February 2026, № 1 (249), pages 49-55

doi: 10.25198/1814-6457-249-49

Vlatskaya I.V. FROM THE CYBER IMMUNITY METHODOLOGY TO CONSTRUCTIVE SECURITY IN THE EDUCATION OF SPECIALIST AND BACHELOR STUDENTS IN INFORMATION AND INFORMATION TECHNOLOGY PROGRAMSIn the context of digitalization and the increasing complexity of information systems, traditional approaches to information security, primarily based on reactive protective measures, demonstrate limited effectiveness. Modern cyberattacks are characterized by a high degree of automation, the use of intelligent methods for vulnerability analysis and exploitation, as well as a focus on architectural and logical flaws in information systems. In this regard, the need to transition from perimeter-based and add-on security models to architecture-oriented approaches becomes increasingly relevant.
This article examines the cyber immunity methodology proposed by Kaspersky Lab specialists as a modern paradigm for ensuring information security. It is shown that cyber immunity involves designing systems that are resilient to attacks by virtue of their architecture, rather than through the use of external security tools. Particular attention is paid to constructive security as a practical development of cyber immunity principles. The architectural concepts of MILS and FLASK are analyzed, along with their role in minimizing trust and controlling information flows.
The relationship between constructive security and contemporary international and Russian information security standards is also considered. The importance of studying these approaches in the educational process for training specialists and bachelor students enrolled in information and information technology programs is emphasized.Key words: information technologies, information security, cyber immunity, constructive security, MILS, FLASK, Zero Trust architecture.

Download

References:

1. Schneier B. (2019) Applied Cryptography: Protocols, Algorithms, and Source Code in C. 2nd ed. St. Petersburg: Piter, 784 p. (In Russ.)

2. Anderson R. (2020) Security Engineering: A Guide to Building Dependable Distributed Systems. Moscow: Technosphere, 832 p. (In Russ.)

3. Bishop M. (2018) Computer Security: Art and Science. 2nd ed. Boston: Addison-Wesley, 1248 p.

4. Saltzer J. H. and Schroeder M. D. (1975) The protection of information in computer systems. Proceedings of the IEEE, vol. 63, no. 9, pp. 1278–1308.

5. Lampson B. W. (1974) Protection. ACM SIGOPS Operating Systems Review, vol. 8, no. 1, pp. 18–24.

6. Kaspersky Lab. Cyber Immunity: A New Paradigm for Secure Systems Design (2020). Available at: https://www.kaspersky.com/cyber-immunity (accessed 10 January 2026).

7. Greve D. and Wilding M. (2002) A separation kernel formal security policy. Proceedings of the High Assurance Systems Engineering Symposium. Washington: IEEE, pp. 13–22.

8. Rushby J. (1981) Design and verification of secure systems. ACM SIGOPS Operating Systems Review, vol. 15, no. 5, pp. 12–21.

9. Spencer R., Smalley S., Loscocco P., Hibler M., Andersen D. and Lepreau J. (1999) The FLASK security architecture: system support for diverse security policies. Proceedings of the 8th USENIX Security Symposium. Washington, pp. 123–139.

10. NIST Special Publication 800-207. Zero Trust Architecture (2020). Gaithersburg: National Institute of Standards and Technology, 58 p.

11. ISO/IEC 27001:2022. Information security, cybersecurity and privacy protection (2022). Information security management systems. Requirements. Geneva: ISO.

12. IEC 62443-3-3:2013. Industrial communication networks (2013). Network and system security. Part 3-3: System security requirements and security levels. Geneva: IEC.

13. GOST R 57580.1–2017. Security of Financial (Banking) Operations. Information Protection. General Provisions. Moscow: Standartinform, 2018. (In Russ.)

14. GOST R 56939–2016. Information Protection. Secure Software Development. General Requirements. Moscow: Standartinform, 2017. (In Russ.)

15. FSTEC of Russia. Methodological Guidelines for Ensuring Information Security in Software Development. Moscow: FSTEC of Russia, 2021. 36 p. (In Russ.)

About this article

Author: Vlatskaya I.V.

Year: 2026

doi: 10.25198/1814-6457-249-49

Editor-in-chief

Sergey Aleksandrovich
MIROSHNIKOV

© Электронное периодическое издание: ВЕСТНИК ОГУ on-line (VESTNIK OSU on-line), ISSN on-line 1814-6465
Зарегистрировано в Федеральной службе по надзору в сфере связи, информационных технологий и массовых коммуникаций
Свидетельство о регистрации СМИ: Эл № ФС77-37678 от 29 сентября 2009 г.
Учредитель: Оренбургский государственный университет имени В.А. Бондаренко (ОГУ)
Главный редактор: С.А. Мирошников
Адрес редакции: 460018, г. Оренбург, проспект Победы, д. 13, к. 2335
Тел./факс: (3532)37-27-78 E-mail: vestnik@mail.osu.ru