MODELS FOR ASSESSMENT OF RESIDUAL RISK IN INFORMATION SYSTEM

Authors

DOI:

https://doi.org/10.18372/2410-7840.24.16932

Keywords:

cyber security, information systems, cyber-attacks, security of resources, ensuring cyber security

Abstract

To ensure the basic characteristics of the security of information system resources by preventing unauthorized users from accessing information and disclosing its content, it is necessary to use the means (hardware or software) of access administration, physical access control, protection against information leaks through technical channels, cryptographic means transformation (for encryption and decryption of closed information, as well as means of generation and distribution of keys), means of security signaling and organizational access restriction, etc. In the work, models of the process of interaction of means of cyber-attacks with means of cyber protection were developed to ensure the basic characteristics of the security of resources of information systems in which, due to the amount of residual risk and variation in the mode of operation or unauthorized use of means of storage of information carriers ration and thereby violating its integrity, accessibility and confidentiality, allows to provide a quantitative and qualitative assessment of the state of cyber security. A model of the process of the interaction of protection means is also presented, in which, due to the use of the model of the process of the interaction of means of cyber-attacks with means of cyber protection and the decomposition of the basic security characteristics of information system resources and taking into account the relevant indicators of the basic security characteristics in the process of cyber protection of information system resources, it is possible to increase the accuracy of the dynamic assessment of efficiency dependence from the intensity of the effects of cyberattacks. The proposed cyber protection models make it possible to block cyber-attacks in information systems even before they start to act on the system. In this way, cyber defense can use its resources more effectively, which does not need to respond to every warning, since there can also be false warnings. The considered models make it possible to propose expressions for assessing the residual risk when protecting resources of basic safety characteristics in the form of probabilities of their violation and form the conditions for the transition of the protected resource to the mode of artificial failure.

Published

2022-11-23