Resumen
In the paper the methods of estimation of security of the distributed information systems in the conditions of assumptions of security with usage of language of diagrams of information security are developed. The principle of prevention of damage which can be caused to the distributed information system at realization of various threats is the cornerstone of any assessment of security. Prevention of realization of threats is based on the analysis of vulnerabilities and accounting of a possibility of usage of these vulnerabilities.Diagram of information security of the whole distributed information system is based on elementary diagrams of information security. It is shown how it is possible to estimate an information security of the whole system described by the global diagram of information security on the basis of elementary diagrams of information security. The set of security assumptions is constructed on the basis of ways to vulnerabilities of the distributed information systems. Thus, in the conditions of security assumptions the security of all distributed information system is proved.In this paper the compromise between the value of information and the assumptions of malicious opportunities is considered. The value of information is estimated on the basis of classification and size of damage in case of leak or violation of integrity of information.At such approach the economic factor of ensuring information security begins to play an essential role. Namely, it is expedient to create the least expensive systems of information security which guarantee security in the conditions of the set of security assumptions. The approach considered in the paper is defined by the requirement of mass digitalization which will be required for development of small and medium business in the conditions of digital economy.