The analysis of a problem a substantiation of norms of safety of medical information of information systems in the form of quantitative requirements to security indicators is carried out. Mathematical statement of a problem of rationing of requirements to safety of the information of medical information systems is put in the form of an optimizing problem. On the basis of the comparative analysis of methods of the decision of optimizing problems with reference to the mathematical expression formalizing model of protection of the information, the algorithm of rationing based on methods of evolutionary modeling of protection of the information in medical information systems is offered. Use of genetic algorithms for the decision of optimizing problems of rationing of requirements to safety of the information allows to overcome a number of problems arising at application gradient methods in connection with a multi-peak kind of function conforming and a considerable quantity of optimized parameters. With use of the special software intended for realization of genetic algorithms from structure of the environment of mathematical calculations Matlab rationing of requirements to safety of the information is spent. As initial data the standard data containing in the most known popular database of realization of threats of safety of the information accumulated DARPA are used. Results of rationing of requirements safety are led to the information of medical information systems with use of evolutionary modelling at connection to a network "Internet" according to standard levels of realization of threats of safety of the information.
medical information systems, information safety, genetic algorithm, evolutionary model
В настоящее время в здравоохранении России в соответствии с федеральной целевой программой «Здравоохранение России» реализуются проекты по внедрению в поликлиниках и больницах электронных медицинских карт пациентов, предоставлению услуг «электронной регистратуры», созданию территориальных медицинских регистров и медицинских информационных систем (МИС). Эта качественно новая технологическая среда информационного взаимодействия создает также и множество новых проблем, связанных с обеспечением конфиденциальности медицинской информации и сохранением врачебной тайны при их использовании [10-12].
Особую актуальность при реализации этих проектов приобретает проблема обеспечения защиты конфиденциальной информации в отношении специфичного класса защищаемой информации - персональных данных (ПДн), гарантия защиты которых закреплена законодательно [1,2].
1. Federal´nyy zakon N 323-FZ «Ob osnovakh okhrany zdorov´ya grazhdan v Rossiyskoy Federatsii» ot 21 noyabrya 2011 g. Russian.
2. Federal´nyy zakon «O personal´nykh dannykh» № 152-FZ, ot 27 iyulya 2006 goda. Russian.
3. Metodicheskie rekomendatsii po organizatsii zashchity informatsii pri obrabotke personal´nykh dannykh v uchrezhdeniyakh zdravookhraneniya, sotsial´noy sfery, trada i zanyatosti. Utverzhdeny Ministerstvom zdravook-hraneniya i sotsial´nogo razvitiya RF 23.12.2009 g., soglasovany s FSTEK Rossii. Russian.
4. Metody i sredstva povysheniya zashchishchennosti avtomatizirovannykh sistem: monografiya / VA. Khvostov [i dr.]; pod obshch. red. d-ra tekhn. nauk, prof. S.V. Skrylya i d-ra tekhn. nauk, prof. E.A. Rogozina Voronezh: Voronezhskiy institutMVD Rossii; 2013. Russian.
5. Kislyak AA, Makarov OYu, Rogozin EA, Khvostov VA. Metodika otsenki veroyatnosti nesanktsionirovannogo dostupa v avtomatizirovannye sistemy, ispol´zuyushchie protokol ТСР/IР. Informatsiya i bezopasnost´. 2009;12(2):285-8. Russian.
6. Kislyak AA, Makarov OYu, Rogozin EA, Khvostov VA. Ob odnom sposobe formalizatsii ponyatiya stoykosti funktsii bezopasnosti GOST ISO/MEK 15408. Vestnik Voronezhskogo gosudarstvennogo tekhnicheskogo universiteta. 2009;5(2):94-8. Russian.
7. Goldberg D. Genetic Algorithms in Search, Optimization, and Machine Learning. Massachusetts: Addi-son-Wesley; 1989.
8. Mitchell M. An Introduction to Genetic Algorithms. Cambridge: MIT Press; 1999.
9. Cheung S, Lindqvist U, Fong M. "Modeling Multistep Cyber Attacks for Scenario Recognition," Proceedings of the Third DARPA Information Survivability Conference and Exposition (DISCEX III), vol. 1, IEEE; 2003.
10. Khadartsev AA, Yashin AA, Es´kov VM, Agarkov NM, Kobrinskiy BA, Frolov MV, Chukhraev AM, Khromushin VA, Gontarev SN, Kamenev LI, Valentinov BG, Agarkova DI. Informatsionnye tekhnologii v meditsine: Tula; 2006. Russian.
11. Es´kov VM, Filatova OE, Fudin NA, Khadartsev AA. Novye metody izucheniya intervalov ustoychivosti biologicheskikh dinamicheskikh sistem v ramkakh kompartmentno-klasternogo podkhoda [New methods of investigation of biological dynamic systems´ stability according to compartmental-cluster approach]. Vestnik novykh meditsinskikh tekhnologiy. 2004;11(3):5. Russian.
12. Khromushin VA, Khadartsev AA, Khromushin OV, Chestnova TV. Obzor analiticheskikh rabot s ispol`zovaniem algebraicheskoy modeli konstmktivnoy logiki [The review of analytic works with the application of constructive logic model development]. Vestnik novykh meditsinskikh tekhnologiy. (Elektronnoe izdanie) [Internet]. 2011 [cited 2011 Aug 16];l:[about 4 p.]. Russian. Available from: http://www.medtsu.tula.ni/VNMT/ Bulle-tin/E2011-1/LitObz.pdf
