Mathematical model of the polyalphabetic information security system based on the normal generalized knapsack

2014 ◽  
Author(s):  
Osipyan V.O.
Keyword(s):  
Mathematical Model ◽  
Information Security ◽  
Security System

scholarly journals THE TECHNIQUE OF SUBSTANTIATING THE RATIONAL COMPOSITION OF INFORMATION SECURITY TOOLS WITH CONSTRAINED RESOURCES

2021 ◽  
Vol 63 (1) ◽  
pp. 13-19
Author(s):  
Iurii I. Sineshchuk ◽  
◽  
Tatiana I. Davydova ◽  
Keyword(s):  
Mathematical Model ◽  
Information Security ◽  
Minimum Cost ◽  
Optimization Criterion ◽  
Security System ◽  
Different Types ◽  
Economic Constraints ◽  
The Cost ◽  
Nonlinear Nature ◽  
Rational Composition

Finding the optimal structure of an information security system is an important task complicated by its uncertain, stochastic and nonlinear nature especially, if resources are constrained. The article considers a mathematical model for determining the cost of damage prevented by information security tools, and the cost of their installation and maintenance. The optimization criterion is the minimum cost of the damage prevented. Task variables are the number of different types of security features installed in the security system. The authors propose a methodology to substantiate rational composition of information security tools, taking into account economic constraints.

scholarly journals MATHEMATICAL MODEL OF INFORMATION SECURITY’S THEAT AGENT

2018 ◽  
pp. 63-72
Author(s):  
Yury Shcheblanin ◽  
Dmytro Rabchun
Keyword(s):  
Mathematical Model ◽  
Information Security ◽  
A Priori ◽  
Fractional Power ◽  
Target Function ◽  
Information Leakage ◽  
Security System ◽  
Parameter Distribution ◽  
Distribution Law ◽  
The One

To provide information security in automated control systems, the construction of an effective system of information security, it was not enough to identify channels of information leakage, to analyze the possible threats, the consequences of their implementation and estimate the losses. It is necessary to imagine an offender even better. An offender model is one of the most important components of a possible scenario for unlawful actions on access to information. The existence of such a model of a security breach, which is constantly corrected on the basis of obtaining new knowledge about the possibilities of the offender and changes in the security system, based on an analysis of the causes of violations, will allow themselves to affect these reasons, as well as more precisely define the requirements for the information security system from this type of violations. Correctly constructed model of the violator of information security, (adequate to reality), which reflects his practical and theoretical capabilities, a priori knowledge, time and place of action, etc. characteristics are an important part of a successful risk analysis and the definition of requirements for the composition and characteristics of the protection system. The difficulties of mathematical modeling in the study of information confrontation, which are conditioned, on the one hand, by the uncertainty of the opponent’s actions, and on the other, the complexity of creating a conditional image, which in the largest degree corresponds to the branched protective structure, is considered in the paper. When creating a mathematical model one of the main tasks is to determine the parameters and characteristics that form the target function. The consideration of this task is devoted to this work. A model is considered in which the target function determines the proportion of information lost during an attack and is expressed through the dynamic vulnerability of the system, which depends on the ratio of attacks and protection resources, as well as on the likelihood of the implementation of such a relationship. The form of these dependencies is considered. The vulnerability is expressed by the fractional-power function in which the degree of power is determined by the nature of the information system and its structure. The density of probability of allocating an attack of resources with a given number of defense resources is given by a two-parameter distribution law. By selecting the indicators in both dependencies, it is possible to reach their maximum approximation to the statistical curves and eventually to form an explicit form of the target function.

IRISK METHOD FOR SECURITY ESTIMATION OF THE SIMULATION POLYGON FOR THE PROTECTION OF CRITICAL INFORMATION RESOURCES

2019 ◽  
Author(s):  
Bogdan Korniyenko ◽  
Lilia Galata
Keyword(s):  
Risk Assessment ◽  
Information System ◽  
Information Security ◽  
Risk Analysis ◽  
Information Resources ◽  
Security System ◽  
Assessment System ◽  
Automated System ◽  
Information Risk ◽  
Critical Information

In this article, the research of information system protection by ana­ ly­ zing the risks for identifying threats for information security is considered. Information risk analysis is periodically conducted to identify information security threats and test the information security system. Currently, various information risk analysis techni­ ques exist and are being used, the main difference being the quantitative or qualitative risk assessment scales. On the basis of the existing methods of testing and evaluation of the vulnerabilities for the automated system, their advantages and disadvantages, for the possibility of further comparison of the spent resources and the security of the information system, the conclusion was made regarding the deter­ mi­ nation of the optimal method of testing the information security system in the context of the simulated polygon for the protection of critical information resources. A simula­ tion ground for the protection of critical information resources based on GNS3 application software has been developed and implemented. Among the considered methods of testing and risk analysis of the automated system, the optimal iRisk methodology was identified for testing the information security system on the basis of the simulated. The quantitative method Risk for security estimation is considered. Generalized iRisk risk assessment is calculated taking into account the following parameters: Vulnerabili­ ty  — vulnerability assessment, Threat — threat assessment, Control — assessment of security measures. The methodology includes a common CVSS vul­ nerability assessment system, which allows you to use constantly relevant coefficients for the calculation of vulnerabilities, as well as have a list of all major vulnerabilities that are associated with all modern software products that can be used in the automated system. The known software and hardware vulnerabilities of the ground are considered and the resistance of the built network to specific threats by the iRisk method is calculated.

scholarly journals Cognitive Information Systems for Protection of Museum Complexes

2018 ◽  
Vol 7 (4.38) ◽  
pp. 82
Author(s):  
Aleksey Valentinovich Bogdanov ◽  
Igor Gennadievich Malygin
Keyword(s):  
Artificial Intelligence ◽  
Information Systems ◽  
Information Security ◽  
Security System ◽  
Structural Scheme ◽  
Cognitive Information ◽  
Technological Platform ◽  
Network Technologies ◽  
Cognitive Information Systems ◽  
Stratified Model

The paper considers the conceptual provisions of building a promising cognitive information security system of the museum complex on a cyber-physical basis. The stratified model of cognitive information security system of the museum complex was presented. It was shown that the key technological platform for the security of the museum complex is information and network technologies integrated (converged) with the technologies of industrial artificial intelligence. The generalized structural scheme of the cognitive cycle of the information security system of the museum complex was considered. The characteristic of the basic processes realized in a cognitive contour was given.   

scholarly journals POSITIONS OF STATES OF THE ASIA-PACIFIC REGION REGARDING THE ADOPTION OF RESOLUTIONS ON INTERNATIONAL INFORMATION SECURITY ISSUES WITHIN THE FRAMES OF THE UN

2019 ◽  
pp. 13-26
Author(s):  
Mykola Ryzhkov ◽  
Anastasiia Siabro
Keyword(s):  
Information Security ◽  
International Development ◽  
Information Technologies ◽  
Large Scale ◽  
New Technologies ◽  
Technological Development ◽  
Security System ◽  
Asia Pacific ◽  
Security Issues ◽  
The World

Achievements in the sphere of automatization and telecommunication are an essential component of transformation of the international peace and security system. This article presents, that consequences of changes are of a dual character. On the one hand, new technologies are becoming an important component of society modernization strategies in developing countries, on the other hand, they can be used for armament modernization or creation of new means of confrontation in modern international relations. APR countries face the most relevant issue of information technologies usage. The article deals with the process of discussion of new challenges and threats to international security, emerging as a result of development and large-scale implementation of information-communication technologies. Positions of states regarding the adoption of resolution in the sphere of international information security were studied through examples of Japan, India, and China. It is proved in the article, that information technologies have become an important component of the security system in the world. Technologies usage may lead to steady international development as well as to information arms race. That is why working out a common position on international information security issues is of crucial importance. It is within the framework of the UN, that different states of the world are given an opportunity to express their visions of the problem of international information security and work out common approaches to its solution. The article shows, that states’ positions have similar as well as different features. For instance, all states express concern regarding possible limitation of technology transfer for the establishment of a more controlled international political environment. But states’ positions have major differences as to mechanisms of information security provision. Thus, Japan and India strive to achieve a balanced system of international information security, which should at the same time have preventive mechanisms against the emergence of threats in the information and science and technology spheres and guarantee continuation of scientific-technological development, which is a crucial component of development and modernization strategies in many countries of the world. China came forward with position of strong regulation of international information security issues and suggested framing of corresponding regulations of the states’ conduct in the cyberspace.

scholarly journals INTELLIGENT AUTHENTICATION FOR IDENTITY AND ACCESS MANAGEMENT: A REVIEW PAPER

2019 ◽  
Vol 45 (1) ◽  
pp. 6-10
Author(s):  
Iman Hadi
Keyword(s):  
Information Security ◽  
Review Paper ◽  
Service Providers ◽  
Security System ◽  
Key Factors ◽  
Access Management

Identity and access management (IAM) system usually consist of predefined tasks as an information security system. Themain task is the authentication, since it is responsible for user identity proving for service providers that corporate with (IAM).This paper provides a review on intelligent authentication research applicable to IAM systems. These researches areevaluated according to the proposal of intelligent authentication key factors. Depending on this evaluation it could not be foundresearch implement an authentication that satisfies all these key factors.

Sign in / Sign up

Export Citation Format

Share Document