*4.2.3 Biometric systems*

Biometrics is considered a solution in information security problems; biometrics has the necessary assurances that the information stored in databases in institutions

**153**

*An Approach to Optimize the Management of Information Security in Public Organizations…*

cannot be manipulated and lose their integrity. There are some types of biometric systems that can be used, such as fingerprint, iris reader, facial recognition, and voice recognition. The use of multimodal biometrics has been considered in the

The Ledger technology is based on the blockchain that ensures the registration of information in a distributed architecture, at the highest possible level, despite being distributed. With Ledger technology, we are thinking of a specific purpose

It is a technology that consists of a network infrastructure based on blockchain.

All public organizations must apply good information security practices such as those defined in ISO 27001, define appropriate indicators, change of culture in the area of information and communications technologies (ICT) by executives, consider the Cobit 5.0 methodology that the technologies of information and communications govern the organization (separate what is management and

In addition, the following good practices are suggested: update systems, limit users, block output systems, separate the most important files, automate, monitor permanently, define safety standards, unify processes, and educate internal and

In this research, several alternatives were analyzed to improve the security of the information such as mechanical safety that is applied in an appropriate way for each organization and definition of all the processes of each public organization, models, prototypes, and cryptographic security algorithms using techniques of flow chart,

It should be noted that in the publications of the reference of [7–33], you can

The situation of Information and Communications Technologies (ICT) in Ecuador, definition of processes, conceptual security models, cryptographic algorithms, security models, analysis of security protocols, technological infrastructures, technologies, applied to public organizations in Ecuador in this case to the Civil Registry and National Electoral Council of Ecuador. To be considered as

alternatives to improve the management of information security.

**5. Alternatives to improve information security**

Hyperledger fabric (HLF) is an open source implementation of a distributed accounting platform to execute intelligent contracts in a modular architecture. The implementation of Hyperledger technologies will mitigate the risks of information; because in all the transactions you make, you will register through immutable

distributed network, a network that shares a local maintenance [45].

*DOI: http://dx.doi.org/10.5772/intechopen.88931*

study [44].

*4.2.4 Ledger*

*4.2.5 Hyperledger*

**4.3 Good practices**

government).

external users.

etc. [7–33].

**5.1 Description in general**

find the following information:

log [46].

*An Approach to Optimize the Management of Information Security in Public Organizations… DOI: http://dx.doi.org/10.5772/intechopen.88931*

cannot be manipulated and lose their integrity. There are some types of biometric systems that can be used, such as fingerprint, iris reader, facial recognition, and voice recognition. The use of multimodal biometrics has been considered in the study [44].

## *4.2.4 Ledger*

*Fault Detection, Diagnosis and Prognosis*

The Clark-Wilson model is based on four principles: authentication, audit trail,

• Restricted data elements (CDIs) that are elements or objects whose integrity

• Unrestricted data elements (UDIs) that are elements or objects that are not covered by the integrity policy, such as the input data, but which are relevant since

The Chinese Wall model is oriented to guarantee the confidentiality of the information it raises and provides controls to reduce conflicts of interest that may

The Bell-LaPadula model's strength lies in multilevel security, which does not allow sensitive information to be filtered by people or entities that do not have the appropri-

The importance of cryptography is that it is the only current method able to enforce the objective of computer security "maintain privacy, integrity, and authenticity" and enforce nonrejection, related to not being able to deny authorship and

Applications require robust and inviolable registration systems, for example electronic voting or bank information systems. At Scytl, we use technologies called immutable records, which are implemented in electronic voting solutions. This technology ensures the integrity, authenticity, and nonrepudiation of the generated records; therefore, in case of any event, the auditors can use them to investigate the problem. To improve the integrity of the information, an implementation for immutability is required, the integrity tests of the secure registers within the chain

Biometrics is considered a solution in information security problems; biometrics has the necessary assurances that the information stored in databases in institutions

of blocks known as Bitcoins that is based on SHA-1 [43].

exist between organizations that handle the same business logic [40].

ate level of access; this helps maintain a certain degree of confidentiality [41].

Clark-Wilson is a widely used model to protect business information against unauthorized modification. In the CW model, the data in the system are requested

separation of obligations, and well-formed transactions.

they can be transformed into CDIs [39]

**4.1 Security models**

in two groups:

*4.1.1 Model Clark-Wilson*

must be maintained

*4.1.2 Chinese Wall Model*

*4.1.3 Model Bell-LaPadula*

**4.2 Security technologies**

reception of a message sent [42].

*4.2.1 Cryptography*

*4.2.2 Log inmutables*

*4.2.3 Biometric systems*

**152**

The Ledger technology is based on the blockchain that ensures the registration of information in a distributed architecture, at the highest possible level, despite being distributed. With Ledger technology, we are thinking of a specific purpose distributed network, a network that shares a local maintenance [45].

#### *4.2.5 Hyperledger*

It is a technology that consists of a network infrastructure based on blockchain. Hyperledger fabric (HLF) is an open source implementation of a distributed accounting platform to execute intelligent contracts in a modular architecture. The implementation of Hyperledger technologies will mitigate the risks of information; because in all the transactions you make, you will register through immutable log [46].

#### **4.3 Good practices**

All public organizations must apply good information security practices such as those defined in ISO 27001, define appropriate indicators, change of culture in the area of information and communications technologies (ICT) by executives, consider the Cobit 5.0 methodology that the technologies of information and communications govern the organization (separate what is management and government).

In addition, the following good practices are suggested: update systems, limit users, block output systems, separate the most important files, automate, monitor permanently, define safety standards, unify processes, and educate internal and external users.
