The aim of the study is to increase the effectiveness of information security management through the use of 5G networks. The transition to the fifth-generation network does not solve the existing problems of information security and leads to the emergence of new threats. The main objective of each modulation method of signals is to ensure high bandwidth, proper transmission quality in a noisy communication channel, using the minimum amount of energy. One of the most effective indicators of increasing the level of information security in wireless networks is quadrature modulation, which is used in such networks as: LTE, WiMAX, McWill, DVB-T (T2), Wi-Fi and other radio access networks [1].One of the promising directions for the development of 5G networks is the use of higher frequency ranges, such as the range of millimeter waves (from 30 to 300 GHz) [2, 3]. A feature of the millimeter wave range is that they provide much wider spectral bands, making it possible to significantly increase the bandwidth in the channels. Thus, when studying prospective protected information systems based on the use of 5G network technology, it is advisable to use a simulation of the signals of the channel-level interaction of subscribers, which allows you to evaluate the basic security parameters at the physical level.Materials and research methods. Fifth generation networks will simultaneously look like any previous generation of mobile networks, and at the same time they will differ significantly from them – and there are a number of explanations that become more obvious if you think about how these changes affect the principles of user and equipment safety networks of the fifth generation.Widespread in the field of digital information transmission, including 5G networks, has received combinational modulation, called quadrature amplitude modulation.Multiposition signals have the greatest spectral efficiency, of which four-position phase modulation and sixteen-position quadrature amplitude modulation are most often used.The quadrature amplitude modulation is a kind of multi-position amplitude-phase modulation, in addition to the phase, the amplitude of the signal for a given type of modulation will also carry information. This leads to the fact that for a given frequency band the amount of transmitted information increases.A brief overview of the existing modulation approaches is presented OFDM (english. Orthogonal frequency-division multiplexing) [4, 5] systems and methods for forming solutions of signal modulation problems for building such systems/Results. Currently, OFDM technology is widely used in modern wireless Internet systems. High data transfer rates in OFDM systems are achieved using parallel information transfer over a large number of orthogonal frequency subchannels (subcarriers) [6].The method of synthesizing signal-code constructions with orthogonal frequency multiplexing provides for different scenarios for the use of semi-square modulation depending on the requirements for interception protection, as well as balancing between spectral and energy efficiency. This method can be used in two cases: with alternative and consistent transmission of signals. In the case of alternative transmission, only one of the four subcarriers is used during one channel interval. For efficient use of bandwidth, the proposed method involves the use of the spectrum of three other subcarriers for data transmission in D2D channels (this creates a connection between two user devices that are in close proximity), which allows you to further avoid interference between fixed channels and D2D communication channels.Findings. At present, 5G networks can be considered as one of the necessary components of the digital transformation and digital economy, while the main task in ensuring security in cellular communications is protection against eavesdropping. However, in the future world of smartphones and the Internet of things, in environments with a large number of mechanisms, the probability of listening is likely to fade into the background. Instead, you have to think about such things as data manipulation attacks, which, for example, can be used to command the mechanisms to perform certain actions (for example, open the door or take control of an unmanned vehicle). Mobile network operators, like consumer electronics manufacturers, will be able to offer “security as a service,” with the result that application providers will be able to apply additional levels of security over existing secure cellular network channels when transferring certain types of data. [7] Due to the better spectral density, the proposed signal conditioning method makes it possible to use prototypes of window functions with the best spatial localization properties without violating the orthogonality condition of the signal bases, and accordingly does not require the use of cyclic prefixes when generating the OFDM signal.
Purpose of the study. In modern conditions, building an effective information security system for an enterprise requires specialists with appropriate professional competencies and systems approach skills in analyzing a combination of factors that influence the state of information security of an enterprise. For the preparation of such kind of specialists, qualitative changes in the content of educational disciplines are required, based on the use of methods and means of system analysis in the process of building an information security system. The current approaches to assessing the risk of an enterprise are based on the formation of a register of its information resources necessary for the further processing of risks. Adequate assessment of the value of a resource is impossible without a correct understanding of the semantics of this resource and its role in the implemented business processes. Modern approaches to the formation of the register of enterprise information resources, according to the authors, do not offer an effective method of identifying resources and estimating their value.This paper considers an approach based on the use of structural and functional analysis methods and CASE-technologies in the formation of a register of information resources of the enterprise in the training of masters in the direction of “Information Security”. Materials and methods. For the formation of the register of enterprise information resources, it is proposed to build a structural-functional enterprise model using the IDEF0 notation. Business process modeling was performed in the Business Studio environment of «Modern Control Technologies». As an example for risk analysis, the activities of a typical IT-industry company engaged in the development and implementation of enterprise management information systems were considered. Results. The technique was successfully tested in the educational process. According to the authors of the article, the use of this technique in conducting laboratory classes for masters enrolled in the “Information Security” direction has made it possible to increase the efficiency of the formation of professional competencies in students and, consequently, in general, the quality of education. The results obtained can be used not only as a training method for specialists in the field of information security. The application of the methodology of forming the register of information resources of an enterprise considered in the article in practical activities to ensure the information security of an enterprise will increase the validity of decisions to protect the information of the enterprise. Conclusion. The paper proposes a method to justify the choice of the main directions for the protection of enterprise information based on the analysis of its business processes. A distinctive feature of the technique is the use of modern CASE-technologies for decision-making in the field of enterprise information security. The implementation of the methodology allows you to create a register of information resources of the enterprise, including an assessment of the likely damage for each resource. The registry shows the bottlenecks in the organization of protection, which should be given priority when planning measures to protect information. On the basis of the data obtained, it is possible to form a strategy and tactics for developing an enterprise information protection system that is reasonable from an economic point of view.
The aim of the study is to increase the effectiveness of information security management for state information systems (SIS) with terminal access devices by improving regulatory legal acts that should be logically interconnected and not contradict each other, as well as use a single professional thesaurus that allows understanding and describe information security processes.Currently, state information systems with terminal access devices are used to ensure the realization of the legitimate interests of citizens in information interaction with public authorities [1].One of the types of such systems are public systems [2]. They are designed to provide electronic services to citizens, such as paying taxes, obtaining certificates, filing of applications and other information. The processed personal data may belong to special, biometric, publicly available and other categories [3]. Various categories of personal data, concentrated in a large volume about a large number of citizens, can lead to significant damage as a result of their leakage, which means that this creates information risks.There are several basic types of architectures of state information systems: systems based on the “thin clientpeer-to-peer network systems; file server systems; data processing centers; systems with remote user access; the use of different types of operating systems (heterogeneity of the environment); use of applications independent of operating systems; use of dedicated communication channels [4]. Such diversity and heterogeneity of state information systems, on the one hand, and the need for high-quality state regulation in the field of information security in these systems, on the other hand, require the study and development of legal acts that take into account primarily the features of systems that have a typical modern architecture of “thin customer". Materials and research methods. The protection of the state information system is regulated by a large number of legal acts that are constantly being improved with changes and additions to the content. At the substantive level, it includes many stages, such as the formation of SIS requirements, the development of a security system, its implementation, and certification. The protected information is processed in order to enforce the law and ensure the functioning of the authorities. The need to protect confidential information is determined by the legislation of the Russian Federation [5, 6]. Therefore, to assess the quality of the regulatory framework of information security for terminal access devices of the state information system, the analysis of the main regulatory legal acts is carried out and on the basis of it, proposals are developed by analogy to improve existing regulatory documents in the field of information security.Results. The paper has developed proposals for improving the regulatory framework of information security for terminal access devices of the state information system- for uniformity and unification, the terms with corresponding definitions are justified for their establishment in the documents of the Federal Service for Technical and Export Control (FSTEC) or Rosstandart;- rules for the formation of requirements for terminals, which should be equivalent requirements for computer equipment in the “Concept for the protection of computer equipment and automated systems from unauthorized access to information ".Conclusion. General recommendations on information protection in state information systems using the “thin client" architecture are proposed, specific threats that are absent in the FSTEC threat bank are justified, and directions for further information security for the class of state information systems under consideration are identified. Due to the large number of stakeholders involved in the coordination and development of unified solutions, a more specific consideration of the problems and issues raised is possible only with the participation of representatives of authorized federal executive bodies and business representatives for discussion.
The article is devoted to the problem of developing an analytical data processing system for monitoring information security within the information security management system of modern companies conducting their main activities in cyberspace and using cloud infrastructure. Based on the analysis of modern information technologies related to ensuring information security of cloud infrastructure and the most popular products for ensuring information security of cloud infrastructures, as well as existing scientific approaches, a formalized approach to the synthesis of an analytical data processing system for monitoring the information security of an informatization object using cloud infrastructure is proposed. This approach takes into account the usefulness of the used information technologies from the viewpoint of information security. A general model of the structure of information support of an analytical data processing system for monitoring information security, as well as a model of the dependence of the usefulness of information technology on time and the ratio of the skill level of an information security specialist and an attacker are presented. The quality of the information security monitoring system is used as a criterion in the first optimization model. The following limitations are suggested: limitation on the time of making a decision on an incident; limitation on the degree of quality of analysis of information security events by the analytical data processing system and limitation on the compatibility of data analysis functions with data types about information security events. The cited results of the study of the second model show a logically consistent dependence of the usefulness of information technology on time and the ratio of the skill level of an information security specialist to the skill level of an attacker. The particular models of the structure of the information support of ASOD are presented. They make it possible to determine the rational structure information support of ASOD according to particular criteria. The following particular criteria are used: the maximin criterion of the usefulness of the information support of ASOD for monitoring the information security of an informatization object in the cloud infrastructure; the criterion for the maximum relevance of information support distributed over the nodes of the cloud infrastructure for systems with a low degree of centralization of management.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2025 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
