International Journal of Advanced Studies (May 2018)

MODELING OF TECHNICAL CHANNELS OF INFORMATION LEAKAGE AT DISTRIBUTED CONTROL OBJECTS

  • Aleksander Vladimirovich Karpov,
  • Oleg Mikhailovich Lepeshkin

DOI
https://doi.org/10.12731/2227-930X-2018-1-69-83
Journal volume & issue
Vol. 8, no. 1
pp. 69 – 83

Abstract

Read online

The significant increase in requirements for distributed control objects’ functioning can’t be realized only at the expense of the widening and strengthening of security control measures. The first step in ensuring the information security at such objects is the analysis of the conditions of their functioning and modeling of technical channels of information leakage. The development of models of such channels is essentially the only method of complete study of their opportunities and it is pointed toward receiving quantitative assessments of the safe operation of compound objects. The evaluation data are necessary to make a decision on the degree of the information security from a leak according to the current criterion. The existing models are developed for the standard concentrated objects and allow to evaluate the level of information security from a leak on each of channels separately, what involves the significant increase in the required protective resource and time of assessment of information security on an object in general. The article deals with a logical-and-probabilistic method of a security assessment of structurally-compound objects. The model of a security leak on the distributed control objects is cited as an example. It is recommended to use a software package of an automated structurally-logistical modeling of compound systems, which allows to evaluate risk of information leakage in the loudspeaker. A possibility of information leakage by technical channels is evaluated and such differential characteristics of the safe operation of the distributed control objects as positive and negative contributions of the initiating events and conditions, which cause a leak are calculated. Purpose. The aim is a quantitative assessment of data risk, which is necessary for justifying the rational composition of organizational and technical protection measures, as well as a variant of the structure of the information security system from a leak over the technical channels. Methodology: a logical-and-probabilistic method of a structurally-logistical modeling is used in the article. Results: the most informative parameters, which allow to evaluate quantitatively data risk are received. Practical implications: the results are useful to assess the operational safety of structurally-compound objects, including the distributed control objects and also to distribute rationally the protection force and means from technical channels of information leakage.

Keywords