Algorithmization for calculating the security assessment of AIS operating systems of internal affairs bodies, developed on the basis of an analysis of security requirements GOST R ISO/IEC 15408 and possible threats

Abstract

Read online

Objective. The article provides a generalized algorithmization of the processes necessary for developing software for assessing the security of operating systems of automated information systems of internal affairs bodies of the Russian Federation.Method. The research was carried out based on the method of analyzing possible threats to the security of operating systems, as well as the requirements of the GOST R ISO/IEC 15408 standard.Result. The result of the automated system for calculating the security indicator of the analyzed OS is one of the specified criteria for indicators of the degree of security of the OS. By comparing the obtained indicator, the corresponding result is output.Conclusion. The authors provide a generalized algorithmization of the processes necessary for developing software for assessing the security of the AIS OS of the Russian Federation ATS.

Keywords

• security assessment
• functional security requirements
• data bank of information security threats
• security policy
• security indicators
• operating system
• automated calculation system
• software