QUANTITATIVE ASSESSMENT OF SECURE OPERATION OF INFORMATION SYSTEMS
DOI:
https://doi.org/10.18372/2410-7840.26.20008Keywords:
coefficient of readiness for safe operation, modeling, graphical interpretation, information systems, parameters, attempts of illegal access to informationAbstract
The basis of information security is the activity of protecting information — ensuring its confidentiality, availability and integrity, as well as preventing any compromise in a critical situation. Its correct provision is responsible for the security of the company's information infrastructure, the security of all its data and their confidentiality.
Currently, information security is in trend, however, it is always necessary to remember that it is not a set of expensive technical means, but a continuous process that must be constantly improved, responding to the emergence of new threats and attack techniques. The damage from these threats can significantly exceed the cost of implementing protective measures, and it is clear that these risks must be mitigated as effectively as possible.
The article developed a model for quantitatively assessing the coefficient of readiness for safe operation of information systems. To do this, the following was done:
- modeling the coefficient of readiness for safe operation, taking into account the impact of the simultaneous appearance in the system of several vulnerabilities of the same type;
- modeling the coefficient of readiness for safe operation, taking into account the probability of the presence of r unremedied vulnerabilities (real threats of vulnerabilities) in the system at the same time;
- modeling the readiness factor for the safe operation of a set of computers, for example, computer networks, where several vulnerabilities can be eliminated at the same time;
- modeling factor of readiness for safe operation if the protection system used for vulnerability leveling is ready for safe operation.
For graphical interpretation of dependencies, graphic materials are presented, for which simulations were performed in the MatLab system. The graphic materials clearly indicate the possibility of obtaining a state of safe operation of information systems depending on the intensity of stopping attempts by the protection system of illegal access to information, and the intensity of such attempts at the entrance to the protection system.
This will allow developers of information systems and service personnel to have quantitative indicators of the coefficient of readiness for safe operation of the system and decision-making regarding possible vulnerabilities.
References
Netscout. DDoS Threat Intelligence Report / Findings from 1st half 2023. Internet Traffic and Slipstreamed Threats. DOI:10.30534/ijatcse/ 2019/12812019. URL: https://www. netscout.com/threatreport/internet-traffic- slipstreamed-threats/
Timan, T., Mann, Z. (2021). Data Protection in the Era of Artificial Intelligence: Trends, Existing Solutions and Recommendations for Privacy-Preserving Technologies. In: Curry, E., Metzger, A., Zillner, S., Pazzaglia, JC., García Robles, A. (eds) The Elements of Big Data Value. Springer, Cham. Pp. 153-175.https://doi.org/10.1007/ 978-3-030-68176-0_7
Ахрамович В.М. Інформатика. Програмне забезпечення (навчальний посібник) Практикум: навч.-метод. посіб..- К.:ДП «Інформ.-аналіт. Агенство», 2013.-276с
Ахрамович В.М. Інформатика. Програмне забезпечення (навчальний посібник) Навчальний посібник.- К.:ДП «Інформ.-аналіт. агенство», 2012.-375с
Гарбарчук В., Зінович З., Свіц О. Кібернетичний підхід до проектування систем захисту інформації / Українська академія інформатики; Волинський держ. ун-т ім. Лесі Українки; Люблінський політехнічний ун-т. - К.; Луцьк; Люблін, 2003. - 658 с.
Домарев В.В. Безпека інформаційних технологій. Методологія створення систем захисту. - Вид-во «ДіаСофт», 2002. - 693с.
Козачок, В. А., Гайдур, Г. І., Гахов, С. О., Хмелевський, Р. М., Чумак, Н. С. Політики безпеки. Навчальний посібник для студентів вищих навчальних закладів. Київ: ДУТ ННІЗІ, 2020.167 с.
Маслова Н.А. Побудова моделі захисту інформації із заданими характеристиками якості //Штучний інтелект. – Донецьк: ІШІ, 2007. – №1. – С. 51-57.
Методологія захисту інформації. Аспекти кібербезпеки: підручник/ Г.М. Гулак – К.: Видавництво НА СБ України, 2020/ -256 с.
Якименко, Ю. М., Савченко, В. А., Легомінова, С. В. Системний аналіз інформаційної безпеки: сучасні методи управління: підручник. Київ: Державний університет телекомунікацій, 2022. 308 с.
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
