Event-based Security Policy and Formal Model of Critical Information Infrastructures Protecting Mechanism

The article considers the possibilities of security management of critical information infrastructures. Approaches to the construction of policies not focused on a fixed list of threats are proposed. It substantiates the possibility of building a security policy based on security events monitoring. A formal description of security events and formal model of protection mechanisms based on monitoring security events is proposed. The features of this approach for the protection of critical information infrastructures in order to improve the quality of protection are considered.

Download Full-text

On Security Management: Improving Energy Efficiency, Decreasing Negative Environmental Impact, and Reducing Financial Costs for Data Centers

Mathematical Problems in Engineering ◽

10.1155/2015/418535 ◽

2015 ◽

Vol 2015 ◽

pp. 1-19 ◽

Cited By ~ 1

Author(s):

Katarzyna Mazur ◽

Bogdan Ksiezopolski ◽

Adam Wierzbicki

Keyword(s):

Data Centers ◽

Control Method ◽

Security Management ◽

Role Based Access Control ◽

Mathematical Methods ◽

Quality Of Protection ◽

Analysis Scheme ◽

Role Based ◽

Negative Environmental Impact

Security management is one of the most significant issues in nowadays data centers. Selection of appropriate security mechanisms and effective energy consumption management together with caring for the environment enforces a profound analysis of the considered system. In this paper, we propose a specialized decision support system with a multilevel, comprehensive analysis scheme. As a result of the extensive use of mathematical methods and statistics, guidelines and indicators returned by the proposed approach facilitate the decision-making process and conserve decision-maker’s time and attention. In the paper we utilized proposed multilevel analysis scheme to manage security-based data flow in the example data center. Determining the most secure, energy-efficient, environmental friendly security mechanisms, we implemented the role-based access control method in Quality of Protection Modeling Language (QoP-ML) and evaluated its performance in terms of mentioned factors.

Download Full-text

About the Comparison of Information Security Systems for Asymptotic Information Security Management of Critical Information Infrastructures

Proceedings of Telecommunication Universities ◽

10.31854/1813-324x-2020-6-3-66-74 ◽

2020 ◽

Vol 6 (3) ◽

pp. 66-74

Author(s):

S. Erokhin ◽

A. Petukhov ◽

P. Pilyugin

Keyword(s):

Information Security ◽

Security Management ◽

Order Relation ◽

Security Systems ◽

Information Security Management ◽

Critical Information ◽

Information Infrastructures ◽

Building Information ◽

Management Capabilities ◽

Control Implementation

The article discusses the security management capabilities of critical information infrastructures. It discusses approaches to developing security policies that don’t lean on assessing residual risks and identifying a fixed list of threats. We examine the possibility of building information security management systems based on monitoring of security events. A formal description of security events as well as relevant protection methods is proposed. The paper introduces an order relation for information security systems comparison and asymptotic CII security control implementation.

Download Full-text

Comparison of Information Security Systems for Asymptotic Information Security Management Critical Information Infrastructures

2021 28th Conference of Open Innovations Association (FRUCT) ◽

10.23919/fruct50888.2021.9347608 ◽

2021 ◽

Author(s):

Sergey Erokhin ◽

Andrey Petukhov ◽

Pavel Pilyugin

Keyword(s):

Information Security ◽

Security Management ◽

Security Systems ◽

Information Security Management ◽

Critical Information ◽

Information Infrastructures

Download Full-text

Security Engineering and Educational Initiatives for Critical Information Infrastructures

10.21236/ada587160 ◽

2013 ◽

Author(s):

John Hale ◽

Maurico Papa ◽

David Greer

Keyword(s):

Security Engineering ◽

Critical Information ◽

Information Infrastructures ◽

Educational Initiatives

Download Full-text

Machine learning techniques based on security management in smart cities using robots

Work ◽

10.3233/wor-203423 ◽

2021 ◽

pp. 1-12

Author(s):

Zhang Mengqi ◽

Wang Xi ◽

V.E. Sathishkumar ◽

V. Sivakumar

Keyword(s):

Machine Learning ◽

Information And Communication Technologies ◽

Smart City ◽

Smart Cities ◽

Security Management ◽

Machine Learning Techniques ◽

Quality Of Services ◽

Learning Techniques ◽

Learning Concept

BACKGROUND: Nowadays, the growth of smart cities is enhanced gradually, which collects a lot of information and communication technologies that are used to maximize the quality of services. Even though the intelligent city concept provides a lot of valuable services, security management is still one of the major issues due to shared threats and activities. For overcoming the above problems, smart cities’ security factors should be analyzed continuously to eliminate the unwanted activities that used to enhance the quality of the services. OBJECTIVES: To address the discussed problem, active machine learning techniques are used to predict the quality of services in the smart city manages security-related issues. In this work, a deep reinforcement learning concept is used to learn the features of smart cities; the learning concept understands the entire activities of the smart city. During this energetic city, information is gathered with the help of security robots called cobalt robots. The smart cities related to new incoming features are examined through the use of a modular neural network. RESULTS: The system successfully predicts the unwanted activity in intelligent cities by dividing the collected data into a smaller subset, which reduces the complexity and improves the overall security management process. The efficiency of the system is evaluated using experimental analysis. CONCLUSION: This exploratory study is conducted on the 200 obstacles are placed in the smart city, and the introduced DRL with MDNN approach attains maximum results on security maintains.

Download Full-text

Public Awareness and the Behavior of Unpopular Courts

British Journal of Political Science ◽

10.1017/s0007123419000723 ◽

2020 ◽

pp. 1-19

Author(s):

Jay N. Krehbiel

Keyword(s):

Separation Of Powers ◽

Formal Model ◽

Public Awareness ◽

Public Support ◽

The European Union ◽

Negative Consequences ◽

Liberal Democracies ◽

Constitutional Review ◽

Institutional Stakeholders

Abstract Scholars have long debated the positive and negative consequences of an aware public for the quality of governance in modern liberal democracies. This article extends this debate to the context of constitutional review by exploring how public awareness can limit the effective exercise of review by courts lacking strong public support. Incorporating aspects of both the legitimacy and separation of powers theories on judicial power, the author argues that public awareness weakens the efficacy of such unpopular courts by creating an electoral incentive for governments to defy adverse rulings, even when doing so may lead to punishment from other institutional stakeholders. The article develops a simple formal model that identifies how and under what conditions public awareness can influence an unpopular court's decision making. An analysis of rulings issued by the Court of Justice of the European Union finds support for the model's empirical implications.

Download Full-text

Identifying core control items of information security management and improvement strategies by applying fuzzy DEMATEL

Information and Computer Security ◽

10.1108/ics-04-2014-0026 ◽

2015 ◽

Vol 23 (2) ◽

pp. 161-177 ◽

Cited By ~ 5

Author(s):

Li-Hsing Ho ◽

Ming-Tsai Hsu ◽

Tieh-Min Yen

Keyword(s):

Information Security ◽

Security Policy ◽

Security Management ◽

Fuzzy Dematel ◽

Information Security Management ◽

Content Type ◽

Cause And Effect ◽

Information Security Management System ◽

Security Control ◽

Improvement Strategies

Purpose – The purpose of this paper is to analyze the cause-and-effect relationship and the mutually influential level among information security control items, as well as to provide organizations with a method for analyzing and making systematic decisions for improvement. Design/methodology/approach – This study utilized the Fuzzy DEMATEL to analyze cause-and-effect relationships and mutual influence of the 11 control items of the International Organization for Standardization (ISO) 27001 Information Security Management System (ISMS), which are discussed by seven experts in Taiwan to identify the core control items for developing the improvement strategies. Findings – The study has found that the three core control items of the ISMS are security policy (SC1), access control (SC7) and human resource security (SC4). This study provides organizations with a direction to develop improvement strategies and effectively manage the ISMS of the organization. Originality/value – The value of this study is for an organization to effectively dedicate resources to core control items, such that other control items are driven toward positive change by analyzing the cause-and-effect relation and the mutual influential level among information security control items, through a cause-and-effect matrix and a systematic diagram.

Download Full-text