Method of identification the functional security profile
DOI:
https://doi.org/10.18372/2410-7840.21.14339Keywords:
state expert review of the IIPS, functional security profile, decision support systems, functional security services, generation of functional security profiles, automation of the formation of functional security profilesAbstract
The standard functional security profile is a list of the minimum required levels of services that a set of security features of a computer system of an automated system must implement in order to correctly meet certain security requirements for information processed in this automated system. Standard security facilities do not require any security policies or guarantees, although they are permissible if necessary. The computer system security policy implementing the standard profile must reflect the relevant regulatory requirements that set requirements for the processing of information on automated systems. The only requirement for the creation of new profiles is compliance with the prerequisites described in regulatory requirements for each of the services included in the profile. Functional security profiles can also be used to benchmark computer system functionality against national criteria and other countries. Thus, there is a need to create a method that will automate the process of generating a functional security profile and verify its correctness with respect to protection functions (security services) and guarantees. To solve this problem, we propose a method for identifying the functional security profile, which is due to the formation procedure: sets of primary and secondary functional security services; sets of combining primary and secondary functional security services into a functional security profile; sets of order by element indices; the basic functional security profile allowed to formalize the process of generating a functional security profile and verification by an expert of his requirements regarding security functions (security services) and guarantees. Next, we need to develop an information system that would automate the process of generating the functional security profile and verifying its requirements for security features (security services) and guarantees.References
О. Корченко, А. Давиденко, М. Шабан, "Модель
параметрів для ідентифікації функціонального
профілю захисту в комп’ютерних системах", Безпека інформації, Том 25, №2, С. 122-126, 2019.
НД ТЗІ 2.5-004-99 Критерії оцінки захищеності
інформації в комп’ютерних системах від несанкціонованого доступу, затверджений наказом
Департаменту спеціальних телекомунікаційних
систем та захисту інформації СБ України від
04.99 р. № 22.
О. Корченко, А. Давиденко, М. Шабан, "Декомпозиційна модель представлення смислових констант та змінних для реалізації експертиз у сфері
ТЗІ", Захист інформації, Том 21, №2, С. 88-96,
Downloads
Published
2019-12-27
Issue
Section
Articles
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
