Научная статья на тему 'Modeling of security and risk assessment in information and communication system'

Modeling of security and risk assessment in information and communication system Текст научной статьи по специальности «Компьютерные и информационные науки»

CC BY
143
84
i Надоели баннеры? Вы всегда можете отключить рекламу.
Ключевые слова
SECURITY MODEL / COMPUTER SYSTEM / OBJECT / SUBJECT / ACCESS / RISKS

Аннотация научной статьи по компьютерным и информационным наукам, автор научной работы — Korniyenko B.Y., Galata L.P., Kozuberda O.W.

Important issues as security of information systems and risk assessment are discussed in this article. Information processing technology are being continuously improving, and with them practical methods of information security change. Of course, the universal methods of protection does not exist, because each information and communication system needs a personal approach. It is necessary to conduct a complete analysis of the system, and then try to develop a reliable security model.

i Надоели баннеры? Вы всегда можете отключить рекламу.
iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.
i Надоели баннеры? Вы всегда можете отключить рекламу.

Текст научной работы на тему «Modeling of security and risk assessment in information and communication system»

разработать специальный государственный стандарт. Эти показатели должны быть учтены при проектировании и изготовлении и предусмотрены в технической документации стационарных машин и оборудования.

Литература

1. ГОСТ 22903 - 78. Машины и оборудование для животноводства и кормопроизводства. Монтажепригодность. Общие требования. - М.: Издательство стандартов, 1978. - 7с.

2. ГОСТ 18831 - 73. Технологичность конструкций. Термины и определения. - М.: Издательство стандартов, 1973.

- 12с.

3. ГОСТ 27.002 - 89. Надежность в технике. Основные понятия и определения. - М.: Издательство стандартов, 1990. - 37с.

4. Руководящий документ РД 26 - 16 - 45 - 97. Монтаже-пригодность нефтепромыслового оборудования. Термины, определения, номенклатура показателей и методы оценки.

- Баку: Тип. АГНА, 1997. - 32с.

5. Мамедов Н.Р., Олехнович И.Т., Андрющенко Г.Р., Сорокин Э.П. Основы монтажа технологического оборудования животноводческих ферм. Под ред. Мамедова Н.Р. - Мн.: Урожай, 1971. - 312с.

6. Мамедов Н.Р. Показатели монтажепригодности машин и методы их определения. В кн. «Новое в методах испытаний тракторов и сельскохозяйственных машин». - Серия «Новые методы испытаний сельскохозяйственной техники», вып. XIX. - М.: ЦНИИТЭИ В.О. «Союзсельхозтехни-ка», 1976. - с. 132-141.

7. Мамедов Н.Р. Монтажепригодность сельскохозяйственных машин и оборудования. - Баку: Чашыоглы, 2000. - 328 с.

8. Смирнов Н.Н. Вопросы ремонтопригодности машин -М.: Знание, 1970. - 96 с.

MODELING OF SECURITY AND RISK ASSESSMENT IN INFORMATION AND

COMMUNICATION SYSTEM

Korniyenko B.Y.

doctor of engineering, head of department of computerized syMems of information security, National Aviation University, Kiev,

Ukraine

Galata L.P.

assistant of the department of computerized syMems of information security,

National Aviation University, Kiev, Ukraine

Kozuberda O.W.

department of computerized syMems of information security, National Aviation University, Kiev, Ukraine

ABSTRACT

Important issues as security of information syflems and risk assessment are discussed in this article. Information processing technology are being continuously improving, and with them practical methods of information security change. Of course, the universal methods of protection does not exifl, because each information and communication syflem needs a personal approach. It is necessary to conduct a complete analysis of the syflem, and then try to develop a reliable security model. Keywords: security model ; computer syflem; object; subject; access; risks.

Introduction

People tend to protect their secrets. The development of information technologies and its penetration into all spheres of human activity leads to the fact that the problem of information security is becoming more and and more urgent and at the same time more difficult every single year.

Security model that is based on subject-object model of computer syflem, is also called final Sate model. In these initialization models information flow is treated as requefls of access to the objects, depending on which security policies can be either permitted or prohibited. Making the subject an allowed access to the object puts the syflem the next moment in another Sate that is seen as a set of Sates and syflem objects[1-3].

Security models play important role in development and research of protected computer syflems as they provide syflem integrators approach.

The security problem in the computer syflem is considered in terms of analysis and fludy of the conditions, rules, procedures, permits and access requefls in which syflem is initially being in a safe mode and in a finite number of transitions moves again to a safe mode [4].

The scientific novelty of the research consifls in the following: the basic model of computer syflem security are

analyzed, information risks on threats class are evaluated and also we simulated computer syflem with appropriate information security level that is processed and Sored in it, using the software Digital Security Office, namely syflem «FINGERBOARD» is held.

The common access control models that allow you to implement a formal analysis of security syflems and that are focused on confidentiality and integrity of information are reviewed.

The security model for a particular computer syflem is implemented. And the eflimation of information risks, class of threats is organized [5-6].

Information security is considered as a condition of syflem in which:

• The syflem is able to withfland the deflabilizing actions of internal and external threats.

• Operation and the very exigence of the syflem does not threaten the environment and the elements of the syflem.

Practically information security is usually considered as a combination of these three basic properties of information:

• confidentiality, that means access to information can only be got by legitimate users;

• integrity, firmly, protected information may be changed only by legitimate users with the appropriate authority, and secondly, the information is internally consiflent and (if this feature is applicable) shows real flate of things;

• availability, that guarantees free access to protected information for legitimate users.

Activities aimed at information security, called data protection.

Consider exiting methods of information security [7-8].

1. Theoretical methods

• Formalizing processes related to providing information syflem.

• Reasoning the accuracy and adequacy of information syflem software.

2. Organizational Methods

• Managing information security in the enterprise

3. Engineering and technical Methods

• Protection of information leakage on technical channels.

4. Legal methods

• Responsibility

• Work with flate secrets

• Copyright protection

• Licensing and Certification

The concept of security models of computer syflems

The fundamental concept of information security of computer syflems is security policy. By this meant the integrated set of rules and regulations governing the processing of information, the implementation of which provides flatus information security in a given threats space. The formal expression of Security Policy (mathematical, circuitry, algorithmic, and so on. ) called the security model.

Security models play an important role in development and research of protected computer syflems as they provide syflem integrators approach that involves solution of the following major tasks:

• selection and foundation the basic principles of architecture for protected computer syflems that define mechanisms for implementing the means and methods of information security.

• properties security syflems that are developed by formal evidence of adherence to security policies (requirements, conditions, criteria);

• drafting a formal specification of security policy as a major component of organizational and documentation securement of protected computer syflems that are being developed

Flows of information

The active subject essence of Access lies in their ability to perform certain actions on objects that objectively leads to the flow of information. Accordingly to that central position of the subject-object model is the following.

All the security processes in the computer syflems described by the accesses of subjects to objects that cause the flows of information.

Flow of information between the object oi and the object oj called arbitrary operation on the object of realized in the subject sm and depending on the object oi.

To describe the flow following designation is introduced:

Stream (sm, oi) ^ o^ - the flow of information from the object oi (op to the object o^ (oi) in the subject sm (through an sm).

The flow can be made in a variety of operations on objects -read, change, delete, create and so on.

The concept of access

The flow is always initiated by the access subject. On this basis we introduce the following in the policy and models of delimitation the access and concepts.

Access subject sm to the object oj called generation by the subject sm of flow of information between the object o^ and some subject oi (in particular, but not necessarily object oi is associated with the subject sm).

The formal access concept enables all means of subject-object model move directly to describe the processes of information security to protected the computer syflems. With this purpose, we introduce a plurality of flows P for the totality decompositions of the fixed computer syflems on subjects and objects at all times plurality P is a union of all flreams in the times of functioning of the computer syflems.

From the perspective of process safety interpreted as the Sate of information security in the computer syflems, a plurality of flow P is divided into two subsets of PN and PL, which do not intersect.

where PL - plurality flows caused by legal (secure) access;

PN - dangerous plurality that violate the condition of information security (confidentiality, integrity and availability of information) flows in the computer syflems.

Based on the plurality of flows here is given the following concept, that is based on formalization the delimitation access policies in the security model.

Rules of delimitation the access to objects are formally described flows that belong to the plurality PL.

Elaboration of computer syflem security model

Consider the example of modeling of safety and risk assessment in Information and Communication syflems.

To develop a computer syflem security model will be used the software Digital Security Office, namely a syflem of «Grief».

Digital Security Office - comprehensive solution for managing information security company.

Digital Security Office includes the analysis and management of information risks «Grief» and syflem of development and adminiflration the information syflem security policy «KONDOR».

«Grief» as a part of Digital Security Office allows to analyze the vulnerability of information syflem and evaluate possible damage to the company during the implementation of potential threats found by the vulnerability.

To build a computer syflem security model firflly it is necessary to submit all data about the syflem:

• Network groups in which valuable information is processed

• Resources that contain valuable information

• Groups of users who have access to valuable information

• Network device by which user groups get access to information

• Types of valuable information.

After entering all the data, it is necessary to determine the ratio between types of information, resources and user groups:

• What kinds of valuable information flored on resources.

• Which user groups have access to the kinds of valuable information on the resource, characteriflic computer syflem of access

• Use of network devices which users have access to specific types of information.

Thus, a complete security model based computer syflem.

Linking objects

For each object need to point out: what kinds of information are placed there, which user groups have access, communication channel object protection and data protection.

Eflablishing communication between the object and the types of information

Determine information that will be processed and flored at this facility, specify the level of confidentiality, integrity and availability for this type of valuable information.

Conclusions

The model of computer syflem security accounting department with the software Digital Security Office, namely of «Grief» was developed. The flructure of the accounting department computer syflem includes a server and five mobile computers that belong to a networking group. Six groups were created. Users of «Security» group are security officers and they have local and remote access to the server. The group has the rights to read, write and delete data on the server. Members of other groups have local access to the information that is processed and flored on a specific mobile computers. Each group was given access to only one of the five resources.

Each type of valuable information has been assigned a confidence level of integrity and availability. According to these levels, protection methods to resources and information are applied.

The eflimation of information risks by threats class had been conduct. As a result of proper and efficient applying protection methods, the level of risks for each threat class and common risk level are low, so the security model of the computer syflem indicates a high level of resiflance to threats.

iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.

References

1. Olifer V.G., Olifer N.A. - Computer networks. Principles, technologies, protocols (4th ed.) - Piter, 2010.-943 P.

2. Shangin VF. Protection of Computer Information.-M.:DMK Press,2008.-544 P.

3. Yudin O.K. Information security in data networks: textbooks. for fludents. Education. teach. bookmark. Field of Knowledge 1701 «Inform. Safety»/ O.K. Yudin, O.G. Kortshenko, G.F. Konahovitsh. - K. : [NVP IHTERSEPVIS], 2009. - 716 P.

4. Yudin O.K. Information Security. Regulatory support: a textbook for fludents. directly preparation. «Security Info. and Communication Syflems « Education. teach. Inflitutions/ O.K. Yudin - K. : NAU, 2011. - 640 P.

5. Quality Management Syflems - Requirements ISO 9001:2008 - 4th ed. 2008-11-15.

6. Information security management syflems - Requirements ISO/IEC 27001:2005.

7. Korniyenko B.Y. Analysis of threats to information security of computer syflems / Korniyenko B.Y., Snishko V.V. / Materiály IX mezinárodní vedecko - praktická konference «Aktuální vymozenofli vedy - 2013». - Díl 17. Matematika. Fyzika. Moderní informacní technologie. Vyflavba a architektura: Praha. Publishing House «Education and Science» s.r.o - P. 63-66.

8. Korniyenko B.Y. Open syflems interconnection model invefligation from the viewpoint of information security / B. Korniyenko, O. Yudin, E. Novizkij // The Advanced Science Journal. - 2013. - issue 8. - P. 53 - 56.

РАЗРАБОТКА И СОЗДАНИЕ АВТОМАТИЧЕСКИХ СРЕДСТВ ДЛЯ ТУШЕНИЯ ЭКЗОГЕННЫХ ПОЖАРОВ В УГОЛЬНЫХ ШАХТАХ

Алексеенко С.А. Шайхлисламова И.А. Яворская Е.А.

доценты, Государственное высшее учебное заведение «Национальный горный университет», г. Днепропетровск,

доктора философии

DEVELOPING AND CREATION OF AUTOMATIC MEANS FOR FREELY BURNING FIRE EXTINGUISHING IN COAL MINES

Alekseenko S.A. Shaykhlislamova I.A.

Yavors'ka O.O., Ph.D., State Higher Educational Institution «National Mining University», Dnepropetrovsk АННОТАЦИЯ

Разработан автоматический порошковый огнетушитель для тушения пожаров в шахтах. Предложенный огнетушитель предназначен для тушения экзогенных пожаров в призабойном пространстве тупиковых выработок и камер угольных шахт. ABSTRACT

The automatic dry powder fire extinguisher for firefighting in mines is developed. The proposed fire extinguisher is used for freely burning firefighting in a face area of blind drifts and chambers of mines.

Ключевые слова:камера, огнетушитель, призабойное пространство, тупиковая выработка, экзогенный пожар, шахта. Keywords: chamber, fire extinguisher, face area, blind drift, freely burning fire, mine.

Постановка проблемы.

Одним из перспективных направлений повышения эффективности противопожарной защиты тупиковых выработок является разработка и создание легко переносимых автономных автоматических устройств, которые подают порошок непосредственно в призабойное пространство. Эти

устройства должны размещаться на определенном расстоянии от забоя, с целью сохранения их от осколков горной массы при взрывных работах, и находиться в постоянной готовности к срабатыванию в случае возникновения пожара [1, с.115]. В нормативных документах НАПББ.01.009-2004 «Правила пожарной безопасности для предприятий уголь-

i Надоели баннеры? Вы всегда можете отключить рекламу.