Decision making support for formation of complex security information programs. The distribution of resources

Authors: Serhii Zybin
Affiliation: State University of Telecommunications, Kiev, Ukraine

Category:

Keywords: decision making, decision support system, DSS, evaluation, judgement, protection system, security program, simulating
ABSTRACT. This article, written for analysis of a support decision-making approach. This approach can be used for the formation of complex information security programs, taking into account the threats and risks. This approach is based on the introduction of models and risks in the hierarchy of objective tasks and the goal evaluation of the tasks. Under the threat, we understand a condition of the environment, impacts the efficiency of the task. Complex goal-oriented program is executed in this environment. Risk is defined as a result of a random event that is caused by the influence of external relative factors. The event is a situation arises that affects the execution program. Threat models and risks have been proposed. The risk model is a risk factor, which is a random process and has a special goal. The threat is simulated by a special program, which is entered in the hierarchy of goals. The stages of decision support technology taking into account threats and risks are developed and presented. These stages are based on the method of goal-oriented dynamic estimation for the complex program to ensure information security. The problem of programs (tasks) relative effectiveness that set by a multitude of threats and risks is solved. The task of using counteraction means to threats and risks is solved. This article is the continuation of the articles [1, 2] and is devoted to the distribution of resources.

References:

Zybin S. The one method to decision making support for formation of complex security information programs. // Сучасний захист інформації: наук.-техн. журн. / Держ. ун-т телекомунікацій. – Київ: Вид-во ДУТ, 2016, № 4, С. 73 – 79.
Zybin S. The efficiency estimate method for formation of complex security information programs. // Сучасний захист інформації: наук.-техн. журн. / Держ. ун-т телекомунікацій. – Київ: Вид-во ДУТ, 2017, № 2(30), С. 49 – 56
Тоценко В.Г. Методы и системы поддержки принятия решений. Алгоритмический аспект. / Тоценко В.Г. – К: Наукова думка, 2002. – 382 с.
Орловский С.А. Проблемы принятия решений при нечёткой исходной информации. / Орловский В.Г. – М: Наука, 1981. – 208 с.
Згуровский М.З. Информационный подход к анализу и управлению проектными рисками. / Згуровский М.З., Коваленко Н.И., Кондрак К., Кондрак Э. // Проблемы управления и информатики. – № 4, 200, с. 148-156
Грачёва М.В. Анализ проектных рисков. / Грачёва М.В. Учебное пособие для вузов. – М.: ЗАО “Финстатинформ”, 1999, – 216 с
L. Keeney and H. Raiffa. Decisions with multiple objectives: Preferences and value tradeoffs. J. Wiley, New York, 1976
НД ТЗІ 2.5-004-99 “Критерії оцінки захищеності інформації в комп’ютерних системах від несанкціонованого доступу”.
Руа Б. Проблемы и методы принятия решений в задачах со многими целевыми функциями // Вопросы анализа и процедуры принятия решений. М.: Мир, 1976. – С. 20 – 58.
Saaty, L. (2008) “Decision making with the analytic hierarchy process”, Int. J. Services. Sciences, Vol. 1, No. 1, pp.83–98.