Stages and procedures for forming a method to assess reliability of the information security systems in automated systems and main areas of its implementation in the normative-technical documentation

Methods of Estimating Reliability of Information Security Systems which Protect from Unauthorized Access in Automated Systems

SPIIRAS Proceedings ◽

10.15622/sp.2019.18.6.1301-1332 ◽

2019 ◽

Vol 18 (6) ◽

pp. 1301-1332 ◽

Cited By ~ 1

Author(s):

Oksana Bokova ◽

Irina Drovnikova ◽

Andrei Etepnev ◽

Evgeniy Rogozin ◽

Victor Khvostov

Keyword(s):

Information Security ◽

Structural Complexity ◽

Systems Design ◽

Software Systems ◽

Automated Systems ◽

Security Systems ◽

Unauthorized Access ◽

Reliability Indicators ◽

Actual Design ◽

Guidance Documents

Modern methods of protecting information from unauthorized access in automated systems are based on the use of specialized information security systems from unauthorized access. Security systems are necessarily included in the form of additional software systems in the software as in a secure execution. Information security systems from unauthorized access can be developed not only in a process of automated systems design, but also complement the system-wide software of functioning systems. The use of the information security systems from unauthorized access can reduce a overall reliability of the automated systems, if they contain errors that are not detected during debugging. The reliability of the information security systems affects effectiveness of information security (confidentiality, integrity and availability). Guidelines of the Federal Service for Technical and Export Control (FSTEC) of Russia are a methodological basis for the formation of the information security systems’ image both in the process of development and in the process of modernization of the automated systems. The guidance documents of FSTEC of Russia do not contain methodological approaches to assessing the reliability of these program systems. In this regard, the actual design of techniques of estimating reliability of the information security systems from unauthorized access in automated systems in a secure execution. The structural complexity of the information security systems from unauthorized access and large number of functions performed necessitates the use of three reliability indicators that characterize the system in solving problems of confidentiality, integrity and availability of information. To develop the technique, the known methods of evaluating the reliability of complex systems are used, which do not allow their decomposition into serial and parallel connection. The developed methods were tested in assessing the reliability of the information security systems from unauthorized access with typical indicators of initial characteristics. The results of calculations and prospects of using the developed methods are presented in the paper.

Get full-text (via PubEx)

MODEL OF THE PROCESS OF PROTECTING INFORMATION FROM COMPUTER INTELLIGENCE IN INFORMATION SYSTEMS OF ORGANIZATIONS

Высокие технологии и инновации в науке: сборник избранных статей Международной научной конференции (Санкт-Петербург, Июль 2020) ◽

10.37539/vt186.2020.79.61.004 ◽

2020 ◽

Author(s):

Вадим Георгиевич Ерышов ◽

Никита Вадимович Ерышов

Keyword(s):

Information Systems ◽

Information Security ◽

Simulation Model ◽

Automated Systems ◽

Security Systems ◽

Source Data

В статье приведено описание имитационной модели, позволяющей оценивать процесс защиты информации от компьютерной разведки в автоматизированных системах организаций в зависимости от варьируемых исходных данных, а также разрабатывать требования для перспективных систем защиты информации. The article describes a simulation model that allows us to evaluate the process of protecting information from computer intelligence in automated systems of organizations, depending on the varying source data, as well as to develop requirements for advanced information security systems.

Get full-text (via PubEx)

Method and model for quantitative assessment of the performance indicator of information security systems against unauthorized access in automated systems based on a computational experiment

Journal of Physics Conference Series ◽

10.1088/1742-6596/1902/1/012102 ◽

2021 ◽

Vol 1902 (1) ◽

pp. 012102

Author(s):

O M Bulgakov ◽

A M Kadnova ◽

V A Meshcheryakov ◽

D N Kuznetsov

Keyword(s):

Information Security ◽

Quantitative Assessment ◽

Computational Experiment ◽

Performance Indicator ◽

Automated Systems ◽

Security Systems ◽

Unauthorized Access

Get full-text (via PubEx)

Methods for assessing the efficiency of access control subsystems at informatization facilities of internal affairs bodies and aspects of their improvement

Herald of Dagestan State Technical University Technical Sciences ◽

10.21822/2073-6185-2021-48-2-29-39 ◽

2021 ◽

Vol 48 (2) ◽

pp. 29-39

Author(s):

A. V. Batskikh ◽

V. V. Konobeevskikh ◽

S. V. Efimov

Keyword(s):

Information Security ◽

Access Control ◽

Information And Communication Technologies ◽

System Analysis ◽

Security Level ◽

Automated Systems ◽

Security Systems ◽

Advantages And Disadvantages ◽

Industry Standards ◽

Internal Affairs

Objective. The purpose of the article is to analyse the existing methodology used to assess the efficiency of automated information security systems by studying open literature sources, international and industry standards of the Russian Federation on information security of automated systems, guidelines and orders of the Federal Service for Technical and Expert Control of Russia, as well as departmental orders, instructions and regulations on information security at informatization facilities of internal affairs bodies. The analysis results in identifying the advantages and disadvantages of the specified methodology, as well as the possibilities of its use when conducting a quantitative assessment of the efficiency of access control subsystems of information security systems at the informatization facilities of internal affairs bodies. Methods. To achieve this goal, the method for system analysis of approaches used to assess the efficiency of information security tools and systems has been applied. Results. The paper presents results of analysing the main approaches used to assess the efficiency of tools and systems for information security of automated systems. The paper determines the relationship between the efficiency indicator of access control subsystems of information security systems and the main disadvantage of their use in protected automated systems of internal affairs bodies. The paper substantiates main directions of improving the existing methodology, proposes methods and indicators for quantifying the efficiency of access control subsystems (including those modified on the basis of using new information and communication technologies) of information security systems in protected automated systems of internal affairs bodies. Conclusion. The results obtained can be used to quantify the security level of existing automated systems and those being developed at informatization facilities of internal affairs bodies.

Get full-text (via PubEx)

Parallel Combining Different Approaches to Multi-pattern Matching for Fpga-based Security Systems

Advances in Cyber-Physical Systems ◽

10.23939/acps2020.01.008 ◽

2017 ◽

Vol 5 (1) ◽

pp. 8-15

Author(s):

Sergii Hilgurt ◽

Keyword(s):

Information Security ◽

Pattern Matching ◽

Intrusion Detection System ◽

Detection System ◽

Finite Automata ◽

Network Intrusion Detection ◽

Security Systems ◽

Analytical Technique ◽

Network Intrusion ◽

Pros And Cons

The multi-pattern matching is a fundamental technique found in applications like a network intrusion detection system, anti-virus, anti-worms and other signature- based information security tools. Due to rising traffic rates, increasing number and sophistication of attacks and the collapse of Moore’s law, traditional software solutions can no longer keep up. Therefore, hardware approaches are frequently being used by developers to accelerate pattern matching. Reconfigurable FPGA-based devices, providing the flexibility of software and the near-ASIC performance, have become increasingly popular for this purpose. Hence, increasing the efficiency of reconfigurable information security tools is a scientific issue now. Many different approaches to constructing hardware matching circuits on FPGAs are known. The most widely used of them are based on discrete comparators, hash-functions and finite automata. Each approach possesses its own pros and cons. None of them still became the leading one. In this paper, a method to combine several different approaches to enforce their advantages has been developed. An analytical technique to quickly advance estimate the resource costs of each matching scheme without need to compile FPGA project has been proposed. It allows to apply optimization procedures to near-optimally split the set of pattern between different approaches in acceptable time.

Get full-text (via PubEx)