Pub Date : 2019-03-28DOI: 10.18372/2410-7840.21.13547
Володимир Леонідович Бурячок, Андрій Олександрович Аносов, Артем Вадимович Платоненко
Найбільшу небезпеку для інформації останнім часом несуть відкриті Wi-Fi мережі, адже кожен має змогу підключитись до них та виконувати певні зловмисні дії. Небезпечними можна вважати також і умовно захищені мережі в публічних місцях чи організаціях, до яких можна підключитись дізнавшись, наприклад, пароль у працівника. Однією з причин кібернетичних атак на ресурси таких мереж є нестійкі до підбору паролі. Їх застосування дозволяє зловмисникам підключатися до зазначених мереж та отримувати доступ до всіх підключених до мереж пристроїв. Крім того, якщо нестійкий або стандартний пароль використовується для панелі налаштувань, то всі пристрої піддаються ризику кібернетичної атаки, яка може здійснюватися віддалено. Використання зловмисниками комплексного підходу для спроб несанкціонованого доступу до систем бездротового зв’язку (шляхом об’єднання соціальної інженерії та перехоплення даних з використанням зловмисного програмного забезпечення), а також нових видів кібератак, що дозволяють приховано встановлювати шкідливе програмне забезпечення на мобільні пристрої може сприяти зниженню ефективності існуючих методів та засобів захисту бездротових мереж. З метою уникнення таких і подібних ним проблем у статті запропоновано спосіб підвищення захисту бездротових мереж від перехоплення інформації та впливу на неї, шляхом створення паролю, стійкого до підбору зі змінним правилом ускладнення. Даний спосіб може бути використано при створенні програмно-апаратних засобів захисту, а також для підвищення захисту облікових записів користувачів та інших систем захисту, де необхідне використання надійного паролю. Враховуючи статистику та проведені в роботі розрахунки, можна стверджувати, що впровадження способу генерування ускладнених паролів дозволить суттєво підвищити рівень захищеності бездротових мереж.
{"title":"Password generation for wireless network with using variable complication rule","authors":"Володимир Леонідович Бурячок, Андрій Олександрович Аносов, Артем Вадимович Платоненко","doi":"10.18372/2410-7840.21.13547","DOIUrl":"https://doi.org/10.18372/2410-7840.21.13547","url":null,"abstract":"Найбільшу небезпеку для інформації останнім часом несуть відкриті Wi-Fi мережі, адже кожен має змогу підключитись до них та виконувати певні зловмисні дії. Небезпечними можна вважати також і умовно захищені мережі в публічних місцях чи організаціях, до яких можна підключитись дізнавшись, наприклад, пароль у працівника. Однією з причин кібернетичних атак на ресурси таких мереж є нестійкі до підбору паролі. Їх застосування дозволяє зловмисникам підключатися до зазначених мереж та отримувати доступ до всіх підключених до мереж пристроїв. Крім того, якщо нестійкий або стандартний пароль використовується для панелі налаштувань, то всі пристрої піддаються ризику кібернетичної атаки, яка може здійснюватися віддалено. Використання зловмисниками комплексного підходу для спроб несанкціонованого доступу до систем бездротового зв’язку (шляхом об’єднання соціальної інженерії та перехоплення даних з використанням зловмисного програмного забезпечення), а також нових видів кібератак, що дозволяють приховано встановлювати шкідливе програмне забезпечення на мобільні пристрої може сприяти зниженню ефективності існуючих методів та засобів захисту бездротових мереж. З метою уникнення таких і подібних ним проблем у статті запропоновано спосіб підвищення захисту бездротових мереж від перехоплення інформації та впливу на неї, шляхом створення паролю, стійкого до підбору зі змінним правилом ускладнення. Даний спосіб може бути використано при створенні програмно-апаратних засобів захисту, а також для підвищення захисту облікових записів користувачів та інших систем захисту, де необхідне використання надійного паролю. Враховуючи статистику та проведені в роботі розрахунки, можна стверджувати, що впровадження способу генерування ускладнених паролів дозволить суттєво підвищити рівень захищеності бездротових мереж.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"50 11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124975083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-03-28DOI: 10.18372/2410-7840.21.13445
Юрій Якович Самохвалов, Микола Миколайович Браіловський
Currently, the protection of information remains a pressing issue, and the most common approaches to its assessment are verification and risk-oriented method. However, the information security metrics in the relevant methodologies based on these approaches are insufficiently informative, since they take into account only objective aspects of security, completely ignoring the subjective ones. Therefore, they do not allow the development of judgments based on the state of confidentiality, integrity and availability of information and the organization’s information security level as a whole. For that reason, there is a necessity to develop a methodological apparatus for assessing the organization's information security, taking into account objective and subjective aspects of security. The article proposes the approach to assessing information security on the basis of the criterion of confidence that an organization implements its adopted security policy. Assessment of confidence includes assessment of the credibility of organization’s information security, the quality of the trust assessment model and the background of the persons who conducted such an assessment and knowledge assessment regarding threats. As an indicator of confidence, the utility indicator is used as the value of the generalized Harrington’s desirability function. The proposed approach to assessing the organization's information security is fairly simple to be implemented and can be used as a pilot to develop appropriate methods for assessing the security of organizations of various forms of ownership.
{"title":"Assessment of organization’s information security on the criterion of confidence","authors":"Юрій Якович Самохвалов, Микола Миколайович Браіловський","doi":"10.18372/2410-7840.21.13445","DOIUrl":"https://doi.org/10.18372/2410-7840.21.13445","url":null,"abstract":"Currently, the protection of information remains a pressing issue, and the most common approaches to its assessment are verification and risk-oriented method. However, the information security metrics in the relevant methodologies based on these approaches are insufficiently informative, since they take into account only objective aspects of security, completely ignoring the subjective ones. Therefore, they do not allow the development of judgments based on the state of confidentiality, integrity and availability of information and the organization’s information security level as a whole. For that reason, there is a necessity to develop a methodological apparatus for assessing the organization's information security, taking into account objective and subjective aspects of security. The article proposes the approach to assessing information security on the basis of the criterion of confidence that an organization implements its adopted security policy. Assessment of confidence includes assessment of the credibility of organization’s information security, the quality of the trust assessment model and the background of the persons who conducted such an assessment and knowledge assessment regarding threats. As an indicator of confidence, the utility indicator is used as the value of the generalized Harrington’s desirability function. The proposed approach to assessing the organization's information security is fairly simple to be implemented and can be used as a pilot to develop appropriate methods for assessing the security of organizations of various forms of ownership.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124877557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-03-28DOI: 10.18372/2410-7840.21.13543
В. Марценюк, А.С. Сверстюк
The article is devoted to questions of simulation of cyber-physical systems taking into account information threats. The principles of organization of structure and reliable functioning of the studied systems are analyzed. The conceptual model of cyber-physical systems taking into account information threats is presented. The constructive algorithm for finding an estimation in a cyberphysical model during attacks on a state and observation on the basis of measuring system indices is proposed in the work. The model is presented as a non-stationary descriptor system, which includes differential equations for node state variables and algebraic equations for measurements. State variables and measurements are considered as random vectors. The information criterion is used to find the optimal estimate of the scalar product that characterizes the state of the system. The algorithm is based on the construction of the task of estimation to the problem of optimal control. The value of the mean square error that does not depend on attacks is obtained. The evaluation was carried out in the form of a scalar product, which includes a measurement vector. An algorithm for constructing an optimal estimation for a scalar product is proposed, which includes the state of the network model during an attack. Mutual information between random vectors was used as a quality criterion for optimization. The evaluation was carried out in the form of a scalar product, which includes a measurement vector. Considering the effects of attacks on this estimate, it should be noted that the build estimate depends on such attacks only through the multiplier. The average square error of such an estimate is independent of the attack. The reason for the absence of impact of the attack on the mean square error is the quadratic form of the sets that are selected for state attacks. This assumption makes it possible to apply a linear-quadratic optimization device, which reduces the problem of evaluation to the problem of optimal control. Received results illustrated in the numerical example for the stage of system without noise and with attacks and for the stage of system with noise and attacks. In this case , a three-node cyberphysical system was used which could be used for planning technical service and optimized management for achievement more high totalperformance and safety of the studied systems .
{"title":"On model of cyber-physical system with state and measurement attacks on the basis of stochastic difference equations","authors":"В. Марценюк, А.С. Сверстюк","doi":"10.18372/2410-7840.21.13543","DOIUrl":"https://doi.org/10.18372/2410-7840.21.13543","url":null,"abstract":"The article is devoted to questions of simulation of cyber-physical systems taking into account information threats. The principles of organization of structure and reliable functioning of the studied systems are analyzed. The conceptual model of cyber-physical systems taking into account information threats is presented. The constructive algorithm for finding an estimation in a cyberphysical model during attacks on a state and observation on the basis of measuring system indices is proposed in the work. The model is presented as a non-stationary descriptor system, which includes differential equations for node state variables and algebraic equations for measurements. State variables and measurements are considered as random vectors. The information criterion is used to find the optimal estimate of the scalar product that characterizes the state of the system. The algorithm is based on the construction of the task of estimation to the problem of optimal control. The value of the mean square error that does not depend on attacks is obtained. The evaluation was carried out in the form of a scalar product, which includes a measurement vector. An algorithm for constructing an optimal estimation for a scalar product is proposed, which includes the state of the network model during an attack. Mutual information between random vectors was used as a quality criterion for optimization. The evaluation was carried out in the form of a scalar product, which includes a measurement vector. Considering the effects of attacks on this estimate, it should be noted that the build estimate depends on such attacks only through the multiplier. The average square error of such an estimate is independent of the attack. The reason for the absence of impact of the attack on the mean square error is the quadratic form of the sets that are selected for state attacks. This assumption makes it possible to apply a linear-quadratic optimization device, which reduces the problem of evaluation to the problem of optimal control. Received results illustrated in the numerical example for the stage of system without noise and with attacks and for the stage of system with noise and attacks. In this case , a three-node cyberphysical system was used which could be used for planning technical service and optimized management for achievement more high totalperformance and safety of the studied systems .","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129857350","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-12-21DOI: 10.18372/2410-7840.20.13425
Світлана Володимирівна Казмірчук, Анна Олександрівнa Корченко, Тарас Іванович Паращук
З розвитком інформаційних технологій збільшується кількість уразливостей та загроз різноманітним системам обробки даних і тому для забезпечення їх нормального функціонування та попередження вторгнень необхідні спеціалізовані засоби безпеки, а перспективним напрямком, який активно розвивається у сфері інформаційної безпеки є виявлення кібератак і запобігання вторгнень в інформаційних системах з боку неавторизованої сторони. Для виявлення мережевих вторгнень використовуються сучасні методи, моделі, засоби і комплексні технічні рішення для систем виявлення та запобігання вторгнень, які можуть залишатись ефективними при появі нових або модифікованих видів кіберзагроз. Загалом при появі нових загроз та аномалій, породжених атакуючими діями з невстановленими або нечітко визначеними властивостями, зазначені засоби не завжди залишаються ефективними і вимагають тривалих часових ресурсів для їх відповідної адаптації. Тому системи виявлення вторгнень повинні постійно досліджуватись і удосконалюватись для забезпечення неперервності в їх ефективному функціонуванні. Серед таких систем є спеціалізовані програмні засоби, які направлені на виявлення підозрілої активності або втручання в інформаційну систему і прийняття адекватних заходів щодо запобігання кібератакам. Аналіз джерел показав, що для сучасних інформаційних систем та мереж гостро стоїть питання оперативного виявлення зловживань та аномалій. В більшості робіт наведений лише частковий аналіз систем виявлення вторгнень та їх класифікація, представлений загальний опис відповідного забезпечення, який не відображає їх широкого спектру та не містить необхідної множини характеристик для інтегрованої оцінки таких систем. Тому, в роботі проведений узагальнений аналіз програмних засобів систем виявлення вторгнень за визначеною базовою множиною характеристик («Клас кібератак», «Адаптивність», «Методи виявлення», «Управління системою», «Масштабованість», «Рівень спостереження», «Реакція на кібератаку», «Захищеність» та «Підтримка операційної системи»). Це дасть певні можливості щодо вибору таких засобів та розробки для них найбільш ефективних механізмів безпеки при впливах кібератак.
{"title":"Analysis of intrusion detection systems","authors":"Світлана Володимирівна Казмірчук, Анна Олександрівнa Корченко, Тарас Іванович Паращук","doi":"10.18372/2410-7840.20.13425","DOIUrl":"https://doi.org/10.18372/2410-7840.20.13425","url":null,"abstract":"З розвитком інформаційних технологій збільшується кількість уразливостей та загроз різноманітним системам обробки даних і тому для забезпечення їх нормального функціонування та попередження вторгнень необхідні спеціалізовані засоби безпеки, а перспективним напрямком, який активно розвивається у сфері інформаційної безпеки є виявлення кібератак і запобігання вторгнень в інформаційних системах з боку неавторизованої сторони. Для виявлення мережевих вторгнень використовуються сучасні методи, моделі, засоби і комплексні технічні рішення для систем виявлення та запобігання вторгнень, які можуть залишатись ефективними при появі нових або модифікованих видів кіберзагроз. Загалом при появі нових загроз та аномалій, породжених атакуючими діями з невстановленими або нечітко визначеними властивостями, зазначені засоби не завжди залишаються ефективними і вимагають тривалих часових ресурсів для їх відповідної адаптації. Тому системи виявлення вторгнень повинні постійно досліджуватись і удосконалюватись для забезпечення неперервності в їх ефективному функціонуванні. Серед таких систем є спеціалізовані програмні засоби, які направлені на виявлення підозрілої активності або втручання в інформаційну систему і прийняття адекватних заходів щодо запобігання кібератакам. Аналіз джерел показав, що для сучасних інформаційних систем та мереж гостро стоїть питання оперативного виявлення зловживань та аномалій. В більшості робіт наведений лише частковий аналіз систем виявлення вторгнень та їх класифікація, представлений загальний опис відповідного забезпечення, який не відображає їх широкого спектру та не містить необхідної множини характеристик для інтегрованої оцінки таких систем. Тому, в роботі проведений узагальнений аналіз програмних засобів систем виявлення вторгнень за визначеною базовою множиною характеристик («Клас кібератак», «Адаптивність», «Методи виявлення», «Управління системою», «Масштабованість», «Рівень спостереження», «Реакція на кібератаку», «Захищеність» та «Підтримка операційної системи»). Це дасть певні можливості щодо вибору таких засобів та розробки для них найбільш ефективних механізмів безпеки при впливах кібератак.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"168 10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125985320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-12-21DOI: 10.18372/2410-7840.20.13252
Олексій Георгійович Голубничий
{"title":"Analysis of confidentiality of information transfer in DSSS systems in conditions of limited systems of used signal constructions","authors":"Олексій Георгійович Голубничий","doi":"10.18372/2410-7840.20.13252","DOIUrl":"https://doi.org/10.18372/2410-7840.20.13252","url":null,"abstract":"","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115868889","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-12-21DOI: 10.18372/2410-7840.20.13422
Лазат Муктаровна Кыдыралина
The paper reviewed and analyzed previous research in the field of protection of the information-educational environment of universities (ILE). It is shown that the priority development of digital education systems in many industrialized countries of the world requires appropriate technical and methodological support of specialists not only in the field of pedagogical activity, but also information technology, taking into account the problems of cyber security and information protection. It is shown that the protected data that is stored and circulate in the information and communication systems of universities, in particular, include: personal data of students, teachers, researchers, support staff; digitized information representing the intellectual property of the educational institution; information arrays that provide the learning process (for example, multimedia content, databases, training programs, etc.); It is substantiated that these information resources can act as an object of theft or distortion from external (internal) computer intruders or from hooliganism, from students or employees. It has been substantiated that the trend towards globalization of access to information resources, formed in many countries, makes relevant the task of introducing the latest digital and information and communication technologies in all areas of activity of a modern university. The relevance of research in the direction of developing models for decision support systems for finding investment management strategies for various ratios of the parameters of the investment process in the cybersecurity systems of educational institutions is substantiated.
{"title":"Передумови для формування безпечного інформаційно-освітнього середовища сучасного університету","authors":"Лазат Муктаровна Кыдыралина","doi":"10.18372/2410-7840.20.13422","DOIUrl":"https://doi.org/10.18372/2410-7840.20.13422","url":null,"abstract":"The paper reviewed and analyzed previous research in the field of protection of the information-educational environment of universities (ILE). It is shown that the priority development of digital education systems in many industrialized countries of the world requires appropriate technical and methodological support of specialists not only in the field of pedagogical activity, but also information technology, taking into account the problems of cyber security and information protection. It is shown that the protected data that is stored and circulate in the information and communication systems of universities, in particular, include: personal data of students, teachers, researchers, support staff; digitized information representing the intellectual property of the educational institution; information arrays that provide the learning process (for example, multimedia content, databases, training programs, etc.); It is substantiated that these information resources can act as an object of theft or distortion from external (internal) computer intruders or from hooliganism, from students or employees. It has been substantiated that the trend towards globalization of access to information resources, formed in many countries, makes relevant the task of introducing the latest digital and information and communication technologies in all areas of activity of a modern university. The relevance of research in the direction of developing models for decision support systems for finding investment management strategies for various ratios of the parameters of the investment process in the cybersecurity systems of educational institutions is substantiated.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":" 76","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120826711","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-12-21DOI: 10.18372/2410-7840.20.13426
Виктор Федорович Евдокимов, Анатолий Николаевич Давиденко, Сергей Яковлевич Гильгурт
The main purpose of a signature-based network intrusion detection system (NIDS) is to inspect network packet contents against tens of thousands of predefined malicious patterns. Unlike the firewall, NIDS examines not only packet headers, but also the packet bodies. The multi-pattern string matching task is a specific type of string matching functionality to search an input stream for a set of patterns rather than a single pattern. Due to rising traffic rates, increasing number and sophistication of attacks and the collapse of Moore's law for sequential processing, traditional software solutions can no longer meet the high requirements of today’s security challenges. Therefore, hardware approaches are proposed to accelerate pattern matching. Combining the flexibility of software and the nearASIC performance, reconfigurable FPGA-based devices have become increasingly popular for this purpose. Unfortunately, the development of complex reconfigurable devices is a very difficult craft. Users of NIDS which are usually system administrators have not neither enough qualification, nor computing resources to fulfill such a work. On the other hand specificities of security tasks require frequent execution of dynamic re-synthesis of reconfigurable accelerators. To solve this problem, a centralized system based on GRID and Cloud platforms was proposed. Such approach moves design and computation complexities from LANs to HPC. An experimental system was constructed and tested. First results are received and discussed. Preliminary comparison of GRID and Cloud technologies is made. Besides cybersecurity, high-speed multi-pattern matching is required for such important applications as data mining, XML switching, QoS management, VoIP filtering, cache replication etc.
{"title":"Централізований синтез реконфігуровних апаратних засобів інформаційної безпеки на високопродуктивних платформах","authors":"Виктор Федорович Евдокимов, Анатолий Николаевич Давиденко, Сергей Яковлевич Гильгурт","doi":"10.18372/2410-7840.20.13426","DOIUrl":"https://doi.org/10.18372/2410-7840.20.13426","url":null,"abstract":"The main purpose of a signature-based network intrusion detection system (NIDS) is to inspect network packet contents against tens of thousands of predefined malicious patterns. Unlike the firewall, NIDS examines not only packet headers, but also the packet bodies. The multi-pattern string matching task is a specific type of string matching functionality to search an input stream for a set of patterns rather than a single pattern. Due to rising traffic rates, increasing number and sophistication of attacks and the collapse of Moore's law for sequential processing, traditional software solutions can no longer meet the high requirements of today’s security challenges. Therefore, hardware approaches are proposed to accelerate pattern matching. Combining the flexibility of software and the nearASIC performance, reconfigurable FPGA-based devices have become increasingly popular for this purpose. Unfortunately, the development of complex reconfigurable devices is a very difficult craft. Users of NIDS which are usually system administrators have not neither enough qualification, nor computing resources to fulfill such a work. On the other hand specificities of security tasks require frequent execution of dynamic re-synthesis of reconfigurable accelerators. To solve this problem, a centralized system based on GRID and Cloud platforms was proposed. Such approach moves design and computation complexities from LANs to HPC. An experimental system was constructed and tested. First results are received and discussed. Preliminary comparison of GRID and Cloud technologies is made. Besides cybersecurity, high-speed multi-pattern matching is required for such important applications as data mining, XML switching, QoS management, VoIP filtering, cache replication etc.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"300 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116372123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-12-21DOI: 10.18372/2410-7840.20.13423
Михайло Олексійович Колпаков, Андрій Борисович Петренко
The increase in the number of information web resources is due to the development of technologies for interaction with information, accessibility and ease of use for the consumer, opportunities for automating business processes, saving resources and time for providing services for entrepreneurs. In this paper, an integrated approach is considered regarding the implementation of the mechanisms for solving the above problems in accordance with the requirements of the standards of PCI DSS, HIPAA / HITECH, FEDRAMP. An effective approach for integrating the Amazon S3 cloud storage into web applications written in the Java programming language is proposed. The step-by-step guide to web services implementation will not only effectively scale and protect product data, but also significantly extend the functionality of the web application, use internal analytical tools to monitor user activity, generate reports based on aggregated statistics. The step-by-step guide for integration of web services will not only allow effectively to scale and protect product data, but also significantly expand the functionality of the web application, to use internal analytical tools for monitoring user activity, to generate reports based on collected statistics. The mathematical model of the AES encryption algorithm, implemented in the Amazon cloud environment, is considered to explain the feasibility and relevance of its use. A graph of comparing the speed of the most current encryption algorithms based on the data obtained by conducting research on measuring the amount of time spent on encryption at different data volumes was constructed. This approach will allow software products to meet the requirements of the EU and FISMA data protection directives, improve data scaling by accessibility zones and regions, and enhance data protection through internal Amazon mechanisms such as access control, auditing, network firewall, server-side encryption and the encryption key management infrastructure.
{"title":"Scaling and enhancing data protection for web application data in accordance with PCI DSS, HIPAA/HITECH, FEDRAMP standards","authors":"Михайло Олексійович Колпаков, Андрій Борисович Петренко","doi":"10.18372/2410-7840.20.13423","DOIUrl":"https://doi.org/10.18372/2410-7840.20.13423","url":null,"abstract":"The increase in the number of information web resources is due to the development of technologies for interaction with information, accessibility and ease of use for the consumer, opportunities for automating business processes, saving resources and time for providing services for entrepreneurs. In this paper, an integrated approach is considered regarding the implementation of the mechanisms for solving the above problems in accordance with the requirements of the standards of PCI DSS, HIPAA / HITECH, FEDRAMP. An effective approach for integrating the Amazon S3 cloud storage into web applications written in the Java programming language is proposed. The step-by-step guide to web services implementation will not only effectively scale and protect product data, but also significantly extend the functionality of the web application, use internal analytical tools to monitor user activity, generate reports based on aggregated statistics. The step-by-step guide for integration of web services will not only allow effectively to scale and protect product data, but also significantly expand the functionality of the web application, to use internal analytical tools for monitoring user activity, to generate reports based on collected statistics. The mathematical model of the AES encryption algorithm, implemented in the Amazon cloud environment, is considered to explain the feasibility and relevance of its use. A graph of comparing the speed of the most current encryption algorithms based on the data obtained by conducting research on measuring the amount of time spent on encryption at different data volumes was constructed. This approach will allow software products to meet the requirements of the EU and FISMA data protection directives, improve data scaling by accessibility zones and regions, and enhance data protection through internal Amazon mechanisms such as access control, auditing, network firewall, server-side encryption and the encryption key management infrastructure.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"162 8-12","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132846311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-12-21DOI: 10.18372/2410-7840.20.13101
Руслан Вячеславович Скуратовский
Estimates of the complexity of the point division operation into two for twisted Edwards curve are obtained in comparison with the doubling of the point. One of the applications of the divisibility properties of a point into two is considered to determine the order of a point in a cryptosystem. The cryptological security of the pseudo-random sequence generator proposed by the author is shown on the basis of a curve in the form of Edwards. A new generation scheme and a new one-sided function of a pseudo-random cryptological security sequence based on these curves are proposed. The degree of embedding of these curves into a finite field for pairing on friendly elliptic curves of prime order or almost prime order is investigated. Pairingfriendly curves of prime or near-prime order are absolutely essential in certain pairing-based schemes like short signatures with longer useful life. For this goal we construct friendly curves on base of family of twisted Edwards curves. The possibility of constructing a twisted Edwards order curve, that is, one that has a minimal cofactor 4, has been found. A solution for the inverse doubling problem is obtained for quasi-elliptic curves that represented in the twisted Edwards form. Also its application to the proving of cryptographic pseudo-random sequence generator. It makes it possible to prove the cryptological security of the pseudo-random sequence we developed.
{"title":"Псевдовипадкові криптостійкі послідовності і подільність точки скрученої кривої Едвардса навпіл над простими і складеними полями","authors":"Руслан Вячеславович Скуратовский","doi":"10.18372/2410-7840.20.13101","DOIUrl":"https://doi.org/10.18372/2410-7840.20.13101","url":null,"abstract":"Estimates of the complexity of the point division operation into two for twisted Edwards curve are obtained in comparison with the doubling of the point. One of the applications of the divisibility properties of a point into two is considered to determine the order of a point in a cryptosystem. The cryptological security of the pseudo-random sequence generator proposed by the author is shown on the basis of a curve in the form of Edwards. A new generation scheme and a new one-sided function of a pseudo-random cryptological security sequence based on these curves are proposed. The degree of embedding of these curves into a finite field for pairing on friendly elliptic curves of prime order or almost prime order is investigated. Pairingfriendly curves of prime or near-prime order are absolutely essential in certain pairing-based schemes like short signatures with longer useful life. For this goal we construct friendly curves on base of family of twisted Edwards curves. The possibility of constructing a twisted Edwards order curve, that is, one that has a minimal cofactor 4, has been found. A solution for the inverse doubling problem is obtained for quasi-elliptic curves that represented in the twisted Edwards form. Also its application to the proving of cryptographic pseudo-random sequence generator. It makes it possible to prove the cryptological security of the pseudo-random sequence we developed.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114886048","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-12-21DOI: 10.18372/2410-7840.20.13424
Б.Є. Журиленко
In this paper, an attempt has been made to develop a methodology for estimating the financial costs of building a complex of technical information protection (CTIP) using known parameters. Such parameters can be: the likelihood of hacking protection, depending on the amount of funding invested in protection and possible financial losses without protection; risks of losses from invested funding in defense; risks of total financial losses and the effectiveness of the constructed protection. All CTEI assessments were conducted for the maximum values of the likelihood of hacking and the maximum risk of loss. In this paper, specific expressions are obtained for assessing the effectiveness of information protection, optimizing the risks of financial losses in the design, certification and evaluation of the working condition depending on financial investments in information protection and the risks of their losses. A theoretical definition of the effectiveness of protection through the risks of invested funding in defense and the risks of total financial losses are proposed. Coefficient the effectiveness of the protection of a single or single-tier protection will vary from zero (in the absence of funding for protection) to unity (with infinite funding for the construction of protection). The obtained expressions at the design stage will allow you to compare with each other and evaluate the chosen KTPDI before the process of its implementation. Experimental research data on the differences between the practical and theoretical parameters of the effectiveness of protection will allow to investigate and select the most optimal and effective protection. Expressions are given that make it possible to determine the actual effectiveness of security based on the experimental probability of hacking. Theoretically confirmed higher reliability of multi-level protection compared with single-level. It is shown that with the same financial costs for single-level and multi-level protection, the likelihood of hacking protection and risks financial loss of multi-level protection is much lower. Consequently, with the help of a multi-level protection system, you can create the required level of protection with lower financial costs. Thus, this work can be useful for assessing the effectiveness of information protection, optimizing the risks of financial losses in the design, certification and assessment of the working condition.
{"title":"Estimation of financial costs for building of information protection system","authors":"Б.Є. Журиленко","doi":"10.18372/2410-7840.20.13424","DOIUrl":"https://doi.org/10.18372/2410-7840.20.13424","url":null,"abstract":"In this paper, an attempt has been made to develop a methodology for estimating the financial costs of building a complex of technical information protection (CTIP) using known parameters. Such parameters can be: the likelihood of hacking protection, depending on the amount of funding invested in protection and possible financial losses without protection; risks of losses from invested funding in defense; risks of total financial losses and the effectiveness of the constructed protection. All CTEI assessments were conducted for the maximum values of the likelihood of hacking and the maximum risk of loss. In this paper, specific expressions are obtained for assessing the effectiveness of information protection, optimizing the risks of financial losses in the design, certification and evaluation of the working condition depending on financial investments in information protection and the risks of their losses. A theoretical definition of the effectiveness of protection through the risks of invested funding in defense and the risks of total financial losses are proposed. Coefficient the effectiveness of the protection of a single or single-tier protection will vary from zero (in the absence of funding for protection) to unity (with infinite funding for the construction of protection). The obtained expressions at the design stage will allow you to compare with each other and evaluate the chosen KTPDI before the process of its implementation. Experimental research data on the differences between the practical and theoretical parameters of the effectiveness of protection will allow to investigate and select the most optimal and effective protection. Expressions are given that make it possible to determine the actual effectiveness of security based on the experimental probability of hacking. Theoretically confirmed higher reliability of multi-level protection compared with single-level. It is shown that with the same financial costs for single-level and multi-level protection, the likelihood of hacking protection and risks financial loss of multi-level protection is much lower. Consequently, with the help of a multi-level protection system, you can create the required level of protection with lower financial costs. Thus, this work can be useful for assessing the effectiveness of information protection, optimizing the risks of financial losses in the design, certification and assessment of the working condition.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"80 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122547507","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: