{"title":"信息保护对象复杂描述的方法研究","authors":"S. Kruglikov, Sergey Kasanin, Yu. N. Kuleshov","doi":"10.21681/2311-3456-2022-4-39-51","DOIUrl":null,"url":null,"abstract":"Purpose: on the basis of analysis of a comprehensive approach to the assessment of threats to information security to substantiate a methodological approach to a comprehensive description of the object of information protection with an assessment of its risks. Offer a tool for building private models and information security management system. Research method: use of partial integral index of security, which reflects the average risk of damage during the implementation of a threat of a certain type and characterizes the degree of danger. Analysis of the architecture of the object of assessment in relation to possible violations of information security, information security risk assessment using the apparatus of the theory of fuzzy sets when considering the methodological approach to a comprehensive description of the object of information security with an assessment of its risks. Result: proposed a comprehensive approach to assessing threats to the security of information. The assessment of the state of the protection object in case of violation of security is carried out with the help of particular integral index of security, which characterizes the possibility of inflicting damage in its implementation, according to which the ranking is made. On the basis of this methodical approach to complex description of the object of information protection with an assessment of its risks, using analysis of architecture of the object in application to possible violations of information security, and also making an assessment of risk using the apparatus of the theory of fuzzy sets is substantiated. This methodical approach is a formal tool for building private models and information security management system as a whole. On the basis of these models, it is possible to develop: methods of quantitative estimation of security; methods and approaches to the description of the factors influencing security; methods of security estimation of operating systems with use of the methodological approach to information systems security.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Methodical Approach to the Complex Description of Information Protection Object\",\"authors\":\"S. Kruglikov, Sergey Kasanin, Yu. N. Kuleshov\",\"doi\":\"10.21681/2311-3456-2022-4-39-51\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Purpose: on the basis of analysis of a comprehensive approach to the assessment of threats to information security to substantiate a methodological approach to a comprehensive description of the object of information protection with an assessment of its risks. Offer a tool for building private models and information security management system. Research method: use of partial integral index of security, which reflects the average risk of damage during the implementation of a threat of a certain type and characterizes the degree of danger. Analysis of the architecture of the object of assessment in relation to possible violations of information security, information security risk assessment using the apparatus of the theory of fuzzy sets when considering the methodological approach to a comprehensive description of the object of information security with an assessment of its risks. Result: proposed a comprehensive approach to assessing threats to the security of information. The assessment of the state of the protection object in case of violation of security is carried out with the help of particular integral index of security, which characterizes the possibility of inflicting damage in its implementation, according to which the ranking is made. On the basis of this methodical approach to complex description of the object of information protection with an assessment of its risks, using analysis of architecture of the object in application to possible violations of information security, and also making an assessment of risk using the apparatus of the theory of fuzzy sets is substantiated. This methodical approach is a formal tool for building private models and information security management system as a whole. On the basis of these models, it is possible to develop: methods of quantitative estimation of security; methods and approaches to the description of the factors influencing security; methods of security estimation of operating systems with use of the methodological approach to information systems security.\",\"PeriodicalId\":422818,\"journal\":{\"name\":\"Voprosy kiberbezopasnosti\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Voprosy kiberbezopasnosti\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.21681/2311-3456-2022-4-39-51\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Voprosy kiberbezopasnosti","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21681/2311-3456-2022-4-39-51","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Methodical Approach to the Complex Description of Information Protection Object
Purpose: on the basis of analysis of a comprehensive approach to the assessment of threats to information security to substantiate a methodological approach to a comprehensive description of the object of information protection with an assessment of its risks. Offer a tool for building private models and information security management system. Research method: use of partial integral index of security, which reflects the average risk of damage during the implementation of a threat of a certain type and characterizes the degree of danger. Analysis of the architecture of the object of assessment in relation to possible violations of information security, information security risk assessment using the apparatus of the theory of fuzzy sets when considering the methodological approach to a comprehensive description of the object of information security with an assessment of its risks. Result: proposed a comprehensive approach to assessing threats to the security of information. The assessment of the state of the protection object in case of violation of security is carried out with the help of particular integral index of security, which characterizes the possibility of inflicting damage in its implementation, according to which the ranking is made. On the basis of this methodical approach to complex description of the object of information protection with an assessment of its risks, using analysis of architecture of the object in application to possible violations of information security, and also making an assessment of risk using the apparatus of the theory of fuzzy sets is substantiated. This methodical approach is a formal tool for building private models and information security management system as a whole. On the basis of these models, it is possible to develop: methods of quantitative estimation of security; methods and approaches to the description of the factors influencing security; methods of security estimation of operating systems with use of the methodological approach to information systems security.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
