Interpretation of the simple risk level dependence of its implementation in the terms of analytic geometry

Authors

• Volodymyr Mokhor Pukhov institute for modeling in energy engineering of National academy of sciences of Ukraine, Kyiv,
• Oleksandr Bakalynskyi Institute of special communications and information protection National technical university of Ukraine “Kyiv polytechnic institute”, Kyiv,
• Oleksandr Bohdanov Institute of special communications and information protection National technical university of Ukraine “Kyiv polytechnic institute”, Kyiv,
• Vasyl Tsurkan Institute of special communications and information protection National technical university of Ukraine “Kyiv polytechnic institute”, Kyiv,

Keywords:

Simple risk, probability, damage, risk analysis, analytical geometry.

Abstract

It is considered the dependence of the level of simple risk on the likelihood of its implementation. Analytical geometry is used to interpret this dependence. It is shown the nonlinear character of its dependence, which leads to the complexity of its analysis in practice. Therefore, a special case of solving the problem of risk level analysis in a linear form is analyzed on the example of a two-component risk model presented on a plane. It is noted that the dependence of the level of risk on the magnitude of possible damage is analogous to the dependence of the level of risk on the magnitude of the probability of its realization and can be expressed by the direct equation. Defining the analogy between the equation of a straight line and the representation of the risk-probability relation for its realization, it is verified the correspondence of this assertion to other methods of specifying a line in the plane. It is considered known variants of specifying a straight line in a segment, with angular coefficients to solve that. The same applies to the methods of specifying the equation of a straight line with respect to a point and a guiding vector and the normal equation of a straight line in which straight lines not leaving the origin of coordinates are considered. Thus, a quasi-analogy is shown between the representation of the dependence of the risk value on the probability of its realization and the equation of the straight line on the plane that leaves the origin and is located in the first quadrant. This allows to investigate risks using known methods of analytical geometry. At the same time, while representing the risk as a sum of two or more components, encountered the need to increase the dimensionality of the coordinate system to n, which leads to the need for further studies in n-dimensional space.

Author Biographies

Volodymyr Mokhor, Pukhov institute for modeling in energy engineering of National academy of sciences of Ukraine, Kyiv,

doctor of technical sciences,
professor, director

Oleksandr Bakalynskyi, Institute of special communications and information protection National technical university of Ukraine “Kyiv polytechnic institute”, Kyiv,

deputy head of management and tactical

Oleksandr Bohdanov, Institute of special communications and information protection National technical university of Ukraine “Kyiv polytechnic institute”, Kyiv,

doctor of technical sciences, professor,
head of management and tactical and

Vasyl Tsurkan, Institute of special communications and information protection National technical university of Ukraine “Kyiv polytechnic institute”, Kyiv,

candidate of technical sciences,
associate professor at the cybersecurity
and application of information systems

References

“Jet Infosystems” company has built ISMS “Eldorado” [Online]. Available: http://www.osp.ru/osp-new/public/resources/releases/?rid=7954. Accessed on: Febr. 6, 2017.

“ISO 27001 – Information Management Security System”. [Online]. Available: http://www.enhancequality.com/iso-standards/iso-27001-information-security-management-system/. Accessed on: Febr. 6, 2017.

A. Dmitriev, “Information security management”. [Online]. Available: http://www.comizdat.com/ index_.php?in=ksks_articles_id&id=568. Accessed on: Febr. 6, 2017.

International Organization for Standardization. (2013, Oct. 01). ISO/IEC 27001. Information technology. Security techniques. Information security management systems. Requirements. [Online]. Available: https://www.iso.org/standard/54534.html. Accessed on: Febr. 6, 2017.

International Organization for Standardization. (2013, Oct. 01). ISO/IEC 27002. Information technology. Security techniques. Code of practice for information security controls. [Online]. Available: https://www.iso.org/standard/54533.html. Accessed on: Febr. 6, 2017.

International Organization for Standardization. (2011, June 10). ISO/IEC 27005. Information technology. Security techniques. Information security risk management. [Online]. Available: https://www.iso.org/standard/56742.html. Accessed on: Febr. 6, 2017.

V. Mokhor, O. Bakalynskyi, and V. Tsurkan, “A geometric approach to the acceptable risk probabilities estimation of information security”, Ukrainian Information Security Research Journal, vol. 18, no. 3, pp. 210-217, 2016.

doi: 10.18372/2410-7840.18.10850.

“Guidelines for the implementation of information security management systems and risk assessment methodology in accordance with the standards of the National Bank of Ukraine”. [Online]. Available: http://zakon3.rada.gov.ua/laws/show/ v0365500-11/page. Accessed on: Febr. 6, 2017.

International Organization for Standardization. (2016, Nov. 01). ISO/IEC 27035-1. Information technology. Security techniques. Information security incident management. Part 1: Principles of incident management. [Online]. Available: https://www.iso.org/standard/60803.html. Accessed on: Febr. 6, 2017.

International Organization for Standardization. (2016, Nov. 01). ISO/IEC 27035-2. Information technology. Security techniques. Information security incident management. Part 2: Guidelines to plan and prepare for incident response. [Online]. Available: https://www.iso.org/ standard/62071.html. Accessed on: Febr. 6, 2017.

M. Kendall, and P. Moran, Geometrical probabilities. Moscow, Russia: Publishing “Nauka”, 1972.

2017-06-30

How to Cite

Mokhor, V., Bakalynskyi, O., Bohdanov, O., & Tsurkan, V. (2017). Interpretation of the simple risk level dependence of its implementation in the terms of analytic geometry. Information Technology and Security, 5(1), 71–82. https://doi.org/10.20535/2411-1031.2017.5.1.120574

Section

INFORMATION SECURITY RISK MANAGEMENT