Problem of optimal structure synthesis of information security system with minimal cost and required level of ics protection
Abstract
In this paper, the problem of synthesis of the information security system with optimal properties is considered, namely the problem of synthesis of the structure of the information security system with the required level of information security and the lowest cost of a security system. An economic indicator is used as an extreme criterion (minimizing the cost of a security system), and the restriction is the fixed level of information security. To solve this problem, we propose a method using a logical- probabilistic approach. On its basis, the function of the probability of success of an attack is constructed that takes into account the structure of the information and communication system. As a result, we obtain the problem of nonlinear discrete boolean optimization which is solved using the method of boundaries and branches. The efficiency and effectiveness of the proposed method is shown by the numerical experiment on a model of an information and communication system.
References
Novikov A., Tymoshenko A. Vyznachennya mnozhyny mekhanizmiv zakhystu, shcho zabezpechuyut' optymal'nyy riven' zakhyshchenosti informatsiyi // Pravove, normatyvne ta metrolohichne zabezpechennya systemy zakhystu informatsiyi v Ukrayini. — 2002. — Vyp. 4. — S. 98–105.
Bonya Yu.Yu., Novikov O.M. Cyntez systemy zakhystu informatsiyi, optymal'noyi za rivnem ryzyku // Pravove, normatyvne ta metrolohichne zabezpechennya systemy zakhystu informatsiyi v Ukrayini. — 2007. — Vyp. 1. — C. 26–33.
Novikov O.M., Rodionov A.M., Tymoshenko A.O. Optymal'nyy syntez parametriv systemy zakhystu informatsiyi // Naukovi visti NTUU "KPI". — 2007. — # 4. — S. 146–151.
Kontseptsiya absolyutnoy bezopasnosti i priyemlemogo riska. — http://for-engineer. info/general/koncepciya-absolyutnoj-bezopasnosti-i-priemlemogo-riska. html.
Novikov A., Timoshenko A. Opredeleniye mnozhestva mekhanizmov zashchity, obespechivayushchikh optimal’nyy uroven’ zashchishchennosti informatsii // Pravove, normatyvne ta metrolohichne zabezpechennya systemy zakhystu informatsiyi v Ukrayini. — 2002. — Vyp. 4. — S. 98–105.
Bonya YU.YU., Novikov А.N. Sintez sistem zashchity informatsii s minimal’noy stoimost’yu mekhanizmov zashchity informatsii // Problemy upravleniya i informatiki. — 2006. — № 3. — S. 147–156.
Hrayvorons'kyy M.V., Novykov O.M. Bezpeka informatsiyno-komunikatsiynykh system — K.: BHV, 2009. — 608 s.
KHoffman L.D. Sovremennyye metody zashchity informatsii. — M.: Sovetskoye radio, 1980. — 286 s.
Ryabinin I.А. Nadezhnost’ i bezopasnost’ strukturno-slozhnykh sistem. — SPb: Politekhnika, 2000. — 248 s.
Rodionov A.M., Novikov O.M. Lohiko-imovirnisna model' zakhyshchenosti komponentiv informatsiyno-komunikatsiynykh system // Informatsiyni tekhnolohiyi ta komp"yuterna inzheneriya. — 2008. — # 1. — S. 170–175.
Zaychenko Yu.P. Doslidzhennya operatsiy. — K.: Slovo. — 2001. — 688 s.
Kovalev M.M. Diskretnaya optimizatsiya. TSelochislennoye programmirovaniye. — M.: Editorial URSS, 2003. — 192 s.
Sergiyenko I.V. Matematicheskiye modeli i metody resheniya zadach diskretnoy optimizatsii. — K.: Nauk. Dumka, 1988. — 472 s.
Land A.H., Doig A.G. An autmatic method of solving discrete programming problems // Econometrica. — 1960. — 28. — P. 497–520.
Rodionov A.M. Lohiko-ymovirnisnyy pidkhid do pobudovy zakhyshchenykh informatsiyno-komunikatsiynykh system: avtoref. dys. kand. tekhn. nauk: 05.13.21: zakhyst 14.06.11 / Nats. tekhn. un-t. Ukrayiny "KPI" — K., 2011. — 24 s.