Подходы к оценке защищённости информационных систем с криптографическим преобразованием объектов

Abstract

The file system is one of the components of an information system, especially vulnerable to attacks by intruders. Consequently, it is impossible to increase the security level of an information system without ensuring a sufficient level of protection for file system objects, attacks on which affect, among other things, the interests of users of information systems. In order to make decisions on the use of certain mechanisms for protecting file system objects, a regular assessment of their current level of security is necessary. The purpose of the study. Building a model for assessing the security of an information system with cryptographic transformation of file system objects in the context of an attacker using a wide range of attacks on the file system. Materials and methods. The analysis of scientific publications on the problem of assessing the security of information systems allowed us to propose a methodology for assessing the security of information system assets. The methodology is based on a combination of a probabilistic approach to the analysis of possible scenarios for the implementation of threats in information systems for file system objects, expert assessments of basic attack events and representations in the form of attack trees. The threat implementation representation in the form of attack trees is used to simulate the actions of an attacker. Results. A structural model of an information system with cryptographic transformation of objects has been developed. Its valuable assets have been allocated. The list of the main threats to information security relevant for such systems is defined. Possible variants of the ways of implementing attacks and possible scenarios of the development of events in the processes of transferring file system objects with cryptographic transformation are modeled. A set of measures for the protection of information system objects with cryptographic transformation of objects is proposed. The calculation of the probabilities of attacks on an asset along the path determined by the attack tree, the possibility of implementing an attack, the degree of effectiveness of the proposed countermeasures is proposed. Conclusion. The presented methodology for assessing the security of an information system with cryptographic transformation of objects makes it possible to use well-known approaches in a comprehensive manner, and will be useful to developers and researchers in practical and scientific activities to ensure information security.