AUTOMATION OF PROCESS AN ASSESSMENT EFFICIENCY OF COMPLEX SYSTEMS OF INFORMATION SECURITY OF THE INDUSTRIAL ENTERPRISES IN CASE WITH SIMULTANEOUS IMPLEMENTATION OF THREATS

This paper reports the automation of an effi-ciency assessment process for complex systems of information security by means of an automated system formation the basic functions of which are: carrying out of information security (IS) audit, model formation of IS threats, recommendations for the formation of information security systems, a set of organization-regulatory documentation. For the solution of a problem in the efficiency assessment of confidential information protection there is developed a simulator and a universal criterion taking into account a probability of the realization and combating threats and allowing the estimation of the complex system efficiency for information protection in dynamics of processes occurred. The approach offered to the assessment of an information security level of an information object allows reducing considerably material and time costs for carrying out information security audit and also increasing the design solutions quality at the creation and introduction of complex system of information protection.

Download Full-text

AUTOMATED SYSTEM FOR ESTIMATION-EFFICIENCYSOFTWARE MEANS OF IN-FORMATION PROTECTION

Automation and modeling in design and management of ◽

10.30987/article_5cf2d22c9dcd72.20436206 ◽

2019 ◽

Vol 2019 (2) ◽

pp. 25-32

Author(s):

Алексей Горлов ◽

Aleksey Gorlov ◽

Михаил Рытов ◽

Mikhail Rytov ◽

Дмитрий Лысов ◽

...

Keyword(s):

Information Security ◽

Automated System ◽

Security Threats ◽

Information Protection ◽

Technical Documentation ◽

Confidential Information ◽

Hardware System ◽

Material Costs ◽

Software And Hardware

This article discusses the process of automating the assessment of the effectiveness of software and hardware information protection by creating an automated system. The main functions of the proposed system are: conducting an audit of information security, forming a model of information security threats, forming recommendations for creating a software and hardware system for protecting information, and creating organizational-technical documentation. The developed automated system for evaluating the effectiveness of software and hardware protection of information allows in an automated way to build a model of information security threats, to form organizational and technical documentation governing the protection of confidential information, and also to make recommendations for improving the software and hardware system for protecting information. The use of this system will significantly reduce the time and material costs of auditing information security and developing additional measures to protect information.

Download Full-text

EFFICIENCY ASSESSMENT PROCESS SIMULATION OF COMPLEX SYSTEMS FOR INFORMATION PROTECTION OF ENTERPRISES AT THREAT SIMULTANEOUS REALIZATION

Bulletin of Bryansk state technical university ◽

10.12737/article_5a337fbde60ab3.69866796 ◽

2017 ◽

Vol 2017 (7) ◽

pp. 56-61

Author(s):

Владимир Еременко ◽

Vladimir Eremenko ◽

Михаил Рытов ◽

Mikhail Rytov ◽

Алексей Горлов ◽

...

Keyword(s):

Complex Systems ◽

Process Simulation ◽

Assessment Process ◽

Information Protection ◽

Efficiency Assessment

Download Full-text

Rationing requirements to the characteristics of software tools to protect information

Proceedings of the Voronezh State University of Engineering Technologies ◽

10.20914/2310-1202-2018-4-96-110 ◽

2019 ◽

Vol 80 (4) ◽

pp. 96-110

Author(s):

A. V. Skrypnikov ◽

V. A. Khvostov ◽

E. V. Chernyshova ◽

V. V. Samtsov ◽

M. A. Abasov

Keyword(s):

Information Security ◽

Information Structure ◽

Optimization Methods ◽

Automated System ◽

Modern Theory ◽

Information Protection ◽

Functional Requirements ◽

Classification Approach ◽

Normative Approach ◽

The Impact

The article is devoted to the solution of the scientific problem of the development of theoretical foundations and technology of substantiation of quantitative requirements (rules) for software information security (PSI). The basis of the modern theory of information security is a classification approach. When using the classification approach, the requirements for PSSS are defined as a set of functional requirements necessary for implementation for a certain class of security. At the same time, the concept of "effectiveness of information protection" is not considered. The contradiction between the qualitative classification approach in the formation of requirements for PSI and the need to use their quantitative characteristics in the development of automated systems (as) in protected execution required the development of a new normative approach to substantiate the requirements for information protection. Normative approach based on the systematic consideration of problems in which the analysis of interaction of elements as each other and the influence of PSSI on the AU in General and the analysis of the goals of security of information (BI). The information structure of the system is constructed on the basis of the analysis of the AU topology, internal and external relations and information flows. At the same time, the normative method considers the full set of BI threats. BI threats are stochastic, multi-stage and multi-variant. In turn, the NSCI in implementing protection functions neutralizes BI threats with some probability (there are residual risks) and length in time. The presence of a variety of BI threats, characterized by different time of implementation, probabilistic characteristics of overcoming PSI and destructive capabilities, require the finding of BI norms by optimization methods, based on the requirements of minimizing the impact on the efficiency of the automated system.

Download Full-text

Principles of organization of information protection in automated system for aircraft flight data preparation

Engineering Journal Science and Innovation ◽

10.18698/2308-6033-2020-7-2000 ◽

2020 ◽

Author(s):

A.G. Andreev ◽

V.N. Zakharov ◽

G.V. Kazakov ◽

V.V. Koryanov

Keyword(s):

Information Security ◽

Automated System ◽

General Nature ◽

First Principle ◽

Information Protection ◽

Data Preparation ◽

Basic Principles ◽

Flight Data ◽

Aircraft Flight ◽

Number Of Publications

When designing automated systems for aircraft flight data preparation, many practical problems are solved by introducing either insufficient protection means or their redundancy. Both situations create information security vulnerability. On the basis of a number of publications analysis it is concluded that the basics of information security theory are reduced to the formulation of the main axioms, with the implication that there is currently no complete theory of information security of computer systems. As a result there are many issues, including issues of general nature, requiring some elaboration. The article considers a set of issues related to ensuring information security of the automated system for aircraft flight data preparation. The nature of two basic principles of information protection organization in this system is unraveled. The first principle requires consideration of all aspects related to the problem of ensuring information security of the system, and the second ― optimal control of means of information protection of the automated system of aircraft flight data preparation.

Download Full-text

Measures of information security level protection on sensing layer in Internet of things

Advanced Computer Control ◽

10.2495/icacc130401 ◽

2014 ◽

Author(s):

Zhao Jia ◽

Zhang Qiang ◽

Gao Bo

Keyword(s):

Information Security ◽

Internet Of Things ◽

Security Level

Download Full-text

IRISK METHOD FOR SECURITY ESTIMATION OF THE SIMULATION POLYGON FOR THE PROTECTION OF CRITICAL INFORMATION RESOURCES

Visnyk Universytetu “Ukraina” ◽

10.36994/2707-4110-2019-2-23-27 ◽

2019 ◽

Author(s):

Bogdan Korniyenko ◽

Lilia Galata

Keyword(s):

Risk Assessment ◽

Information System ◽

Information Security ◽

Risk Analysis ◽

Information Resources ◽

Security System ◽

Assessment System ◽

Automated System ◽

Information Risk ◽

Critical Information

In this article, the research of information system protection by ana ly zing the risks for identifying threats for information security is considered. Information risk analysis is periodically conducted to identify information security threats and test the information security system. Currently, various information risk analysis techni ques exist and are being used, the main difference being the quantitative or qualitative risk assessment scales. On the basis of the existing methods of testing and evaluation of the vulnerabilities for the automated system, their advantages and disadvantages, for the possibility of further comparison of the spent resources and the security of the information system, the conclusion was made regarding the deter mi nation of the optimal method of testing the information security system in the context of the simulated polygon for the protection of critical information resources. A simula tion ground for the protection of critical information resources based on GNS3 application software has been developed and implemented. Among the considered methods of testing and risk analysis of the automated system, the optimal iRisk methodology was identified for testing the information security system on the basis of the simulated. The quantitative method Risk for security estimation is considered. Generalized iRisk risk assessment is calculated taking into account the following parameters: Vulnerabili ty — vulnerability assessment, Threat — threat assessment, Control — assessment of security measures. The methodology includes a common CVSS vul nerability assessment system, which allows you to use constantly relevant coefficients for the calculation of vulnerabilities, as well as have a list of all major vulnerabilities that are associated with all modern software products that can be used in the automated system. The known software and hardware vulnerabilities of the ground are considered and the resistance of the built network to specific threats by the iRisk method is calculated.

Download Full-text

Algorithms structural and parametric synthesis of remote control and diagnostics systems of mobile measuring points

Informacionno-technologicheskij vestnik ◽

10.21499/2409-1650-2018-4-60-65 ◽

2018 ◽

pp. 60-65

Author(s):

A. I. Tatarinov

Keyword(s):

Complex System ◽

Control System ◽

Remote Control ◽

Structural Features ◽

Information Protection ◽

Parametric Synthesis ◽

Unauthorized Access ◽

Operating Modes ◽

Remote Control System ◽

Made In

With the help of the general and structurally-information schemes of remote control, an analysis was made in the course of which the requirements for protection against unauthorized access of the complex system were clarified and established. In the article structural features of the remote control system of mobile measuring points of rocket and space equipment are considered. These features are represented by the requirements for information protection, as well as the operating modes of this system. The list of these regimes was obtained as a result of studies of structural and functional schemes of a remote control system for mobile measuring points.

Download Full-text

In-Between and Through: Architecture and Complexity

International Journal of Architectural Computing ◽

10.1260/147807705775377311 ◽

2005 ◽

Vol 3 (3) ◽

pp. 335-354 ◽

Cited By ~ 2

Author(s):

Clarissa Ribeiro Pereira de Almeida ◽

Anja Pratschke ◽

Renata La Rocca

Keyword(s):

Complex System ◽

Software Engineering ◽

Complex Systems ◽

Design Process ◽

Three Dimensional ◽

Self Organization ◽

Three Dimensional Modeling ◽

Dimensional Modeling ◽

Complex Thought ◽

Basic Characteristics

This paper draws on current research on complexity and design process in architecture and offers a proposal for how architects might bring complex thought to bear on the understanding of design process as a complex system, to understand architecture as a way of organizing events, and of organizing interaction. Our intention is to explore the hypothesis that the basic characteristics of complex systems – emergence, nonlinearity, self-organization, hologramaticity, and so forth – can function as effective tools for conceptualization that can usefully extend the understanding of the way architects think and act throughout the design process. To illustrate the discussions, we show how architects might bring complex thought inside a transdisciplinary design process by using models such as software engineering diagrams, and three-dimensional modeling network environments such as media to integrate, connect and ‘trans–act’.

Download Full-text

Authentication System for Biometric Applications Using Mobile Devices

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.457-458.1224 ◽

2013 ◽

Vol 457-458 ◽

pp. 1224-1227

Author(s):

Jian Feng Hu ◽

Zhen Dong Mu

Keyword(s):

Information Security ◽

Mobile Devices ◽

Information Exchange ◽

Mobile Platform ◽

Eeg Signal ◽

Information Protection ◽

Security Research ◽

Authentication System ◽

Identification Tool

Mobile equipment has now become a new platform for information exchange, spend a lot of information exchange, how to effectively protect the mobile platform information security? Research has shown that, EEG signal can be used as identification tool, the user's information protection and good, this paper to protect the information security of mobile devices to research how to use EEG; the EEG signal is feasible for mobile equipment identification.

Download Full-text

Toward Reverse Engineering to Economic Analysis: An Overview of Tools and Methodology

Journal of the Knowledge Economy ◽

10.1007/s13132-021-00770-5 ◽

2021 ◽

Author(s):

Marisa Faggini ◽

Bruna Bruno ◽

Anna Parziale

Keyword(s):

Complex System ◽

Nonlinear Dynamics ◽

Economic Analysis ◽

Complex Systems ◽

Reverse Engineering ◽

Underlying Mechanism ◽

Economic Data ◽

Agent Based ◽

Economic Agents ◽

Advantages And Disadvantages

AbstractFollowing the reverse engineering (RE) approach to analyse an economic complex system is to infer how its underlying mechanism works. The main factors that condition the difficulty of RE are the number of variable components in the system and, most importantly, the interdependence of components on one another and nonlinear dynamics. All those aspects characterize the economic complex systems within which economic agents make their choices. Economic complex systems are adopted in RE science, and they could be used to understand, predict and model the dynamics of the complex systems that enable to define and to control the economic environment. With the RE approach, economic data could be used to peek into the internal workings of the economic complex system, providing information about its underling nonlinear dynamics. The idea of this paper arises from the aim to deepen the comprehension of this approach and to highlight the potential implementation of tools and methodologies based on it to treat economic complex systems. An overview of the literature about the RE is presented, by focusing on the definition and on the state of the art of the research, and then we consider two potential tools that could translate the methodological issues of RE by evidencing advantages and disadvantages for economic analysis: the recurrence analysis and the agent-based model (ABM).

Download Full-text