Открытое образование (Москва) (Nov 2016)
The implementation of the situational control concept of information security in automated training systems
Abstract
The main approaches to ensuring security of information in the automated training systems are considered, need of application of situational management of security of information for the automated training systems is proved, the mathematical model and a problem definition of situational control is offered, the technique of situational control of security of information is developed.The purpose of the study. The aim of the study is to base the application of situational control of information security by subsystem of the control and protection of information in automated learning systems and to develop implementation methods of the situational control concept.Materials and methods. It is assumed that the automated learning system is a fragment of a larger information system that contains several information paths, each of them treats different information in the protection degree from information, containing constituting state secrets, to open access information.It is considered that the technical methods, measures and means of information protection in automated learning systems implement less than half (30%) functions of subsystems of control and protection information. The main part of the functions of this subsystem are organizational measures to protect information. It is obvious that the task of ensuring the security of information in automated learning systems associated with the adoption of decisions on rational selection and proper combination of technical methods and institutional arrangements. Conditions of practical application of automated learning systems change over time and transform the situation of such a decision, and this leads to the use of situational control methods.When situational control is implementing, task of the protection of information in automated learning system is solved by the subsystem control and protection of information by distributing the processes ensuring the security of information and resources of subsystem elements of the automated learning system to meet changing conditions of operation.When the event, associated with the emergence of threats to the information security related to one of the elements of a situation to a variety of destabilizing factors is checked in the system, the formation of the base of alternative control actions sets of situational management is formed, then the sets of the admissible solutions of the situational control options are formed.The best solution provides an extremum of the objective function of situational control of information security.Results. The main approaches to ensuring the information security in automated learning systems are considered, the necessity of the use of situational control of security in automated learning systems is based, mathematical model and problem statement of situational control are offered, the method of situational control of information protection is developed.Conclusion. Developed method of situational control of information security in automated learning systems, involves the participation of the operator in the development and decision-making (dialogue procedures statement of objectives situational control, the formation of the base of alternative sets of control actions, etc.).Another important feature of this technique is the necessity of using previously developed models (models of decision-making situation, a model of coordination and planning of operation of a subsystem of the control and protection of information, models of information processing about the status of the subsystem analysis models and evaluation of results) and the database obtained on the basis of operating experience of information protection systems in the automated learning systems.The implementation of the concept of situational control of information security ensures the timely adaptation of the algorithms and parameters of the information security system to changes in the external environment and the nature of tasks within the education systems and on this basis allows to improve the characteristics of the information protection system in the automated learning systems.
Keywords
