Information model for countering the illegal distribution of personal data in information systems

The article presents an information model for ensuring the security of personal data in information systems, based on the Secure Remote Password protocol and Russian cryptographic algorithms GOST R34.12−2015 («Kuznechik») and GOST 34.11−2018 («Stribog»). An analysis of threats and vulnerabilities of the information systems, the regulatory framework and modern methods of protecting personal data is carried out. A modular software implementation has been developed that is resistant to the main types of attacks, including traffic interception, man-in-the-middle attacks and database leaks.