期刊名称:Eastern-European Journal of Enterprise Technologies
印刷版ISSN:1729-3774
电子版ISSN:1729-4061
出版年度:2017
卷号:2
期号:9
页码:53-61
DOI:10.15587/1729-4061.2017.96662
语种:English
出版社:PC Technology Center
摘要:We proposed an architecture for a protection control system of the object of informatization (OBI) with the subsystem of intelligent support for making decisions on the operational management of cyberprotection. The proposed architecture, in particular, can be used under conditions of the incompleteness of knowledge about the state of OBI protection. We developed a model for the operational management of cyberprotection at OBI and formed a rational complex of protection means. The model is based on the morphological approach. The model allows, taking into account morphological matrices for each of the five proposed perimeters prepared by the intelligent decision-making support system (IDMSS), generation of variants of sets that consider the compatibility of software and hardware tools of information protection. It is proposed to make the choice on the optimal variant of a set for the perimeter using an objective function that maximizes the ratio of the summary indicator "protection of information" to the summary indicator "expenditures". The software is realized and tested under real conditions of IDMSS in the contours for the organizational-technical and operational management of the OBI protection. An improved architecture of IPCS is different from the existing solutions in the possibility of simultaneous optimization of sets of software and hardware tools for the examined perimeters of OBI, for both centralized and decentralized variants for processing the information. In this case, an analysis of the level of protection of OBI is performed in real time. It is proven that the use of the developed IDMSS makes it posible to significantly reduce the planned spending on an information protection system, as well as reduce the time it takes to inform decision-makers about information security incidents.
关键词:information security;management of information protection;morphological approach;decision support system
