CC BY
64
SYSTEM SECURITY ASPECTS OF THE INFORMATION-EDUCATIONAL ENVIRONMENT OF HIGH SCHOOL Tulakova S.R.1, Mukhammadjonov Kh.Z.2, Umarov Kh.T.3, Abdullahuzhayev D.R.4 Email: Tulakova17149@scientifictext.ru
1Tulakova Saida Rivojidinovna - Teacher, DEPARTMENT OF NATURAL SCIENCES;
2Mukhammadjonov Khozhiakbar Zafarjon ugli - Student; 3Umarov Khusniddin Turdali ugli - Student;
4Abdullahuzhayev Davron Ravshankhuzha ugli - Student, FACULTY OF COMPUTER ENGINEERING, FERGHANA BRANCH TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES, FERGHANA, REPUBLIC OF UZBEKISTAN
Abstract: the application of a systematic approach to the organization's secure information-educational environment of high school. Analyzes of information security threats, formulates principles of secure information-educational environment of high school. The material basis of IEE is based on a complex of computer technology, software, data transmission channels, means of displaying and storing information, which are widely used in the educational process. In addition, students themselves are actively using mobile phones, smartphones, personal digital assistants, as useful add-ons that help store, view information, and carry out communication activities.
Keywords: safe educational environment, a systematic approach of information security threats.
СИСТЕМНЫЕ АСПЕКТЫ ОРГАНИЗАЦИИ БЕЗОПАСНОЙ ИНФОРМАЦИОННО-ОБРАЗОВАТЕЛЬНОЙ СРЕДЫ ВУЗА
1 2 3
Тулакова С.Р. , Мухаммаджонов Х.З. , Умаров Х.Т. , Абдуллахужаев Д.Р.4
1Тулакова Саида Ривожидиновна - преподаватель, кафедра естественных наук; 2Мухаммаджонов Хожиакбар Зафаржон угли - студент; 3Умаров Хусниддин Турдали угли - студент;
4Абдуллахужаев Даврон Равшанхужа угли - студент, факультет компьютерного инжиниринга, Ферганский филиал Ташкентский университет информационных технологий, г. Фергана, Республика Узбекистан
Аннотация: рассматривается применение системного подхода к организации безопасной информационно-образовательной среды вуза. Проанализированы угрозы информационной безопасности, сформулированы принципы построения безопасной информационно-образовательной среды вуза. Материальная основа ИОС базируется на комплексе средств вычислительной техники, программного обеспечения, каналов передачи данных, средств отображения и хранения информации, которые достаточно широко используются в учебно-воспитательном процессе. Кроме того, сами студенты активно применяют мобильные телефоны, смартфоны, карманные персональные компьютеры, как полезные дополнения, помогающие хранить, просматривать информацию, осуществлять коммуникационную деятельность. Ключевые слова: безопасная информационно-образовательная среда, системный подход, угрозы информационной безопасности.
UDC 004.514.6
The present historical period is characterized by significant transformations in the field of education, occurring under the influence of the processes of globalization, the widespread adoption of information processes and technologies, and the information openness of society. Competition in the field of education leads to continuous improvement of forms and methods of training, the creation of new educational technologies and tools.
So, one of the characteristic trends of our days in the field of education has been the creation and active use of the so-called information-educational environment (IEE).
The functioning of the electronic information and educational environment of the university is ensured by appropriate means of information and telecommunication technologies and the qualifications of the employees who use and support it.
Obviously, the IEE of the university is an element of the global information and educational space where the information interaction of various participants in this process is carried out, which are both individual entities (students, teachers, administration, network administrators), educational, public and other organizations. The development of IEE is a very knowledge-based activity, in which teachers, psychologists, methodologists, programmers, as well as computer designers participate together.
The experience of universities shows that the security problem of IEE of a university is determined, first of all, by information security and, therefore, one of the tasks in its design and construction should be the task of implementing information security requirements.
By a university's safe information and educational environment (SIEE) we mean the university's information and educational environment, supplemented by hardware, software and organizational means and methods of protection against negative information, which ensures the safety and protection of the personal information environment of all subjects of the educational process in the university in order to create conditions for the most complete development and implementation of their individual abilities and capabilities [1, p. 338, 3, p. 152].
The organization of university SIEE should be preceded by an analysis of the possible sources and nature of threats to information security in an educational organization.
The following threats to information security are relevant for an educational organization:
- violation of confidentiality of information (unauthorized receipt of information, including personal data of teachers and students, official information about the university itself);
- technical failures and malfunctions of computers and data transmission equipment, violations of the energy supply of equipment, physical destruction or damage to equipment;
- malicious and unwanted software, hacker attacks and spam;
- unauthorized use of unlicensed software;
- violation of copyright and intellectual property rights.
In general, information threats are determined by violations of the conditions of confidentiality, integrity and accessibility of information in the IEE.
Thus, ensuring a safe IEE of a university is a complex multidimensional task, for the solution of which it is proposed to apply a systematic approach, which involves considering the IEE as a complex system and a sequential transition from general to particular when the goal is based on the study, and the object under study stands out from the environment.
In our opinion, this approach should be based on the application of a number of principles: systemicity, hierarchical knowledge, integrativity, formalization.
The principle of consistency means that IEE is considered as a system, i.e. taking into account relations with the environment, the possibility of dividing into elements, taking into account system-forming relationships.
The IEE of the university operates in the global information and educational space, interacting with the IEE of other educational, scientific and other organizations.
When applying the systematic approach to the university's SIEE, decomposition (structuring) should be carried out taking into account the purpose of structural research -
identifying elements that affect the security of the system, their relationships and mutual influence. Obviously, information storage centers, data transmission channels, access points to information resources, IEE user entities, and others can be represented as such elements. At the same time, the hierarchical nature of both the decomposition itself and the structure formed as a result of its implementation is common.
Thus, when organizing a safe IEE of a university from the perspective of functional components, it is possible to distinguish subsystems: educational content, teaching materials, management documentation, local regulatory acts, financial documents, and a number of others.
From the standpoint of ensuring the safe functioning of the IEE, it is possible to distinguish the subsystems: technical (hardware) support, software, information, mathematical, organizational and personnel support.
Further decomposition, for example, of the technical support subsystem, leads to the differentiation of many computers included in the computer network. Each computer can, on the one hand, be represented as an IEE element, on the other, as a system that includes separate devices as elements.
Analyzing from the point of view of ensuring the safety of communication between elements and subsystems in a real IEE of a university, it should be noted that the number of all interconnections is huge, so it is impossible to take into account and investigate absolutely all the relationships, therefore their number must be artificially limited, i.e. those links that practically do not affect safety are insignificant and can not be considered.
The principle of hierarchical knowledge of the IEE of a university requires a three-level study of IEE: the study of the subject itself is "own level", the study of the same subject as an element of a broader system is the "higher level" and, finally, the study of this subject in relation to the components composing this subject is "downstream" level". At the same time, bidirectional information flows and potential actions from the higher and lower levels are analyzed. The higher level for the university's IEE is the global information and educational space based on the Internet. The lower level is formed by the aforementioned subsystems and elements of IEE. This suggests that, when deciding how to organize a secure IEE, one should analyze both possible information threats "from above", for example, hacker attacks on the university's website, and actions aimed at violating information security "from below", from the staff and students of the university.
The principle of integrativity reflects the peculiarity of the system approach that it is aimed at studying the integrative properties and patterns of IEE of a university, i.e. such properties that are inherent in the whole system as a whole, but do not appear in the totality of its constituent elements. Therefore, the SIEE of the educational organization, as a system, has a new quality - it creates a set of conditions in which the educational and professional activities of students and teachers take place directly, personal qualities of students are formed, management and methodological activities are carried out, and information security competencies of the individual are formed.
The principle of formalizing the consideration of SIEE as a system means that the system approach is aimed at obtaining quantitative characteristics to ensure environmental safety conditions, creating methods that narrow the ambiguity of concepts.
Speaking about the IEE of the university from the point of view of a systematic approach, it is necessary to fill with concepts such as efficiency, safety and quality, build a model of a safe information and educational environment.
Organization of safe IEE of a university using a systematic approach contains four main stages:
- Understanding and setting the goal of the event to organize safe IEE of the university;
- building a SIEE model that meets the goals of organizing a safe IEE of a university;
- organization and conduct of experiments with the model;
- processing and interpretation of the results, their application to the system.
The system description of the university's SIE should reflect: the functional properties of the system (the content of the activity-functioning), morphology (components and relationships between them), information characteristics (accuracy, organization, uncertainty, controllability). In accordance with this description of SIEE as a system can be functional, morphological and informational [2, p. 84-89].
Obviously, the process of organizing a safe educational information environment is continuous and cyclical. In the process of functioning of the IEE, it is necessary to return to the first stage, which entails the repetition of subsequent stages. Thus, IEE will be modified to effectively perform its tasks, while ensuring information security.
From the foregoing, it can be concluded that the organization and functioning of a safe information and educational environment of a university is impossible without a systematic approach in which each component is a relatively independent subsystem and has a number of elements.
References / Список литературы
1. Andrianov V.V. Ensuring business information security [Text] / V.V. Andrianov, S.L. Zefirov, V.B. Golovanov, N.A. Golduyev // Alpina Publishers, 2011. P. 338.
2. Bogatyreva Yu.I. Infosafe school environment as a condition for ensuring information security of the younger generation [Text] / A.N. Privalov, Yu.I. Bogatyreva, V.A. Romanov // Computer Science and Education, 2014. № 9. P. 84-89.
3. Korotenkov Yu.G. Information educational environment of the primary school [Text]. M.: IT Academy, 2011. P. 152.
