A cluster model of information protection has been developed, which is an extension of the “classical” information protection model with full disclosure. The cluster model allows us to formally describe protection when solving problems of information systems analysis and synthesis. In the cluster protection model, the problem of accuracy of the formal model is solved by defining the means of protection, subjects and access objects as functional information modules, decomposing information links between modules into physical, syntactic and semantic relationships, taking into account their functional properties essential for information processing and protection, and forming a cluster structure that formally reflects access control policy and constructive protection, followed by an assessment of the security of the static or dynamic topology of the system and the effectiveness of security measures. An approach to the analysis of constructive protection of information systems is shown using the example of distributed registry technology, the possibility of taking into account the impact of access policy architecture and security threats on security. The methods of graph theory, matrix theory, modular cluster networks, and system analysis are used.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

The Cluster Model of Information Protection

  • Pavel V. Sundeev

摘要

A cluster model of information protection has been developed, which is an extension of the “classical” information protection model with full disclosure. The cluster model allows us to formally describe protection when solving problems of information systems analysis and synthesis. In the cluster protection model, the problem of accuracy of the formal model is solved by defining the means of protection, subjects and access objects as functional information modules, decomposing information links between modules into physical, syntactic and semantic relationships, taking into account their functional properties essential for information processing and protection, and forming a cluster structure that formally reflects access control policy and constructive protection, followed by an assessment of the security of the static or dynamic topology of the system and the effectiveness of security measures. An approach to the analysis of constructive protection of information systems is shown using the example of distributed registry technology, the possibility of taking into account the impact of access policy architecture and security threats on security. The methods of graph theory, matrix theory, modular cluster networks, and system analysis are used.