321
Information Security in the National Security System in the Modern Age
Hussein Vakhaevich Idrisov
Faculty of Law, A.A. Kadyrov Chechen State University, Grozny, Chechen Republic, Russian Federation Institute of Philology, History and Law, Chechen State Pedagogical University, Grozny, Chechen
Republic, Russian Federation, E-mail: [email protected]
Submitted:July 07, 2020; Reviewed: November 08, 2022; Accepted:November 11, 2022
Article Info Abstract
Keywords:
Information, Security, Information Security, Internet, Protection, Doctrine, Law.
DOI:
10.25041/fiatjustisia.v16no4.2665
The article is devoted to the legal analysis of information security as an important regulatory institution in the modern digital age. Relevance of the study is that information and its sources, as well as the means of its protection are, without a doubt, the most important tool for influencing political, economic, socio-legal and other processes in the globalized world today. Of course, in light of the recent events, information security is also one of the key elements of the national security of any state.It is emphasized separately that ensuring information security in the national security system of the state at the present stage of development of this institution is a guarantee that the activities of state structures in this area will be the most effective and systematic.
The objective of the work is to conduct a scientific, legal and regulatory analysis of such important categories that form the institution of information security such as: information, security, as well as formulating the author's definitions under study.The methodological basis of the work is the following methods: synthesis, induction, deduction, as well as a number of special methods of scientific knowledge:
historical, linguistic, comparative legal, formal legal.Finally, a number of conclusions are formulated and the author's definitions of the studied scientific and legal categories are given.
ISSN: 1978-5186 | e-ISSN: 2477-6238.
http://jurnal.fh.unila.ac.id/index.php/fiat
322
A. Introduction
In modern times, the 21st century which can be with certainty called the century of post-information technologies1, life of an individual in society is inextricably linked with receiving, processing, storing and transmission of information. Today it is difficult to imagine a sphere of human activity that is not subject to the information content by the act of information technology. A separate component of this process, of course, is the information and telecommunications network "Internet" (hereinafter - the "Internet"). It is already impossible to imagine life without the Internet for any citizen.
Relations in the information space and its impact on the subjects of law enforcement require their effective regulation, and it is no longer just recognition of the information importance as a tool for influencing a person, a group of people and their behavior, but it is necessary to adequately regulate its receiving, processing, storing and distribution. The development of information technologies, the mass distribution of tools for receiving and processing information (gadgets, computers, mobile stations, social networks, video hosting, etc.), on the one hand, greatly facilitated access to obtain any information, including personal, but, on the other hand, created preconditions for widespread abuse of it, including intrusion into the area of personal rights and freedom, in the interests of the state as a whole. As stated in Part 1 of Art.
24 of the Constitution of the Russian Federation: "the collection, storage, use and dissemination of information concerning the private life of any person without his assent is forbidden"2.Therefore, the protection of private life and ensuring its security, human and civil rights and freedoms is one of the tasks, where the implementation covers the scope of the state action. The opinion is shared by A.V. Paramonov with V.V. Kharin3.
In this circumstances, for example, the lack of an effective mechanism to regulate legal relations in the Internet, already now has a negative impact on the protection of the rights and legitimate interests of various citizens, organizations, and sometimes the interests of the state (for example, in the field of state automated systems, copyright and (or) related rights, personal data, internet-trading, etc.).
1 Note: The next stage in the development of information technology is the introduction of artificial intelligence - AI.
2 The Constitution of the Russian Federation (adopted by popular vote on 12.12.1993) (taking into account the amendments introduced by the Laws of the Russian Federation on amendments to the Constitution of the Russian Federation on 30.12.2008 № 6- Federal Constitutional Law (FCL), on 30.12.2008 № 7-FCL, on 05.02.2014 № 2-FCL, on 21.07.2014 № 11-FCL, on 14.03.2020 № 1-FCL) //
Collection of legislation of RF. 2014. №31. Art. 4398.
3 Paramonov A.V., Kharin V.V. Some aspects of ensuring national security in the information sphere. Current Issues of the State and Law, 2021, vol. 5, no. 17, pp. 161-170. DOI 10.20310/2587-9340-2021-5-17-161-170.
323
We can single out a number of works devoted to the analysis of the categories of security, risk, information, etc., which have seen print recently.
Among the latter, it is worth highlighting scientific works devoted, in particular, to the role of strategic investments invested in open source equipment (FOSH) for national security, including in the context of the political and economic conjuncture that has been developing recently on the world stage4, financial investments and elements of risky activities in the prism information component5.
Special, in the context of the stated research topic, are the issues of information security of subjects of crypto transactions. As you know, there are a lot of unresolved problems in this area6.The novelty of this research will make a significant contribution to the understanding of information security issues in the context of the state system of national security in the realities of the modern picture of the day.
B. Discussion
1. Analysis of the category "information"
The well-known verbal formula: "Who owns information, he owns the world" is increasingly expressed in those global geopolitical and socio- economic processes taking place in the modern world which we are witnessing today.
As noted by P.A. Sharikov: “Knowledge and information have become one of the strategic resources of the state and society, a resource for socio- economic, technological and cultural development. The use of this resource is comparable to the use of traditional resources, and the total cost of it already has a macroeconomic significance"7.
Today, in the age of massive impact of information technologies and building a post-information society, new threats to national security emerge and information security is one of this components. For this reason, the adoption of the "Doctrine of Information Security" (hereinafter - the
4 Pearce, Joshua M. 2022. "Strategic Investment in Open Hardware for National Security" Technologies 10, no. 2: 53.
https://doi.org/10.3390/technologies10020053.
5 Antwi, Johnson, and Cephas B. Naanwaab. 2022. "Generational Differences, Risk Tolerance, and Ownership of Financial Securities: Evidence from the United States" International Journal of Financial Studies 10, no. 2: 35.
https://doi.org/10.3390/ijfs10020035.
6 Shovkhalov, Shamil, and Hussein Idrisov. 2021. "Economic and Legal Analysis of Cryptocurrency: Scientific Views from Russia and the Muslim World"
Laws 10, no. 2: 32. https://doi.org/10.3390/laws10020032.
7 Sharikov, P.A. Information Security Policy: abstract of Ph. D. dissertation.
Moscow, 2009. 38 p.
324
Doctrine8) in the Russian Federation in 2000 was necessary and the need for its subsequent re-adoption in 20169, responding to the new challenges of the time. As indicated in the current version of the Doctrine, the purpose of its adoption is to create "the basis for the development of government policy and public relations in the information security, as well as for the development of measures to improve the information security system"10. Moreover, the Doctrine itself is viewed as a part of the implementation of the National Security Strategy of the Russian Federation11, that is, information security is considered as a fundamental element of the national security system of the Russian Federation.
How the concept of information security is defined, what is its essence? For this reason we should investigate separately the concepts of
"information" and "security".
The etymology of the word "information" goes back to the Latin language, where the concept of "informatio" correlates with the words
"explanation", "information", "message content", "information given their transmission in space and time."
According to the scientific doctrine, we do not find a single, universal definition of information, and it is natural, because there are different views of scientists concerning the formulation of this category. So, K. Shannon defined it as "a connection where the process of uncertainty is eliminated"12, W.R. Ashby saw “diversity”13 in it, A. Mol presented it as “originality and a measure of complexity”14, F. Machlup identified it with “knowledge”15, L.
Brillouin viewed it through the “general methodology of science”16, I. L.
Bachilo characterized it as "a characteristic of the surrounding world in all its
8 The doctrine of information security of the Russian Federation (approved by the President of the RF on September 9, 2000, №.1895) (no longer valid) //
Electronic resource // Legal Reference System (LRS) "Garant" // URL:
www.garant.ru (date of request: 09.10. 2021).
9 Decree of the President of the Russian Federation of December 5, 2016 No.
646 "Approval of the Doctrine of Information Security of the RF" // Electronic resource // LRS "Garant" // URL: www.garant.ru (date of request: 10.10.2021).
10 See item 6 the Doctrine of information security of the RF (approved by the President of the RF on 05.12.2016 No. 646) // Electronic resource // LRS "Garant" //
URL: www.garant.ru (date of request: 15.10.2021).
11 National Security Strategy of the Russian Federation (approved by Decree of the President of the RF of December 31, 2015 No. 683 // Electronic resource // LRS
"Garant" // URL: www.garant.ru (date of request: 20.10.2021).
12 Shennon, K. Works on information theory and cybernetics. Moscow, 1963.
13 Eshbi, U. R. Introduction to Cybernetics. Moscow, 1958.
14 Mol', A. Information theory and aesthetic perception. Moscow, 1966.
15 Makhlup, F. Production and dissemination of knowledge in the United States. Moscow, 1966. (In Russian)
16 Brillyuen, L. Scientific uncertainty and information. Moscow, 1996.
325
diversity perceived and realized by a person"17 and, finally, N. Wiener formulated it as "the designation of the content received from the outside world, in the process of our adaptation to it and our senses adapting to it"18.
In a philosophical interpretation, information is viewed as identical to the concepts of matter and synergy 19.
According to UNESCO's "information is a universal substance that permeates all the spheres of human activity, serving as a conductor of knowledge and opinions, a tool of communication, mutual understanding and cooperation, the establishment of stereotypes of thinking and behavior"20.
The wording of information given in the United States Joint Doctrine
"Information Operations" is very interesting in the context of the issue and recent events on the international geopolitical arena. So, in accordance with the document “information is, firstly, facts, data or instructions in any medium and in any form, and secondly, the value that a person attaches to the data by means of known rules (customs) used in their presentation". As we can see, the given definition pays significant attention to the relationship of information sources and their interpretation by a person, as a subject of the information process.
It follows from the above definitions that information is the result of interaction of the subject with the outside world, a connection where the individual receives all the complicated diversity about him, turning it into knowledge in order to adapt it to the surrounding reality, and then the final feedback effect as subordination of the surrounding world to the person.
When referring to the regulatory legal acts on this issue, in particular to the Russian legislation, we find that in the Federal Law of 20.02.1995,
№24-FL "On Information, Informatization and Protection of Information", information means "information on persons, objects, facts, events, phenomena and processes regardless of the form of their presentation"21. In turn, information that relates directly or indirectly to any individual, his personality, is formulated as personal data. A separate federal law is devoted to the legal regulation of personal data (the rules for processing information about the subject of personal data) 22.
17 Bachilo, I. L. Information Law – a new branch of the law of the Russian Federation: (methodology, theory, practice. State and law, 2008, no. 3, pp. 85-92.
18 Viner, N. Cybernetics and Society. Moscow, 1968.
19 Frolov, I.T. Philosophical Dictionary. Moscow, 1981.
20 Proceedings of the 67th IFLA Conference, 17-24 August 2001.
Information for All Program for 2008-2013. Boston: SilverPlatter, 2001.
21 Federal Law of 20.02.1995 № 24-FL «Information, informatization and information protection "// Electronic resource // LRS" Consultant Plus ". URL:
www.consultant.ru (date of request: 13.10.2021).
22 See: Federal Law of 27.07.2006 N 152-FL (as amended on 30.12.2020)
"On Personal Data" (as amended and supplemented, entered into force on 01.03.2021) // LRS "Consultant Plus". URL: www.consultant.ru (date of request: 26.09.2021).
326
The purpose of information is usually determined by its content.
According to this criterion, information is divided into: economic, legal, social, technical, organizational and other types, depending on its content and presentation purposes.
By its nature, information can be created, processed, transmitted, received, and stored. Such a possibility predetermines the risk of its use by ill- wishers (both individuals and groups, and entire states) becoming available, due to the lack of its protection or the weak nature of such protection, for certain negative purposes, including causing damage to the state and society.
... Therefore the emergence of a whole separate scientific direction
"information security" and taking practical steps to ensure information security in such activities are justified: beginning from individuals to entire states and interstate entities.
2. Analysis of the category "security"
It is important to consider the category "security" also in a separate context considering the important component of the security in the structure of the information security system.
Etymological analysis of the concept of "safety" allows us to conclude that it refers to the absence of danger, i.e. to create conditions without danger of one sort or another23.
Attacks on any important information can have devastating impact.
The main objective of any security system is to create conditions for preventing to its security threats, preventing theft, disclosure, loss, leakage, distortion and destruction of various objects in need of security.
In addition, it is important to avoid equating the information security and computer security that has been observed recently. These are related categories, but the computer security is only one component of the information security24. A.V. Paramonov and V.V. Kharin25 state about the need for a serious, comprehensive analysis of cyber threats, since such threats are one of destabilization elements in the socio-political sphere of any state.
In turn, the concept of "information security" has certain specific features. It means that the word "information" boils down not only to the concept of "information", but also to the security of the state, that is, to the field of information, which can be defined as a set of public relations regarding information, its content, as well as technical means of information processing.
23 Ushakov's explanatory dictionary online // Electronic resource. URL:
https://ushakovdictionary.ru/ word.php? wordid=2007 (date of request: 04.09.2021).
24 Makarenko, S.I. Information security. Stavropol, 2009.
25 Paramonov A.V., Kharin V.V. Some aspects of ensuring national security in the information sphere. Current Issues of the State and Law, 2021, vol. 5, no. 17, pp. 161-170. DOI 10.20310/2587-9340-2021-5-17-161-170.
327
A researcher of national and information security P.A. Sharikov gives the following definition of the information security: "the state of protection of individual interests, society and the state in the information space from deliberate or accidental influences that violate the integrity, objectivity, availability, confidentiality and efficiency of the information or the information-telecommunications infrastructure"26.
The information security from the standpoint of the Doctrine is of particular importance for the Russian Federation. So, according to the item 2 of this document, the information security of the Russian Federation is defined as “the state of protection of the individual, society and the state from internal and external information threats, which ensures constitutional rights and freedoms of human and citizen, a decent quality and living standard of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, defense and security of the state”27.
As noted in the Doctrine, the means of information security are legal, organizational, technical, etc.
In summing up the scientific and legal approaches to the category
"information security", we can give our own definition of this concept under study. So, the information security is such a state of information sources that implies their effective protection from the impact of threats when receiving, processing, storing and transmitting information, by providing the availability, integrity and confidentiality of information when actors implement measures to protect information of a private, state and interstate nature.
The content of information security includes the following categories:
accessibility, integrity, confidentiality. As noted by V. F. Shangin:
“Accessibility is the ability to get the required information service within a reasonable time. Integrity means the relevance and consistency of information, its protection from destruction and unauthorized changes.
Finally, confidentiality is protection from unauthorized access to information"28. The information security system includes the following elements:
1). Activities in the field of information security;
2). Means of implementing measures;
3). Actors (subjects) of implementing measures.
26 Sharikov, P.A. Information Security Policy: abstract of Ph. D. dissertation.
Moscow, 2009. 38 p.
27 Decree of the President of the RF of December 5, 2016 No. 646 "Approval of the Doctrine of Information Security of the RF" // Electronic resource // LFS
"Garant". URL: www.garant.ru (date of access: 26.09.2021).
28 Shan'gin, V.F. Information security of computer systems and networks.
Moscow, 2013. (In Russian).
328
C. Conclusion
In summing up the results of this scientific research, we can formulate the following provisions as conclusions.
Firstly, information is the result of interaction between the subject and the outside world where the individual receives all the polysyllabic diversity about him, turning it into knowledge in order to adapt it to the surrounding reality, and then - the final feedback in the form the subordination of man to the processes of the surrounding world.
Secondly, regarding information as an object of civil law, its definition would be as follows: information is the result of such interaction of a person with the outside world, a connection where a person receives all the polysyllabic diversity about him, turning it into knowledge, and then into the final product of intellectual activity in order to be introduced into civil circulation.
And, finally, information security is such a state of information sources, which implies their effective protection from the impacts of threats when receiving, processing, storing and transmitting information, by ensuring the accessibility, integrity and confidentiality of information when actors implement measures to protect information of a private, state and interstate nature.
References
Antwi, Johnson, and Cephas B. Naanwaab. 2022. "Generational Differences, Risk Tolerance, and Ownership of Financial Securities: Evidence from the United States" International Journal of Financial Studies 10, no. 2: 35.
https://doi.org/10.3390/ijfs10020035.
Bachilo, Illaria L. 2008. ''Information Law – a new branch of the law of the Russian Federation: methodology, theory, practice'' State and law no. 3, pp. 85-92. (In Russian).
Brillyuen, Leon.1996. ''Scientific uncertainty and information''. Moscow. (In Russian).
Decree of the President of the Russian Federation of December 5, 2016 No.
646 "Approval of the Doctrine of Information Security of the RF" //
Electronic resource // Legal Reference System (LRS) "Garant" // URL:
www.garant.ru (date of request: 10.10.2021).
Eshbi, William R. 1958. ''Introduction to Cybernetics''. Moscow. (In Russian).
Federal Law of 20.02.1995 № 24-FL «Information, informatization and information protection"// Electronic resource // Legal Reference System (LRS) "Consultant Plus". URL: www.consultant.ru (date of request:
13.10.2021).
Frolov, Ivan T. 1981. ''Philosophical Dictionary''. Moscow. (In Russian).
Makarenko, Sergey I. 2009. ''Information security''. Stavropol. (In Russian).
329
Makhlup, Fritz. 1966. ''Production and dissemination of knowledge in the United States''. Moscow. (In Russian).
Mole, Abraham. 1966. ''Information theory and aesthetic perception''.
Moscow. (In Russian).
National Security Strategy of the Russian Federation (approved by Decree of the President of the RF of December 31, 2015 No. 683 // Electronic resource // Legal Reference System (LRS) "Garant" // URL:
www.garant.ru (date of request: 20.10.2021).
Paramonov, Andrey V., and Kharin, Vadim V. 2021. ''Some aspects of ensuring national security in the information sphere'' Current Issues of the State and Law 5, no. 17: 161-170. https://doi.org/10.20310/2587-9340- 2021-5-17-161-170. (In Russian, Abstr. in Engl.).
Pearce, Joshua M. 2022. "Strategic Investment in Open Hardware for National
Security" Technologies 10, no. 2: 53.
https://doi.org/10.3390/technologies10020053.
Proceedings of the 67th IFLA Conference, 17-24 August 2001. 2001.
"Information for All Program for 2008-2013". Boston: SilverPlatter.
Shan'gin, Vladimimr F. 2013. ''Information security of computer systems and networks''. Moscow. (In Russian).
Sharikov, Pavel A. 2009. ''Information Security Policy'' (abstract of Ph.D.
dissertation). Moscow. (In Russian).
Shennon, Claude E. 1963. ''Works on information theory and cybernetics''.
Moscow. (In Russian).
Shovkhalov, Shamil, and Hussein Idrisov. 2021. "Economic and Legal Analysis of Cryptocurrency: Scientific Views from Russia and the Muslim World" Laws 10, no. 2: 32. https://doi.org/10.3390/laws10020032.
The Constitution of the Russian Federation (adopted by popular vote on 12.12.1993) (taking into account the amendments introduced by the Laws of the Russian Federation on amendments to the Constitution of the Russian Federation on 30.12.2008 № 6- Federal Constitutional Law (FCL), on 30.12.2008 № 7-FCL, on 05.02.2014 № 2-FCL, on 21.07.2014 № 11- FCL, on 14.03.2020 № 1-FCL) // Collection of legislation of RF. 2014.
№31. Art. 4398.
The doctrine of information security of the Russian Federation (approved by the President of the RF on September 9, 2000, №.1895) (no longer valid) // Electronic resource // Legal Reference System (LRS) "Garant" // URL:
www.garant.ru (date of request: 09.10. 2021).
Ushakov's explanatory dictionary online // Electronic resource. URL:
https://ushakovdictionary.ru/ word.php? wordid=2007 (date of request:
04.09.2021).
Viner, Norbert. 1968. ''Cybernetics and Society''. Moscow. (In Russian).
330
