Mechanisms of cyber security: the problem of conceptualization
DOI:
https://doi.org/10.18372/2225-5036.25.13841Keywords:
mechanism, cyber security, ontology, mechanism design, auction, game theoryAbstract
The article discusses general approaches related to the use of the concept of “mechanism” in the cybersecurity system. The initial definition of the mechanism in systems of analytical dynamics is presented. The transformation of the concept of “mechanism” is traced from mechanical systems to economic, social and organizational-technological. The definition of a mechanism that can be used in the analysis and design of decision-making systems is formulated, the features of using this concept in cybersecurity systems are considered. The publications related to the concept of the mechanism in cybersecurity systems were analyzed, on the basis of which an ontological model was built, which can be considered as a carrier of knowledge about the corresponding subject area. Particular attention is paid to the analysis and development of algorithmic mechanisms used in auction theory, as well as applications based on the use of both the classical theory of games and the theory of dynamic games. Analysis of the model made it possible to track the main directions of development using a mechanism to ensure the protection of critical infrastructure. The system of characteristics and structural elements of mechanisms in the socio-economic and political contexts of the use of cyber defense mechanisms is presented, which was not previously presented in the literature on information security and cyber defense. Given this, it is proposed to consider the decision-making mechanism in cybersecurity systems as a system of relations and interactions of various (individual, group, organizational) agents, whose interaction is aimed at solving the security problem. It is indicated that a particular variant of this approach is the decision-making mechanism. The conditions are presented under which the cybersecurity system acquires pronounced features of socio-economic and political systems, which emphasizes the legitimacy of the approach proposed by the authors.
References
Р. Грищук, Ю. Даник, Основи кібернетич-ної безпеки : Монографія, за заг. ред. проф. Ю. Г. Да-ника, Житомир : ЖНАЕУ, 2016, 636 с.
A. Milov, "Mehanizmy prinyatiya uprav-lencheskih resheniy: problemi konceptualizacii", Up-ravlinnya rozvitkom, № 17, pp. 119-122, 2008.
P. Hedström, P. Ylikoski, "Causal mecha-nisms in the social sciences", Annual Review of Sociolo-gy 36, pp. 49-67, 2010.
P. Machamer, L. Darden, C. Craver, "Thinking about mechanisms", Philosophy of Science 67, pp. 1-25, 2000.
N. Sclater N. Chironis, Mechanisms and Me-chanical Devices Sourcebook, New York : McGraw-Hill New York, 2007, 551 p.
New Oxford American Dictionary, Oxford University Press, 2010, 2096 p.
The Merriam-Webster Dictionary, Merriam-Webster, Inc. 2016, 960 p.
D. Subbu, Encyclopedia of Mechanical Engi-neering, London : SBS Publishers, 2007, 393 p.
A. Milov, S. Milevsky, "Formalizaciya mechanizmov koordinacii resheniy v korporativnih structurah", Bisnes-Inform, № 2(2), pp. 129-132, 2009.
A. Milov, "Planirovanie v pronstranstve situaciy", Modeli upravleniya v rinochnoy ekonomike. Sbornik nauchnih trudov; Donetskiy nacionalniy universitet. – Donetsk: DonNU, Vol. 4, pp. 165-172, 2000.
A. Milov, "Planirovanie resheniy v pros-transtve palach", Modeli upravleniya v rinochnoy ekonomike Sbornik nauchnih trudov; Donetskiy nacionalniy universitet, Donetsk: DonNU, 2002.
A. Milov, S. Milevsky, "Corporative Deci-sion-Making Multiagent Models", Економіка розвитку, № 3(79), C. 79-84, 2016.
"Lingvisticheskie struktury mnogourov-nevih system podderdzky reshenie", Trudy Kaluzkogo filial MGTU im. N. E. Baumana Materialy mezdunarodnoy nauchno-practicheskoy konferencii «Priborostroenie-99», Kaluga, 1999.
A. Milov, "Informacionnaya model prinya-tiya resheniq", Economika rozvitku, № 4(28), 2003.
A. Milov, "Model gruppy lits, prini-mayuchih resheniya", Ekonomika rozvitku, № 1(29), 2004.
A. Milov, O. Zaharova, "Modeli korpora-tivnogo planirovaniya v IT-autsotsinge", Radioelectronics and Informatics, KhTURE, № 1, pp. 116-118, 2013.
Fong-Hao Liu, Wei-Tsong Lee, "Construct-ing Enterprise Information Net-work Security Risk Management Mechanism by Ontology", Tamkang Journal of Science and Engineering, Vol. 13, No. 1, pp. 79-87, 2010.
A. Maedche, S. Staab, "Discovering concep-tual relations from text", In W. Horn (ed.): ECAI 2000 Proceedings of the 14th European Conference on Artificial Intelligence, IOS Press, Amsterdam, 2000.
A. Maedche, S. Staab, "Semi-automatic en-gineering of ontologies from text", In Proceedings of the 12th Internal Conference on Software and Knowledge Engi-neering, Chicago, USA, July, 5-7, 2000, KSI, 2000.
N. Nisan, "Algorithms for Selfish Agents", in Proceedings of the Symposi-um on Theoretical Aspects of Computer Science, LNCS 1563, Springer, Berlin, pp. 1-17, 1999.
N. Nisan, A. Ronen, "Algorithmic mecha-nism design", Games and Economic Behavior 35, pp. 166-196, 2001.
J. Feigenbaum, C. Papadimitriou, R. Sami, S. Shenker. "ABGP-based Mechanism for Lowest-Cost Routing", in Proceedings of the 2002 ACM Symposium on Principles of Distributed Computing.
D. Akinwumi, G. Iwasokun, B. Alese, S. Oluwadare, "A review of game theory approach to cyber security risk management", Nigerian Journal of Technology (NIJOTECH), Vol. 36, No. 4, pp. 1271-1285, 2017.
Р. Грищук, Теоретичні основи моделювання процесів нападу на інформацію методами теорій дифе-ренціальних ігор та диференціальних перетворень: Мо-нографія, Житомир : Рута, 2010, 280 с.
M. Wooldridge, "An Introduction to Multi Agent Systems", Department of Computer Science, Univer-sity of Liverpool, WILEY & SON, LTD, Copy-right 2002.
J. Teran, J.L. Aguilar, M. Cerrada. "Mathe-matical Models of Coordination Mechanisms in Multi-Agent Systems", CLEI Electronic Journal, Vol. 16, No. 2, pp. 5, 2013
S. Koenig, X. Zheng, C. Tovey, R. Borie, P. Kilby, V. Markakis, P. Keskinocak, "Agent Coordina-tion with Regret Clearing", In Proceedings of the AAAI Conference on Artificial Intelligence (AAAI), pp. 101-107, 2008.
P. Vytelingum, S. Ramchum, T. Voice, A. Rogers, N. Jennings, "Trading agents for the smart electricity grid", In The Ninth International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2010), pp. 897-904, 2010.
S. Koenig, P. Keskinocak, C. Tovey, "Pro-gress on Agent Coordination with Cooperative Auc-tions", Proceedings of the Twenty-Fourth AAAI Con-ference on Artificial Intelligence, Atlanta, Georgia, USA, July 11-15, 2010.
G. Betarte, J. Campo, M. Cristiá, F. Gorostiaga, C. Luna, C. Sanz, Towards formal model-based analysis and testing of Android’s security mechanisms, 2017.
G. Betarte, J. D. Campo, C. Luna, A. Ro-mano, "Formal analysis of android’s permission-based security model", Sci. Ann. Comp. Sci., Vol. 26, No. 1, pp. 27-68, 2016. [Electronic resource]. Available: http://dx.doi.org/10. 7561/SACS. 2016.1.27.
GSI, "Formal verification of the security model of Android: Coq code". [Electronic resource]. Available: http://www.fing.edu.uy/inco/grupos/gsi/ documentos/proyectos/Android6-Coq-model.tar.gz.
J. P. Anderson, "Computer Security tech-nology planning study", Deputy for Command and Man-agement System, USA, Tech. Rep., 1972. [Electronic re-source]. Available: http:// csrc.nist.gov/ publications/ history/ ande72.pdf.
Whan-Seon Kim, "Effects of a Trust Mecha-nism on Complex Adaptive Supply Networks: An Agent-Based Social Simulation Study", Journal of Artifi-cial Societies and Social Simulation, (3) 4.
F. Lin, Y. Sung, Y. Lo, "Effects of trust mechanisms on supply-chain performance", International Journal of Electronic Commerce, 9(4), pp. 91-112, 2005