Functional model of information security systems
Keywords:Information security, providing information security, information security system, functional modeling, functional model.
The subject of the study is modeling the information security system for organizations where there are special requirements for protected information under the legislation of Ukraine. Special requirements for information protection are available for any organizations, enterprises and institutions of any sphere of activity and any form of ownership. Such requirements are conditioned by the classification of information, regulatory documents, special requests of the customer for such security information systems, as well as the verification of the compliance of sharp requirements and the satisfaction of users and/or customers with the establishment of information security systems. The research topic is related to the creation of a security information system and attempts to simulate the most effective and most effective protection system by means of a scientific method – modeling, which is used in various fields of activity. The versatility and effectiveness of simulation has been proven by the practice of applying and reproducing tools for implementing simulation results. Therefore, the purpose of this article is to develop a functional model of information security for an organization where circulating confidential and/or service information that needs protection in accordance with Ukrainian legislation. The research was based on the methodology of simulating and comparing different types, levels, and applications of models in the practical work of creating information security systems. The results of the work reflect the theoretical study of the foundations of modeling, analysis of the practical application of results for various systems, knowledge of requirements and criteria for models, and verification of the reproducibility of real processes, phenomena and the functioning of information security systems, based on the restrictions and conditions regarding the protected information. The scope of the results is due to the specific needs of organizations to calculate various results using the simulation methodology. Summing up, we note the importance of this study for the purpose of creating a unique information security system for each individual organization whose purpose is to provide information security. The variety of models and methods of modeling confirms the unconditional and exceptional value of the research using the principles of simulation for Ukrainian security information security organizations.
A. I. Orlov, Management. Moscow, Russia: Izumrud, 2003.
A. I. Orlov, Econometrics. Moscow, Russia Examen, 2003.
T. Naylor, Machine imitation experiments with models of economic systems. Moscow, USSR: Mir, 1975.
K. A. Bagrinovsky, and V. P. Busygin, Mathematics of planned decisions. Moscow, USSR: Nauka, 1980.
Dzh. fon Neumann, and O. Morgenshtein, Theory of games and economic behavior. Moscow, USSR: Nauka, 1970.
E. I. Vsjakikh, Practice and problems of business process modeling [Online]. Available: https://econ.wikireading.ru/73264.
V. Yu. Artemov, O. S. Lenkov, A. S. Pashkov, O. M. Stadnik, and V. O. Khoroshko, Normative legal guide on information security in Ukraine. Kyiv, Ukraine: DUIKT, 2010.
A. I. U’omov, Logical Foundations of the Modeling Method. Moscow, USSR: Mysl, 1971.
International Organization for Standardization. ISO/IEC/IEEE 24765:2010. Systems and software engineering. Vocabulary [Online]. Available: https://www.smaele.nl/documents/iso/ ISO-24765-2010.pdf.
M. R. Kogalovsky, Glossary on the Information Society. Moscow, Russia: Institute for the Development of the Information Society, 2009.
S. L. Yemelianov, N. I. Loginova, O. V. Todoshchak, and V. F. Yakutko, Use of Information Technologies in Courts. Odessa, Ukraine: Phenix, 2014.
Y.G. Neuymin, Models in science and technology. History, theory, practice. Leningrad, USSR: Nauka, 1984.
N. N. Moiseev, Mathematical problems of system analysis. Moscow, USSR: Nauka, 1981.
Functional models and modeling process, electronic resource: http://www.itstan.ru/funk-strukt-analiz/funkcionalnye-modeli-i-process-modelirovanija.html.
International Organization for Standardization. ISO/IEC 27000:2018. Information technology. Security techniques. Information security management systems. Overview and vocabulary [Online]. Available: https://www.iso.org/standard/73906.html.
International Organization for Standardization. ISO/IEC 27001:2013. Information technology. Security techniques. Information security management systems. Requirements [Online]. Available: https://www.iso.org/standard/54534.html.
International Organization for Standardization. ISO/IEC 27002:2013. Information technology. Security techniques. Code of practice for information security controls [Online]. Available: https://www.iso.org/standard/54533.html.
M. R. Kogalovsky, Perspective technologies of information systems. Moscow, Russia: DMK Press; Company AiTi, 2003.
V. L. Buryachok, V. B. Tolubko, V. O. Khoroshko, and S. V. Tolyupa, Information and cyber security: the socio-technical aspect. Kyiv, Ukraine: DUT, 2015.
How to Cite
Copyright (c) 2020 Collection "Information technology and security"
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors that are published in this collection, agree to the following terms:
- The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
- The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
- Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).