Mathematical model of optimal selection of information security measures in the design of an integrated security system at an informatization facility

Authors

  • Serhiі Pshenychnych Kharkiv National University of Radio Electronics, Ukraine
  • Ihor Dobrynin Kharkiv National University of Radio Electronics, Ukraine
  • Diana Klochkova Kharkiv National University of Radio Electronics, Ukraine

DOI:

https://doi.org/10.30837/pt.2023.1.04

Abstract

This article addresses and resolves the problem of optimal selection of information security measures in the face of security threats when designing a comprehensive information security system for an informatization facility. An analysis of existing approaches to assessing the effectiveness of information security systems is conducted, and a mathematical model for the optimal selection of security measures is proposed. To choose security measures, a new efficiency metric is suggested, which takes into account the costs of implementation and operation of a given measure and its ability to simultaneously protect against multiple threats. Based on this metric, a criterion for the optimal selection of security measures against security threats is proposed for each specific information resource in the information system. The article presents an algorithm for the optimal selection of a set of security measures for an information system, implementing a simple search method. The mathematical formulation of the problem is carried out for the purpose of optimization based on the maximum criterion of the proposed efficiency metric. The optimization of the entire set of security measures is performed based on the maximum criterion of the integral efficiency metric. To demonstrate the use of the pro-posed model, the article considers an example of the optimal selection of a set of security measures for a computer network in the presence of three security threats and the availability of five available security measures. The proposed model can be used to optimize the composition of a set of security measures at informatization facilities. The prerequisite for the application of this model is the availability of input data in the form of threat models to information resources and information about available security measures, namely their capabilities in preventing threats and the cost of their acquisition, implementation, and operation.

Downloads

Published

2023-11-24

Issue

No. 1(32) (2023)

Section

INFORMATIONAL SECURITY

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Authors who publish with this journal agree to the following terms:
  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).