Skip to main content
SpringerLink
Log in

Protection of the information resources of a library based on analysis of business processes

  • Published:
Scientific and Technical Information Processing Aims and scope

Abstract

This paper justifies the relevance of the reliable protection of information and the development of measures to reduce information risks in libraries with comprehensive information resources. A brief description of the objects of protection and the main threats, including those that are related to the processing of personal data, is provided. It is alleged that analysis of models of the business processes of a library makes it possible to track the impacts of changes on many aspects of information security. The position of the information system for security analysis of the business process in the overall system of information security is determined. Steps for the formalization and updating of the rights of access to information resources of a library are illustrated. It is emphasized that the basic document for information-security risk management is a threat model that reflects the data on sources of threats and vulnerabilities of the system, impacted objects, and a number of other parameters. A block diagram that illustrates the process of analyzing the threats and vulnerabilities and a knowledge meta-model for the management of information-security risks are provided. It is concluded that based on the relationship of business processes that are reflected in a formal notation it is possible to automatically obtain the data on the degree of influence of security aspects of information objects of a particular sub-process on the results of business processes of a higher level, and as a result, on the achievability of the purposes of an organization.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Chernykh, O., Information services and the organization of the market using Internet technologies. http://citforum.ru/abtec/s2/3.shtm. Cited June 22, 2015.

    Google Scholar 

  2. Kulikov, L.V., Prakticheskoe rukovodstvo po razvitiyu obshchedostupnykh munitsipal’nykh bibliotek: normativnyi podkhod (Practical Guide to the Development of Public Municipal Libraries: Regulatory Approach), St. Petersburg: RBV, RNB, 2010.

    Google Scholar 

  3. Medyankina, I.P., Distance learning technologies: Study of Information Needs of Students, Vestn. NGUEU, 2012, no. 1, pp. 236–246.

    Google Scholar 

  4. Medyankina, I.P. and Bobrov, L.K., University library in distance education: The use of elements of the Logical Framework Analysis, Nauchn. Tekh. Bibl., 2009, no. 12, pp. 5–11.

    Google Scholar 

  5. World history of infections. http://lenta.ru/articles/2014/11/18/virus/. Cited June 12, 2015.

  6. Internet: figures and facts (3). http://www.bizhit.ru/index/digital_internet_3/0-563. Cited June 12, 2015.

  7. Evgeny Kaspersky on trends in information security. http://www.it-weekly.ru/market/security/74418.html. Cited June 12, 2015.

  8. Kaspersky Security Bulletin 2014. https://securelist.ru/files/2014/12/Kaspersky-Security-Bulletin-2014-RU.pdf. Cited May 12, 2015.

  9. The Digital World in 2025. http://beta.futureview.ru/files/documents/505966f4379ce1000000001c.pdf. Cited June 10, 2015.

  10. Antipov, G., Guzner, I.A., Donskikh, O.A., Ermolenko, S.M., Ivonin, Yu.P., Isakov, S.P., Lesnevskii, Yu.Yu., Lizunova, I.V., Litvintseva, G.P., Makarova, N.I., Muratov, P.D., Os’muk, L.A., Sivirinov, B.S., Smirnova, O.V., et al., Round table: Are libraries without books the inevitability of the future? Idei i Idealy, 2011, vol. 1, no. 2, pp. 2–22.

    Google Scholar 

  11. Svergunova, N.M., Information security of libraries. http://library.gu-unpk.ru/docs/publ_sotr/Informacionnay%20bezopasnosti.pdf. Cited June 4, 2015.

    Google Scholar 

  12. Rodionova, Z.V., Technology of access rights change management based on analysis of business processes, Vestn. NGUEU, 2011, no. 1, pp. 16–21.

    Google Scholar 

  13. Pestunova, T.M. and Rodionova, Z.V., Information system for managing access rights on the basis of analysis of business processes. Part 2, Dokl. Tomsk. Gos. Univ. Sist. Upr. Radioelektron., 2010, no. 2 (22), pp. 253–256.

    Google Scholar 

  14. Pestunova, T.M., Rodionova, Z.V., and Gorinova, S.D., Analysis of aspects of information security based on formal models of business processes, Dokl. TUSUR, 2014, pp. 150–156.

    Google Scholar 

  15. Astakhov, A.M., Iskusstvo upravleniya informatsionnymi riskami (Art of Information Risk Management), Moscow: DMK-Press, 2010.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Economic Informatics, Novosibirsk State University of Economics and Management, Novosibirsk, Russia

    Z. V. Rodionova & L. K. Bobrov

Authors
  1. Z. V. Rodionova
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. L. K. Bobrov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Z. V. Rodionova.

Additional information

Original Russian Text © Z.V. Rodionova, L.K. Bobrov, 2016, published in Nauchno-Technicheskaya Informatsiya, Seriya 1, 2016, No. 1, pp. 21–29.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rodionova, Z.V., Bobrov, L.K. Protection of the information resources of a library based on analysis of business processes. Sci. Tech.Inf. Proc. 43, 20–27 (2016). https://doi.org/10.3103/S0147688216010032

Download citation

  • Received:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0147688216010032

Keywords

Search

Navigation