ANALYSIS OF STATIC MODELS OF UNAUTHORIZED ACCESS TO INFORMATION NETWORKS STATE

Ivan Opirskyy

Abstract


Presented and developed a systematic process modeling circuit problems unauthorized access to information and protect it. Analysis and research of static models of unauthorized access to INS (model Bel-Lapaduli, model Adept-50, generalized model, model Biba, Clark-Wilson model, model with complete overlay, model violations of physical integrity, etc.) and presents them on the advantages and disadvantages .

The analysis showed that deficiencies models with full crossing is a violation of the adequacy of the model in the absence of at least one of the means for covering of potential information leakage and its abstraction in the formation of the concept of "security" that leads to simplify the model and reducing its adequacy of those processes, that actually occur in the system.

The downside Clark-Wilson model its lack of formalization, stemming from the need to comply with all nine simultaneous safety regulations, which sometimes contradict each other.

Disadvantages Biba models include the possibility of two-way flow of information for remote reading in distributed systems. Problems in the application of models of physical integrity violations occur when forming a plurality of values of probability values, because the occurrence of such events should be simultaneous display of relevant information on destructive actions and its violation as a result of such action.

Keywords


unauthorized access; information networks; static model protection; security model; Biba model; Bel-Lapaduli model; Clark-Wilson model; access control

References


Brayilovskyy, M. M. (2006). Kilkisno-yakisna otsinka rivnya informatsiynoi bezpeky / Brayilovskyy M. M., Habovych A. H., Horobets A. Yu. // Visnyk SNU im.V.Dalya, #9 (103), 4.1, s. 14-17.

Brayilovskyy, M. M. (2007). Tekhnichnyj zakhyst informatsiyi na objektakh informatsiynoyi diyalnosti / Brayilovskyy M.M., Holovan S.M., Domaryev V.V.–K.: Vyd. DUIKT, 178 s.

Brumnik, R., Klebanova, T., Guryanova, L., Kavun, S., & Trydid, O. (2014). Simulation of Territorial Development Based on Fiscal Policy Tools, Mathematical Problems in Engineering, vol. 2014, Article ID 843976, 14 pages, 2014. doi:10.1155/2014/843976.

Canadian Trusted Computer Product Evaluation Criteria, Version 3.0. –Canadian System Security Center, Communications Security Establishment? Government of Canada, 1993.

Cirlov, V. L. (2008). Osnovy informacionnoj bezopastnosti avtomatizirovannyh sistem / Cirlov V. L. –Moskva: Feniks, 173 s.

Department of Defense Trusted Computer System Evaluation Criteria, DOD5200.28-STD, 1983.

Devjanin, P. N. (2000). Teoreticheskie osnovy kompjuternoj bezopastnosti / Devjanin P.N., Mahalskij O.O., Pravikov D.І., Shherbakov A.Ju.– Moskva: Radio i svjaz, 193 s.

Devjanin, P. N. (2005). Modeli bezopastnosti kompjuternyh sistem / Devjanin V.D. – Moskva: Izd. centr «Akademija», 144 s.

Domariev, V. V. (2004). Bezpeka іnformacіjnih tehnologіj. Systemnij pіdhіd / Domarєv V.V. – Kyiv: OOO «TІD» DS», 442 s.

Gabovich, A. G. (2006). Metodika ocіnki rіvnja bezpeki іnformacії / Gabovich A.G., Gorobec A.Ju., Horoshko V.O. // Vіsnik NU «LP», №55, s. 46-53.

Grigorieva, T. V. (2008). Metod kolichestvennoj ocenki zashhishhjonnosti informacii v kompjuternoj sisteme / Grigor'eva T.V., Ivanov S.N., Panfilov A.P. // Informacionnoe protivodejstvie ugrozam terrorizma. – Moskva: FGPU NTC, Vyp. 11, s. 153-162.

Grishhuk, R. V. (2010). Teoretichnі osnovy modeljuvannja procesіv napadu na іnformacіju metodami teorії diferencіalnih іgor ta diferencіalnyh peretvoren / Grishhuk R.V. – Zhitomir: Ruta, 280 s.

Information technology security evaluation criteria. Harmonized criteria of France-Germany – the Netherlands-the United Kingdom – Department of Trade and Industry, London, 1991.

ISO 15408 The Common Criteria for Information Technology Security Evaluation. – 2005.

Kavun, S., Mykhalchuk, I., Kalashnykova, N., & Zyma, A. (2012). A Method of Internet-Analysis by the Tools of Graph Theory. En: Watada, J., Phillips-Wren, G., Jain, L.C., and Howlett, R.J. (Eds.), Advances in Intelligent Decision Technologies, SpringerVerlag Series “Smart Innovation, Systems and Technologies”, Vol. 15, Part 1, Heidelber, Germany, pp. 35-44, DOI: 10.1007/978-3- 642-29977-3_4.

Kavun, S. V. (2006). Matematychne modeljuvannia procesіv pobudovy parametrіv elіptichnih kryvyh dlja kryptografіchnih peretvoren / І. D. Gorbenko, O. E. Іljasova // Radіoelektronnі і kompjuternі systemi, № 5, s. 103–107.

Kozlov, V. S. (2003). Kolichestvennaja ocenka zashhishhjonnosti informacii / Kozlov V.S., Horoshko V.O. // Zahist іnformacіi, №4, s. 67-73.

Melnikov, V. V. (2003). Bezopastnost informacii v avtomatizirovannyh systemah / Melnikov V. V. – Moskva: Finansy i statistiki, 368 s.

Petrenko, S. A. (2006). Politiki informacionnoj bezopastnosti / Petrenko S. A., Kurbatov V.A. – Moskva: Kompanija Aj Ti, 400 s.

Vorobiov, A. A. (2007). Otsenyvanye zashchyshchionnosti avtomatyzirovannykh sistem na osnove metodov teorii igr / Vorobiov A.A., Kulikov H.V., Nekomnyashchykh A.V. // – Informatsyonnye tekhnolohii. – Moskva: Novye tekhnolohii, 24 s.

Zgurovskij, M. Z. (2007). Osnovi sistemnogo analіzu / Zgurovskij M.Z., Pankratova N.D. – Kyiv: BHV, 544 s.


Refbacks

  • There are currently no refbacks.


Copyright (c) 2016 Ivan Opirskyy

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

ISSN (Print) : 2449-7320

ISSN (Online) : 2449-8726