METHOD FOR FORMING THE FUNCTIONAL SECURITY PROFILES OF SECTORAL INFORMATION AND TELECOMMUNICATION SYSTEMS
Open Access
- 25 March 2021
- journal article
- Published by Borys Grinchenko Kyiv University in Cybersecurity: Education, Science, Technique
- Vol. 11 (3), 166-182
- https://doi.org/10.28925/2663-4023.2021.11.166182
Abstract
Global trends to increase and improve the quality of cyber attacks have led to the actualization of the protection of information and telecommunications systems (ITS), in particular, sectoral, which are critical for the functioning of society, socio-economic development and ensuring the information component of national security. Taking into account the needs of national security and the need to introduce a systematic approach to solving problems of critical infrastructure protection, at the national level, the creation of protection systems for such infrastructure is one of the priorities in reforming the defense and security sector of Ukraine. Thus, there is a need to develop methods and models for classifying ITS as critical infrastructure to ensure the national security of Ukraine. The paper proposes a structural-functional method for determining the functional security profile of the subsystem of the sectoral ITS, which allows to determine the basic functional security profile of the sectoral ITS by determining the sectoral requirements for confidentiality, integrity, accessibility and observability and more fully formulate criteria for assessing the security of information circulating in critical ITS. The study was followed by an experimental study on the example of ITS of the National System of Confidential Communication, which tested the adequacy of the method's response to changes in input data.Keywords
This publication has 3 references indexed in Scilit:
- Information technology. Security techniques. Refining software vulnerability analysis under ISO/IEC 15408 and ISO/IEC 18045Published by BSI British Standards ,2013
- Problems of ensuring information security of ukraine critical information infrastructure systemsCollection "Information technology and security", 2013
- Guide for assessing the security controls in federal information systems and organizations :Published by National Institute of Standards and Technology (NIST) ,2010