METHODS OF SYSTEM ANALYSIS IN THE FORMATION OF INFORMATION SECURITY POLICY ON TRANSPORT

Authors

DOI:

https://doi.org/10.28925/2663-4023.2021.13.8191

Keywords:

informational security; methods of system analysis; criterion for evaluating the information security system

Abstract

Approaches to the application of methods of system analysis to solve problems related to information security of enterprises in transport, which have a complex IT structure with a large number of components.

It is shown that the active expansion of the areas of informatization of the transport industry, especially in the segment of mobile, distributed and wireless technologies, is accompanied by the emergence of new threats to information security. It is shown that in order to build an effective information security system, the selection and implementation of adequate technical means of protection should be preceded by a stage of description, analysis and modeling of threats, vulnerabilities, followed by calculation of risks for IS and determining the optimal strategy for information security system. After evaluating the different NIB options according to several criteria, a decision is made: if the recommendations coincide, the optimal solution is chosen with greater confidence. If there is a contradiction of recommendations, the final decision is made taking into account its advantages and disadvantages, for example, the strategy of information security system development is chosen, which turned out to be optimal for at least two criteria. If different NIB development strategies are obtained for all three criteria, it is necessary to vary the values of pessimism-optimism in the Hurwitz criterion or change the data, for example, about possible threats to IP or automated enterprise management system.

An algorithm for modeling the decision-making process for selecting the optimal strategy for managing investment design components of the information security system for the transport business entity is proposed.

Downloads

Download data is not yet available.

References

How to Secure Apache Web Server with ModEvasive on Ubuntu 16.04. https://www.alibabacloud.com/blog/how-to-secure-apache-web-server-with-modevasive-on-ubuntu-16-04_594051

How to Set Up ModSecurity with Apache on Debian/Ubuntu. https://www.linuxbabe.com/security/modsecurity-apache-debian-ubuntu

How To Use Apache as a Reverse Proxy with mod_proxy on Ubuntu 16.04. https://www.digitalocean.com/community/tutorials/how-to-use-apache-as-a-reverse-proxy-with-mod_proxy-on-ubuntu-16-04

NanoPI R1 – FriendlyARM Wiki. http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1

Open Source Web Application Firewall for Better Security. https://geekflare.com/open-source-web-application-firewall/

WAF vs. Firewall: Web Application & Network Firewalls. https://www.fortinet.com/resources/cyberglossary/waf-vs-firewall

Web Application Architecture: How the Web Works. https://www.altexsoft.com/blog/engineering/web-application-architecture-how-the-web-works/

What is a Reverse Proxy Server? https://oxylabs.io/blog/reverse-proxy

What is a web application firewalll (WAF)? https://cybersecurity.att.com/blogs/security-essentials/explain-how-a-web-application-firewall-works

What is Web Application Architecture? Components, Models, and Types. https://hackr.io/blog/web-application-architecture-definition-models-types-and-more.

Raznytsa mezhdu obratnыm y priamыm proksy. https://ip-calculator.ru/blog/ask/raznitsa-mezhdu-obratnym-i-pryamym-proksi/

Downloads


Abstract views: 716

Published

2021-09-30

How to Cite

Lakhno, V. ., Husiev, B. ., Smolii , V. ., Blozva, A. ., Kasatkin, D., & Osypova, T. (2021). METHODS OF SYSTEM ANALYSIS IN THE FORMATION OF INFORMATION SECURITY POLICY ON TRANSPORT. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 1(13), 81–91. https://doi.org/10.28925/2663-4023.2021.13.8191

Most read articles by the same author(s)

1 2 > >>