MODEL OF THE PROCESS OF PROTECTING INFORMATION FROM COMPUTER INTELLIGENCE IN INFORMATION SYSTEMS OF ORGANIZATIONS

2020 ◽  
Author(s):  
Вадим Георгиевич Ерышов ◽  
Никита Вадимович Ерышов
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Simulation Model ◽  
Automated Systems ◽  
Security Systems ◽  
Source Data

В статье приведено описание имитационной модели, позволяющей оценивать процесс защиты информации от компьютерной разведки в автоматизированных системах организаций в зависимости от варьируемых исходных данных, а также разрабатывать требования для перспективных систем защиты информации. The article describes a simulation model that allows us to evaluate the process of protecting information from computer intelligence in automated systems of organizations, depending on the varying source data, as well as to develop requirements for advanced information security systems.

SIMULATION MODEL OF THE INFORMATION SECURITY ANALYSIS SYSTEM IN AUTOMATED SYSTEMS

2021 ◽  
Author(s):  
Вадим Георгиевич Ерышов
Keyword(s):  
Information Security ◽  
Simulation Model ◽  
Security Analysis ◽  
Automated Systems ◽  
Source Data ◽  
Analysis System

В статье представлена имитационная модель, позволяющая оценивать процесс анализа защищенности в автоматизированных системах организаций в зависимости от варьируемых исходных данных, а также разрабатывать требования для перспективных систем анализа защищенности. The article presents a simulation model that allows you to evaluate the process of security analysis in automated systems of organizations, depending on the varying source data, as well as to develop requirements for advanced security analysis systems.

scholarly journals Basic q-analysis of MCQA for Information Security System

2019 ◽  
Vol 3 (5) ◽  
Author(s):  
Oleh Kozlenko
Keyword(s):  
Information Systems ◽  
Structural Analysis ◽  
Information Security ◽  
System Analysis ◽  
Security System ◽  
Security Measures ◽  
Security Systems ◽  
Basic Principles ◽  
Application Methods ◽  
Security Incidents

Article explores application methods for systems structural analysis to use in study of security in information systems, which is based on variants of general attack scenarios, features of cybersecurity culture, q-analysis, which is part of MCQA . General security system analysis usually is based on different factors, which include  technical means, human-related mistakes in different ways and respond to security incidents. Q-analysis presents the basic principles of constructing model of information security systems elements connectivity on the example of two sets: set of threats and sets of security measures for information security and calculated numerical values. Elements of the two sets of are interconnected and form the basis of a system for ensuring their security. These calculations can be used to further determine overall formal assessment of security of the organization.

scholarly journals MODERN TOOLS FOR INFORMATION SECURITY SYSTEMS

2021 ◽  
Vol 335 (1) ◽  
pp. 14-18
Author(s):  
N. Baisholan ◽  
K.E. Kubayev ◽  
T.S. Baisholanov
Keyword(s):  
Information System ◽  
Risk Management ◽  
Information Systems ◽  
Information Security ◽  
Information Technologies ◽  
Business Processes ◽  
Security Audit ◽  
Security Systems ◽  
Security Models ◽  
Methods And Techniques

Efficiency of business processes in modern organizations depends on the capabilities of applied information technologies. The article describes and analyzes the role and features of audit tools and other methodological tools and models in ensuring the quality and security of information systems. The standard’s principles are reviewed, as well as the importance of meeting business needs. In order to protect virtual values in a company’s system environment, the importance of using information security models is revealed. Practical proposals in risk management and information security in information technology are analyzed through the COBIT standard. Measures for protecting the information system of an organization from accidental, deliberate or fake threats are considered. The possibility of using one of the real information security models by the information recipient or provider in accordance with the requirements of external processes is reported. Furthermore, in connection with increase in the number of attack methods and techniques and development of their new tools and vectors, the need to improve and ways to ensure information security are being considered. The essential tasks of security audit are considered, and the stages of their implementation are described. With regard to security of information systems, an analytical model is proposed for determining vulnerability’s numerical value.

Information security in organisations

2017 ◽  
Vol 105 (4) ◽  
pp. 167-187
Author(s):  
Joanna Werner ◽  
Edyta Szczepaniuk
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Private Sector ◽  
Empirical Research ◽  
Legal Basis ◽  
Monitoring Methods ◽  
Security Systems ◽  
Public And Private ◽  
Security Models ◽  
Public And Private Sector

The paper presents recommended methods of information security systems designs. The analysis comprises the essence and elements of information security, but also the relations between them. The systemic approach to the studied area required providing characteristics of legal basis and information security models – ISO/IEC and TISM. Also characterised were the implementation, exploitation, and monitoring methods of information systems. The paper concludes with a presentation of results of empirical research conducted in public and private sector entities, as well as conclusions and recommendations.

scholarly journals Methods of Estimating Reliability of Information Security Systems which Protect from Unauthorized Access in Automated Systems

2019 ◽  
Vol 18 (6) ◽  
pp. 1301-1332 ◽  
Author(s):  
Oksana Bokova ◽  
Irina Drovnikova ◽  
Andrei Etepnev ◽  
Evgeniy Rogozin ◽  
Victor Khvostov
Keyword(s):  
Information Security ◽  
Structural Complexity ◽  
Systems Design ◽  
Software Systems ◽  
Automated Systems ◽  
Security Systems ◽  
Unauthorized Access ◽  
Reliability Indicators ◽  
Actual Design ◽  
Guidance Documents

Modern methods of protecting information  from unauthorized access in automated systems are based on the use of specialized information security systems from unauthorized access. Security systems are necessarily included in the form of additional software systems in the software as in a secure execution. Information security systems from unauthorized access can be developed not only in a process of automated systems design, but also complement the system-wide software of functioning systems. The use of the information security systems from unauthorized access can reduce a overall reliability of the automated systems, if they contain errors that are not detected during debugging. The reliability of the information security systems affects effectiveness of information security (confidentiality, integrity and availability). Guidelines of the Federal Service for Technical and Export Control (FSTEC) of Russia are a methodological basis for the formation of the information security systems’ image both in the process of development and in the process of modernization of the automated systems. The guidance documents of FSTEC of Russia do not contain methodological approaches to assessing the reliability of these program systems. In this regard, the actual design of techniques of estimating reliability of the information security systems from unauthorized access in automated systems in a secure execution. The structural complexity of the information security systems from unauthorized access and large number of functions performed necessitates the use of three reliability indicators that characterize the system in solving problems of confidentiality, integrity and availability of information. To develop the technique, the known methods of evaluating the reliability of complex systems are used, which do not allow their decomposition into serial and parallel connection. The developed methods were tested in assessing the reliability of the information security systems from unauthorized access with typical indicators of initial characteristics. The results of calculations and prospects of using the developed methods are presented in the paper.

scholarly journals Practical Training of Students on the Extraction and Analysis of Big Data

2018 ◽  
Vol 3 (2) ◽  
pp. 361 ◽  
Author(s):  
Prokhorov I.V. ◽  
Kochetkov O.T. ◽  
Filatov A.A.
Keyword(s):  
Big Data ◽  
Information Systems ◽  
Information Security ◽  
Application Programming Interface ◽  
The Internet ◽  
Practical Training ◽  
Security Systems ◽  
Application Programming ◽  
Data Scientist ◽  
Programming Interface

The article deals with questions of studies, development and practical use in teaching complex laboratory work on extracting and analyzing big data to train specialists in the specialty 10.05.04 "Information and Analytical Security Systems", direction of training "Information sSecurity of Financial and Economic Structures" in the framework of the educational discipline "Distributed Automated Information Systems". Keywords: big data, data scientist, extraction, processing and analysis of big data, information security of financial and economic structures, the Internet, Yandex, Google, application programming interface –API.

scholarly journals MODERN TOOLS FOR INFORMATION SECURITY SYSTEMS

2021 ◽  
Vol 335 (1) ◽  
pp. 14-18
Author(s):  
N. Baisholan ◽  
K.E. Kubayev ◽  
T.S. Baisholanov
Keyword(s):  
Information System ◽  
Risk Management ◽  
Information Systems ◽  
Information Security ◽  
Information Technologies ◽  
Business Processes ◽  
Security Audit ◽  
Security Systems ◽  
Security Models ◽  
Methods And Techniques

Efficiency of business processes in modern organizations depends on the capabilities of applied information technologies. The article describes and analyzes the role and features of audit tools and other methodological tools and models in ensuring the quality and security of information systems. The standard’s principles are reviewed, as well as the importance of meeting business needs. In order to protect virtual values in a company’s system environment, the importance of using information security models is revealed. Practical proposals in risk management and information security in information technology are analyzed through the COBIT standard. Measures for protecting the information system of an organization from accidental, deliberate or fake threats are considered. The possibility of using one of the real information security models by the information recipient or provider in accordance with the requirements of external processes is reported. Furthermore, in connection with increase in the number of attack methods and techniques and development of their new tools and vectors, the need to improve and ways to ensure information security are being considered. The essential tasks of security audit are considered, and the stages of their implementation are described. With regard to security of information systems, an analytical model is proposed for determining vulnerability’s numerical value.

Sign in / Sign up

Export Citation Format

Share Document