MODELING OF FEATURES OF COMPUTER NETWORK EQUIPMENT FROM THE PERSPECTIVE OF INFORMATION SECURITY
DOI:
https://doi.org/10.24025/2306-4412.4.2019.184017Keywords:
information security, computer network, communication equipment, security model, security violation, switching, tunneling.Abstract
The study focuses on the development of models for analyzing and assessing information security risks in computer networks that are used in the development of enterprise information security systems and in auditing the level of protection of already existing information systems, the development of a family of security models of computer network communications equipment. The developed algorithms and models have been implemented in the system of analysis and correction of information security violations, the use of which has allowed to reduce the time of correction of the consequences of such violations. The basic elements of violations, which are described by the information structure and determine the influence on the activity of information systems, are revealed. It is determined that most information security events are related to the communication equipment of the computer networks on which the information systems operate. Further research has been aimed at finding and developing security models for communication levels of operation of computer networks and a system for correcting information security violations. To implement the algorithm, a number of models, that describe the characteristics of network equipment in the security perspective, have been developed. The model of switch security describes the switch characteristics that affect the security and reliability of the network infrastructure. The tunneling security model reflects the security of the gateway portion of the deployed VPN tunnel. The intrusion detection security model involves the use of a compatible model with the shielding model, namely extending the state-based filtering parameter. The routing security model considers the types and protocols of routing. The use of models in the correcting system of the consequences of information security violations has made it possible to fully or partially automate the response to security events occurring in information systems. The developed models allow to take into account the peculiarities of the information system, the nature of the threat scenarios and the features of the network equipment.References
D. O. Sikorsky, "The analysis of the principles of building information security models in corporate information systems", Efektyvna ekonomika. no. 8, August, 2015. [Online]. Available: http://www.economy.nayka.com.ua/?op=1&z=4257
M. O. Melnyk, G. D. Nikitin, and K. O. Mezentseva, "Analysis of building a model of enterprise information security policy", Systemy obrobky informatsii, no. 2 (148), pp. 126-128, 2017 [in Ukrainian].
O. K. Yudin, and S. S. Buchik, "Conceptual model of information security of state information resources", Naukoiemni tekhnolohii, no. 4 (24), 2014 [in Ukrainian].
V. Potiy, "Formal model of information se-curity process", Radioelektronika i kompiuterni systemy, no. 5, pp. 128-133, 2006 [in Russian].
S. N. Ilyashenko, "Components of economic security of an enterprise and approaches to their assessment", Aktualni problemy ekonomiky, no. 3, pp. 12-19, 2003 [in Russian].
N. Kabirova, "Silence of lambs: how to make the staff keep the firm's secrets", Halytski kontrakty, no. 45, pp. 34-36, 2004 [in Ukrainian].
Kremer, "Information security as an important factor in the effective management of a company", Upravleniye kompaniyei, no. 9, pp. 55-56, 2003 [in Russian].
O. M. Kosogov, and A. O. Sirik, "Modeling of the process of information security assessment based on expert findings", Suchasni informatsiini tekhnolohii u sferi bezpeky ta oborony, no. 2 (26), 2016 [in Ukrainian].
V. A. Gerasimenko, Information security in automated data processing systems, 1st ed. Moscow: Energoatomizdat, 2010 [in Russian].
L. K. Babenko, and E. A. Ischukova, Modern block cipher algorithms and methods for their analysis. Moscow: Gelios ARV, 2006 [in Russian].
V. A. Galatenko, Information security. Moscow, Financy i statistika, 2008 [in Russian].
R. Koneev, and A. V. Belyaev, Information security of an enterprise, St. Petersburg: BHV-Peterburg, 2003 [in Russian].
A. Melyuk, S. V. Pazizin, and N. S. Pogozhin, Introduction to the protec-tion of information in automated systems, Moscow: Goryachaya liniya – Telekom, 2001 [in Russian].
T. Ogltree, Practical application of fire-walls, Moscow: DMK Press, 2001 [in Rus-sian].
V. Sokolov, and O. M. Stepanyuk, Protection against computer terrorism: reference manual, St. Petersburg: BHV-Peterburg, Ar-lit, 2002 [in Russian].
Downloads
Published
How to Cite
Issue
Section
URN
License
Copyright (c) 2020 Павло Вячеславович Ступень, Катерина Володимирівна Дікусар, Андрій Анатолійович Рябой The authors who publish in this journal agree to the following terms:The authors reserve the right to authorship of their work and give the journal the right to first publish this work under the terms of the Creative Commons Attribution License CC BY-NC, which allows other persons to freely distribute published work with a mandatory reference to authors of the original work and the first publication of the work in this journal.
Authors have the right to conclude separate additional agreements for the non-exclusive distribution of the paper in the form in which it was published by this journal (for example, posting work in electronic repository or publishing as part of a monograph), provided that the link to the first publication in this journal is maintained.
The journal policy allows and encourages authors to post on the Internet (for example, in repositories of institutions or on personal websites) the manuscript of work, both before the submission of this manuscript to the editorial staff, and during its editorial work, as it contributes to the emergence of productive scientific discussion and positively affects the efficiency and dynamics of published work citation (see The Effect of Open Access).
