scholarly journals JUSTIFICATION OF THE NEED TO ENSURE INFORMATION SECURITY OF AN ENTERPRISE IN THE ERA OF DIGITALIZATION

2021 ◽  
Vol 6 ◽  
pp. 235-239
Author(s):  
Anton V. Obidenko ◽  
Aelita V. Shaburova
Keyword(s):  
Information Security ◽  
Security System ◽  
Information Protection ◽  
Security Research

The relevance of information security research aimed at reducing information risks and optimizing enterprise costs for information protection. The results make it possible to increase the degree of information protection at enterprises by using methods, algorithms and practical procedures in the formation of an information security system aimed at reducing information risks.

Authentication System for Biometric Applications Using Mobile Devices

2013 ◽  
Vol 457-458 ◽  
pp. 1224-1227
Author(s):  
Jian Feng Hu ◽  
Zhen Dong Mu
Keyword(s):  
Information Security ◽  
Mobile Devices ◽  
Information Exchange ◽  
Mobile Platform ◽  
Eeg Signal ◽  
Information Protection ◽  
Security Research ◽  
Authentication System ◽  
Identification Tool

Mobile equipment has now become a new platform for information exchange, spend a lot of information exchange, how to effectively protect the mobile platform information security? Research has shown that, EEG signal can be used as identification tool, the user's information protection and good, this paper to protect the information security of mobile devices to research how to use EEG; the EEG signal is feasible for mobile equipment identification.

The Systemic Approach to Information Protection in Relation to Risk in an Integrated Information Security System

2015 ◽  
Vol 760 ◽  
pp. 689-694
Author(s):  
Nicolae Anton ◽  
Anișor Nedelcu
Keyword(s):  
Information Security ◽  
Security System ◽  
Systemic Approach ◽  
Information Protection ◽  
Security Risk ◽  
Integrated Information

This paper presents an approach to the risk of information security. By taking into consideration how critical it is for a system, each category of information should be associated with a correspondent level of security risk and each level of security risk must be defined by appropriate measures to control the risks for information security. Equally important is how many levels of security risk are defined for information, or how they are classified. It is critical, however, that the model adopted reflects all the objectives that the system requires.

scholarly journals IMPROVED MODEL OF ESTIMATING ECONOMIC EXPENDITURES ON THE INFORMATION PROTECTION SYSTEM IN SOCIAL NETWORKS

2021 ◽  
Vol 12 (4) ◽  
pp. 19-28
Author(s):  
Oleksandr Laptiev ◽  
Valentyn Sobchuk ◽  
Andrii Sobchuk ◽  
Serhii Laptiev ◽  
Tatiana Laptieva
Keyword(s):  
Social Networks ◽  
Information Security ◽  
Value Of Information ◽  
The State ◽  
Information Resources ◽  
Security System ◽  
Theory And Practice ◽  
Information Protection ◽  
Economic Costs ◽  
Proposed Model

In modern conditions, an important role in ensuring the information security of the enterprise and especially its economic component belongs to the processes of information security of the state as a whole. The key role in building security systems of information resources as components of national information resources of the state is played by theory and practice, in which the scientific and methodological basis is the basis for making sound and effective management decisions of the information security of the state at all levels. The article analyzes the approaches to estimating the assessment of economic costs for the information security system. The base model is selected. Using the basic model of assessing the level of protection of information in the social network from external influences on the information social resource, improvements were made to assess the economic feasibility of implementing a mechanism of technical means of information protection in social networks depending on the value of information. The improvement is based on the assumption that the amount of funds allocated by the attacking party is equal to the value of the information, the value of the information is the same for both parties, and the opposing parties are on equal terms. The main parameters on which the efficiency of the proposed model of estimating economic costs depends. The efficiency of the proposed model of estimating economic costs depends on the accuracy of formulating the probability of success of protection and determining the value of information. The prospect of further research and development may be aimed at taking into account in the model additional factors that affect the estimation of costs for the information security system, which will allow calculations to be performed with greater accuracy.

scholarly journals AUTOMATION OF COMPLEX INFORMATION SECURITY SYSTEMS DESIGN

2020 ◽  
Vol 6 (2) ◽  
pp. 31-35
Author(s):  
Amyrtaa K. Mongush ◽  
Igor N. Karmanov
Keyword(s):  
Information Security ◽  
Systems Design ◽  
Modern Society ◽  
Security System ◽  
Information Protection ◽  
Security Systems ◽  
Complex Information ◽  
Stage Of Development ◽  
Current State ◽  
Protection Systems

Entry of modern society into the information stage of development wake, information security one of the most important problems of our time. The article discusses the possibility of automating the design of an integrated information security system. One of the key stages in the design of an information security system is the assessment of the current state of the information security system through audit. An information security audit allows identifying all vulnerabilities in the system. To automate the detection of vulnerabilities of the investigated object, network scanners are considered. The use of scanners allows solving the problems of identification and analysis of vulnerabilities. A scheme for automating the design of physical protection systems is also considered. In conclusion, the advantages of automating the design of an information protection system are noted, frequently used software tools and utilities for automating individual stages of the design of information protection systems are presented.

IRISK METHOD FOR SECURITY ESTIMATION OF THE SIMULATION POLYGON FOR THE PROTECTION OF CRITICAL INFORMATION RESOURCES

2019 ◽  
Author(s):  
Bogdan Korniyenko ◽  
Lilia Galata
Keyword(s):  
Risk Assessment ◽  
Information System ◽  
Information Security ◽  
Risk Analysis ◽  
Information Resources ◽  
Security System ◽  
Assessment System ◽  
Automated System ◽  
Information Risk ◽  
Critical Information

In this article, the research of information system protection by ana­ ly­ zing the risks for identifying threats for information security is considered. Information risk analysis is periodically conducted to identify information security threats and test the information security system. Currently, various information risk analysis techni­ ques exist and are being used, the main difference being the quantitative or qualitative risk assessment scales. On the basis of the existing methods of testing and evaluation of the vulnerabilities for the automated system, their advantages and disadvantages, for the possibility of further comparison of the spent resources and the security of the information system, the conclusion was made regarding the deter­ mi­ nation of the optimal method of testing the information security system in the context of the simulated polygon for the protection of critical information resources. A simula­ tion ground for the protection of critical information resources based on GNS3 application software has been developed and implemented. Among the considered methods of testing and risk analysis of the automated system, the optimal iRisk methodology was identified for testing the information security system on the basis of the simulated. The quantitative method Risk for security estimation is considered. Generalized iRisk risk assessment is calculated taking into account the following parameters: Vulnerabili­ ty  — vulnerability assessment, Threat — threat assessment, Control — assessment of security measures. The methodology includes a common CVSS vul­ nerability assessment system, which allows you to use constantly relevant coefficients for the calculation of vulnerabilities, as well as have a list of all major vulnerabilities that are associated with all modern software products that can be used in the automated system. The known software and hardware vulnerabilities of the ground are considered and the resistance of the built network to specific threats by the iRisk method is calculated.

scholarly journals Cognitive Information Systems for Protection of Museum Complexes

2018 ◽  
Vol 7 (4.38) ◽  
pp. 82
Author(s):  
Aleksey Valentinovich Bogdanov ◽  
Igor Gennadievich Malygin
Keyword(s):  
Artificial Intelligence ◽  
Information Systems ◽  
Information Security ◽  
Security System ◽  
Structural Scheme ◽  
Cognitive Information ◽  
Technological Platform ◽  
Network Technologies ◽  
Cognitive Information Systems ◽  
Stratified Model

The paper considers the conceptual provisions of building a promising cognitive information security system of the museum complex on a cyber-physical basis. The stratified model of cognitive information security system of the museum complex was presented. It was shown that the key technological platform for the security of the museum complex is information and network technologies integrated (converged) with the technologies of industrial artificial intelligence. The generalized structural scheme of the cognitive cycle of the information security system of the museum complex was considered. The characteristic of the basic processes realized in a cognitive contour was given.   

Protecting a whale in a sea of phish

2020 ◽  
Vol 35 (3) ◽  
pp. 214-231
Author(s):  
Daniel Pienta ◽  
Jason Bennett Thatcher ◽  
Allen Johnston
Keyword(s):  
Information Security ◽  
Real World ◽  
Spillover Effects ◽  
Directed Attention ◽  
Future Directions ◽  
Security Research ◽  
Email Message ◽  
Multiple Domains ◽  
Future Information

Whaling is one of the most financially damaging, well-known, effective cyberattacks employed by sophisticated cybercriminals. Although whaling largely consists of sending a simplistic email message to a whale (i.e. a high-value target in an organization), it can result in large payoffs for cybercriminals, in terms of money or data stolen from organizations. While a legitimate cybersecurity threat, little information security research has directed attention toward whaling. In this study, we begin to provide an initial understanding of what makes whaling such a pernicious problem for organizations, executives, or celebrities (e.g. whales), and those charged with protecting them. We do this by defining whaling, delineating it from general phishing and spear phishing, presenting real-world cases of whaling, and provide guidance on future information security research on whaling. We find that whaling is far more complex than general phishing and spear phishing, spans multiple domains (e.g. work and personal), and potentially results in spillover effects that ripple across the organization. We conclude with a discussion of promising future directions for whaling and information security research.

Sign in / Sign up

Export Citation Format

Share Document