METHOD OF RATIONAL SYNTHESIS OF SUBSYSTEMS FOR CRYPTOGRAPHIC PROTECTION OF INFORMATION IN CRITICAL INFRASTRUCTURE NETWORKS
DOI:
https://doi.org/10.28925/2663-4023.2024.24.282297Keywords:
cryptosystem; complex system; critical infrastructure; network of situation centers; decomposition of a complex system; functional security profile.Abstract
The article examines the state of development of the methodology for building information protection subsystems of information systems of critical infrastructure objects, and separately highlights the issue of creating complex protection for complex systems. It is noted that complex systems are characterized by the presence of a significant number of disparate elements, which are combined into a single system to achieve a certain goal; the existence of complex, sometimes contradictory relationships and influences; powerful information flows between component subsystems. The analysis of the characteristics of complex information systems, which negatively affect the construction of information protection subsystems, was carried out, and the relevance of solving the tasks of creating complex protection for such systems, especially within the framework of the construction of a network of situation centers, was determined. It is noted that the implementation of a well-designed cryptographic information protection subsystem (CIP), which can provide reliable protection of the confidentiality and integrity of the information processed in the system, contributes to solving a significant number of protection tasks and increasing its effectiveness. As part of determining the conditions for the application of the CIP subsystem in complex systems, the lens of critical infrastructure to ensure information with limited access and control its integrity, a method of decomposition of complex systems of the same type was proposed and a model of cryptographic protection in such systems was improved. Based on the need for implementation as part of the selection process. certain hardware and software technological solutions for the multiple implementation of procedures for quick comparison of a significant number of qualitative (semantic) and quantitative indicators of the information protection subsystem based on the properties of functional profiles, a method of rational selection based on the greatest value of the security function of the means suitable for use in the subsystem is proposed.
Downloads
References
DSTSZI SSS of Ukraine (2005). Procedure for conducting work on the creation of a comprehensive information security system in the information and telecommunications system (ND TZI 3.7-003 -2005)
Grechaninov, V.F. (2018). Network of situational centers of public authorities - the basis for improving the efficiency of their activities (interaction). Mathematical machines and systems, 3, 32–39.
Oksanych, I. M., Grechaninov, V. F., & Lopushansky, A. V. (2020). Information interaction in disparate information systems of situational centers. Mathematical machines and systems, 3, 60–68.
Grechaninov, V., Hulak, E., Hulak, H., Skladannyi, P., & Sokolov, V. (2021). Decentralized Access Demarcation System Construction in Situational Center Network. Cybersecurity Providing in Information and Telecommunication Systems (CPITS-II-2021), Vol. 3188, 197–206.
Grechaninov, V., et al. (2022). Formation of Dependability and Cyber Protection Model in Information Systems of Situational Center. In Workshop on Emerging Technology Trends on the Smart Industry and the Internet of Things, Vol. 3149, 107–117.
Buslenko, N. P. (1968). Modeling of complex systems. Science.
Sharakshan, A. S. (1977). Complex systems: A textbook. Higher school.
Israelov, K.E. (2022). Assessment and prediction of the state of complex objects: application to information security. Issues of cybersecurity, 6(52), 2–19.
Horban, O. M., & Bakhrushin, V. E. (2004). Fundamentals of system theory and system analysis. Study guide. GU “ZIDMU”.
Yang, K., et al. (2023). Complex systems and network science: a survey. Journal of Systems Engineering and Electronics, 34(3), 543–573. https://doi.org/10.23919/JSEE.2023.000080
Jewell, J. (2011). The IEA Model of Short-term Energy Security (MOSES). Primary Energy Sources and Secondary Fuels, IEA.
Nasibov, V., et al. (2018). Models of Electric Power Industry Security Study for Medium-Term Periods. IFAC PapersOnLine, 51(30), 405–409. https://doi.org/10.1016/j.ifacol.2018.11.342
Paulson, D. & Wand, Y. (1992). An Automated Approach to Information-Systems Decomposition. IEEE Transactions on Software Engineering, 3, 174–189. https://doi.org/10.1109/32.126767
Chiriac, N., et al. (2011). Three approaches to complex system decomposition. 13th International DSM Conference, 3–15
Pancerz, K., & Suraj, Z. (2013). A Rough Set Approach to Information Systems Decomposition. Fundamenta Informaticae, 127 (1–4), 257–272.
Buryachok, V. L. (2017). A fast algorithm for generating multi-alphabet substitutions. Information security, 2, 173–177.
Gulak, E. G., & Trofimov, O. C. (2024). Formation of a methodology for the rational selection of encryption tools for use in critical infrastructure networks. Collection of abstracts of the XI All-Ukrainian scientific and practical conference of young scientists Information Technologies, 228–230.
Korchenko, O. G. (2004). Information security systems: Monograph. NAU.
Gulak, G. M., Lakhno, V. A., & Adilzhanova, S. A. (2020). Method of rational management of cyber defense systems and ensuring the reliability of radio engineering systems. Bulletin of NTUU “KPI”. Series Radio engineering. Radio apparatus construction, 83, 62–68.
Department of Special Telecommunication Systems and Information Protection of the Security Service of Ukraine (1999). Criteria for assessing the security of information in computer systems from unauthorized access (ND TZI 2.5-004-99).
CM of Ukraine (2020). On approval of the Technical Regulations of cryptographic information protection means.
Buryachok, V. L. (2011). Method for assessing the effectiveness of cyber weapons to overcome cryptographic information security. Information security of a person, society, state, 1(8), 100–106.
Gulak, G. M. (2018). Evaluation of engineering and cryptographic qualities during case studies of cryptosystems. Abstracts of the 13th International Scientific and Practical Conference “Mathematical and Simulation Modeling of MODS 2018”, 326–330.
Mpekoa, N. (2023). An Analysis of Cybersecurity Architectures. 19th International Conference on Cyber Warfare and Security, 200–207.
Hallman, R., et al. (2020). Return on Cybersecurity Investment in Operational Technology Systems: Quantifying the Value that Cybersecurity Technologies Provide After Integration. 5th International Conference on Complexity, Future Information Systems and Risk. https://doi.org/10.5220/0009416200430052
Hallman, R., et al. (2021) Determining a Return on Investment for Cybersecurity Technologies in Networked Critical Infrastructures. International Journal of Organizational and Collective Intelligence, 11(2), 91–110. https://doi.org/10.4018/IJOCI.2021040105
Alkiviadis, G. A. (1989). Elements of Computer Algebra With Applications 1st Edition. Wiley-Interscience.
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Євген Гулак
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
