Determination of permissible reduction intensity of the level of security for an object of critical infrastructure by ranking of threats
The rapid introduction of information technology in all spheres of public activity creates many risks associated with different types of threats to information security. At the same time, special attention should be paid to ensuring protection from potential threats of critical infrastructure facili...
Gespeichert in:
| Datum: | 2020 |
|---|---|
| Hauptverfasser: | , |
| Format: | Artikel |
| Sprache: | Ukrainian |
| Veröffentlicht: |
Інститут проблем реєстрації інформації НАН України
2020
|
| Schlagworte: | |
| Online Zugang: | http://drsp.ipri.kiev.ua/article/view/211279 |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Назва журналу: | Data Recording, Storage & Processing |
Institution
Data Recording, Storage & Processing| Zusammenfassung: | The rapid introduction of information technology in all spheres of public activity creates many risks associated with different types of threats to information security. At the same time, special attention should be paid to ensuring protection from potential threats of critical infrastructure facilities (CI), which provide vital services to the population, society and the state. Given the importance of this issue, a study was conducted to determine the l-characteristics of threats in relation to the allowable intensity of the reduction of the level of protection of the object of CI. Since this problem has a high degree of uncertainty and is subjective, the method of ranking threats based on the theory of fuzzy relations is used to solve it. To achieve this goal, a set of threats to the CI object was identified and the criteria in violation of which the corresponding threats are expressed. In addition, the degree of influence of these threats on certain criteria is established. This information was formalized in the form of a fuzzy relation of influence, which turns into a fuzzy relation of similarity and its transitive closure. As a result, the set of threats of the CI object was divided into classes that do not intersect and contain elements similar in degree of influence. A decomposition tree is constructed, which at each a-level the number of classes and the list of threats belonging to this class at each level. In proportion to the ranks, the l-characteristics of the threats of the object of CI in relation to the allowable intensity of the reduction of its level of protection are determined. The results of this study provide an opportunity to form requirements for the protection of the CI object in the probable implementation of threats with certain characteristics, which, in turn, will contribute to the implementation of necessary mechanisms to protect the studied objects with sufficient infrastructure capacity and resources threats to quickly recover lost features. Tabl.: 3. Fig.: 1. Refs: 10 titles. |
|---|