Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities
- 1 World-Class Scientific Center “Digital Biodesign and Personalized Healthcare”, Institute of Design and Technology Informatics, Russian Academy of Sciences, Russia
- 2 Rector's Office, Bryansk State Technical University, Russia
Abstract
The Information Protection System (IPS) is an integral part of any Information System (IS). To develop an optimal IPS model at the earliest stages of the IS lifecycle, it is necessary to develop IS resource and threat models. This study is devoted to developing a specific model of IS resources, allowing a detailed description of the relationship between resources and business processes and developing an IS threat model to describe in detail the relationships between threat implementations, various IS vulnerabilities, and the relationships between them. To solve these problems, this study used the methods of set theory, graph theory, probability theory, game theory, random processes theory, mathematical logic, and object-oriented approach. This study simulated different variants of the IPS and found that only a balanced IPS project met the Pareto demands. The projects where the emphasis is on countering only external or internal threats do not meet these demands.
DOI: https://doi.org/10.3844/jcssp.2023.1305.1317
Copyright: © 2023 Islam Alexandrovich Alexandrov, Andrey Victorovich Kirichek, Vladimir Zhanovich Kuklin, Alexander Nikolaevich Muranov and Leonid Mikhajlovich Chervyakov. This is an open access article distributed under the terms of the
Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 914 Views
- 524 Downloads
- 1 Citations
Download
Keywords
- Information Protection System
- Information Security
- Information System
- Threat Implementation Model
- Vulnerability