Assessment of the actual security of the information system by studying the equivalence of the applied technologies

Abstract

This research is devoted to one of the urgent problems in the field of security provision, implemented in various areas of human activity related to information systems. It is associated with a typical situation of discrepancy between the costs of improving security methods and the level of security achieved in this case. It is shown that one of the most promising methodological approaches aimed at finding a solution to this problem is related to the study of the prospects for adapting existing solutions with integration into the computing environment that implement the new technology. In accordance with this concept, the equivalent transition between information technologies should be implemented while maintaining the level of overall information security. The main research goal was determined – it concerns the development of an analytical model for controlling the equivalence of information technologies in information security systems. The current state in the field of information security was analyzed. It was revealed that the tools and mechanisms existing today and presented on the relevant market that prevent risks and threats to the functioning of information systems associated with data theft and distortion are “narrow”, that is, adapted to solving local problems facing attackers.