Methodology of information security risk analysis based on quantitative assessment of damages in information and technical systems bodies of the internal affairs

Abstract

Read online

Objective. Assessment of the consequences of the occurrence of damage cases in the information and technical systems (ITS) of the internal affairs bodies (ATS) requires the use of an analysis of the risks of damage as a result of the implementation of information security threats.Method. In order to analyze the processes occurring in the ITS, as a rule, mathematical modeling is used. For ITS, due to the high technological complexity, high costs for the acquisition, maintenance of equipment and payment of wages to employees, it is necessary to apply the procedure for analyzing the risks of ITS ITS. The security of the functioning of the ITS ITS is normative, since at the moment the method of quantitative assessment of damages is insufficiently developed. The development of this scientific application would make it possible to establish the appropriate value of the indicator of the permissible risk of the implementation of threats to information security. Analytical and mathematical modeling using the apparatus of queuing systems. Result. A technique for analyzing the risks of information security violations based on a quantitative assessment of the damages of the ITS of ATS is given. Conclusion. The direction of this study is relevant and requires further elaboration in order to improve the method for assessing the occurrence of damage in the ITS of the internal affairs bodies.

Keywords

• information and technical system of the internal affairs body
• queuing system
• probability of damage
• resource
• threat