Priorities evaluation of cyber defense mechanisms of national utilities payment system through the use of the analytic hierarchy process
DOI:
https://doi.org/10.18372/2410-7840.21.13704Keywords:
Analytic Hierarchy Process (AHP), pairwise comparison matrix, score vector, Coherence Ratio (CR), National Utilities Payment System, Security Management System (SeMS)Abstract
The article is devoted to the problem of evaluation of the influence of cyber defense mechanisms on the reaching security of national utilities payment system. With growing demand for the development of communication systems aimed at satisfying public needs, implementing e-government services, e-commerce and electronic document management there is an urgent need to construct organizational and technical cybersecurity models as a complex of measures, forces and means for their cyber defense. It was important that the proposed approach to the development of such models was not only one-size-fits-all to all objects of cyber defense and, most crucially, took into account very specific features of each individual system functioning. The Security Management System (SeMS) hierarchical model of national utilities payment system that included both the technological features of the individual subsystems and the guidelines for interaction between them in terms of the main objective - to achieve a safety state of the system, in general, was designed. The priorities evaluation of cyber defense mechanisms through the use of The Analytic Hierarchy Process (AHP) was performed based on the designed model. The results of evaluation showed that the first and foremost attention should be focused on e-mail and web security (29,9%), while computer network security (25,6%) got the second place, mobile security (19,53%) the third place, cyber defense mechanisms for endpoint protection (12,25%) the fourth place, data centers security (7,99%) the fifth place and cloud security (4,73%) the last place respectively. The methodology allows to implement a system approach to the construction of organizational and technical models of complex hierarchical systems; makes it possible to obtain quantitative scores of the decisions priorities, based on which it is possible to formalize the procedure of choosing the various scenarios for the work of the SeMS; helps to develop the appropriate mathematical apparatus for the study on number of other complex objects of cyber defense within the national cyber security system of Ukraine.References
Katrenko A.V., Pasіchnik V.V., Pasko V.P. (2009), Theory decision making. [Teoriya pryynyattya rishenʹ]., BHV, Kyiv, 448 p. [In Ukrainian].
Kachinskiy, A.B. (2017), Safety of Complex Systems [Bezpeka skladnykh system]., Vydavnytstvo «Yuston», Kyiv, 498 p. [In Ukrainian].
Matviyenko, V.Ya. (2000), Prognostics: forecasting of social and economic processes: theory, methodology, practice. [Prohnostyka: prohnozuvannya sotsial’nykh ta ekonomichnykh protsesiv: teoriya, metodyka, praktyka]., Ukrayinsʹki propileyi, Kyiv, 520 p.
O’Connor, J. and & McDermott, I. (2018), The Art of Systems Thinking: Essential Skills for Creativity and Problem Solving ; translated from English by Sysyuk, N. [Systemne myslennya. Poshuk neordynarnykh tvorchykh rishenʹ]., Nash Format, Kyiv, 240 p. [in Ukrainian].
Pankratova, N.D. and Nedashkivska, N.I. (2010), Models and Methods of Hierarchy Analysis: Theory. Application [Modeli i metody analizu iyerarkhiy. Teoriya. Zastosuvannya]., NTUU «KPI», Kyiv, 372 p. [In Ukrainian].
Sierіkov, A.V. and Bіlotserkіvskiy, O.V. (2006), The hierarchy analysis method in decision making. [Metod analіzu iyerarkhіy u pryinyattі rіshen]., Burun Kniga, Kharkіv, 144 p. [in Ukrainian].
Stremetska M.S. (2017), “Modelling of Intensive Branched Information Flows Processing System”, XV All-Ukrainian scientific and practical conference of students, postgraduates and young scientists “Theoretical and applied problems of physics, mathematics and informatics”, Vol. 2, pp. 71-74.
Stremetska M.S., Kachinskiy A.B. (2018), “Modern Security Means of Electronic Payment Systems for Critical State Services Maintenance”, І International Scientific and Practical Conference “Problems of Cyber Security of Information and Telecommunication Systems”, Vol. 1, pp. 174-177.
Association agreement between the European Union and the European Atomic Energy Community and their Member States, of the one part, and Ukraine, of the other part. [Uhody pro astsiatsiyu mizh Ukrainoyu, z odniyei storony, ta Yevropeyskym Soyuzom, Yevropeyskym Spivtovarystvom z atomnoi enerhii I ikhnimy derzhavamy-chlenamy, z inshoi storony] [Electronic resource]: [Union ratified by the Law No. 1678-VII of 16.09.2014] - Available at: https://zakon.rada.gov.ua/laws/show/984_011 (accessed 9June2019) [In Ukrainian].
S. Hare. (2018), «Cisco’s Attack Continuum», Ironshare, 22April, аvailable at: https://www.ironshare.co.uk/technical/ciscos-attack-continuum/ (accessed 9June2019).
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
