STRUCTURAL MODEL OF THE LIMITED-ACCESS INFORMATION LEAKAGE CONSEQUENCES ASSESSMENT SYSTEM

Authors

DOI:

https://doi.org/10.28925/2663-4023.2026.33.1260

Keywords:

information protection, restricted information, consequence assessment (harm, damage), personal data, official information, state secret, risks, model, critical infrastructure object, decision support system, information leak

Abstract

The article presents a structural model of a system for evaluating the consequences of restricted information leaks, aimed at increasing the level of information security for individuals, society, and the state. The system allows for the automation of the following processes: identification and classification of public (open) information and restricted information; risk analysis with forecasting of potential consequences (harm, damage) from a possible or already occurred leak of personal data, official information, or state secrets (and/or the loss of their physical carriers), while minimizing financial losses and/or other severe consequences; and the formation of a violation registry and a critical information infrastructure object classifier. In accordance with the existing requirements regarding the specific organization of secrecy regimes and access to certain types of classified information, the developed system structure includes a subsystem for evaluating the consequences of personal data leaks (under national and international legislation, including GDPR) and a subsystem for evaluating the consequences of official information and/or state secret leaks. The proposed system ensures the evaluation of the operational effectiveness of information protection systems (comprehensive information protection systems and/or state secret protection systems) of critical infrastructure objects, government authorities, and secret-regime entities, and is intended for use by state experts on secrets, forensic institutions, commissions on official information, and other authorized persons.

Downloads

Download data is not yet available.

References

Bobro, D., et al. (2019). Organizational and legal aspects of ensuring security and resilience of Ukraine’s critical infrastructure. Analytical report.

Yermenchuk, O. (2018). Main approaches to organizing critical infrastructure protection in European countries: Experience for Ukraine. Monograph.

Kondratov, S., et al. (2017). Developing the critical infrastructure protection system in Ukraine. Monografia.

Falchenko, S., et al. (2020). Method of fuzzy classification of information with limited access. In 2020 IEEE 2nd International Conference on Advanced Trends in Information Theory (ATIT) (pp. 255-259). IEEE. https://doi.org/10.1109/ATIT50783.2020.9349358

Kasperskyi, I. (2014). Classification features of official information. Information Security of Person, Society and State, 3(16), 104-109.

Arkhypov, O., & Muratov, O. (2011). Criteria for determining possible damage to the national security of Ukraine in case of disclosure of state-protected information. Monograph.

Korchenko, O., et al. (2014). Assessment of damage to the national security of Ukraine in case of leakage of state secrets. Monograph. https://www.researchgate.net/publication/388763890

Korchenko, O., et al. (2016). Model and method for risk assessment of personal data protection during processing in automated systems. Information Protection, 18(1), 39-47. https://doi.org/10.18372/2410-7840.18.10111

Korchenko, O., et al. (2017). Ukrainian critical information infrastructure: Terms, sectors and consequences. Information Protection, 19(4), 303-309. https://doi.org/10.18372/2410-7840.19.12220

Korchenko, O., et al. (2018). Model of a classifier for state critical information infrastructure objects. Information Protection, 20(1), 5-11. https://doi.org/10.18372/2410-7840.20.12448

Korchenko, O., et al. (2018). Model for assessing consequences of state secret leakage caused by cyberattacks on critical information infrastructure. Information Security, 24(1), 29-35. https://doi.org/10.18372/2225-5036.24.12606

Korchenko, O., et al. (2020). Set-theoretic GDPR model of personal data parameters. Information Protection, 22(2), 120-141. https://doi.org/10.18372/2410-7840.22.14871

Korchenko, O., & Dreis, Y. (2022). Tuple model for forming a database of primary parameters for assessing the state secret protection status. Information Security, 28(1), 35-42. https://doi.org/10.18372/2225-5036.28.16911

Korchenko, O., & Lozova, I. (2024). Structural model of a system for assessing negative consequences of personal data loss. Scientific Notes of the State University of Information and Communication Technologies, 2(6), 165-170. https://doi.org/10.31673/2786-8362.2024.028264

Dreis, Y. (2013). Method of fuzzy classification of information constituting state secrets according to defined criteria. Bulletin of Lviv Polytechnic National University. Automation, Measurement and Control, 774, 10-16. https://www.researchgate.net/publication/405186418

Dreis, Y., et al. (2022). Restricted information identification model. CEUR Workshop Proceedings, 3288, 89-95. https://www.researchgate.net/publication/371657347

Dreis, Y. (2024). Model of parameters for assessing consequences of official information leakage at a critical infrastructure facility. Cybersecurity: Education, Science, Technique, 2(26), 200-211. https://doi.org/10.28925/2663-4023.2024.26.691

Dreis, Y. (2024). Method for assessing consequences of critical infrastructure object loss using generalized criteria. Cybersecurity: Education, Science, Technique, 1(25), 487-504. https://doi.org/10.28925/2663-4023.2024.25.487504

Dreis, Y., et al. (2024). Model to formation data base of internal parameters for assessing the status of the state secret protection. CEUR Workshop Proceedings, 3654, 277-289. https://www.researchgate.net/publication/379153460

Dreis, Y. (2025). Model of internal parameters for assessing the state secret protection status. Information Protection, 27(1), 4-14. https://doi.org/10.18372/2410-7840.27.21170

Dreis, Y., et al. (2024). Model to formation data base of secondary parameters for assessing status of the state secret protection. CEUR Workshop Proceedings, 3800, 1-11. https://www.researchgate.net/publication/385825539

Dreis, Y. (2025). Model of secondary parameters for assessing the state secret protection status. Information Protection, 27(2), 68-78. https://doi.org/10.18372/2410-7840.27.21180

Dreis, Y. (2025). Improved method for assessing damage to the national security of Ukraine in the event of state secret leakage. Cybersecurity: Education, Science, Technique, 3(27), 489-521. https://doi.org/10.28925/2663-4023.2025.27.771

Dreis, Y. (2025). Method for assessing damage caused by leakage of official information. Information Security, 31(3), 190-206. https://doi.org/10.18372/2225-5036.31.21166

Deineka, O., et al. (2025). Detection confidential information by large language models. Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska, 15(3), 91-99. https://doi.org/10.35784/iapgos.6910

Mykhailyshyn, K., et al. (2025). Analysis of modern tools and methods of audit and monitoring of database security. Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska, 15(4), 124-129. https://doi.org/10.35784/iapgos.6993

Rzaieva, S., et al. (2025). Methods of personal data protection in retail: Practical solutions. CEUR Workshop Proceedings, 3991, 492-506. https://www.researchgate.net/publication/394929279

Slyusar, V. (2024). Local large language models for processing confidential information. Weapons and Military Equipment, 44(4), 79-91. https://slyusar.kiev.ua/OVT_04_24_Slyusar_m.pdf

European Parliament and Council. (2016). Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). https://zakon.rada.gov.ua/laws/show/984_008-16

Verkhovna Rada of Ukraine. (2011). On access to public information (Law No. 2939-VI, as amended August 8, 2025). https://zakon.rada.gov.ua/laws/show/2939-17

Verkhovna Rada of Ukraine. (2010). On personal data protection (Law No. 2297-VI, as amended May 14, 2025). https://zakon.rada.gov.ua/laws/show/2297-17

Verkhovna Rada of Ukraine. (1994). On state secrets (Law No. 3855-XII, as amended August 27, 2025). https://zakon.rada.gov.ua/laws/show/3855-12

Downloads


Abstract views: 10

Published

2026-06-25

How to Cite

Dreis, Y. (2026). STRUCTURAL MODEL OF THE LIMITED-ACCESS INFORMATION LEAKAGE CONSEQUENCES ASSESSMENT SYSTEM. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 1(33), 745–755. https://doi.org/10.28925/2663-4023.2026.33.1260

Issue

Vol. 1 No. 33 (2026): Cybersecurity: Education, Science, Technique

Section

Articles

License

Copyright (c) 2026 Юрій Дрейс

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.