I. G. Drovnikova scite author profile

Objectives. Analysis of the existing methodology for the formation of requirements for information protection systems (GIS) from unauthorized access (NSD) to automated systems (AS) revealed a number of significant flaws, the main of which is the following: despite the fact that the considered method undoubtedly has theoretical significance, the same time, it can not claim practical value. This is due to the fact that in this methodology, the studies were carried out not on a specific standard (widely used certified according to the regulations of the Federal Service for Technical and Export Control of Russia) GIS, and the data on threats of unauthorized access given in it do not correspond to reality (morally obsolete), but therefore require a significant upgrade. Accepting the existing methodology as a baseline, the purpose of the article is to develop a private method of forming requirements for GIS from unauthorized access to the AU, which has practical value and allows you to formulate quantitative requirements for a wide class of certified GIS.Method. When writing the article, the methods of system analysis, evolutionary modeling, probability theory and mathematical statistics, mathematical apparatus for modeling dynamic discrete networks (E-networks), and theory of algorithms were used. The methodological basis is a systematic approach.Result. A private methodology has been developed that determines the parameters of the symbolic genetic algorithm (GA) for creating a software package for analysis, evolutionary modeling, and forming quantitative requirements for GIS from un-authorized access to speakers using the Matlab 13 application software to implement GA in the Optimization toolbox programming environment.Conclusion. The proposed private method of forming requirements for GIS from unauthorized access in the AU using GA has a theoretical significance, practical value and allows you to formulate quantitative requirements for a wide class of AS certified in a certain class of security in accordance with the requirements of current regulatory documentation.

show abstract

Mathematical model for estimating the efficiency of information security systems by means of Laplace transformation and Givens method

Drovnikova¹,

Мещерякова²,

Popov³

et al. 2017

Тр. СПИИРАН

View full text Add to dashboard Cite

Methods of Estimating Reliability of Information Security Systems which Protect from Unauthorized Access in Automated Systems

Bokova¹,

Drovnikova²,

Etepnev³

et al. 2019

Тр. СПИИРАН

View full text Add to dashboard Cite

Modern methods of protecting information from unauthorized access in automated systems are based on the use of specialized information security systems from unauthorized access. Security systems are necessarily included in the form of additional software systems in the software as in a secure execution. Information security systems from unauthorized access can be developed not only in a process of automated systems design, but also complement the system-wide software of functioning systems. The use of the information security systems from unauthorized access can reduce a overall reliability of the automated systems, if they contain errors that are not detected during debugging. The reliability of the information security systems affects effectiveness of information security (confidentiality, integrity and availability). Guidelines of the Federal Service for Technical and Export Control (FSTEC) of Russia are a methodological basis for the formation of the information security systems’ image both in the process of development and in the process of modernization of the automated systems. The guidance documents of FSTEC of Russia do not contain methodological approaches to assessing the reliability of these program systems. In this regard, the actual design of techniques of estimating reliability of the information security systems from unauthorized access in automated systems in a secure execution. The structural complexity of the information security systems from unauthorized access and large number of functions performed necessitates the use of three reliability indicators that characterize the system in solving problems of confidentiality, integrity and availability of information. To develop the technique, the known methods of evaluating the reliability of complex systems are used, which do not allow their decomposition into serial and parallel connection. The developed methods were tested in assessing the reliability of the information security systems from unauthorized access with typical indicators of initial characteristics. The results of calculations and prospects of using the developed methods are presented in the paper.

show abstract

Analysis of Typical Network Attacks on Automated Systems of Internal Affairs Departments

Drovnikova

Ovchinnikova

Konobeevsky

2020

Vestn. Dagest. gos. teh. univ., Teh. nauki

View full text Add to dashboard Cite

Abstract. Aim Important contemporary trends in the theory and functional practice of secure automated systems at informatisation facilities of internal affairs bodies include an increase in the number of threats realised through remote unauthorised access (network attacks) on confidential in-formation resources, as well as the increasing complexity of implementing mechanisms aimed at providing protection from such attacks. In order to increase the effectiveness of existing and prospective automated security systems at the informatisation facilities of internal affairs bodies, it is necessary to identify and analyse typical network attacks aimed at components and software comprising these systems.Method. The method for solving this problem consists in a comprehensive analysis of the process of implementing network attacks on automated systems when they are used in secure mode in the informatisation facilities of internal affairs bodies.Results. Based on the analysis of information held in the security threat database developed by the Russian Federal Service for Technical and Export Control (FSTEC), modern features and operations of secure automated systems on the informatisation facilities of bodies of internal affairs and the results of a survey of experts in the field of information protection of allocated in accordance with the classification typology, eight types of dan-gerous attacks on automated systems of the internal affairs bodies are described taking into account their sources, objects, effects and possible consequences of implementation.Conclusion. The presented results are of use in further studies to conduct a quantitative assessment of the danger of typical attacks and for developing a private model of actual attacks for a specific automated system, taking into account their functional features in secure mode operations at the informatisation facility of the internal affairs body.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

I. G. Drovnikova

Methodology Techniques Protection Control of Information Resource of Electronic Document Management System

Private Technique of Formation of Requirements to Information Protection Systems From Unauthorized Access to Automated Bath Systems Using Genetic Algorithm

Mathematical model for estimating the efficiency of information security systems by means of Laplace transformation and Givens method

Methods of Estimating Reliability of Information Security Systems which Protect from Unauthorized Access in Automated Systems

Analysis of Typical Network Attacks on Automated Systems of Internal Affairs Departments

Contact Info

Product

Resources

About