Method and technique of formal design of complex information security system in information and telecommunication systems

Authors

  • R.Y. Gvozdov Харківський національний університет імені В.Н. Каразіна https://orcid.org/0000-0002-3494-0493
  • R.V. Oliynykov Харківський національний університет радіоелектроніки

DOI:

https://doi.org/10.30837/rt.2020.4.203.08

Keywords:

complex information security system, information and telecommunication system, Ponder, UML, UMLsec

Abstract

The aim of the article is to develop a methodology for the formal design of the complex information security system in information and telecommunication systems. At the moment, there are no methods for the formal design of complex information security system in information and telecommunication systems, so the development of such a methodology is an urgent task. The article discusses the methods of formalized modeling of information security policy and methods of formalized description of the information and telecommunications system and information processing processes. The necessity of formal design of complex information security system is substantiated and the requirements for the development of formal descriptions of an integrated information security system in accordance with regulatory documents in the field of technical protection of information are described. The comparative characteristics of the methods of formalized modeling of information security policy and methods of formalized description of the information and telecommunication system and information processing processes are given. As a result of the comparison, it is proposed to use the UML method for the formal description of the information-telecommunication system, and the UMLsec method for the security policy modeling. An algorithm for the formation of a complex of protection facilities in an information and telecommunications system is proposed from a formal model of security policy and from a formalized description of an information and telecommunications system and information processing processes.

References

J. J ̈urjens Secure Systems Development with UML. Springer – Verlag, 2005.

Закон України «Про захист інформації в інформаційно-телекомунікаційних системах» .

НД ТЗІ 2.5-004-99. Критерії оцінки захищеності інформації в комп’ютерних системах від несанкціонованого доступу. Київ: Департамент спеціальних телекомунікаційних систем та захисту інформації Служби безпеки України, 1999. 61 с.

Published

2020-12-23

How to Cite

Gvozdov, R., & Oliynykov, R. (2020). Method and technique of formal design of complex information security system in information and telecommunication systems. Radiotekhnika, 4(203), 91–96. https://doi.org/10.30837/rt.2020.4.203.08

Issue

Section

Articles