CONCEPTUAL APPROACH TO ENSURING INFORMATION SECURITY OF A SYSTEM OF DISTRIBUTED SITUATIONAL CENTERS

Abstract

Goal. The problem of ensuring information security for a system of the distributed situational centers gains the special importance owing to sharp increase in a set of security threats influencing them and increase in the importance of consequences from realization of these threats. Development of conceptual bases of creation of the protection system for a system of the distributed situational centers is fundamental stage in solving this problem. Materials and methods. The paper proposes a conceptual approach to ensuring information security of a system of the distributed situational centers based on classification and modeling of security threats, assessment of consequences of their realization and use of intelligent means of protection. When developing the general architecture of a system of information security, the methods of allocation of levels and components, peculiar the concept of SIEM-system, are used. Results. The conceptual model of information security threats and the architecture of an intelligent system of information security focused on it for a system of the distributed situational centers are developed. In the information security system, traditional protection means form the lower level of data collection, and intelligent protection means are located at the levels of storage, the analysis and management of security events. Conclusion. The offered approach allows us to increase the level of information security of a system of the distributed situational centers due to investment of its protection system with more effective, flexible and versatile opportunities given by intelligent protection means. More detailed illumination of questions of creating and functioning of intelligent information security systems demands the further additional research.