Formalized model for assessing the security of an enterprise information system

Бесплатный доступ

The article describes the main methods for assessing the security of an enterprise information system (IS), namely: a method for assessing the security of an enterprise IP from unauthorized access (UNA) based on expert information, an expert assessment method, a graph method, a fault tree method, a method based on a complex mechanism model protection. A comparative analysis of the methods for assessing IS security from a functional point of view is given. Based on the analysis, the most effective methods for assessing the security of an enterprise’s IS have been identified: a method for assessing the security of an enterprise’s IS from unauthorized access based on expert information, and a method of expert assessment. A mathematical model has been developed, which includes a method for assessing the security of an enterprise IS from unauthorized access based on expert information, a method of expert assessments. This mathematical model is the basis for the formation of the software package “Assessment of the security of the enterprise information system”.

Еще

Information system, information security, security assessment, security assessment methods, security assessment criteria

Короткий адрес: https://sciup.org/148309043

IDR: 148309043   |   DOI: 10.25586/RNU.V9187.19.03.P.092

Статья научная