Principles of choice of formal parameters during the construction of protective profiles of informative resources
DOI:
https://doi.org/10.15587/1729-4061.2012.4141Keywords:
information, profile, protection, parameter, security.Abstract
The article outlines the key parameters of hazards to information objects of information transmission and processing systems. The general approach to the construction of a formal model of hazards is given. This approach allows the selection of functional protection services. It was indicated that the formal hazard model could be defined as a list of required parameters. The attention is focused on the fact that the parameters are determined at the stage of risk analysis. It should be noted that parameters are usually sufficient to select appropriate functional protection services. It was concluded that the total risk, concerning the information security, is an overall index. Mentioned index characterizes the possible losses in case of violation of security in the accepted system. It was determined that the means of protection should be chosen according to the “efficiency-cost” criterion, taking into consideration the opinion of information safety system customer. It was shown that it is necessary to determine the total residual of risk, and then, if necessary, to enhance the protective devices.References
- НД ТЗІ 1.1-003-99. Термінологія в галузі захисту інформації в комп’ютерних системах від несанкціонованого доступу [Текст]. – Введ. 1999-04-28. – К. : Видавн. Департ. спец. телеком. систем та захисту інформації СБ України. – 30 с.
- НД ТЗІ 2.5-004-99. Критерії оцінки захищеності інформації в комп’ютерних системах від несанкціонованого доступу [Текст]. – Введ. 1999-04-28. – К. : Видавн. Департ. спец. телеком. систем та захисту інформації СБ України. – 59 с.
- НД ТЗІ 1.1-002-99. Загальні положення щодо захисту інформації в комп’ютерних системах від несанкціонованого доступу [Текст]. – Введ. 1999-04-28. – К. : Видавн. Департ. спец. телеком. систем та захисту інформації СБ України. – 21 с.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2014 Юрій Володимирович Щербина, Сергій Леонідович Волков, Олександр Олександрович Скопа
This work is licensed under a Creative Commons Attribution 4.0 International License.
The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.
A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.