Egyptian Informatics Journal (Sep 2022)
Model of the information security protection subsystem operation and method of optimization of its composition
Abstract
Increasing threats to the confidentiality and integrity of information require careful consideration of the problem of its protection. This is confirmed by the constantly spreading information about successful hacker attacks. Thus, the problem of securing information that has financial, competitive, military or political value is extremely relevant. However, increasing confidentiality should not forget about its antipode – availability. An effective information security protection subsystem must ensure a rational balance between the values of these dependability attributes. Analytically, this concept of balance can be embodied in the task of optimizing the values of the characteristic parameters of such a subsystem. At the same time, the concept of efficiency should be extended to such a mathematical apparatus. Its complexity should ensure the adequacy of the description of the information protection process but not be excessive to ensure that it can be applied. Based on these initial provisions, the article presents a method of operational optimization of the composition of the information security protection subsystem, taking into account the aggressiveness of cyberspace in which the target information system is operated. The method is formalized in the paradigm of Markov chains with the approach to the formulation of the classical optimization task, which is classified as nonlinear discrete. Considering the lack of a universal method for solving such mathematical programming tasks, the article adopts the method of sequential variants analysis for such purposes. The results of the experiments proved the adequacy and functionality of the proposed method.
