Navigation: Home > Types of Security > Security of AIS/N

Security of AIS/N

Security of Automated Information Security (AIS) or networks (N) is a system of principles and measures for protection from unauthorized access of the classified information which is originated, processed, stored and transmitted in AIS or networks.

The security conditions of AIS/N cover computer, communication, cryptographic, physical and personnel security, the security of the information itself on any electronic carrier, as well as the protection from parasite electromagnetic emanations and are defined in the Regulations on the Mandatory General Terms for the Security of the Automated Information Systems and Networks where Classified Information is generated, processed, stored and transmitted.

Security Accreditation Authority for AIS/N (SAA) as per the Regulations on the Mandatory General Terms for the Security of the Automated Information Systems and Networks where Classified Information is generated, processed, stored and transmitted is Information Security Specialized Directorate of the State Agency for National Security.

The activities of SCIS on the fulfilment of the security requirements of AIS/N where classified information is originated, processed, stored and transmitted are determined by its functions Security Accreditation Authority  of Points of Presence of NATO or EU Communication and Information Systems and national Automated Information Systems and networks designated for processing NATO and EU classified information or foreign classified information provided to the Republic of Bulgaria under international agreements on mutual protection and exchange of classified information having entered into force.

In accordance with the CIPA and the Regulations on the Mandatory General Terms for the Security of the Automated Information Systems and Networks where Classified Information is generated, processed, stored and transmitted SCIS is tasked to exercise overall control on the protection of the classified information stored, processed and transmitted in AIS/N and to exercise the overall control of the process of accreditation of AIS/N for handling classified information.

The breaches found and the prescriptions given by the authority responsible for the direct control in the field of AIS/N security are included in the reports of the checks which are sent to SCIS for the purposes of the overall control.