Abstract
The presented paper deals to create a conceptual model of information security. The purpose of the paper is to investigate existing models and develop a first-level conceptual model and lower-level models. The above analysis of existing models showed their main disadvantage. This is the absence of any dialectical connections between model elements. Such schemes are primitive in terms of their use in the organization of protection systems. The proposed model allows you to look at the task of creating information protection systems taking into account the impact of vulnerabilities on possible scenarios of attacks by the intruder, the impact of detected vulnerabilities on the protection system, in terms of its improvement, the possibility of passive counteraction to the actions of the intruder. The second-level models examined the elements of the first-level model in more detail, which made it possible to penetrate more deeply into the ideology of creating protection systems, including proactively depriving some of the capabilities of a potential violator.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Rouse, M.: Confidentiality, integrity, and availability (CIA triad). https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA. Accessed 10 June 2020
Howard, M., LeBlanc, D.: Writing Secure Code. Microsoft Press, Redmond (2002)
Future Learn: STRIDE. https://futurelearn.com/courses/cyber-security/0/steps/19631. Accessed 10 June 2020
Chenette, S.: Emulating attacker activities and the pyramid of pain. https://attackiq.com/2019/06/26/emulating-attacker-activities-and-the-pyramid-of-pain. Accessed 15 Aug 2020
Lockheed Martin: The Cyber Kill Chain®. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html. Accessed 30 July 2020
Cassetto, O.: Cyber Kill Chain: Understanding and mitigating advanced threats. https://exabeam.com/information-security/cyber-kill-chain. Accessed 30 July 2020
Information security concept. The main conceptual provisions of the information security system. https://studfile.net/preview/3904693. Accessed 10 Aug 2020 (in Ukrainian)
Pevnev, V.: Ensuring confidentiality when using infocommunication technologies. Paper presented at the 3rd International Scientific and Technical Conference IPST-2014, National Technical University “Kharkiv Polytechnic Institute”, Kharkiv, 21–23 October 2014. (in Russian)
Rogozin, D.: War and peace in terms and definitions. PoRog, Moscow (2004). (in Russian)
Musman, S.: Assessing prescriptive improvements to a system’s cyber security and resilience. In: 2016 Annual IEEE Systems Conference (SysCon), pp. 1–6. IEEE, Orlando (2016). https://doi.org/10.1109/SYSCON.2016.7490660
Pevnev, V.: Threat models and information integrity. Systems and Technologies 2, 80–95 (2018). https://doi.org/10.32836/2521-6643-2018.2-.56.6. (in Ukrainian)
Stepanov, Y., Korneyev, I.: Information security and information protection. Infra-M, Moscow (2001). (in Russian)
Choras, M., Kozik, R., Bruna, M.P.T., et al.: Comprehensive approach to increase cyber security and resilience. In: 2015 10th International Conference on Availability, Reliability and Security, pp. 686–692. IEEE, Toulouse (2015). https://doi.org/10.1109/ARES.2015.30
Galinec, D., Steingartner, W.: Combining cybersecurity and cyber defense to achieve cyber resilience. In: 2017 IEEE 14th International Scientific Conference on Informatics, pp. 87–93. IEEE, Poprad (2017). https://doi.org/10.1109/INFORMATICS.2017.8327227
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Pevnev, V., Tsuranov, M., Zemlianko, H., Amelina, O. (2021). Conceptual Model of Information Security. In: Nechyporuk, M., Pavlikov, V., Kritskiy, D. (eds) Integrated Computer Technologies in Mechanical Engineering - 2020. ICTM 2020. Lecture Notes in Networks and Systems, vol 188. Springer, Cham. https://doi.org/10.1007/978-3-030-66717-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-66717-7_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-66716-0
Online ISBN: 978-3-030-66717-7
eBook Packages: EngineeringEngineering (R0)