Approach to information security control of complex computer networks

2016 ◽  
Author(s):  
Roza R. Fatkieva ◽  
Vladimir I. Vorobiev ◽  
Dmitriy K. Levonevskiy
Keyword(s):  
Information Security ◽  
Computer Networks ◽  
Security Control ◽  
Complex Computer

The model of an intelligent information security control system for supply chains based on the spatial concepts of the actor-network theory

2020 ◽  
Vol 5 ◽  
pp. 94-106
Author(s):  
Y.M. Iskanderov ◽  
◽  
M.D. Pautov
Keyword(s):  
Control System ◽  
Information Security ◽  
Supply Chains ◽  
Network Theory ◽  
Actor Network Theory ◽  
Spatial Concepts ◽  
Actor Network ◽  
Information Security Management System ◽  
Security Control ◽  
Intelligent Information

Aim. The use of modern information technologies makes it possible to achieve a qualitatively new level of control in supply chains. In these conditions, ensuring information security is the most important task. The article shows the possibilities of applying the spatial concepts of the actor-network theory in the interests of forming a relevant intelligent information security management system for supply chains. Materials and methods. The article discusses a new approach based on the provisions of the actor-network theory, which makes it possible to form the structure of an intelligent information security control system for supply chains, consisting of three main functional blocks: technical, psychological and administrative. The incoming information security threats and the relevant system responses generated through the interaction of the system blocks were considered as enacting the three Law’s spaces: the space of regions, the space of networks and the space of fl uids. Results. It is shown that the stability of this system in the space of networks is a necessary condition for its successful functioning in the space of regions, and its resilience in the space of fl uids gained through the dynamic knowledge formation helps overcome the adverse effects of the fl uidity. The problems of the intentional / unintentional nature of information security threats, as well as the reactivity / proactivity of the corresponding responses of the intelligent information security management system for supply chains are investigated. Conclusions. The proposed approach showed the possibility of using such an interdisciplinary tool in the fi eld of information security as the concepts of the actor-network theory. The intelligent information security control system built on its basis ensures that almost all the features of solving information security problems in supply chains are taken into account.

Identifying core control items of information security management and improvement strategies by applying fuzzy DEMATEL

2015 ◽  
Vol 23 (2) ◽  
pp. 161-177 ◽  
Author(s):  
Li-Hsing Ho ◽  
Ming-Tsai Hsu ◽  
Tieh-Min Yen
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Security Management ◽  
Fuzzy Dematel ◽  
Information Security Management ◽  
Content Type ◽  
Cause And Effect ◽  
Information Security Management System ◽  
Security Control ◽  
Improvement Strategies

Purpose – The purpose of this paper is to analyze the cause-and-effect relationship and the mutually influential level among information security control items, as well as to provide organizations with a method for analyzing and making systematic decisions for improvement. Design/methodology/approach – This study utilized the Fuzzy DEMATEL to analyze cause-and-effect relationships and mutual influence of the 11 control items of the International Organization for Standardization (ISO) 27001 Information Security Management System (ISMS), which are discussed by seven experts in Taiwan to identify the core control items for developing the improvement strategies. Findings – The study has found that the three core control items of the ISMS are security policy (SC1), access control (SC7) and human resource security (SC4). This study provides organizations with a direction to develop improvement strategies and effectively manage the ISMS of the organization. Originality/value – The value of this study is for an organization to effectively dedicate resources to core control items, such that other control items are driven toward positive change by analyzing the cause-and-effect relation and the mutual influential level among information security control items, through a cause-and-effect matrix and a systematic diagram.

Maintaining Information Security in E-Government through Steganology

2011 ◽  
pp. 1393-1399
Author(s):  
Huayin Si ◽  
Chang-Tsun Li
Keyword(s):  
Information Security ◽  
National Security ◽  
Computer Networks ◽  
Rapid Expansion ◽  
The Internet ◽  
Digital Government ◽  
Open Environment ◽  
Progressive Development ◽  
Potential Applications ◽  
Potential Benefits

Traditional government structures are sometimes regarded as overly bulky. However, with the rapid expansion of interconnected computer networks and the progressive development of information technology (IT), it is now possible to exchange massive amounts of data at light speed over great distances. These infrastructures and technologies provide the opportunity for governments to transform themselves from huge monsters to compact and efficient organizations. Realizing the potential benefits of IT, as of summer 2004, 198 governments had started their e-government plans to construct digital government based on the Internet (West, 2004). One of the essential features of e-government is the transmission of confidential information via computer networks. Depending on the sensitivity of the information, the security of some information should be treated at the same level as national security. Although each e-government has its own networks, no government can say no to the Internet, because it would be a waste of resource. However, the Internet is an open environment; therefore, protecting data flowing on the Internet from attacks is a pressing e-government issue. All governments with such strategies have sought help from cryptographers and devoted huge amounts of both money and time to the development of specially designed information systems and advanced cryptosystems to strengthen information security. Unfortunately, cryptography is not adequate in some applications. As computing power keeps increasing and the techniques of cryptanalysis keep advancing, contemporary cryptosystems cannot and will not work forever. At the 24th Annual International Cryptology Conference (CRYPTO’04), MD5 and a series of related cryptosystems, which are currently in widespread use, were proved unreliable (Wang, Feng, Lai, & Yu, 2004). From the last decade, steganology—the technique for digitally hiding and detecting information – is attracting more attention. It is already regarded as a powerful complement to cryptology and a promising technique for ensuring e-national security. Unlike cryptology, which renders the encrypted information completely meaningless, steganology keeps the host media perceptually unchanged after hiding the secret information. This article will provide an in-depth explanation of the two components of steganology, namely steganography and steganalysis, and discuss their potential applications in the realm of e-national security.

Introduction, Classification and Implementation of Honeypots

2009 ◽  
pp. 371-382
Author(s):  
Miguel Jose Hernandez y Lopez ◽  
Carlos Francisco Lerma Resendez
Keyword(s):  
Information Security ◽  
Computer System ◽  
Computer Networks ◽  
Production Environment ◽  
Modern Computer ◽  
Educational Environments ◽  
Controlled Environments ◽  
Set Up ◽  
Network Administrators ◽  
Different Levels

This chapter discusses the basic aspects of Honeypots, how they are implemented in modern computer networks, as well as their practical uses and implementation in educational environments, providing the reader with the most important points regarding the main characteristics of Honeypots and Honeynets. Honeypots are defined as “closely monitored network decoys” that can be set by network administrators to deal with a wide variety of attacks and interact with users in different levels (Provos, 2004). The implementation of Honeypots provides an answer to a common question posted by the field of information security and forensics: How to dissect the elements that make up an attack against a computer system. The chapter will summarizes the different features and capabilities of Honeypots once they are set up in a production environment to clarify the elements that are needed to be configured in order for a Honeypot to accomplish its main tasks and in order for it to be considered an effective tool. The end of the chapter will shift towards the analysis of virtualization as an important tool that maximizes the practical use of Honeypots in controlled environments that are focused towards the study of attacks, responses and analysis methods.

Time-Domain Characteristics of Complex Computer Networks

1998 ◽  
Vol 110 (2) ◽  
pp. 61-72 ◽  
Author(s):  
R. A. Holden ◽  
R. W. Thomas
Keyword(s):  
Computer Networks ◽  
Time Domain ◽  
Complex Computer

Study on Information Security of Network-Based Manufacturing Environment

2014 ◽  
Vol 484-485 ◽  
pp. 493-496 ◽  
Author(s):  
Xin Ju Mo
Keyword(s):  
Information Security ◽  
Computer Networks ◽  
Preventive Measures ◽  
Rapid Development ◽  
Network Information ◽  
Threat Analysis ◽  
Major Threat ◽  
Security Of Network ◽  
Networking Technology

with the rapid development and wide application of networking technology, information security increasingly prominent problems are evident, more and more attention. The article introduced the current situation of network information security, explored the meaning of network information security, major threat analysis network information security, and finally gives the implementation technology of network information security and preventive measures, to ensure the information security of computer networks, so as to give full play to role of computer networks.

Sign in / Sign up

Export Citation Format

Share Document