The method of multi-criteria selection of the optimal variant of the information protection system for the information and communication system of the enterprise

Abstract

The development of any complex technical system is usually associated with solving an optimization problem. In the case of designing an information protection system for an information and communication system of an enterprise, it is a search for the optimal variant of a set of protection means from the entire set of possible ones. Like any complex system, the information protection system of the information and communication system of the enterprise is characterized by a set of performance indicators that characterize the protection system from the point of view of countermeasures: the intrusion of intruders into the system; threats to confidentiality, integrity and availability of information; malicious software, etc. The article considers the method of multi-criteria selection of the optimal version of the information protection system for the information and communication system of the enterprise. 5 approaches to choosing the architecture of a complex system are offered. The approaches under consideration are illustrated on a model example of choosing one of the four options for the information protection system of the information and communication system of the enterprise. A simple and fairly visual method of choosing the optimal variant of the information protection system for the information and communication system of the enterprise from a set of possible options is proposed. This method allows you to solve the problem directly on the set of quality indicators without collapsing the criteria into a complex indicator. The prospects for the development of the proposed method are its improvement in order to realize the possibility of giving preference to certain criteria.