Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities
Islam Alexandrovich Alexandrov, Andrey Victorovich Kirichek, Vladimir Zhanovich Kuklin, Alexander Nikolaevich Muranov, Leonid Mikhajlovich Chervyakov
{"title":"Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities","authors":"Islam Alexandrovich Alexandrov, Andrey Victorovich Kirichek, Vladimir Zhanovich Kuklin, Alexander Nikolaevich Muranov, Leonid Mikhajlovich Chervyakov","doi":"10.3844/jcssp.2023.1305.1317","DOIUrl":null,"url":null,"abstract":"The Information Protection System (IPS) is an integral part of any Information System (IS). To develop an optimal IPS model at the earliest stages of the IS lifecycle, it is necessary to develop IS resource and threat models. This study is devoted to developing a specific model of IS resources, allowing a detailed description of the relationship between resources and business processes and developing an IS threat model to describe in detail the relationships between threat implementations, various IS vulnerabilities, and the relationships between them. To solve these problems, this study used the methods of set theory, graph theory, probability theory, game theory, random processes theory, mathematical logic, and object-oriented approach. This study simulated different variants of the IPS and found that only a balanced IPS project met the Pareto demands. The projects where the emphasis is on countering only external or internal threats do not meet these demands.","PeriodicalId":40005,"journal":{"name":"Journal of Computer Science","volume":"39 4","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computer Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3844/jcssp.2023.1305.1317","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The Information Protection System (IPS) is an integral part of any Information System (IS). To develop an optimal IPS model at the earliest stages of the IS lifecycle, it is necessary to develop IS resource and threat models. This study is devoted to developing a specific model of IS resources, allowing a detailed description of the relationship between resources and business processes and developing an IS threat model to describe in detail the relationships between threat implementations, various IS vulnerabilities, and the relationships between them. To solve these problems, this study used the methods of set theory, graph theory, probability theory, game theory, random processes theory, mathematical logic, and object-oriented approach. This study simulated different variants of the IPS and found that only a balanced IPS project met the Pareto demands. The projects where the emphasis is on countering only external or internal threats do not meet these demands.
期刊介绍:
Journal of Computer Science is aimed to publish research articles on theoretical foundations of information and computation, and of practical techniques for their implementation and application in computer systems. JCS updated twelve times a year and is a peer reviewed journal covers the latest and most compelling research of the time.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
