A MODEL OF A DISTRIBUTED INFORMATION SYSTEM BASED ON THE Z39.50 PROTOCOL

Based on the analysis of typical scenarios of information servers, the tasks that should be solved when organizing an access control system for distributed information resources are formulated. The possibilities of the Z39.50 technologies as the most suitable for building such a system are considered. Within the framework of this technology, three access control models are discussed, which differ in the degree of integration of information server functions with the Z39.50 technologies.The creation and support of distributed information systems and electronic libraries that integrate heterogeneous information resources and operate in various software and hardware environments requires special approaches to managing these systems. If the resources or data themselves can be managed locally, even for distributed information systems, then the task of managing access to distributed resources cannot be solved within the framework of local administration. The justification of the last thesis can be seen when considering typical scenarios of the information server, which we will describe below

Analytical support of data organization in distributed information systems of critical application

One of the most important tasks in the deployment and operation of a distributed information system of critical application is the organization of the electronic document management subsystem. The purpose of the operation of this subsystem is an uninterrupted, reliable and secure data exchange between users of the system. To achieve this goal, it is necessary to effectively organize and monitor the state of the electronic document management system storage databases. This article will consider approaches to solving this problem in relation to the electronic document management system of a distributed information system of critical application.

Efficiency of the implementation of the peer-to-peer distributed system for securable information storage and processing (TheOOL Project)

methodology of evaluation of efficiency of the implementation at industrial enterprises of “peer-to-peer distributed systems of storage and processing of protected information in enterprise networks” has been proposed. The efficiency evaluation is based on the comparison of the indicators of reliability, fault tolerance, and total cost of ownership of the implementation of corporate information systems within the proposed system and its possible alternatives. The “peer-to-peer distributed system of storage and processing of protected information” is designed for the protection of distributed computing and incapsulation of private networks without restricting possibilities for usable interactions in the process of implementation of Industry 5.0 and Super Smart Society technologies. When these concepts get implemented in an enterprise, manufacture, logistics, and sales are merged into a global geographically and organizationally distributed information system for data exchange, which functions on top of the Internet. The proposed system offers tools for setting up distributed computing, and it ensures an effective response to threats by applying cryptography, unauthorized access protection with the use of biometry and an innovative protocol for information exchange and control of topology powered by distributed ledger technology, while also optimizing the utilization of computing capacity.

Methodology for managing the flows of target information in the remote sensing space system Part 1. Task formalization

The article is devoted to the formalization of the problem of distribution of target information flows during the operation of the ERS space system. It is proposed to consider the system as a complex, geographically-distributed information system, the main task of which is to implement a full service cycle, starting with the formation of an application and ending with the provision of a finished thematic product. The decomposition of the ERS space system as a complex information organizational and technical system was carried out, the system and consumer characteristics of its elements were determined. The possibility is substantiated to carry out an objective curtailment of system performance indicators and go to two particular ones that characterize the effectiveness of the target functioning of the system as a whole: the promptness (time) of fulfilling consumer requests for a finished thematic product and the cost of the finished thematic product. A general methodological approach to solving the technical problem is proposed. The result is a formal presentation of the task of distributing the streams of target information during the operation of the ERS space system as a sequence of the following operations: formation of an application; determination of the list of requests to the system required to complete the application; determining the processes and the sequence of their execution that will process the corresponding requests; optimization of the time distribution of processes among the elements of the system, taking into account the selected performance indicators and existing limitations.

Logical design of information support for distributed information systems of critical application

The article deals with new information technologies for building a data warehouse in a distributed information system of critical application. The existing principles of creating data warehouses, as well as the outlined ways to improve them, are always associated with the collection, storage and use of information that is recorded at a certain point in time, while they store data corresponding to the last time count. This approach to the development and application of data warehouses can be called static, since it does not store or display the behavior of objects at past points in time. However, the objects that are included in the data warehouse have pronounced dynamic properties and therefore must be displayed dynamically. The way out of this situation is the creation of analytical data warehouses, which will provide an opportunity to more effectively solve traditional and qualitatively new tasks in the system under consideration.

Security basic model for applied tasks of the distributed information system

The tasks of modelling and the components of the basic model of applied task protection of a distributed information system have been considered. The measurement and relationship of security parameters, protection, new and reference attacks, anomalies, and threat environments have been proposed. The conditions of threats, attacks and, consequently, inconsistencies in the results of applied tasks are proved. At the beginning of the article the concept of a distributed information system, system of applied tasks, modern trends of zero-trust architecture in building information security systems are discussed. Further, it gives an overview of existing methods of detection and counteraction to attacks based on reference knowledge bases. To improve the level of security it is proposed to analyze the causes of attacks, namely hazards and threats to the system. Attacks, hazards and threats are considered as structured processes that affect the internal and external environment of the system of the applied tasks with a further impact on the output of these tasks. The concepts of security level and security level of a distributed information system are introduced, as well as the concepts of applied task, environment, and user contradictions. As the logical metrics of discrepancy detection the apparatus of semantic analysis is proposed, which (based on the reference knowledge base, the apparatus of text transformations) should be applied at the stage of loading of applied task and describe the input and output data, requirements to the environment of the task solution. The result of the research is the proposed method for identifying additional data about hazards, threats, attacks, countermeasures to attacks, applied task-solving. This data is generated from the reference and augmented textual descriptions derived from the proposed contradictions. By building additional reference images of threats, attacks, countermeasures, it becomes possible to prevent the activation of new attacks on the distributed information system.

METHODOLOGY FOR ANALYTICAL MONITORING OF ABNORMAL USER BEHAVIOR IN A DISTRIBUTED INFORMATION SYSTEM OF CRITICAL APPLICATION

The article develops methods of analytical monitoring of abnormal user behavior in a distributed information system of critical application, which is based on the use of the method of fuzzy matrix incidents. The use of matrix incidents allows you to identify atypical or inappropriate user behavior in work sessions. To illustrate the practical application of the developed methodology, an example of identifying one of the classes of user abuse is presented and the effectiveness of the methodology for analytical monitoring of abnormal user behavior in a distributed information system of critical application is evaluated.