The method of assessing the effectiveness of the security of confidential data of the distributed information system

Abstract

The paper proposes a method of assessing the effectiveness of the security of confidential data of a distributed information system, based on a model for determining the current threats to the security of confidential data in the information system, on algorithms of fuzzy inference and the theory of fuzzy neural systems, unlike known ones, it uses sufficient and necessary indicators, excludes expert errors , increases the detection of actual threats to the security of confidential information system data by 5%, reduces the cost of purchasing information protection tools from 15 to 30%. It takes into account the following factors: the IT infrastructure of the distributed information system, the capabilities of attackers and their level of motivation in the information system. The proposed approach differs from existing ones by an automated process, the need to involve highly qualified specialists in the field of information security, and low computational complexity; absence of deficiencies in expert assessments; allows you to determine the list of current information security threats in information systems of various classes and types. The task of ensuring the security of confidential data is urgent, which is due to the growth of computer attacks and leaks of information, which are reflected in the statistical data on the commission of crimes in the field of high technologies, the growth of criminal activity using modern communication devices and the Internet. The existing methods of identifying current threats to information security and assessing the effectiveness of the security of confidential data cannot be used at all stages of the life cycle of distributed information systems, they do not take into account the following indicators in the complex: IT infrastructure of distributed systems, current threats to information security, security requirements of confidential data, their cost as important indicators when solving these problems. One of the most important tasks of ensuring the security of confidential data is the evaluation of the effectiveness of the protection system. In this regard, the goal of the research is to improve the quality of the assessment of the effectiveness of the security of confidential data of a distributed information system by determining sufficient and necessary indicators using modern information technologies, which allow the most effective solution of the following tasks: determining the parameters of the adaptive production fuzzy neural systems, which most suitable for solving the tasks, the application of Data Science technologies in data processing, algorithms of fuzzy output.