
Originality. The originality of the article is a theoretical justification of an integrated approach to the creation of cryptographic methods to protect banking data using digital signatures among the "cloud computing", which is all the more important, that in Ukraine there are already projects transition to cloud IT infrastructures banking system, including IT infrastructure of the National bank of Ukraine.Conclusion. It is concluded that the development of theoretical and methodological approaches to information security in the banking sector will allow banks and their customers not only reduce the period of "insecurity" (from days or hours to seconds) but also will get a much better protection of banking information and secure financial system both individual countries and the global economic space. Because of this, the author accent the importance of continue research in this area and developing new advanced technologies to protect information that will be effective in the banking sector.
Law of Ukraine On Information [Electronic resource]. – Access mode: http://zakon3.rada.gov.ua/laws/show/2657-12.
Burachok V.L. (2011) Cyber security - a major factor of sustainable development of the modern information society. Suchasna spetstekhnika, 3, 104-114.
Aulov I.F., Gorbenko I.D. (2013) Cloud computing and analysis of information security in the cloud Prikladnaya radioelektronika, 2/12, 194-201.
Gnatyuk C. Prospects cloud computing market in Ukraine: benefits and risks analytical note [Electronic resource]. – Access mode: www.niss.gov.ua/articles / 1191.
Stepanenko O.P. (2015) Formation of information security in the banking sector of Ukraine. Modelyuvannya ta informatsiyni systemy v ekonomitsi, 91, 17-35.
Sun Heat 1.1-003-99 terminology in the field of information security in computer systems from unauthorized access [Electronic resource]. – Access mode : http://www.dstszi.gov.ua/dstszi/doccatalog/document?id=41650.
Kessler G. C. An Overview of Cryptography [Electronic resource]. – Access mode: http://www.garykessler.net/library/crypto.html.
Official Resource Certification Authority the Information Department DFS [electronic resource]. – Access mode: http://acskidd.gov.ua.
ISO 8532:1995 Preview. Securities -- Format for transmission of certificate numbers [Electronic resource]. – Access mode: https://www.iso.org/standard/23243.html.
ISO 11166-1:1994. Banking -- Key management by means of asymmetric algorithms -- Part 1: Principles, procedures and formats [Electronic resource]. – Access mode: https://www.iso.org/standard/19176.html.
Romanets Yu.V., Tymofeev P.A., Shanhyn V.F (2001). Protection of information in computer systems and networks. M .: Radio and Communications, 376 p.
- Поки немає зовнішніх посилань.