ПОДХОД К ОЦЕНКЕ ЭФФЕКТИВНОСТИ СИСТЕМЫ ОБЕСПЕЧЕНИЯ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ РАСПРЕДЕЛЕННОЙ СИСТЕМЫ ПЕРЕДАЧИ ДАННЫХ

Abstract

The purpose of the paper is to identify possible approaches to assessing the effectiveness of the information security system (EISS) for a distributed data transmission system (DDTS) related to a significant object of critical information infrastructure. When developing the EISS, it is necessary to identify possible external and internal sources of threats to information security already at the design stage of the DDTS architecture as well as to develop a model of the violator and a model of information security threats (IS). One of the main problems in the creation of EISS DDTS is the lack and/or insufficient training in the field of information security; a large financial burden on the creation and modernization of hardware and software, etc. The DDTS model (a block diagram of the DDTS and the layout of the components of the DDTS on special computing equipment) is proposed for the EISS DDTS under study. The paper proposes an approach to assessing the effectiveness of the EISS DDTS based on the use of the method of expert assessments for the selected model, which is necessary to achieve the required level of safety. The aspects of assessing the effectiveness of the EISS DDTS are considered using the example of the organization of technical measures to ensure the IB DDTS. This assessment of the effectiveness of the EISS DDTS allows you to identify weaknesses and help you quickly take measures to eliminate them, which in the event of computer attacks or incidents can significantly reduce the risks. The proposed approach can be integrated into existing practices for assessing the effectiveness of information security.