Method of identification the functional security profile

Authors

  • Олександр Григорович Корченко National Aviation University
  • Анатолій Миколайович Давиденко Pukhov Institute for Modelling in Energy Engineering
  • Максим Радуйович Шабан Pukhov Institute for Modelling in Energy Engineering
  • Ігор Сергійович Іванченко National Aviation University

DOI:

https://doi.org/10.18372/2410-7840.21.14339

Keywords:

state expert review of the IIPS, functional security profile, decision support systems, functional security services, generation of functional security profiles, automation of the formation of functional security profiles

Abstract

The standard functional security profile is a list of the minimum required levels of services that a set of security features of a computer system of an automated system must implement in order to correctly meet certain security requirements for information processed in this automated system. Standard security facilities do not require any security policies or guarantees, although they are permissible if necessary. The computer system security policy implementing the standard profile must reflect the relevant regulatory requirements that set requirements for the processing of information on automated systems. The only requirement for the creation of new profiles is compliance with the prerequisites described in regulatory requirements for each of the services included in the profile. Functional security profiles can also be used to benchmark computer system functionality against national criteria and other countries. Thus, there is a need to create a method that will automate the process of generating a functional security profile and verify its correctness with respect to protection functions (security services) and guarantees. To solve this problem, we propose a method for identifying the functional security profile, which is due to the formation procedure: sets of primary and secondary functional security services; sets of combining primary and secondary functional security services into a functional security profile; sets of order by element indices; the basic functional security profile allowed to formalize the process of generating a functional security profile and verification by an expert of his requirements regarding security functions (security services) and guarantees. Next, we need to develop an information system that would automate the process of generating the functional security profile and verifying its requirements for security features (security services) and guarantees.

Author Biographies

Олександр Григорович Корченко, National Aviation University

Dr Eng (Information security), professor, laureate of the State Prize of Ukraine in Science and Technology, Head of IT-Security Academic Deparment, National Aviation University, Visit-Professor at The University of Bielsko-Biala (Akademia Techniczno-Humanistyczna, Bielsko-Biała, Poland), Leading Researcher of the National Academy of SS of Ukraine

Анатолій Миколайович Давиденко, Pukhov Institute for Modelling in Energy Engineering

Candidate of Technical Sciences, Senior Researcher, Leading Researcher of Department of Modelling Theory, Pukhov Institute for Modelling in Energy Engineering of NAS of Ukraine

Максим Радуйович Шабан, Pukhov Institute for Modelling in Energy Engineering

engineer Pukhov Institute for Modelling in Energy Engineering

Ігор Сергійович Іванченко, National Aviation University

PhD in Eng., Associate Professor of Academic Department of IT-Security, National Aviation University

References

О. Корченко, А. Давиденко, М. Шабан, "Модель

параметрів для ідентифікації функціонального

профілю захисту в комп’ютерних системах", Безпека інформації, Том 25, №2, С. 122-126, 2019.

НД ТЗІ 2.5-004-99 Критерії оцінки захищеності

інформації в комп’ютерних системах від несанкціонованого доступу, затверджений наказом

Департаменту спеціальних телекомунікаційних

систем та захисту інформації СБ України від

04.99 р. № 22.

О. Корченко, А. Давиденко, М. Шабан, "Декомпозиційна модель представлення смислових констант та змінних для реалізації експертиз у сфері

ТЗІ", Захист інформації, Том 21, №2, С. 88-96,

Published

2019-12-27

Issue

Section

Articles