Research Article Open Access

Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities

Islam Alexandrovich Alexandrov1, Andrey Victorovich Kirichek2, Vladimir Zhanovich Kuklin1, Alexander Nikolaevich Muranov1 and Leonid Mikhajlovich Chervyakov1
  • 1 World-Class Scientific Center “Digital Biodesign and Personalized Healthcare”, Institute of Design and Technology Informatics, Russian Academy of Sciences, Russia
  • 2 Rector's Office, Bryansk State Technical University, Russia

Abstract

The Information Protection System (IPS) is an integral part of any Information System (IS). To develop an optimal IPS model at the earliest stages of the IS lifecycle, it is necessary to develop IS resource and threat models. This study is devoted to developing a specific model of IS resources, allowing a detailed description of the relationship between resources and business processes and developing an IS threat model to describe in detail the relationships between threat implementations, various IS vulnerabilities, and the relationships between them. To solve these problems, this study used the methods of set theory, graph theory, probability theory, game theory, random processes theory, mathematical logic, and object-oriented approach. This study simulated different variants of the IPS and found that only a balanced IPS project met the Pareto demands. The projects where the emphasis is on countering only external or internal threats do not meet these demands.

Journal of Computer Science
Volume 19 No. 11, 2023, 1305-1317

DOI: https://doi.org/10.3844/jcssp.2023.1305.1317

Submitted On: 3 May 2023 Published On: 19 September 2023

How to Cite: Alexandrov, I. A., Kirichek, A. V., Kuklin, V. Z., Muranov, A. N. & Chervyakov, L. M. (2023). Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities. Journal of Computer Science, 19(11), 1305-1317. https://doi.org/10.3844/jcssp.2023.1305.1317

  • 1,630 Views
  • 894 Downloads
  • 5 Citations

Download

Keywords

  • Information Protection System
  • Information Security
  • Information System
  • Threat Implementation Model
  • Vulnerability