Abstract
The article is devoted to the solution of the actual scientific and practical task – to develop a mathematical model for assessing the risk of unauthorized access to information by users of the information and telecommunication system. Interpretations of such concepts are given: unauthorized access to information, risk and risk assessment used in the course of internal threat research. The characteristics of the user of the information and telecommunication system that affect the value of the probability of unauthorized access to information are determined. It is shown that taking into account the theoretical and practical knowledge of the user of the information and telecommunication system about the characteristics of the physical environment, the computing system, the processed information, which he can use to deliberately violate the rules of demarcation in order to gain unauthorized access to information, will provide a more accurate assessment of this risk. A verification of the adequacy of the developed mathematical model of risk assessment of unauthorized access to information by users of information and telecommunication system with the help of special software is carried out. It is established that the users who have the most experience and experience with information and telecommunication systems (not only in the institution under consideration), the highest level of access to information with restricted access of the institution (organization), occupy responsible positions and are undisciplined are the most likely internal threat of unauthorized access to information. It is the use of a mathematical model for assessing the risk of unauthorized access to information by users of the information and telecommunication system that will improve the comprehensive information protection system of the corresponding information and telecommunication system.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: Проблеми створення, випробування, застосування та експлуатації складних інформаційних систем
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.