Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
TemaKam2021-09-27 18:20:42
Information Security
TemaKam, 2021-09-27 18:20:42

In which guest is the obligation to use the state. encryption algorithm?

In which guest is the obligation to use the state. encryption algorithm?
for educational institutions, etc.

in GOST 28147-89 there is this:

The standard is mandatory for organizations, enterprises and institutions that use cryptographic protection of data stored and transmitted in computer networks, in separate computer systems or in computers

but it's cancelled, then where?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
V
Vladimir, 2021-10-04
@SibUrsus

The document you are interested in is the letter of the FSB of Russia No. 149/7/1/3-58 dated 31.01. 2014 "On the procedure for the transition to the use of new digital signature standards and hashing functions."
It "launched a stone from the mountain." According to PP No. 313 dated April 16, 2012, it is mandatory for licensed developers of CIPF, etc.
Mintsifry, then still the Ministry of Communications, released acc. NLA for ATC (accredited certification centers) and off we go, the gears of the state spun. cars.

Report
V
Valentine, 2021-09-27
@vvpoloskin

It doesn't work like that. Any terms of reference, methodological recommendations are accompanied by a “justification” section, which lists the basic legal acts (including standards and specifications) that must be observed. Cryptography is used for some purpose, usually to encrypt a channel or sign a document with a qualified electronic signature. You need to look at what your goals are and what legal framework they fall under (FSTEC orders, government decrees, federal laws).

Report
K
kalapanga, 2021-09-27
@kalapanga

For information constituting a state secret, there is, for example, such a document
www.fsb.ru/fsb/science/single.htm%21id%3D10438446%...

Report
U
Uncle Seryozha, 2021-10-02
@Protos

There's no such thing. There is personal data protection, there is a law on personal data, it contains the phrase:

3) the use of information security tools that have passed the conformity assessment procedure in accordance with the established procedure;

And like this:
4. The composition and content of the organizational and technical measures necessary to fulfill the requirements for the protection of personal data established by the Government of the Russian Federation in accordance with part 3 of this article for each of the security levels, organizational and technical measures to ensure the security of personal data during their processing in personal data information systems are established by the federal body executive authority authorized in the field of security [now FSB], and the federal executive authority authorized in the field of countering technical intelligence and technical protection of information [now FSTEC], within their powers

Accordingly, the measures are established by the FSB.

Similar questions
S
Sergey2015-11-16 15:56:24
What useful books in the following areas do you know? 4Reply
S
StrangeAttractor2015-11-18 16:34:53
How to deal with the error "Error: Unable to initialize GTK+, is DISPLAY set properly?" when trying to run a proprietary Linux application with AppArmor? 2Reply
D
Dmitry Petrov2012-04-22 19:03:12
Fingerprint Readers - Data Storage 3Reply
V
Vlad M2015-11-21 05:57:29
When browsing sites, sometimes black squares appear and ... What is it? 4Reply
D
Dor1s2012-05-10 17:17:35
A site where you can practice hacking 11Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question