Метод побудови динамічної моделі логічного об’єкта інформаційної системи та визначення закону його функціонування

Abstract

The subject of the research in this article is the methods for detecting intrusions into the information systems of organizations to justify the requirements for the functioning of the monitoring agent of the selected logical object. The aim is to develop a method for building a dynamic model of the logical object of the information system and determine the law of its operation. Tasks: to substantiate the need to create security monitoring agents for logical objects of information systems; identify the main functions of security monitoring agents for logical objects; to propose a method for building a dynamic model of the functioning of a logical object and determining the law of its functioning. The methods used are abstraction, system approach, and methods of mathematical modeling using the provisions of the theory of finite automata. The following results were obtained. A method for constructing a dynamic model of a logical object of an information system is proposed. The dynamic model of the operation of the selected logical object reflects the allowable processes in the space of states that occur during the implementation of functions following the specifications defined by the protocol. This dynamic model is represented by a system of algebraic equations in the space of states, which are formed because of the formalization of the processes of realization of certain functions. The solution of a system of algebraic equations in the space of states as a dynamic model of a logical object is a regular expression for a set of admissible processes. This regular expression defines the set of possible trajectories in the space of states, which is the law of operation of this logical object. Conclusions. The proposed method for building a dynamic model of the logical object in contrast to the existing one is based on the formalization of the processes of implementing of partial functions of the protocol, which allows determining the law of the selected logical object, to ensure the adequacy and accuracy of the model. The law of functioning is the basis for the substantiation of initial data for a statement of problems of identification and diagnosing of a condition of the safety of logical objects of an information system. The solution to these problems is needed to substantiate the requirements for the functioning of the agent to monitor the state of the selected logical object and respond to its changes.vulnerabilities of information systems; the logical object of the information system; information system security status; dynamic model of a logical object; the law of functioning of a logical object