Правильная ссылка на статью:
Sosnin Yu.V., Kulikov G.V., Nepomnyashchikh A.V..
A complex of mathematical models of configuration optimization for means of information security from unauthorized access
// Software systems and computational methods. – 2015. – № 1.
– С. 32-44.
DOI: 10.7256/2305-6061.2015.1.14124.
рубрика Модели и методы управления информационной безопасностью
DOI: 10.7256/2305-6061.2015.1.14124
Читать статью
Аннотация: The subject of study is the problem of formalized description of conflicts arising in the protection of information from unauthorized access, for more information on possible action potential enemy and their consequences for the benefit of the selection and implementation of the defense strategy of information in automated systems. The initial data are the list of objects of the automated system and the value of the processed information to them; a list of information security and their cost; a list of possible methods of implementing the threat of unauthorized access to information, cost and efficiency. The result is the most effective means of protection configuration information for each object with the estimates of the effectiveness and cost of its implementation. Methods used: game theory, probability theory, reliability theory, system analysis, the theory of the collection and processing of expert information. The application of the developed models of information security processes for optimum configuration of information security for which each option protection system is characterized by unique quantification of having a clear physical meaning (security measure), so it is possible to choose a specific embodiment of the object of protection of the automated system by the criterion of maximum security (with cost constraints) or minimum value (for fixed requirements for security). Furthermore, the optimization of the composition and structure of information protection system design and in changing the original data is not time-consuming.
Ключевые слова: evaluation of data protection, threats to information security, security risk management, modeling of information security, modeling of information threats, information security management, information protection, information security, unauthorized information exposure, criteria for data protection
Библиография:
Chirov D.S., Tereshonok M.V., Elsukov B.A. Metod i algoritmy optimizatsii tekhnicheskikh kharakteristik kompleksov radiomonitoringa // T-Comm: Telekommunikatsii i transport. 2014. T. 8. № 10. S. 88-92.
Chirov D.S. Metodicheskiy podkhod k obosnovaniyu tekhnicheskikh kharakteristik kompleksov radiomonitoringa dlya resheniya zadach raspoznavaniya istochnikov radioizlucheniya // T-Comm: Telekommunikatsii i transport. 2011. T. 5. № 11. S. 85-87.
Khar'kov V.P., Merkulov V.I. Formirovanie zadannoy konfiguratsii slozhnoy raspredelennoy sistemy upravleniya // Radiotekhnika. 2011. № 6. S. 96-101.
Khar'kov V.P. Postroenie optimal'nykh algoritmov upravleniya nelineynymi dinamicheskimi sistemami // Innovatsii na osnove informatsionnykh i kommunikatsionnykh tekhnologiy. 2013. T. 1. S. 278-281.
Fedorov M.V., Kalinin K.M., Bogomolov A.V., Stetsyuk A.N. Matematicheskaya model' avtomatizirovannogo kontrolya vypolneniya meropriyatiy v organakh voennogo upravleniya // Informatsionno-izmeritel'nye i upravlyayushchie sistemy. 2011. T. 9. № 5. S. 46-54.
Solov'ev S.V., Zatoka I.V., Eshchenko E.V. Pokazateli kachestva zashchishchennykh informatsionnykh sistem v oblasti tekhnicheskoy zashchity informatsii // Telekommunikatsii. 2012. № 5. S. 24-30.
Ushakov I.B., Bogomolov A.V. Informatizatsiya programm personifitsirovannoy adaptatsionnoy meditsiny // Vestnik Rossiyskoy akademii meditsinskikh nauk. №5-6, 2014. S. 124-128.
Sizonenko A.B., Men'shikh V.V. Optimal'naya realizatsiya avtomatnoy modeli zashchishchennoy informatsionnoy sistemy putem predstavleniya logicheskikh funktsiy polinomial'nymi formami // Informatsiya i bezopasnost'. 2012. T. 15. № 2. S. 225-230.
Rudakov I.S., Rudakov S.V., Bogomolov A.V. Metodika identifikatsii vida zakona raspredeleniya parametrov pri provedeniya kontrolya sostoyaniya slozhnykh sistem // Informatsionno-izmeritel'nye i upravlyayushchie sistemy. 2007. T. 5. № 1. S. 66-72.
Men'shikh V.V., Pastushkova E.A. Metody otsenki variantov prinyatiya resheniy v sistemakh upravleniya s funktsional'no izbytochnym naborom deystviy // Vestnik Voronezhskogo instituta MVD Rossii. 2014. № 3. S. 48-57.
Men'shikh V.V., Koval'chuk A.A. Otsenki uyazvimosti i opasnosti rasprostraneniya ugroz informatsionnoy bezopasnosti v telekommunikatsionnykh sistemakh // Informatsionnaya bezopasnost' regionov. 2013. № 2 (13). S. 17-22.
Maksimov I.B., Stolyar V.P., Bogomolov A.V. Prikladnaya teoriya informatsionnogo obespecheniya mediko-biologicheskikh issledovaniy. M.: Binom, 2013. 312 s.
Kulikov G.V., Sosnin Yu.V., Nepomnyashchikh A.V., Nashchekin P.A. Modelirovanie protsessa zashchity informatsii pri realizatsii nesanktsionirovannogo dostupa k ney // Vestnik komp'yuternykh i informatsionnykh tekhnologiy. 2014. № 4 (118). S. 45-51.
Kulikov G.V., Nepomnyashchikh A.V., Sosnin Yu.V., Nashchekin P.A. Osobennosti tekhnologiy dinamicheskoy zashchity informatsionnykh resursov avtomatizirovannykh sistem upravleniya // Voprosy zashchity informatsii. 2013. № 4 (102). S. 39-44.
Kulikov G.V., Nepomnyashchikh A.V. Metodika otsenivaniya funktsional'nykh vozmozhnostey sistem obnaruzheniya vtorzheniy // Informatsionnye tekhnologii. 2006. № 1. S. 31–36.
Kulikov G.V., Nepomnyashchikh A.V. Metod sostavleniya naibolee polnogo perechnya ugroz bezopasnosti informatsii avtomatizirovannoy sistemy // Bezopasnost' informatsionnykh tekhnologiy. 2005. № 1. S. 47-50.
Kukushkin Yu.A., Bogomolov A.V., Ushakov I.B. Matematicheskoe obespechenie otsenivaniya sostoyaniya material'nykh sistem // Informatsionnye tekhnologii. 2004. Prilozhenie k № 7. 24 s.
Kolomiets L.V., Fedorov M.V., Bogomolov A.V., Merezhko A.N., Soldatov A.S., Esev A.A. Metod podderzhki prinyatiya resheniy po upravleniyu resursami pri ispytaniyakh aviatsionnoy tekhniki // Informatsionno-izmeritel'nye i upravlyayushchie sistemy. 2010. T. 8. № 5. S. 38-40.
Zaguzov G.V. Administrativno-pravovye sredstva obespecheniya informatsionnoy bezopasnosti i zashchity informatsii v Rossiyskoy Federatsii // Administrativnoe i munitsipal'noe pravo.-2010.-5.-C. 44-47.
Kozlov V.E., Bogomolov A.V., Rudakov S.V., Olenchenko V.T. Matematicheskoe obespechenie obrabotki reytingovoy informatsii v zadachakh ekspertnogo otsenivaniya // Mir izmereniy. 2012. № 9. S. 42-49.
Golosovskiy M.S. Model' zhiznennogo tsikla razrabotki programmnogo obespecheniya v ramkakh nauchno-issledovatel'skikh rabot // Avtomatizatsiya i sovremennye tekhnologii. 2014. № 1. S. 43-46.
Grusho A.A., Grusho N.A., Timonina E.E., Shorgin S.Ya. Bezopasnye arkhitektury raspredelennykh sistem // Sistemy i sredstva informatiki. 2014. № 24. S. 18-31.
Vorob'ev A.A., Kulikov G.V., Nepomnyashchikh A.V. Otsenivanie zashchishchennosti avtomatizirovannykh sistem na osnove metodov teorii igr // Informatsionnye tekhnologii. 2007. Prilozhenie k № 1. 24 s.
Vladimirova T.V. K sotsial'noy prirode ponyatiya «informatsionnaya bezopasnost'» // Voprosy bezopasnosti. 2013. №4. C. 78-95. DOI: 10.7256/2409-7543.2013.4.596. URL: http://www.e-notabene.ru/nb/article_596.html
Buslenko N.P. Modelirovanie slozhnykh sistem. M.: Nauka, 1978. 355 s.
Bogomolov A.V., Maystrov A.I. Tekhnologiya analiza sistemnykh prichinno-sledstvennykh svyazey na osnove diagramm Isikavy // Sistemnyy analiz v meditsine (SAM 2014): Materialy VIII mezhdunarodnoy nauchnoy konferentsii. Blagoveshchensk, 2014. S. 13-16.
Bogomolov A.V., Chuykov D.S., Zaporozhskiy Yu.A. Sredstva obespecheniya bezopasnosti informatsii v sovremennykh avtomatizirovannykh sistemakh // Informatsionnye tekhnologii. 2003. № 1. S.2-8.
Borodakiy Yu.V., Vorob'ev A.A., Kulikov G.V., Nepomnyashchikh A.V. Otsenivanie zashchishchennosti ot informatsionnykh vozdeystviy avtomatizirovannykh sistem upravleniya: teoriya i praktika // Bezopasnost' informatsionnykh tekhnologiy. 2005. №4. S. 61.
Shelkov A.B., Shul'ts V.L., Kul'ba V.V. Audit informatsionnoy bezopasnosti avtomatizirovannykh sistem upravleniya // Trendy i upravlenie. 2014. №4. C. 319-334. DOI: 10.7256/2307-9118.2014.4.10281.
References (transliteration):
Chirov D.S., Tereshonok M.V., Elsukov B.A. Metod i algoritmy optimizatsii tekhnicheskikh kharakteristik kompleksov radiomonitoringa // T-Comm: Telekommunikatsii i transport. 2014. T. 8. № 10. S. 88-92.
Chirov D.S. Metodicheskiy podkhod k obosnovaniyu tekhnicheskikh kharakteristik kompleksov radiomonitoringa dlya resheniya zadach raspoznavaniya istochnikov radioizlucheniya // T-Comm: Telekommunikatsii i transport. 2011. T. 5. № 11. S. 85-87.
Khar'kov V.P., Merkulov V.I. Formirovanie zadannoy konfiguratsii slozhnoy raspredelennoy sistemy upravleniya // Radiotekhnika. 2011. № 6. S. 96-101.
Khar'kov V.P. Postroenie optimal'nykh algoritmov upravleniya nelineynymi dinamicheskimi sistemami // Innovatsii na osnove informatsionnykh i kommunikatsionnykh tekhnologiy. 2013. T. 1. S. 278-281.
Fedorov M.V., Kalinin K.M., Bogomolov A.V., Stetsyuk A.N. Matematicheskaya model' avtomatizirovannogo kontrolya vypolneniya meropriyatiy v organakh voennogo upravleniya // Informatsionno-izmeritel'nye i upravlyayushchie sistemy. 2011. T. 9. № 5. S. 46-54.
Solov'ev S.V., Zatoka I.V., Eshchenko E.V. Pokazateli kachestva zashchishchennykh informatsionnykh sistem v oblasti tekhnicheskoy zashchity informatsii // Telekommunikatsii. 2012. № 5. S. 24-30.
Ushakov I.B., Bogomolov A.V. Informatizatsiya programm personifitsirovannoy adaptatsionnoy meditsiny // Vestnik Rossiyskoy akademii meditsinskikh nauk. №5-6, 2014. S. 124-128.
Sizonenko A.B., Men'shikh V.V. Optimal'naya realizatsiya avtomatnoy modeli zashchishchennoy informatsionnoy sistemy putem predstavleniya logicheskikh funktsiy polinomial'nymi formami // Informatsiya i bezopasnost'. 2012. T. 15. № 2. S. 225-230.
Rudakov I.S., Rudakov S.V., Bogomolov A.V. Metodika identifikatsii vida zakona raspredeleniya parametrov pri provedeniya kontrolya sostoyaniya slozhnykh sistem // Informatsionno-izmeritel'nye i upravlyayushchie sistemy. 2007. T. 5. № 1. S. 66-72.
Men'shikh V.V., Pastushkova E.A. Metody otsenki variantov prinyatiya resheniy v sistemakh upravleniya s funktsional'no izbytochnym naborom deystviy // Vestnik Voronezhskogo instituta MVD Rossii. 2014. № 3. S. 48-57.
Men'shikh V.V., Koval'chuk A.A. Otsenki uyazvimosti i opasnosti rasprostraneniya ugroz informatsionnoy bezopasnosti v telekommunikatsionnykh sistemakh // Informatsionnaya bezopasnost' regionov. 2013. № 2 (13). S. 17-22.
Maksimov I.B., Stolyar V.P., Bogomolov A.V. Prikladnaya teoriya informatsionnogo obespecheniya mediko-biologicheskikh issledovaniy. M.: Binom, 2013. 312 s.
Kulikov G.V., Sosnin Yu.V., Nepomnyashchikh A.V., Nashchekin P.A. Modelirovanie protsessa zashchity informatsii pri realizatsii nesanktsionirovannogo dostupa k ney // Vestnik komp'yuternykh i informatsionnykh tekhnologiy. 2014. № 4 (118). S. 45-51.
Kulikov G.V., Nepomnyashchikh A.V., Sosnin Yu.V., Nashchekin P.A. Osobennosti tekhnologiy dinamicheskoy zashchity informatsionnykh resursov avtomatizirovannykh sistem upravleniya // Voprosy zashchity informatsii. 2013. № 4 (102). S. 39-44.
Kulikov G.V., Nepomnyashchikh A.V. Metodika otsenivaniya funktsional'nykh vozmozhnostey sistem obnaruzheniya vtorzheniy // Informatsionnye tekhnologii. 2006. № 1. S. 31–36.
Kulikov G.V., Nepomnyashchikh A.V. Metod sostavleniya naibolee polnogo perechnya ugroz bezopasnosti informatsii avtomatizirovannoy sistemy // Bezopasnost' informatsionnykh tekhnologiy. 2005. № 1. S. 47-50.
Kukushkin Yu.A., Bogomolov A.V., Ushakov I.B. Matematicheskoe obespechenie otsenivaniya sostoyaniya material'nykh sistem // Informatsionnye tekhnologii. 2004. Prilozhenie k № 7. 24 s.
Kolomiets L.V., Fedorov M.V., Bogomolov A.V., Merezhko A.N., Soldatov A.S., Esev A.A. Metod podderzhki prinyatiya resheniy po upravleniyu resursami pri ispytaniyakh aviatsionnoy tekhniki // Informatsionno-izmeritel'nye i upravlyayushchie sistemy. 2010. T. 8. № 5. S. 38-40.
Zaguzov G.V. Administrativno-pravovye sredstva obespecheniya informatsionnoy bezopasnosti i zashchity informatsii v Rossiyskoy Federatsii // Administrativnoe i munitsipal'noe pravo.-2010.-5.-C. 44-47.
Kozlov V.E., Bogomolov A.V., Rudakov S.V., Olenchenko V.T. Matematicheskoe obespechenie obrabotki reytingovoy informatsii v zadachakh ekspertnogo otsenivaniya // Mir izmereniy. 2012. № 9. S. 42-49.
Golosovskiy M.S. Model' zhiznennogo tsikla razrabotki programmnogo obespecheniya v ramkakh nauchno-issledovatel'skikh rabot // Avtomatizatsiya i sovremennye tekhnologii. 2014. № 1. S. 43-46.
Grusho A.A., Grusho N.A., Timonina E.E., Shorgin S.Ya. Bezopasnye arkhitektury raspredelennykh sistem // Sistemy i sredstva informatiki. 2014. № 24. S. 18-31.
Vorob'ev A.A., Kulikov G.V., Nepomnyashchikh A.V. Otsenivanie zashchishchennosti avtomatizirovannykh sistem na osnove metodov teorii igr // Informatsionnye tekhnologii. 2007. Prilozhenie k № 1. 24 s.
Vladimirova T.V. K sotsial'noy prirode ponyatiya «informatsionnaya bezopasnost'» // Voprosy bezopasnosti. 2013. №4. C. 78-95. DOI: 10.7256/2409-7543.2013.4.596. URL: http://www.e-notabene.ru/nb/article_596.html
Buslenko N.P. Modelirovanie slozhnykh sistem. M.: Nauka, 1978. 355 s.
Bogomolov A.V., Maystrov A.I. Tekhnologiya analiza sistemnykh prichinno-sledstvennykh svyazey na osnove diagramm Isikavy // Sistemnyy analiz v meditsine (SAM 2014): Materialy VIII mezhdunarodnoy nauchnoy konferentsii. Blagoveshchensk, 2014. S. 13-16.
Bogomolov A.V., Chuykov D.S., Zaporozhskiy Yu.A. Sredstva obespecheniya bezopasnosti informatsii v sovremennykh avtomatizirovannykh sistemakh // Informatsionnye tekhnologii. 2003. № 1. S.2-8.
Borodakiy Yu.V., Vorob'ev A.A., Kulikov G.V., Nepomnyashchikh A.V. Otsenivanie zashchishchennosti ot informatsionnykh vozdeystviy avtomatizirovannykh sistem upravleniya: teoriya i praktika // Bezopasnost' informatsionnykh tekhnologiy. 2005. №4. S. 61.
Shelkov A.B., Shul'ts V.L., Kul'ba V.V. Audit informatsionnoy bezopasnosti avtomatizirovannykh sistem upravleniya // Trendy i upravlenie. 2014. №4. C. 319-334. DOI: 10.7256/2307-9118.2014.4.10281.