We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
ПОБУДОВА НЕЧІТКОЇ ОНТОЛОГІЇ ДЛЯ АНАЛІЗУ СИСТЕМИ ЗАХИСТУ ІНФОРМАЦІЇ В ІТС
- Authors
Козленко, Олег
- Abstract
The article proposes a variant of the fuzzy ontology for the analysis of information security systems, which is based on the most common variants of information leaks scenarios and on the peculiarities of information security culture. Results of the implementation of the threat can affect the information both directly and indirectly. The analysis of information security systems is based on many factors (attack scenarios, etc.), which may include not only technical ways. Typically, threat information in the information system depends on the characteristics of the internal system, physical environment, personnel and information processed. Threats can have an objective component (changes in the physical environment, failure of elements of the interaction) and subjective - "human factor", which is not always associated with a deficiency or imperfection of security measures, but always associated with noncompliance with security policy requirements. Common mistakes and misunderstandings in identifying security incidents and how to respond to them is also important. Therefore, for the basic protection of the system, it is necessary to identify many factors and the structure, which will identify factors, scenarios and the relationship between the security elements for future use, will greatly simplify the understanding and construction of the information security system. It is these features that are inherent in ontological analysis, which is based on the concept of "ontology". But classical definition ontologies can not be used in areas where there is fuzzy information. One solution to this problem is to use a fuzzy ontology that contains elements of fuzzy logic in sets of concepts and relationships. This ontology can be used for information leaks scenarios, taking into account the culture of information security, and to further determine the overall formal assessment of the organization's security.
- Subjects
INVESTMENT analysis; ONTOLOGIES (Information retrieval); INFORMATION technology security; SECURITY systems; INFORMATION processing; FUZZY logic
- Publication
Ukrainian Scientific Journal of Information Security, 2018, Vol 24, Issue 3, p156
- ISSN
2225-5036
- Publication type
Article
- DOI
10.18372/2225-5036.24.12973