International Journal of Open Information Technologies

In the paper the methods of estimation of security of the distributed information systems in the conditions of assumptions of security with usage of language of diagrams of information security are developed. The principle of prevention of damage which can be caused to the distributed information system at realization of various threats is the cornerstone of any assessment of security. Prevention of realization of threats is based on the analysis of vulnerabilities and accounting of a possibility of usage of these vulnerabilities.

Diagram of information security of the whole distributed information system is based on elementary diagrams of information security. It is shown how it is possible to estimate an information security of the whole system described by the global diagram of information security on the basis of elementary diagrams of information security. The set of security assumptions is constructed on the basis of ways to vulnerabilities of the distributed information systems. Thus, in the conditions of security assumptions the security of all distributed information system is proved.

In this paper the compromise between the value of information and the assumptions of malicious opportunities is considered. The value of information is estimated on the basis of classification and size of damage in case of leak or violation of integrity of information.

At such approach the economic factor of ensuring information security begins to play an essential role. Namely, it is expedient to create the least expensive systems of information security which guarantee security in the conditions of the set of security assumptions. The approach considered in the paper is defined by the requirement of mass digitalization which will be required for development of small and medium business in the conditions of digital economy.

A. A. Grusho, M. I. Zabezhailo, A. A. Zatsarinny, “Information flow monitoring and control in cloud computing environment,” Informatics and Applications, vol. 9, no. 4, pp. 91–97, 2015.

A. A. Grusho, E. E. Timonina, S. Y. Shorgin, “Modelling for ensuring information security of the distributed information systems,” in Proc. of 31th European Conference on Modelling and Simulation,” 2017, pp. 656–660.

A. A. Grusho, N. A. Grusho, E. E. Timonina, “Security evaluation in secure architecture of distributed information systems,” Systems and means of informatics, vol. 26, no. 4, pp. 31–37, 2016.

A. Woody, Enterprise Security: A Data-Centric Approach to Securing the Enterprise. Birmingham, UK: Packt Publishing, 2013.

ISO/IEC 15408-1:2009. Information technology – Security techniques – Evaluation criteria for IT security – Part 1: Introduction and general model, 2009. Available: http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html.

ISO/IEC 15408-2:2008. Information technology – Security techniques – Evaluation criteria for IT security – Part 2: Security functional components, 2008. Available: http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html.

ISO/IEC 15408-3:2008. Information technology – Security techniques – Evaluation criteria for IT security – Part 3: Security assurance components, 2008. Available: http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html.

A. A. Grusho, N. A. Grusho, E. E. Timonina, “Information Security Architecture Synthesis in Distributed Information Computation Systems,” Automatic Control and Computer Sciences, vol. 51, no. 8, pp. 799–804, 2017.

A. Grusho, N. Grusho, M. Levykin, E. Timonina, “Analysis of information security of distributed information systems,” in Proc. of 9th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT 2017), 2017, pp. 96–100.

A. A. Grusho, Ed. A. Primenko, E. E. Timonina, Theoretical bases of computer security. Moscow: Publishing Center "Academy", 2009.

A. Grusho, N. Grusho, S. Shorgin and E. Timonina, “Possibilities of Secure Architecture Creation for Dynamically Changing Information Systems,” Systems and means of informatics, vol. 25, no. 3, pp. 78–93, 2015.

A. A. Grusho, N. A. Grusho, M. V. Levykin, E. E. Timonina, “ Secure architecture of distributed information systems on the basis of integrated virtualization,” Problems of information security. Computer systems, № 4, С. 32–35, 2016.

N. A. Grusho, V. V. Senchilo, “Modeling of secure architecture of distributed information systems on the basis of integrated virtualization,” Systems and means of informatics, vol. 28, no. 1, pp. 110–122, 2018.

A. A. Grusho, D. V. Smirnov, “Protection of business logic against zero day attacks,” Systems and means of informatics, vol. 26, no. 3, pp. 61–73, 2016.