350 rub
Journal Information-measuring and Control Systems №4 for 2016 г.
Article in number:
Risk assessment information security automated systems
Keywords: analysis information security probability risk dam-age
Authors:
M.N. Bobov - Dr.Sc. (Eng.), Professor, Head of Department, OJSC «AGAT-control systems» - Managing Company of the Holding «Geoinformation control systems», Minsk, Republic of Belarus. E-mail: bobov-mn@agat.by G.D. Harachka - Deputy Director, General Engineer, OJSC «AGAT-control systems» - Managing Company of the Holding «Geoinformation control systems», Minsk, Republic of Belarus A.A. Obukhovich - Deputy Head of Department, OJSC «AGAT-control systems» - Managing Company of the Holding «Geoin-formation control systems», Minsk, Republic of Belarus
Abstract:
The paper proposes a system for automated damage assessment carried out by identifying and deductive analysis of critical security events, each of which can be represented as a set of dangerous (causal) events caused by information security threats. Based on the hierarchical decomposition of critical security events, such as the place of origin of their component of dangerous events, and on the factors that contributes to their appearance, expressions for determining estimates of the probability of critical events at each level of the hierarchy.
Pages: 69-73
References

 

  1. STB ISO 31000-2015 Menedzhment riskov. Principy i rukovodjashhie ukazanija.
  2. GOST R ISO/IEC 31010:2011 Menedzhment riska. Metodiki ocenki riska.
  3. STB ISO/IEC 27005-2013 Informacionnye tekhnologii. Metody obespechenija bezopasnosti. Menedzhment riskov informacionnojj bezopasnosti.
  4. STB 34.101.61-2013 Informacionnye tekhnologii i bezopasnost. Obespechenie informacionnojj bezopasnosti bankov Respubliki Belarus. Metodika ocenki riskov narushenija informacionnojj bezopasnosti.
  5. STB 2335-2013 Atomnye ehlektrostancii. Bezopasnost. Metodika analiza ugroz i ocenki riskov narushenija bezopasnosti kompjuternykh sistem atomnojj ehlektrostancii.
  6. Postanovlenie Soveta Ministrov Respubliki Belarus 30.03.2012 № 293 O nekotorykh voprosakh bezopasnojj ehkspluatacii i nadezhnogo funkcionirovanija kriticheski vazhnykh obektov informatizacii.
  7. Perechen pokazatelejj urovnja ushherba nacionalnym interesam Respubliki Belarus v ehkonomicheskojj sfere v sluchae vozniknovenija ugroz razlichnogo kharaktera v otnoshenii obekta informatizacii (ego sostavljajushhikh ehlementov), utverzhden postanovleniem Ministerstva ehkonomiki Respubliki Belarus 11.09.2012 № 76.
  8. Perechen pokazatelejj urovnja ushherba nacionalnym interesam Respubliki Belarus v socialnojj i demograficheskojj sferakh v sluchae vozniknovenija ugroz razlichnogo kharaktera v otnoshenii obekta informatizacii (ego sostavljajushhikh ehlementov), utverzhden postanovleniem Ministerstva truda i socialnojj zashhity Respubliki Belarus 30.05.2012  № 70.