Analysis of information security system with unlimited buffer memory in service networks

In this article, the research of information system protection by ana ly zing the risks for identifying threats for information security is considered. Information risk analysis is periodically conducted to identify information security threats and test the information security system. Currently, various information risk analysis techni ques exist and are being used, the main difference being the quantitative or qualitative risk assessment scales. On the basis of the existing methods of testing and evaluation of the vulnerabilities for the automated system, their advantages and disadvantages, for the possibility of further comparison of the spent resources and the security of the information system, the conclusion was made regarding the deter mi nation of the optimal method of testing the information security system in the context of the simulated polygon for the protection of critical information resources. A simula tion ground for the protection of critical information resources based on GNS3 application software has been developed and implemented. Among the considered methods of testing and risk analysis of the automated system, the optimal iRisk methodology was identified for testing the information security system on the basis of the simulated. The quantitative method Risk for security estimation is considered. Generalized iRisk risk assessment is calculated taking into account the following parameters: Vulnerabili ty — vulnerability assessment, Threat — threat assessment, Control — assessment of security measures. The methodology includes a common CVSS vul nerability assessment system, which allows you to use constantly relevant coefficients for the calculation of vulnerabilities, as well as have a list of all major vulnerabilities that are associated with all modern software products that can be used in the automated system. The known software and hardware vulnerabilities of the ground are considered and the resistance of the built network to specific threats by the iRisk method is calculated.

Download Full-text

Cognitive Information Systems for Protection of Museum Complexes

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.38.24326 ◽

2018 ◽

Vol 7 (4.38) ◽

pp. 82

Author(s):

Aleksey Valentinovich Bogdanov ◽

Igor Gennadievich Malygin

Keyword(s):

Artificial Intelligence ◽

Information Systems ◽

Information Security ◽

Security System ◽

Structural Scheme ◽

Cognitive Information ◽

Technological Platform ◽

Network Technologies ◽

Cognitive Information Systems ◽

Stratified Model

The paper considers the conceptual provisions of building a promising cognitive information security system of the museum complex on a cyber-physical basis. The stratified model of cognitive information security system of the museum complex was presented. It was shown that the key technological platform for the security of the museum complex is information and network technologies integrated (converged) with the technologies of industrial artificial intelligence. The generalized structural scheme of the cognitive cycle of the information security system of the museum complex was considered. The characteristic of the basic processes realized in a cognitive contour was given.

Download Full-text

Information security system based on virtual-optics imaging methodology and public key infrastructure

Optik ◽

10.1078/0030-4026-00386 ◽

2004 ◽

Vol 115 (9) ◽

pp. 420-426 ◽

Cited By ~ 6

Author(s):

Xiang Peng ◽

Peng Zhang ◽

Lilong Cai

Keyword(s):

Information Security ◽

Public Key Infrastructure ◽

Security System ◽

Public Key ◽

Imaging Methodology ◽

Virtual Optics

Download Full-text

POSITIONS OF STATES OF THE ASIA-PACIFIC REGION REGARDING THE ADOPTION OF RESOLUTIONS ON INTERNATIONAL INFORMATION SECURITY ISSUES WITHIN THE FRAMES OF THE UN

ACTUAL PROBLEMS OF INTERNATIONAL RELATIONS ◽

10.17721/apmv.2019.139.0.13-26 ◽

2019 ◽

pp. 13-26

Author(s):

Mykola Ryzhkov ◽

Anastasiia Siabro

Keyword(s):

Information Security ◽

International Development ◽

Information Technologies ◽

Large Scale ◽

New Technologies ◽

Technological Development ◽

Security System ◽

Asia Pacific ◽

Security Issues ◽

The World

Achievements in the sphere of automatization and telecommunication are an essential component of transformation of the international peace and security system. This article presents, that consequences of changes are of a dual character. On the one hand, new technologies are becoming an important component of society modernization strategies in developing countries, on the other hand, they can be used for armament modernization or creation of new means of confrontation in modern international relations. APR countries face the most relevant issue of information technologies usage. The article deals with the process of discussion of new challenges and threats to international security, emerging as a result of development and large-scale implementation of information-communication technologies. Positions of states regarding the adoption of resolution in the sphere of international information security were studied through examples of Japan, India, and China. It is proved in the article, that information technologies have become an important component of the security system in the world. Technologies usage may lead to steady international development as well as to information arms race. That is why working out a common position on international information security issues is of crucial importance. It is within the framework of the UN, that different states of the world are given an opportunity to express their visions of the problem of international information security and work out common approaches to its solution. The article shows, that states’ positions have similar as well as different features. For instance, all states express concern regarding possible limitation of technology transfer for the establishment of a more controlled international political environment. But states’ positions have major differences as to mechanisms of information security provision. Thus, Japan and India strive to achieve a balanced system of international information security, which should at the same time have preventive mechanisms against the emergence of threats in the information and science and technology spheres and guarantee continuation of scientific-technological development, which is a crucial component of development and modernization strategies in many countries of the world. China came forward with position of strong regulation of international information security issues and suggested framing of corresponding regulations of the states’ conduct in the cyberspace.

Download Full-text

INTELLIGENT AUTHENTICATION FOR IDENTITY AND ACCESS MANAGEMENT: A REVIEW PAPER

Iraqi Journal for Computers and Informatics ◽

10.25195/ijci.v45i1.39 ◽

2019 ◽

Vol 45 (1) ◽

pp. 6-10

Author(s):

Iman Hadi

Keyword(s):

Information Security ◽

Review Paper ◽

Service Providers ◽

Security System ◽

Key Factors ◽

Access Management

Identity and access management (IAM) system usually consist of predefined tasks as an information security system. Themain task is the authentication, since it is responsible for user identity proving for service providers that corporate with (IAM).This paper provides a review on intelligent authentication research applicable to IAM systems. These researches areevaluated according to the proposal of intelligent authentication key factors. Depending on this evaluation it could not be foundresearch implement an authentication that satisfies all these key factors.

Download Full-text

Information Policy and Information Security of PRC: Development, Approaches and Implementation

Vestnik RUDN International Relations ◽

10.22363/2313-0660-2020-20-2-382-394 ◽

2020 ◽

Vol 20 (2) ◽

pp. 382-394

Author(s):

Tatyana Ivanovna Ponka ◽

Mirzet Safetovich Ramich ◽

Yuyao Wu

Keyword(s):

Foreign Policy ◽

Information Security ◽

International Relations ◽

Information And Communication Technologies ◽

Policy Development ◽

Information Policy ◽

Security System ◽

Asia Pacific ◽

Republic Of China

The subject of the study is the new course of the PRC information policy, which was launched by the Fifth generation of the PRC leaders after the 18th Congress of the Chinese Communist Party in 2012. As a result, after the 18th Congress of the CPC was started the implementation of the Strong cyberpower strategy, which implies not only ensuring cyber security in the country, but also the usage of network resources to develop the national economy. Chinas new information policy was caused by the sharply increased role of information and communication technologies in international processes and the shift in the focus of international relations to the Asia-Pacific region. The PRCs information policy is based on the most advanced technologies in the IT sphere and the cooperation with private companies on regulating external and internal information security. The relevance of the research topic is due to the increasing role of ICT in international processes. In this context, the most important are the positions of the leading countries of the world to regulate this area, as well as the mechanisms and tools used by them. The Peoples Republic of China is one of the leaders in the field of scientific and technical developments and actively uses its achievements to accomplish tasks in the field of domestic and foreign policy. In this regard, the purpose of the study is to analyze and compare the development strategies of the PRC information policy and the resources that are necessary for their implementation. The unique network landscape, which was formed under the influence of government policy on control over published content and the sharing of digital services market among the three largest information corporations (Baidu, Tencent and Alibaba), has become an essential part of the countrys information security system and requires detailed study. The purpose of the article is to identify the evolution of Chinas information policy development strategy and resources for its implementation. This article also discusses the threats to the information security of the Peoples Republic of China and analyzes the approaches to ensuring it. The results of the study are the conclusions that show the role and place of information policy in the PRC foreign policy, the structure of the information security system and strategic approaches to the regulation of international relations in cyberspace.

Download Full-text

Conceptual principles for ensuring effective protection of information in the context of economic security of the enterprise

Ekonomìka ta upravlìnnâ APK ◽

10.33245/2310-9262-2020-155-1-84-92 ◽

2020 ◽

pp. 84-92

Author(s):

A.V. Pecheniuk

Keyword(s):

Information Security ◽

Information And Communication Technologies ◽

Security Policy ◽

Criminal Responsibility ◽

Economic Security ◽

Information Policy ◽

Security System ◽

Theory And Practice ◽

Confidential Information ◽

Information Security Policy

The necessity of formation of an effective information security system of the enterprise is substantiated. It is emphasized that when designing an information policy, the firm must comply with the requirements of the current legislation, take into account the level of technical support, especially the regulation of employees' access to confidential information, etc. It is stated that the costs of organizing information security measures should be appropriate to its value. The article identifies major threats that could be breached by confidential information. The list of the main normative legal acts aimed at bringing to civil, administrative and criminal responsibility for illegal collection, disclosure and use of information constituting a trade secret. The main stages of building an information security policy are summarized, the most common types of information threats related to the use of modern computer technologies are described. The necessity of developing a domestic original accounting (management) program that could be used in the long term by the vast majority of Ukrainian enterprises is pointed out. There are three groups of tools that are applied in the theory and practice of information security of the enterprise (active, passive and combined), emphasizing the need for planning and continuous monitoring in real time of all important processes and conditions that affect data security. It is noted that even if the information security system is built taking into account all modern methods and means of protection, it does not guarantee one hundred percent protection of the information resources of the enterprise, but a well-designed information security policy allows to minimize the corresponding risks. Key words: information security, information policy, information security, confidential information, information threats, information and communication technologies, software.

Download Full-text