Specification of Quality Indicators for Security Event and Incident Management in the Supply Chain

The paper proposes an approach to a formalized description of the process of changing the values of quality indicators of decision support for managing security events and incidents in the supply chain. The approach is based on the analysis of the functioning processes of modern quality control systems for information security in supply chain. In addition, it is based on an analysis of decision support processes. We use controlled Markov chains, represented by difference stochastic equations. The considered version of the analytical description of the state change in dynamics allows one to formalize, structure, and mathematically describe the process of this class from a uniform perspective. It is important to note that with this representation of the dynamics of state transitions, the requirements for operativity (timeliness), reliability, secrecy and resource costs for supporting decision-making to control information security in the supply chain are taken into account.

A Traceable and Authenticated IoTs Trigger Event of Private Security Record Based on Blockchain

Recently, private security services have become increasingly needed by the public. The proposed scheme involves blockchain technology with a smart contract. When a private security company signs a contract with a client, they install an Internet of Things (IoTs) device in the client’s house and connect it with the IoT main controller; then, the IoT main controller connects to the security control center (SCC). Once there is an event triggered (e.g., a break-in or fire incident) by the IoTs device, the controller sends a message to the SCC. The SCC allocates a security guard (SG) to the incident scene immediately. After the task is accomplished, the SG sends a message to the SCC. All of these record the messages and events chained in the blockchain center. The proposed scheme makes security event records have the following characteristics: authenticated, traceable, and integral. The proposed scheme is proved by a security analysis with mutual authentication, traceability, integrity, and non-repudiation. The known attacks (e.g., man-in-the-middle attack, replay attack, forgery attack) are avoided by message encryption and a signing mechanism. Threat models in the communication phase can also be avoided. Finally, computation cost, communication performance, and comparison with related works are also discussed to prove its applicability. We also provide an arbitration mechanism, so that the proposed scheme can reduce disputes between private security companies and the client.

Operational analytics as a data monitoring and event management tool of the cyber security management systems

With growing demand for the digitalization of data collection, transmission, processing and storage processes in all life spheres of individual, society, and state, there is an urgent need to construct an infrastructure of infor-mation transmission networks which can provide a secure connection between endpoints and data centers. These networks must have high availability and provide the fast and efficient processing of information requests, espe-cially in case of critical infrastructure networks. A structural functional scheme of data management for SIEM systems which includes straight and reverse relations between physical, mathematical and analytical levels is proposed, based on the stratum theory by M. Messarovich. A model of multilevel system for the data monito ring and cyber security event management is built in order to provide a systematic approach to maintain the safety state of complex systems and to ensure mechanisms for the operative real-time cyber security incident response.