Information systems and technologies security最新文献

{"title":"PRACTICAL INTRODUCTION OF INFORMATION SYSTEMS BASED ON ASSESSMENT OF EXTERNAL INFLUENCES","authors":"O. Oksiiuk, Larysa Myrutenko, Y. Shestak","doi":"10.17721/ists.2019.1.27-35","DOIUrl":"https://doi.org/10.17721/ists.2019.1.27-35","url":null,"abstract":"The article highlighted the advantage of information systems in front of centralized systems in terms of ensuring the security of network infrastructure, data transmitted, and procedures used in the software environment of the complex. It was pointed out the technical simplicity of the methods of expansion of information systems and, accordingly, their scalability. A multilevel energy balance scheme and computing resources of the information system infrastructure, based on the optimization of the task graph, have been developed. The methods of estimating the optimization of the graph of tasks, which are based on the indicators of the normalized graph normalized distribution of energy, are determined. The results of mathematical modeling in comparison with statistical data for such methods of working with task graphs as calculations by hierarchical structure, graph split algorithms, methods based on algebraic theory of graphs, structuring of \"Diamond Dags\" type. The analysis was conducted for such types of distribution as uniform distribution, binomial distribution, geometric distribution. The results of the comparison point to a sufficiently upstart prediction accuracy at the level of mathematical modeling. In most cases, the value of the maximum deviation, presented as a relative error, between simulation results and statistical data remains within 10%, which shows the adequacy of the simulation. Nevertheless, for the four pairs of functions of the length of the normalized graph and the normalized energy distribution, the maximum deviation is greater than 10%, indicating the need for a revision of the model and further statistical studies. It is proposed to use in organizing the protection of resources of the information system of clusterization methods, which allow to construct a transparent scheme of functioning of the complex and to construct monitoring algorithms","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130883558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"THE METHOD OF CALCULATION OF PROBABILITY OF REALIZATION OF THREATS OF INFORMATION WITH THE LIMITED ACCESS FROM AN INTERNAL USER VIOLATOR","authors":"O. Boychenko, R. Ziubina","doi":"10.17721/ists.2019.1.19-26","DOIUrl":"https://doi.org/10.17721/ists.2019.1.19-26","url":null,"abstract":"In the article analyzed regulatory documents which regulate the question of information security in the information and telecommunication system. According the results of the analysis the aim of scientific research, which consists in the improvement of method of calculation of probability of realization of threats of information with the limited access from an internal user violator was formed. To achieve this aim, a list of threats of information with limited access which could come from an internal user violator and the internal user violator model was developed. The method of calculation of probability of realization of threats of information with the limited access from an internal user violator was developed and has the followings stages: determination of level of knowledge’s of internal user violator and assessment of the possibility of realizing the threat; forming of model of internal user violator; forming of model of the appearance of the motive of behavior by the internal user violator; calculation of probability of realization of threats of information with the limited access from an internal user violator. The work of the developed method has been tested for the following employees of the institution (organization): the system administrator, the operator of the automated workplace, the telecommunications engineer and the employee who is not the user of the information and telecommunication system and does not belong to the technical personnel. The results of the verification allow conclude that the most probable realization of the threats of information with limited access from the employees of the institution (organization) comes from those employees who are users of the information and telecommunication system, have a high level of knowledge about the possibility of realizing threats and having a motive of behavior – revenge. The developed method of calculation of probability of realization of threats of information with the limited access from an internal user violator in addition to the generally accepted classification of levels of opportunities, methods used of action and place of action, takes into account the motive of wrongful acts by the internal user violator and assessment of his knowledge about the possibility of realizing the threats of information with limited access in the information and telecommunication system","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127540914","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TRANSFORMANTS BIT REPRESENTATION ENCODING WITHIN VIDEO BIT RATE CONTROL","authors":"V. Barannik, Yuriy Ryabukha, Pavlo Gurzhiy, Vitaliy Tverdokhlib, Igor Shevchenko","doi":"10.17721/ists.2019.1.52-56","DOIUrl":"https://doi.org/10.17721/ists.2019.1.52-56","url":null,"abstract":"The conceptual basements of constructing an effective encoding method within the bit rate control module of video traffic in the video data processing system at the source level are considered. The essence of using the proposed method in the course of the video stream bit rate controlling disclosed, namely, the principles of constructing the fragment of the frame code representation and approaches for determining the structural units of the individual video frame within which the control is performed. The method focuses on processing the bit representation of the DCT transformants, and at his processing stage transformant was considered as a structural component of the video stream frame at which the encoding is performed. At the same time, to ensure the video traffic bit rate controlling flexibility, decomposition is performed with respect to each of the transformants to the level of the plurality of bit planes. It is argued that the proposed approach is potentially capable to reducing the video stream bit rate in the worst conditions, that is, when component coding is performed. In addition, this principle of video stream fragmen code representation forming allows to control the level of error that can be made in the bit rate control process. However, in conditions where the bit representation of the transformant is encoded, the method is able to provide higher compression rates as a result of the fact that the values of the detection probability of binary series lengths and the values of detected lengths within the bit plane will be greater than in the case of component coding. This is explained by the structural features of the distribution of binary elements within each of the bit planes, which together form the transformer DCT. In particular, high-frequency transformer regions are most often formed by chains of zero elements. The solutions proposed in the development of the encoding method are able to provide sufficient flexibility to control the bit rate of the video stream, as well as the ability to quickly change the bit rate in a wide range of values","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117069195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"THE INFORMATION SYSTEM CYBERSECURITY CONCEPT OF THE STATE BORDER GUARD SERVICE OF UKRAINE AT THE MODERNIZATION STAGE","authors":"M. Strelbitskyi","doi":"10.17721/ists.2019.1.3-10","DOIUrl":"https://doi.org/10.17721/ists.2019.1.3-10","url":null,"abstract":"The article analyzes the functions of the Border Guard Service of Ukraine and its information systems. It is determined that the modernization of the components of the integrated information system causes a violation of the existing system of cyber defense. The analysis of existing approaches to ensuring the protection of information in information systems has shown a sufficiently deep study of research separately for each information system. However, unexperienced features of the interaction of these systems remain, in particular, with the modernization of certain information systems in terms of providing cyber defense in general. The process of modernization of information systems is carried out according to individual components of the system or complex and requires their coordination in the process of joint operation. The article gives the justification of modernization strategies according to the groups of criteria: the level of cyber security, the peculiarities of the functioning of information systems. It is noted that the value of the probability of violating the properties of the information resource varies over the entire period of modernization. Therefore, to choose the strategy of modernization at the value of probability at any time is not correct. It is necessary to take into account the general tendency of the function of changing this probability. The most expedient is the distribution of this group of criteria into three components of the criteria for the level of cyber security: the normative - the criterion in which the current value of the probability of violating cybersecurity does not exceed the given; average - the criterion for which the average probability of a violation of cybersecurity does not exceed the prescribed; weighted - a criterion for which the average weighted probability of cybersecurity violation will not exceed the given. The article presents functional dependencies for determining the probability of cyber security violations for each of the groups. As a result of the study, it was determined that the priority indicator of the effectiveness of the process of modernizing the information systems of the border agency is the maximum value of the probability of violating the properties of information in the process of modernization","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132037804","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MODELING OF INFORMATION SECURITY SYSTEM IN COMPUTER NETWORK","authors":"B. Korniyenko, L. Galata","doi":"10.17721/ists.2019.1.36-41","DOIUrl":"https://doi.org/10.17721/ists.2019.1.36-41","url":null,"abstract":"This article presents simulation modeling process as the way to study the behavior of the Information Security system. Graphical Network Simulator is used for modeling such system and Kali Linux is used for penetration testing and security audit. To implement the project GNS3 package is selected. GNS3 is a graphical network emulator that allows you to simulate a virtual network of more than 20 different manufacturers on a local computer, connect a virtual network to a real one, add a full computer to the network, Third-party Applications for network packet analysis are supported. Depending on the hardware platform on which GNS3 will be used, it is possible to build complex projects consisting of routers Cisco, Cisco ASA, Juniper, as well as servers running network operating systems. Using modeling in the design of computing systems, you can: estimate the bandwidth of the network and its components; identify vulnerability in the structure of computing system; compare different organizations of a computing system; make a perspective development forecast for computer system; predict future requirements for network bandwidth; estimate the performance and the required number of servers in the network; compare various options for computing system upgrading; estimate the impact of software upgrades, workstations or servers power, network protocols changes on the computing system. Research computing system parameters with different characteristics of the individual components allows us to select the network and computing equipment, taking into account its performance, quality of service, reliability and cost. As the cost of a single port in active network equipment can vary depends on the manufacturer's equipment, technology used, reliability, manageability. The modeling can minimize the cost of equipment for the computing system. The modeling becomes effective when the number of workstations is 50-100, and when it more than 300, the total savings could reach 30-40% of project cost","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"171 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132298090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IMPROVING THE RELIABILITY OF SOFTWARE-DEFINED NETWORK","authors":"S. Dakov, L. Dakova","doi":"10.17721/ists.2019.1.66-78","DOIUrl":"https://doi.org/10.17721/ists.2019.1.66-78","url":null,"abstract":"In this work the reliable indicators of the software-oriented network were analyzed, the comparison of centralized and decentralized management types was made, that program-managed networks need to optimize and increase reliability to the current standards of 3gpp. The model of calculation of the reliability of centralized and decentralized networks is proposed, with the help of which it is possible to identify weak or less susceptible sites in the mobile communication system. The method of estimation and enhancement of reliable characteristics of the information management system of the mobile communication network is developed, based on the hierarchical model of hardware and software reliability assessment. The dependence of equipment on applications or applications is taken into account. The system allows to optimize the process of deployment of the network, modernization and increase the reliability of servicing subscribers of mobile networks. This significantly improves the planning and modeling of the network infrastructure, which in turn increases the efficiency of use and reduces the cost of equipment and labor costs of man-hours. It is also proposed to use this mathematical model for software management model but less reliable sleep structure, so its optimization is a necessary factor in the use of these types of networks","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"14 3","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120852570","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TO THE CONCEPT OF A PROTECTED OPERATION SYSTEM","authors":"Oleksii Bychkov","doi":"10.17721/ists.2019.1.42-51","DOIUrl":"https://doi.org/10.17721/ists.2019.1.42-51","url":null,"abstract":"At the present stage of the use of information technologies in society, the issue of information protection becomes important. Operating systems play a major role in this. They are assigned the role of protectors of all user data and access rights. The authors of the article were tasked with proposing a classification of the use of operating systems and with the requirements for mechanisms of protection of information under this classification. In the article: - the existing security standards that are implemented in modern operating systems are analyzed. Existing security standards are outlined (Trusted Computer System Evaluation Criteria «Orange Book», TCSEC, ISO 17799). In the Orange Book, a trusted system is defined as \"a system that uses sufficient hardware and software to provide simultaneous processing of information of varying secrecy by a group of users without violating access rights.\" Security mechanisms and security classes of modern operating systems and BS 7799 security management model are also considered; this standard contains a systematic, complete, universal list of safety regulators, useful for the organization of almost any size, structure and scope information security management system. The standard Information Security Management System (ISMS) refers to the proportion of the overall risk-based management system designed to design, implement, control, maintain and improve information security activities. This system consists of organizational structures, policies, planning actions, responsibilities, procedures, processes and resources; - the analysis of the mechanisms of the complex system of information security (CSIS) and security, which are implemented in modern operating systems; - classification of operating system usage variants in information and telecommunication systems is offered. Requirements for information security mechanisms for operating systems according to the proposed classification are defined; - requirements for operating system information security standard and requirements for OS security mechanisms within the usage class are proposed","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116107713","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"RESEARCH OF DEVIATIONS PROACTIVE MANAGEMENT METHODS ON THE BASIS OF NEURAL NETWORKS IN IT PROJECTS","authors":"V. Morozov, O. Kalnichenko, O. Mezentseva","doi":"10.17721/ists.2019.1.79-87","DOIUrl":"https://doi.org/10.17721/ists.2019.1.79-87","url":null,"abstract":"This paper describes the results of a study of proposed methods of proactively managing key parameter deviations in complex projects based on the study of the effects of the external and internal environment of such projects. The methods of forecasting the level of changes in the results of project activity at any time during the execution of projects and depending on changes in the time parameters of the work of the projects and the study of the effects on changes in the cost of the work of the projects are proposed. Impact reactions on cost parameters and project timelines are investigated. An integrated information system has been developed to simulate the flow of changes to key IT project parameters using cloud data warehouses. In the process of modeling modern information technologies of project management of leading developers are involved and integrated. Modeling effects of the environment on project parameters based on models of deep learning neural networks are used as research tools. A model of deep learning of the neural network is proposed, through the experimental representation of the input and output data of numerical experiments. This model takes into account the optimistic and pessimistic distribution of the cost of each project when planning the projects and choosing their optimal configuration. The evaluation of the results of modeling the effects of changes on the timing and cost of performing work is based on the context of project characteristics, including resource allocations both in time and in project work, cost allocations, etc. Thus, the modeled indicators in the system indicate slight deviations within 10-15% of the set values under the influence of a wide range of values of environmental factors and their effects on changes in project work resources for the selected and unchanged technological configuration of the project model. Using proactive controls, in the re-simulation, it became possible to significantly reduce deviations in costs that do not exceed 10% of the deviation from the optimum values","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130644239","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SYNTHESIS OF METHODS OF EVALUATION OF ELECTROMAGNETIC COMPATIBILITY OF RADIO-TECHNICAL SYSTEMS","authors":"N. Lukova-Chuiko, Volodymyr Nakonechnyi, V. Saiko, S. Toliupa","doi":"10.17721/ists.2019.1.57-65","DOIUrl":"https://doi.org/10.17721/ists.2019.1.57-65","url":null,"abstract":"Modern development of radio equipment is characterized by an increase in the speed of processes of transmission and processing of information, miniaturization and integration into unified complexes that physically bridles the sources and receptors of interference. All this leads to the strengthening of the requirements to ensure compliance with the conditions of electromagnetic compatibility and the need for its evaluation at the design stage of radio engineering devices and systems, because the incomplete or incorrect assessment of these requirements leads to a significant increase in time and material costs of the manufacturer, for further development of the development of electronic equipment and reduction its competitiveness. Widespread use of different purposeful electronic means leads to an increase in the levels of electromagnetic fields created by them in the surrounding space. These fields are obstacles for other similar devices, may degrade the operating conditions and reduce the effectiveness of their use. In this process, it is easy to see the characteristic features of dialectical development - progress in this area is restrained by the negative phenomena generated by its development. Further progress requires the overcoming of this trend, that is, development on a new quality level, which is to ensure the joint operation of various means. The key is that the actions of the electromagnetic fields, which are created by some technical means to the other, are carried out for the transmission of information, its processing, or vice versa, violation of the process of transmission and processing of data. Therefore, an analysis is proposed that allows preliminary prediction of the fulfillment of the conditions of electromagnetic compatibility in a group of radio-electronic means that have a number of sources of interference and radio engineering devices on which they affect. In this case, the important issue of checking the provision of electromagnetic compatibility of radio-electronic means is to determine the magnitude of the permissible power at which provides electromagnetic compatibility. The purpose of this article is to consider, from the general positions, the main tasks of the analysis and evaluation of the electromagnetic compatibility of radio-electronic means","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"214 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114847528","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IMPLEMENTATION OF GROUP DETERMINATION OF FUNCTIONAL PROFILE OF SECURITY AND LEVEL OF GUARANTEES OF INFORMATION AND TELECOMMUNICATION SYSTEM AGAINST UNAUTHORIZED ACCESS","authors":"S. Buchyk, O. Yudin, R. Netrebko","doi":"10.17721/ists.2019.1.11-18","DOIUrl":"https://doi.org/10.17721/ists.2019.1.11-18","url":null,"abstract":"The article proposes, shows and analyzes the main stages of implementing software for group assessment of a functional profile and determining or agreeing the level of guarantees for the correct implementation of functional security services in information security tools of information of telecommunication systems from unauthorized access in Ukraine based on theoretical studies previously conducted. The necessary regulatory documents on technical protection of information governing the procedure of evaluating and determining the level of guarantees of automated systems against unauthorized access in Ukraine are covered. The program was designed using the Data Flow Diagram, namely, a contextual diagram of the group definition process and a decomposed diagram of the process of group determination of the functional security profiles and the level of guarantees. More detailed flowcharts of software and algorithms are constructed. A prototype of the software is implemented; examples of work on each of the main blocks of work that were previously designed in the diagrams and flowcharts of the algorithms are given. Certain advantages and disadvantages of the developed software for group determination of the functional security profile and the level of guarantees are defined. The developed program allows to carry out group estimation and to compare the results sent to the server. This approach reduces the time spent by the security administrator to determine the security profiles and security levels of the information being processed against unauthorized access and to detect whether a specified functional profile coincides with a standard one (provided this match the user is provided with information about that standard functional profile) or determine another level of warranty. By conducting a group examination, the reliability of the obtained results increases","PeriodicalId":426827,"journal":{"name":"Information systems and technologies security","volume":"164 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122628700","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}