Functional model of information security systems
The subject of the study is modeling the information security system for organizations where there are special requirements for protected information under the legislation of Ukraine. Special requirements for information protection are available for any organizations, enterprises and institutions of any sphere of activity and any form of ownership. Such requirements are conditioned by the classification of information, regulatory documents, special requests of the customer for such security information systems, as well as the verification of the compliance of sharp requirements and the satisfaction of users and/or customers with the establishment of information security systems. The research topic is related to the creation of a security information system and attempts to simulate the most effective and most effective protection system by means of a scientific method – modeling, which is used in various fields of activity. The versatility and effectiveness of simulation has been proven by the practice of applying and reproducing tools for implementing simulation results. Therefore, the purpose of this article is to develop a functional model of information security for an organization where circulating confidential and/or service information that needs protection in accordance with Ukrainian legislation. The research was based on the methodology of simulating and comparing different types, levels, and applications of models in the practical work of creating information security systems. The results of the work reflect the theoretical study of the foundations of modeling, analysis of the practical application of results for various systems, knowledge of requirements and criteria for models, and verification of the reproducibility of real processes, phenomena and the functioning of information security systems, based on the restrictions and conditions regarding the protected information. The scope of the results is due to the specific needs of organizations to calculate various results using the simulation methodology. Summing up, we note the importance of this study for the purpose of creating a unique information security system for each individual organization whose purpose is to provide information security. The variety of models and methods of modeling confirms the unconditional and exceptional value of the research using the principles of simulation for Ukrainian security information security organizations.
Full Text:PDF (Українська)
A. I. Orlov, Management. Moscow, Russia: Izumrud, 2003.
A. I. Orlov, Econometrics. Moscow, Russia Examen, 2003.
T. Naylor, Machine imitation experiments with models of economic systems. Moscow, USSR: Mir, 1975.
K. A. Bagrinovsky, and V. P. Busygin, Mathematics of planned decisions. Moscow, USSR: Nauka, 1980.
Dzh. fon Neumann, and O. Morgenshtein, Theory of games and economic behavior. Moscow, USSR: Nauka, 1970.
E. I. Vsjakikh, Practice and problems of business process modeling [Online]. Available: https://econ.wikireading.ru/73264.
V. Yu. Artemov, O. S. Lenkov, A. S. Pashkov, O. M. Stadnik, and V. O. Khoroshko, Normative legal guide on information security in Ukraine. Kyiv, Ukraine: DUIKT, 2010.
A. I. U’omov, Logical Foundations of the Modeling Method. Moscow, USSR: Mysl, 1971.
International Organization for Standardization. ISO/IEC/IEEE 24765:2010. Systems and software engineering. Vocabulary [Online]. Available: https://www.smaele.nl/documents/iso/ ISO-24765-2010.pdf.
M. R. Kogalovsky, Glossary on the Information Society. Moscow, Russia: Institute for the Development of the Information Society, 2009.
S. L. Yemelianov, N. I. Loginova, O. V. Todoshchak, and V. F. Yakutko, Use of Information Technologies in Courts. Odessa, Ukraine: Phenix, 2014.
Y.G. Neuymin, Models in science and technology. History, theory, practice. Leningrad, USSR: Nauka, 1984.
N. N. Moiseev, Mathematical problems of system analysis. Moscow, USSR: Nauka, 1981.
Functional models and modeling process, electronic resource: http://www.itstan.ru/funk-strukt-analiz/funkcionalnye-modeli-i-process-modelirovanija.html.
International Organization for Standardization. ISO/IEC 27000:2018. Information technology. Security techniques. Information security management systems. Overview and vocabulary [Online]. Available: https://www.iso.org/standard/73906.html.
International Organization for Standardization. ISO/IEC 27001:2013. Information technology. Security techniques. Information security management systems. Requirements [Online]. Available: https://www.iso.org/standard/54534.html.
International Organization for Standardization. ISO/IEC 27002:2013. Information technology. Security techniques. Code of practice for information security controls [Online]. Available: https://www.iso.org/standard/54533.html.
M. R. Kogalovsky, Perspective technologies of information systems. Moscow, Russia: DMK Press; Company AiTi, 2003.
V. L. Buryachok, V. B. Tolubko, V. O. Khoroshko, and S. V. Tolyupa, Information and cyber security: the socio-technical aspect. Kyiv, Ukraine: DUT, 2015.
ISSN 2411-1031 (Print), ISSN 2518-1033 (Online)