Article

Article title ALGORITHMIZATION OF THE FORMATION OF INDIVIDUAL SECURITY THREAT MODEL OF PERSONALLY IDENTIFIABLE INFORMATION
Authors E.N. Tishchenko, E.Yu. Shkaranda
Section SECTION III. OBJECTS OF INFORMATION SECURITY
Month, Year 12, 2013 @en
Index UDC 004.42
DOI
Abstract The article discusses approaches to algorithmization of the formation of individual security threat model of personally identifiable information of companies and businesses. The solutions for the determination of threats, vulnerabilities, and consequences of threats carried out are proposed. To do this the authors used the expertise, probabilistic methods and formalized procedures of subject area analysis. The basic blocks of the algorithm of the formation of the threat model are considered, the features of each of the blocks are described. It is shown that the proposed approaches and methods solve the problem of formalization of the goal, unify and automate the process of formation of the threat model. In this case, the proposed algorithm can be used to implement a software system of formation threat model and is designed to facilitate the work of professionals engaged in information security, and in particular the protection of personally identifiable information. Considered structure of the algorithm can be regarded as a universal pattern, which is applicable for the protection of corporate information systems of any type of business.

Download PDF

Keywords Threat model; vulnerability; personally identifiable information; information security; data protection.
References 1. Хубаев Г.Н. Экономика проектирования и применения банков данных: Текст лекций. – Ростов-на-Дону: РИСХМ, 1989. – 69 c.
2. Тищенко Е.Н., Степанов Д.П. Определение эффективности распределенных межсетевых экранов в зависимости от функциональной полноты // Экономические науки. – 2008.
– № 41. – С. 151-156.
3. Шураков В.В. Надежность программного обеспечения систем обработки данных: Учебник. – 2-е изд., перераб. и доп. – М.: Финансы и статистика, 1987. – 272 с.
4. Тищенко Е.Н., Строкачева О.А. Модель аудита информационной безопасности систем электронной коммерции // Научная мысль Кавказа. – 2006. – № 14. – C. 134-141.
5. Тищенко Е.Н., Строкачева О.А. Оценка параметров надежности защищенной платежной системы в электронной коммерции // Вестник РГЭУ (РИНХ). – 2006. – № 22. – С. 115-122.
6. Тищенко Е.Н. Инструментальные методы защищенности распределенных экономических информационных систем: дис. …д-ра. экон. наук. – Росто-на-Дону, 2003.

Comments are closed.