ulgaria is in the process of adapting its system for crisis and emergency management to the requirements of democratic governance, market economy and membership in NATO and the European Union. With the start of the comprehensive defense reform in 1999, the Civil Protection Agency, until that time part of the Ministry of Defense, received the status of a State Agency as a first-level budget holder directly subordinated to the Council of Ministers. Dealing with a variety of natural and man-made disasters, the Agency cooperates with numerous organizations, including the Ministry of Defense, the Ministry of the Interior, local authorities, etc. The Agency has a range of capabilities allowing it to serve as the central national authority in dealing with civil emergencies. With a history of timely and efficient contribution to mitigating the consequences of natural disasters in neighboring countries, it further plays a very active role in promoting emergency management cooperation in South East Europe. 1 After describing the roles of the Agency, this paper presents major developments in implementing advanced information and communications technologies both in national and international setting. The recently signed Agreement on the establishment of the Civil-Military Emergency Planning Council for Southeastern Europe is given in the appendix.
{"title":"Modern Information Technologies and General Public Protection in the Republic of Bulgaria","authors":"Svetoslav Andonov, K. Kostadinova, Emil Simeonov","doi":"10.11610/ISIJ.1004","DOIUrl":"https://doi.org/10.11610/ISIJ.1004","url":null,"abstract":"ulgaria is in the process of adapting its system for crisis and emergency management to the requirements of democratic governance, market economy and membership in NATO and the European Union. With the start of the comprehensive defense reform in 1999, the Civil Protection Agency, until that time part of the Ministry of Defense, received the status of a State Agency as a first-level budget holder directly subordinated to the Council of Ministers. Dealing with a variety of natural and man-made disasters, the Agency cooperates with numerous organizations, including the Ministry of Defense, the Ministry of the Interior, local authorities, etc. The Agency has a range of capabilities allowing it to serve as the central national authority in dealing with civil emergencies. With a history of timely and efficient contribution to mitigating the consequences of natural disasters in neighboring countries, it further plays a very active role in promoting emergency management cooperation in South East Europe. 1 After describing the roles of the Agency, this paper presents major developments in implementing advanced information and communications technologies both in national and international setting. The recently signed Agreement on the establishment of the Civil-Military Emergency Planning Council for Southeastern Europe is given in the appendix.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"174 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129487494","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
George Sharkov, Yavor Papazov, Christina Todorova, Georgi Koykov, G. Zahariev
Today’s digital society implies interconnectivity between the online operations of different sectors of everyday life and economy alike. As a consequence, malicious activities targeted towards a single online service could hurt entire industries and multiple private and public organizations. This interdependence between online services and economic units is an imperative for targeted efforts ensuring the integrity and availability of individual systems and complex systems-of-systems alike. This article presents MonSys, a flexible, robust, and scalable monitoring platform, implemented as a cloud-based service and an onpremise solution, specifically designed to address the need for ensuring service availability at an individual level. MonSys provides several standardized services availability checks, such as web-based services from multiple geographical locations, and a flexible platform and tools for defining customized complex services. Particular attention is paid to the processes of metrics collection, processing, storage, and querying. MonSys can perform custom availability checks for different types of infrastructures, such as various black-box, grey-box, and white-box availability checks/metrics. The article presents also results from piloting the platform on performance and scalability and options for integration in early-warning and intelligent signaling, based on behavioral pattern analysis and predictive simulations. A R T I C L E I N F O : RECEIVED: 7 JULY 2020 REVISED: 31 AUG 2020 ONLINE: 7 SEP 2020 K E Y W O R D S : scalability, cyber threat, vulnerability analysis, cyber risk, resilience, early warning, situational awareness Creative Commons BY-NC 4.0 G. Sharkov et al., ISIJ 46, no. 2 (2020): 155-167
{"title":"MonSys: A Scalable Platform for Monitoring Digital Services Availability, Threat Intelligence and Cyber Resilience Situational Awareness","authors":"George Sharkov, Yavor Papazov, Christina Todorova, Georgi Koykov, G. Zahariev","doi":"10.11610/isij.4611","DOIUrl":"https://doi.org/10.11610/isij.4611","url":null,"abstract":"Today’s digital society implies interconnectivity between the online operations of different sectors of everyday life and economy alike. As a consequence, malicious activities targeted towards a single online service could hurt entire industries and multiple private and public organizations. This interdependence between online services and economic units is an imperative for targeted efforts ensuring the integrity and availability of individual systems and complex systems-of-systems alike. This article presents MonSys, a flexible, robust, and scalable monitoring platform, implemented as a cloud-based service and an onpremise solution, specifically designed to address the need for ensuring service availability at an individual level. MonSys provides several standardized services availability checks, such as web-based services from multiple geographical locations, and a flexible platform and tools for defining customized complex services. Particular attention is paid to the processes of metrics collection, processing, storage, and querying. MonSys can perform custom availability checks for different types of infrastructures, such as various black-box, grey-box, and white-box availability checks/metrics. The article presents also results from piloting the platform on performance and scalability and options for integration in early-warning and intelligent signaling, based on behavioral pattern analysis and predictive simulations. A R T I C L E I N F O : RECEIVED: 7 JULY 2020 REVISED: 31 AUG 2020 ONLINE: 7 SEP 2020 K E Y W O R D S : scalability, cyber threat, vulnerability analysis, cyber risk, resilience, early warning, situational awareness Creative Commons BY-NC 4.0 G. Sharkov et al., ISIJ 46, no. 2 (2020): 155-167","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129642431","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In recent years, information warfare has captured the attention of government officials, information security specialists, and curious onlookers. The term is used to cover a broad spectrum of activity but especially a scenario wherein information terrorists, using not much more than a keyboard and mouse, hack into a computer and cause planes to crash, unprecedented power blackouts to occur, or food supplies to be poisoned. The terrorists might tamper with computers that support banking and finance, perhaps causing stock markets to crash or economies to collapse. None of these disasters has occurred, but the concern is that they, and others like them, could happen, given the ease with which teenagers have been able to romp through computers with impunity--even those operated by the U.S. Department of Defense.
{"title":"Information Warfare and Security","authors":"I. Monitor","doi":"10.11610/ISIJ.0408","DOIUrl":"https://doi.org/10.11610/ISIJ.0408","url":null,"abstract":"In recent years, information warfare has captured the attention of government officials, information security specialists, and curious onlookers. The term is used to cover a broad spectrum of activity but especially a scenario wherein information terrorists, using not much more than a keyboard and mouse, hack into a computer and cause planes to crash, unprecedented power blackouts to occur, or food supplies to be poisoned. The terrorists might tamper with computers that support banking and finance, perhaps causing stock markets to crash or economies to collapse. None of these disasters has occurred, but the concern is that they, and others like them, could happen, given the ease with which teenagers have been able to romp through computers with impunity--even those operated by the U.S. Department of Defense.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123491643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cybercrime is on the rise and distributed denial of services attacks are among the most used by hacktivists, criminals, and even states. This article focuses on a Dutch solution to that problem, namely the Trusted Networks Initiative. The initiative aims at a global trust concept that provides website operators with a last resort option in case a large or long-lasting DDoS attack cannot be mitigated by other anti-DDoS means. The paper describes the foundational principles of the initiative, and more specifically the intended solution via the trusted routing concept.
{"title":"Trusted Networks Initiative: The Netherlands’ Response to DDoS Attacks","authors":"M. Rademaker, Marc Gauw","doi":"10.11610/isij.3202","DOIUrl":"https://doi.org/10.11610/isij.3202","url":null,"abstract":"Cybercrime is on the rise and distributed denial of services attacks are among the most used by hacktivists, criminals, and even states. This article focuses on a Dutch solution to that problem, namely the Trusted Networks Initiative. The initiative aims at a global trust concept that provides website operators with a last resort option in case a large or long-lasting DDoS attack cannot be mitigated by other anti-DDoS means. The paper describes the foundational principles of the initiative, and more specifically the intended solution via the trusted routing concept.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"177 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123620458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The paper presents main results of the analysis of cross impact between two of the ‘big themes’ in the FOCUS project: “EU as a global actor based on the wider Petersberg Tasks” and “Critical infrastructure & supply chain protection.” The cross impact was evaluated by experts from both EU and non-EU countries. For each theme they were asked to estimate significance and interrelation of trends, thus allowing the research team to identify centres of gravity within each theme. Then they estimated the pairwise linkage of trends from the two themes. The study resulted in identification of key linkages among trends, to be further explored in the analysis of respective contexts, mission roles, and security research scenarios. This practical test of the presented model—having relatively limited number of domains and trends—contributes to the transparency and illustrative power of FOCUS methodology and can be expanded in future studies.
{"title":"Evaluating the Cross-impact of EU Functions as a Global Actor and Protector of Critical Infrastructures and Supply Chains","authors":"T. Tagarev, Venelin Georgiev, J. Ahokas","doi":"10.11610/ISIJ.2903","DOIUrl":"https://doi.org/10.11610/ISIJ.2903","url":null,"abstract":"The paper presents main results of the analysis of cross impact between two of the ‘big themes’ in the FOCUS project: “EU as a global actor based on the wider Petersberg Tasks” and “Critical infrastructure & supply chain protection.” The cross impact was evaluated by experts from both EU and non-EU countries. For each theme they were asked to estimate significance and interrelation of trends, thus allowing the research team to identify centres of gravity within each theme. Then they estimated the pairwise linkage of trends from the two themes. The study resulted in identification of key linkages among trends, to be further explored in the analysis of respective contexts, mission roles, and security research scenarios. This practical test of the presented model—having relatively limited number of domains and trends—contributes to the transparency and illustrative power of FOCUS methodology and can be expanded in future studies.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"20 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120914120","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
There are similarities in information management between military and agricultural systems, e.g. distribution, impact of the environment, mobile agents, and the human factor are functioning in 2and 3-dimensional space. This allows spin-offs in the implementation of the concept of Cyber Situational Awareness (CSA), which is studied intensively in the defence field, but so far has not been applied with the aim to protect agricultural enterprise management systems. The purpose of this study is to substantiate the directions for the implementation of the CSA concept for the protection of corporate networks of agricultural enterprises, with the hypothesis that this will allow effective protection. The methodological basis is formed by the current provisions of the CSA concept, system analysis and synthesis. Results. The stability of communication channels and security is largely determined by the reliability of data transmission in the network, which is ensured by the design of the appropriate network structure. This in turn will provide opportunities to implement the first level of the CSA concept in IT to protect agricultural management systems. A R T I C L E I N F O : RECEIVED: 31 MAY 2020 REVISED: 04 SEP 2020 ONLINE: 18 SEP 2020 K E Y W O R D S : Cyber Situational Awareness, network protection, information system, control system Creative Commons BY-NC 4.0 Using the CSA Concept for Protection of Agricultural Enterprise Management IS
{"title":"Using the Cyber Situational Awareness Concept for Protection of Agricultural Enterprise Management Information Systems","authors":"Valentin V. Nekhai, M. Dorosh, Valentin A. Nekhai","doi":"10.11610/isij.4612","DOIUrl":"https://doi.org/10.11610/isij.4612","url":null,"abstract":"There are similarities in information management between military and agricultural systems, e.g. distribution, impact of the environment, mobile agents, and the human factor are functioning in 2and 3-dimensional space. This allows spin-offs in the implementation of the concept of Cyber Situational Awareness (CSA), which is studied intensively in the defence field, but so far has not been applied with the aim to protect agricultural enterprise management systems. The purpose of this study is to substantiate the directions for the implementation of the CSA concept for the protection of corporate networks of agricultural enterprises, with the hypothesis that this will allow effective protection. The methodological basis is formed by the current provisions of the CSA concept, system analysis and synthesis. Results. The stability of communication channels and security is largely determined by the reliability of data transmission in the network, which is ensured by the design of the appropriate network structure. This in turn will provide opportunities to implement the first level of the CSA concept in IT to protect agricultural management systems. A R T I C L E I N F O : RECEIVED: 31 MAY 2020 REVISED: 04 SEP 2020 ONLINE: 18 SEP 2020 K E Y W O R D S : Cyber Situational Awareness, network protection, information system, control system Creative Commons BY-NC 4.0 Using the CSA Concept for Protection of Agricultural Enterprise Management IS","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121182250","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Multi-Agent Systems to Support Coalition Forces","authors":"Z. Maamar, P. Labbé","doi":"10.11610/isij.0809","DOIUrl":"https://doi.org/10.11610/isij.0809","url":null,"abstract":"","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"193 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114232044","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In recent years, information warfare has captured the attention of government officials, information security specialists, and curious onlookers. The term is used to cover a broad spectrum of activity but especially a scenario wherein information terrorists, using not much more than a keyboard and mouse, hack into a computer and cause planes to crash, unprecedented power blackouts to occur, or food supplies to be poisoned. The terrorists might tamper with computers that support banking and finance, perhaps causing stock markets to crash or economies to collapse. None of these disasters has occurred, but the concern is that they, and others like them, could happen, given the ease with which teenagers have been able to romp through computers with impunity--even those operated by the U.S. Department of Defense.
{"title":"Information Security Architecture: An Integrated Approach to Security in the Organization","authors":"I. Monitor","doi":"10.11610/ISIJ.0409","DOIUrl":"https://doi.org/10.11610/ISIJ.0409","url":null,"abstract":"In recent years, information warfare has captured the attention of government officials, information security specialists, and curious onlookers. The term is used to cover a broad spectrum of activity but especially a scenario wherein information terrorists, using not much more than a keyboard and mouse, hack into a computer and cause planes to crash, unprecedented power blackouts to occur, or food supplies to be poisoned. The terrorists might tamper with computers that support banking and finance, perhaps causing stock markets to crash or economies to collapse. None of these disasters has occurred, but the concern is that they, and others like them, could happen, given the ease with which teenagers have been able to romp through computers with impunity--even those operated by the U.S. Department of Defense.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114531563","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The participation of Rakovski Defense College in the activities of the Consortium of Defense Academies and Security Studies Institutes creates an opportunity for effective implementation of advanced information technologies in the educational and research activities of the College and promotes the reform in the military education system. It also contributes to the active participation of the Republic of Bulgaria in the "Partnership for Peace" (PfP) program and assists Bulgarian preparation for joining NATO. Knowledge of the purpose, aims, tasks and structure of the Consortium allows Rakovski Defense College, as well as other governmental and non-governmental, military and civil organizations and individuals, working in the sphere of security and defense, to take active and productive part in the process.
{"title":"Participation in the Consortium of Defense Academies and Security Studies Institutes and Advanced Information Technologies","authors":"Petar Mollov","doi":"10.11610/ISIJ.0508","DOIUrl":"https://doi.org/10.11610/ISIJ.0508","url":null,"abstract":"The participation of Rakovski Defense College in the activities of the Consortium of Defense Academies and Security Studies Institutes creates an opportunity for effective implementation of advanced information technologies in the educational and research activities of the College and promotes the reform in the military education system. It also contributes to the active participation of the Republic of Bulgaria in the \"Partnership for Peace\" (PfP) program and assists Bulgarian preparation for joining NATO. Knowledge of the purpose, aims, tasks and structure of the Consortium allows Rakovski Defense College, as well as other governmental and non-governmental, military and civil organizations and individuals, working in the sphere of security and defense, to take active and productive part in the process.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"2012 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114543916","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Augmented Reality in an Enhanced Command and Control Application","authors":"Alexander Kolev, Lilia Pavlova","doi":"10.11610/isij.5023","DOIUrl":"https://doi.org/10.11610/isij.5023","url":null,"abstract":"","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121682998","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: