Information security violator model with general and specialized information
DOI:
https://doi.org/10.18372/2225-5036.25.13198Keywords:
information security, violator model, attack scenarios, threats, probability of violator’s motivation, probability of successful attack, assorted information, similarity of attacksAbstract
User violator model is a collection of data that is used to analyze upcoming threats for our system. These models mostly focus on threats that are related to poorly-trained personnel, competitors that are willing to resort to industrial espionage and all sorts of hackers. User violator model can incorporate information about other non-human threats that can directly affect the actions of the violator. User violator model can contain information about threats for system itself and threats for information that is processed within the system or even a certain aspect of such information. While it is impossible to predict all attacks with absolute certainty, it is still convenient to have at least some insight into violator’s plans. User violator model is also used for reaction planning and system/information recovery planning. Design of user violator models requires specific knowledge about both – the violators and the system. This work is dedicated to processing information about violator within the model in a way that will make it usable in other models. In this article recommendations for design of the violator model with information that differs by level of specialization are presented. Information of a higher (more generalized) level can be easily transferred to other models (or from current version of the model to the next one) whereas more specialized information is used for quantitative estimations of losses from performed attacks. Various levels of detailing of information about violator correspond to various sets of security mechanisms (“many to one” relation for the level of organization, “one to one” relation for the level of branch, “one to many” relation for the level of current version of the system). Violator model that is designed in accordance to these recommendations allows to account for violator’s control over attack and attacks’ target priority.
References
W. Liu, H. Tanaka, K. Matsuura, "Empiri-cal-Analysis Methodology for Information-Security In-vestment and Its Application to Reliable Survey of Japa-nese Firms", IPSZ Journal, Vol. 48, no. 9, September 2007, pp. 3204-3218.
А. Архипов, "Применение рефлексивных моделей рисков для защиты информации в кибер-пространстве", Захист інформації, Т. 19, №3.
М. Мирошник, "Разработка средств за-щиты информации в распределенных компьютерных системах и сетях", ІКСЗТ, №1, 2015.
Ю. Хохлачова, "Політика інформаційної безпеки об’єкта", Правове, нормативне та метрологіч-не забезпечення системи захисту інформації в Україні, №2(24), 2012.