ANALYSIS OF THE RESULTS OF SIMULATIVE MODELLING OF THE INFORMATION SECURITY SYSTEM IN THE CORPORATE NETWORKS OF HIGHER EDUCATION INSTITUTIONS

Abstract

The analysis shows that the insufficient level of information security in service networks is the main cause of huge losses for enterprises. Despite the appearance of a number of works to solve this problem, there is currently no unified system for assessing information security. This shows that this problem has not yet been sufficiently studied and relevant. This work is one of the steps towards creating a system for assessing information security in service networks. The purpose of the work is to develop an algorithm and simulation model, analyze the results of the simulation model to determine the main characteristics of the information security system (ISS), providing the ability to completely close all possible channels of threats by controlling all unauthorized access (UA) requests through the protection mechanism (PM). To solve the problem, a simulation method was applied using the principles of queuing systems (QS). This method makes it possible to obtain the main characteristics of the ISS from the UA with an unlimited amount of buffer memory (BM). Models, an algorithm and a methodology for the development of ISS from UA are proposed, which is considered as a single-phase multi-channel QS with an unlimited volume of BM. The process of obtaining simulation results was implemented in the GPSS World modeling system and comparative analyzes of the main characteristics of the ISS were carried out for various laws of distribution of output parameters. At the same time, UA requests were the simplest flows, and the service time was subject to exponential, constant and Erlang distribution laws. Conducted experiments based on the proposed models and algorithm for analyzing the characteristics of the ISS from the UA as a single-phase multi-channel QS with unlimited waiting time for requests in the queue confirmed the expected results. The results obtained can be used to build new or modify existing ISS in corporate networks for servicing objects for various purposes. This work is one of the approaches to generalizing the problems under consideration for systems with an unlimited volume of BM. Prospects for further research include research and development of the principles of hardware and software implementation of ISS in service networks.