MODEL SECURITY THREATS VIDEO INFORMATION RESOURCES SYSTEMS OF VIDEOCONFERENCING
DOI:
https://doi.org/10.18372/2310-5461.21.6056Keywords:
video conferencing, video information resource security threat, vulnerability, threat modelAbstract
This article is devoted to assessing the security video information resource videoconferencing specialized control systems. The video data used to control processes and decision-making in the operation of public authorities; acquires the status of state informative resources. To analyze the security of this information resource are encouraged to apply security features model CIA (confidentiality; integrity and availability). To assess the formation and approaches to ensure information security video information resource videoconferencing requires to analyze possible violations of video sources with mandatory identification of security threats; the factors contributing to their manifestation and vulnerabilities. The basis of the analysis of information security threats is the development of threat models. The purpose of this paper is the formation of a model of security threats video information resource with video conferencing for core government. It is shown that the modeling of security breach is advantageously carried out by analyzing the interaction of a logical chain "threat - a threat - the method of implementation - vulnerability - consequences"; followed by classification; analysis and evaluation of sources of threats; vulnerabilities (factors) for each category of information security. Formed a generalized threat model video information resource videoconferencing. All security threats classified into three main groups according to their origin: threats of actions subject access; threats of technical means; threats resulting from natural sources. The developed model of video information resource security threats videoconferencing enables analysis of vulnerabilities and security threats in the implementation of relevant control systems under various conditions and modes of operation of video conferencing for a specific category of information security - confidentiality; integrity; availability; followed by identifying the most significant (actual) threats.
References
Богуш В. М. Інформаційна безпека держави / В. М. Богуш, О. К. Юдин. — К. : МК-Прес, 2005. — 432 с.
Perrin, Chad. The CIA Triad and Engineering Principles for Information Technology Security. Retrieved 31 May 2012.
Рекомендации по стандартизации «Информа-ционные технологии. Основные термины и определения в области технической защиты информации» (Р 50.1.053-2005).
Международный стандарт ISO/IEC 15408-1-99 «Информационная технология. Методы и средства обеспечения безопасности. Критерии оценки безопасности информационных технологий. Часть 1. Введение и общая модель».
Юдін О. К. Інформаційна безпека. Норматив-но-правове забезпечення: підруч. / О. К. Юдін. — К. : НАУ, 2011. — 640 с.
Юдін О. К. Концептуальний аналіз уразливості державних інформаційних ресурсів / О. К. Юдін, С. С. Бучик // Наукоємні технології. — 2013. — № 3 (19). — С. 299–304.
Власов А. В. Анализ особенностей примене-ния видеоконференцсвязи в интересах профильных органов государственного управления / А. В. Власов, В. В. Баранник // Сучасна спеціальна техніка. — 2014. — Вип. 1. — С. 22–32.
Власов А. В. Кодирование информационных ресурсов систем видеоконференцсвязи для повы-шения их безопасности. / А. В. Власов, В. В. Лукин // Радиоэлектроника и информатика. — 2013. — № 2. — С. 65–73.
